{"id":752,"name":"zipp","ecosystem":"pip","repository_url":"https://github.com/jaraco/zipp","issues_count":1236,"created_at":"2025-06-06T15:01:37.218Z","updated_at":"2025-06-06T15:01:37.218Z","purl":"pkg:pypi/zipp","metadata":{"id":2981842,"name":"zipp","ecosystem":"pypi","description":"Backport of pathlib-compatible object wrapper for zip files","homepage":null,"licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/jaraco/zipp","keywords_array":[],"namespace":null,"versions_count":61,"first_release_published_at":"2018-11-15T22:02:57.000Z","latest_release_published_at":"2025-05-26T14:46:30.000Z","latest_release_number":"3.22.0","last_synced_at":"2025-06-05T00:28:23.520Z","created_at":"2022-04-10T13:11:25.909Z","updated_at":"2025-06-05T00:28:23.520Z","registry_url":"https://pypi.org/project/zipp/","install_command":"pip install zipp --index-url https://pypi.org/simple","documentation_url":"https://zipp.readthedocs.io/","metadata":{"funding":null,"documentation":null,"classifiers":["Development Status :: 5 - Production/Stable","Intended Audience :: Developers","Programming Language :: Python :: 3","Programming Language :: Python :: 3 :: Only"],"normalized_name":"zipp"},"repo_metadata":{"id":33351602,"uuid":"157774633","full_name":"jaraco/zipp","owner":"jaraco","description":null,"archived":false,"fork":false,"pushed_at":"2024-05-16T13:46:34.000Z","size":606,"stargazers_count":51,"open_issues_count":4,"forks_count":42,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-05-17T09:37:49.661Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jaraco.png","metadata":{"files":{"readme":"README.rst","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"tidelift":"pypi/zipp"}},"created_at":"2018-11-15T21:24:48.000Z","updated_at":"2024-05-31T17:57:18.884Z","dependencies_parsed_at":"2024-02-08T00:31:30.308Z","dependency_job_id":"b17e9538-3b0e-483f-97f5-c0ff3ffb194b","html_url":"https://github.com/jaraco/zipp","commit_stats":{"total_commits":516,"total_committers":23,"mean_commits":"22.434782608695652","dds":0.06395348837209303,"last_synced_commit":"0b8bc78cffe27bf1462258ab3ce28275c5f0d5d2"},"previous_names":[],"tags_count":57,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jaraco","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219006298,"owners_count":16423104,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"jaraco","name":"Jason R. Coombs","uuid":"308610","kind":"user","description":"","email":"","website":"https://www.jaraco.com","location":"Pittsburgh, PA, USA","twitter":"jaraco","company":null,"icon_url":"https://avatars.githubusercontent.com/u/308610?v=4","repositories_count":215,"last_synced_at":"2024-05-20T14:47:35.789Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/jaraco","funding_links":["https://github.com/sponsors/jaraco"],"total_stars":4688,"followers":612,"following":5,"created_at":"2022-11-02T16:21:31.721Z","updated_at":"2024-05-20T14:47:40.490Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jaraco","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jaraco/repositories"},"tags":[{"name":"v3.19.1","sha":"6d1cb72aa55e0536f35d2af128994b5a61ca4c1a","kind":"tag","published_at":"2024-05-31T16:31:54.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.19.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.19.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.19.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.19.1/manifests"},{"name":"v3.19.0","sha":"608f90a6e74919501577a1312dc5c7d8e1d391d7","kind":"tag","published_at":"2024-05-26T16:20:47.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.19.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.19.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.19.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.19.0/manifests"},{"name":"v3.18.2","sha":"051250eb0e3024d75e7de09921e4efab074f0112","kind":"tag","published_at":"2024-05-16T08:56:46.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.18.2","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.18.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.18.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.18.2/manifests"},{"name":"v3.18.1","sha":"bfae83474a730e8cc9b8a71027fb859b46b3875c","kind":"tag","published_at":"2024-03-14T21:03:39.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.18.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.18.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.18.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.18.1/manifests"},{"name":"v3.18.0","sha":"3c06d30b91b37a118536d9d424e0a8b893e78a6e","kind":"tag","published_at":"2024-03-13T02:52:38.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.18.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.18.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.18.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.18.0/manifests"},{"name":"v3.17.0","sha":"5c59b561f5b79631a846b8823d5033cc1407b511","kind":"tag","published_at":"2023-09-18T15:06:59.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.17.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.17.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.17.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.17.0/manifests"},{"name":"v3.17.0+test","sha":"8a50d5ead7aa3925028a1e934bd4b010ce4a7fa4","kind":"tag","published_at":"2023-09-18T14:33:16.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.17.0+test","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.17.0+test","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.17.0+test","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.17.0+test/manifests"},{"name":"v3.16.2","sha":"5f03323a4bde1ee0f1c8c3c7e29c2de64ce92044","kind":"tag","published_at":"2023-07-14T19:12:57.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.16.2","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.16.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.16.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.16.2/manifests"},{"name":"v3.16.1","sha":"ee8ca1abe366fe6637a70702f92da64ec19d758a","kind":"tag","published_at":"2023-07-13T03:19:36.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.16.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.16.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.16.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.16.1/manifests"},{"name":"v3.16.0","sha":"ee6d7117023cd90be7647f894f43aa4fef16c13d","kind":"tag","published_at":"2023-07-08T21:06:22.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.16.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.16.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.16.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.16.0/manifests"},{"name":"v3.15.0","sha":"63bdf88e27717fea6924664f1cb3c30b7875f0ea","kind":"tag","published_at":"2023-02-25T02:09:50.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.15.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.15.0/manifests"},{"name":"v3.14.0","sha":"44bf8757105b6687db196feae8090c24f367cc7f","kind":"tag","published_at":"2023-02-18T00:42:06.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.14.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.14.0/manifests"},{"name":"v3.13.0","sha":"a730c30dd4c2c9fe0c5a5374481adcaf984bfd37","kind":"tag","published_at":"2023-02-09T16:30:16.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.13.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.13.0/manifests"},{"name":"v3.12.1","sha":"71368132608e9fb5cd83bda33b3e3460c8b02f95","kind":"tag","published_at":"2023-02-05T17:41:57.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.12.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.12.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.12.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.12.1/manifests"},{"name":"v3.12.0","sha":"ad532d5ed4a37f527eb546c3543e45c5a5ee8d36","kind":"tag","published_at":"2023-01-27T22:40:53.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.12.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.12.0/manifests"},{"name":"v3.11.0","sha":"2c6663057599e9fa49f1d2160806ec1fe1cc7c1c","kind":"tag","published_at":"2022-11-25T18:05:46.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.11.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.11.0/manifests"},{"name":"v3.10.0","sha":"c577219faa4de0d9c9b8d994b3fac1b840aa8451","kind":"tag","published_at":"2022-10-24T01:17:35.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.10.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.10.0/manifests"},{"name":"v3.9.1","sha":"f4ccb151c327263ace0d45acd6443abb39f5157b","kind":"tag","published_at":"2022-10-24T01:10:13.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.9.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.9.1/manifests"},{"name":"v3.9.0","sha":"952b20efd7e80dbfcd7934edd32e568361bed47b","kind":"tag","published_at":"2022-10-08T17:59:50.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.9.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.9.0/manifests"},{"name":"v3.8.1","sha":"ba4eebf6656ccbfafb07e2c533d5cf49277f3298","kind":"tag","published_at":"2022-07-12T14:14:38.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.8.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.8.1/manifests"},{"name":"v3.8.0","sha":"8be88898bd876cce0f741819589c322ad6ecd3c3","kind":"tag","published_at":"2022-04-03T15:02:53.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.8.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.8.0/manifests"},{"name":"v3.7.0","sha":"f97930df7545cc1ee4ab78e91e130495a71040c5","kind":"tag","published_at":"2021-12-30T23:58:58.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.7.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.7.0/manifests"},{"name":"v3.6.0","sha":"6591fa7305968247c0c4e123d9442dc7fb1b760c","kind":"tag","published_at":"2021-09-29T15:30:47.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.6.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.6.0/manifests"},{"name":"v3.5.1","sha":"8b20a606f69671978ed00ccb956898e2f4335dba","kind":"tag","published_at":"2021-09-28T16:54:59.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.5.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.5.1/manifests"},{"name":"v3.5.0","sha":"48e918898f430c1f308157ceb710067ff2cd9ce3","kind":"tag","published_at":"2021-07-02T23:45:50.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.5.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.5.0/manifests"},{"name":"v3.4.2","sha":"fe0253d4e58b78f7a41106f0cf2b90645558610e","kind":"tag","published_at":"2021-07-02T22:54:04.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.4.2","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.4.2/manifests"},{"name":"v3.4.1","sha":"13fad1d6a6218f44dba59550c841cbd08f2364ae","kind":"tag","published_at":"2021-03-05T02:39:51.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.4.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.4.1/manifests"},{"name":"bpo-42090","sha":"b3d2bdaa54a72b5dd5fb39523fd11bd929bf85fe","kind":"commit","published_at":"2020-10-25T18:38:42.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/bpo-42090","html_url":"https://github.com/jaraco/zipp/releases/tag/bpo-42090","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/bpo-42090","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/bpo-42090/manifests"},{"name":"v3.4.0","sha":"f7373d672e069a282a3a7c63513f1c52af8a3f7f","kind":"tag","published_at":"2020-10-25T18:36:03.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.4.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.4.0/manifests"},{"name":"v3.3.2","sha":"b31acb54c024a89a4c5a9fd60fa77bc40dc8ff57","kind":"tag","published_at":"2020-10-24T03:00:09.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.3.2","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.3.2/manifests"},{"name":"v3.3.1","sha":"c74c8a27974bacecf7709d88694ec9f0541fa08d","kind":"tag","published_at":"2020-10-15T21:29:07.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.3.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.3.1/manifests"},{"name":"v3.3.0","sha":"2ce5576d4a8475107d10f3b93cf3e142a69ec72d","kind":"tag","published_at":"2020-10-03T18:51:35.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.3.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.3.0/manifests"},{"name":"v3.2.0","sha":"da7a4aa7770d2acb3d13202786ef5631c02ecf42","kind":"tag","published_at":"2020-09-22T15:20:08.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.2.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.2.0/manifests"},{"name":"v3.1.0","sha":"ec6ff0f1d65e0052ef7d38186d7f8a638a83d768","kind":"tag","published_at":"2020-03-03T10:57:32.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.1.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.1.0/manifests"},{"name":"v3.0.0","sha":"bacb253249df43d8027cff6219b5829fdb246af4","kind":"tag","published_at":"2020-02-17T18:31:36.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v3.0.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v3.0.0/manifests"},{"name":"v1.2.0","sha":"6e08eced3bda1f89392d12128c70f742f0700b6d","kind":"tag","published_at":"2020-02-17T18:30:30.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v1.2.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.2.0/manifests"},{"name":"v2.2.1","sha":"9592d31b316eb82bc739ee0d79d56911b99ca811","kind":"tag","published_at":"2020-02-17T17:55:36.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v2.2.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.2.1/manifests"},{"name":"v1.1.1","sha":"d8d6c64e9f1e7129283ae353e2a9c5f521a7ac05","kind":"tag","published_at":"2020-02-17T17:38:33.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v1.1.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v1.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.1.1/manifests"},{"name":"v2.2.0","sha":"f73569f7d887c7a0f0ecc51e8d09d42ac272edf1","kind":"tag","published_at":"2020-02-07T22:19:12.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v2.2.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.2.0/manifests"},{"name":"v2.1.0","sha":"8031665a98af5a3e4ddbf068f7ae0f94c4c8de07","kind":"tag","published_at":"2020-01-25T21:15:15.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v2.1.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.1.0/manifests"},{"name":"v1.1.0","sha":"088b0cf14745da5a6cc8541cec600c71ea6d879a","kind":"tag","published_at":"2020-01-25T21:08:55.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v1.1.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.1.0/manifests"},{"name":"v2.0.1","sha":"63f46b038ffe6e4d5bdc2590004c9ddd78350f25","kind":"tag","published_at":"2020-01-23T02:10:00.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v2.0.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.0.1/manifests"},{"name":"v2.0.0","sha":"37113cc74f6709f133984ce7320970395d0cfddb","kind":"tag","published_at":"2020-01-20T00:06:25.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v2.0.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v2.0.0/manifests"},{"name":"v1.0.0","sha":"5cbb77661581327f7fce9141791fbd4777918c08","kind":"tag","published_at":"2020-01-13T22:48:51.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v1.0.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v1.0.0/manifests"},{"name":"v0.6.0","sha":"e7cac6bb4e0adc78a4c25ea93c0c17eca5b1adb0","kind":"tag","published_at":"2019-08-24T16:24:59.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.6.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.6.0/manifests"},{"name":"v0.5.2","sha":"26bfd793019e4ee1526febadbf165b03d707945f","kind":"tag","published_at":"2019-07-07T21:11:53.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.5.2","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.5.2/manifests"},{"name":"v0.5.1","sha":"ac47a28d377401c081a05e08d3e156a685fc99cf","kind":"tag","published_at":"2019-05-16T15:28:38.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.5.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.5.1/manifests"},{"name":"v0.5.0","sha":"beef09d2c5923f8a1103194ddb6ffc6fa167b369","kind":"tag","published_at":"2019-05-08T18:37:43.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.5.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.5.0/manifests"},{"name":"3.8.0b1-port","sha":"24336a8d140469e9ee963b2950289b1071e0fe73","kind":"commit","published_at":"2019-05-07T14:11:55.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/3.8.0b1-port","html_url":"https://github.com/jaraco/zipp/releases/tag/3.8.0b1-port","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/3.8.0b1-port","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/3.8.0b1-port/manifests"},{"name":"v0.4.0","sha":"e6b168e55a609876c8bd3b372720f09587cbbe49","kind":"tag","published_at":"2019-04-28T17:09:03.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.4.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.4.0/manifests"},{"name":"0.3.3","sha":"b06993c3b000bb3a45b2ebe57141370dd588a378","kind":"tag","published_at":"2018-12-27T16:34:39.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/0.3.3","html_url":"https://github.com/jaraco/zipp/releases/tag/0.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/0.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/0.3.3/manifests"},{"name":"v0.3.2","sha":"cb956048834408a1ad85721250b71667323e64f9","kind":"tag","published_at":"2018-12-01T18:01:51.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.3.2","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.3.2/manifests"},{"name":"v0.3.1","sha":"1f465faa76786f610db84eed6cb25473ffe8893a","kind":"tag","published_at":"2018-12-01T17:17:42.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.3.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.3.1/manifests"},{"name":"v0.3.0","sha":"12a364e38d0a0aa8ee0735ada6752ab36dd9084c","kind":"tag","published_at":"2018-12-01T04:10:56.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.3.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.3.0/manifests"},{"name":"v0.2.1","sha":"790380077405d62058ef3ae1e4ccaad5bded23eb","kind":"tag","published_at":"2018-11-16T00:18:25.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.2.1","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.2.1/manifests"},{"name":"v0.2.0","sha":"f97c5f98120bf753a632d5cfb5689fe89829042b","kind":"tag","published_at":"2018-11-16T00:03:33.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.2.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.2.0/manifests"},{"name":"v0.1.0","sha":"df52c28abde661a3cae50209ec2759a6240a9fc1","kind":"tag","published_at":"2018-11-15T21:57:03.000Z","download_url":"https://codeload.github.com/jaraco/zipp/tar.gz/v0.1.0","html_url":"https://github.com/jaraco/zipp/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jaraco%2Fzipp/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2024-09-29T05:26:01.681Z","dependent_packages_count":961,"downloads":261331358,"downloads_period":"last-month","dependent_repos_count":130916,"rankings":{"downloads":0.005319080642765042,"dependent_repos_count":0.006969829807761089,"dependent_packages_count":0.028429568952709705,"stargazers_count":11.544972826834577,"forks_count":7.828035956985145,"docker_downloads_count":0.0060527469383188405,"average":3.236630001693546},"purl":"pkg:pypi/zipp","advisories":[{"uuid":"GSA_kwCzR0hTQS1qZm1qLTV2NGctNzYzN84AA9oo","url":"https://github.com/advisories/GHSA-jfmj-5v4g-7637","title":"zipp Denial of Service vulnerability","description":"A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2024-07-09T00:31:40.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.9,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2024-5569","https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd","https://huntr.com/bounties/be898306-11f9-46b4-b28c-f4c4aa4ffbae","https://github.com/advisories/GHSA-jfmj-5v4g-7637"],"source_kind":"github","identifiers":["GHSA-jfmj-5v4g-7637","CVE-2024-5569"],"repository_url":"https://github.com/jaraco/zipp","blast_radius":35.3072498192659,"packages":[{"versions":[{"first_patched_version":"3.19.1","vulnerable_version_range":"\u003c 3.19.1"}],"ecosystem":"pypi","package_name":"zipp"}],"created_at":"2024-07-09T18:05:32.837Z","updated_at":"2025-04-02T01:09:36.063Z","epss_percentage":0.00104,"epss_percentile":0.25564}],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/zipp","docker_dependents_count":19023,"docker_downloads_count":7829463203,"usage_url":"https://repos.ecosyste.ms/usage/pypi/zipp","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/zipp/dependencies","status":null,"funding_links":["https://tidelift.com/funding/github/pypi/zipp","https://github.com/sponsors/jaraco"],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/zipp/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/zipp/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/zipp/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/zipp/related_packages","maintainers":[{"uuid":"jaraco","login":"jaraco","name":null,"email":null,"url":null,"packages_count":165,"html_url":"https://pypi.org/user/jaraco/","role":null,"created_at":"2023-01-14T22:22:49.735Z","updated_at":"2023-01-14T22:22:49.735Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/jaraco/packages"}],"registry":{"name":"pypi.org","url":"https://pypi.org","ecosystem":"pypi","default":true,"packages_count":690055,"maintainers_count":292646,"namespaces_count":0,"keywords_count":228482,"github":"pypi","metadata":{"funded_packages_count":48953},"icon_url":"https://github.com/pypi.png","created_at":"2022-04-04T15:19:23.364Z","updated_at":"2025-06-05T05:19:27.498Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/namespaces"}},"unique_repositories_count":727,"unique_repositories_count_past_30_days":41,"recent_issues":[{"uuid":"4520870249","node_id":"PR_kwDOPiJZBs7fPRt2","number":15,"state":"open","title":"Bump the pip group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T02:35:02.000Z","updated_at":"2026-05-26T04:57:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":19,"packages":[{"name":"urllib3","old_version":"1.25.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"black","old_version":"23.12.1","new_version":"26.3.1","repository_url":"https://github.com/psf/black"},{"name":"certifi","old_version":"2023.11.17","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.6","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"pytest","old_version":"7.4.4","new_version":"9.0.3","repository_url":"https://github.com/pytest-dev/pytest"},{"name":"requests","old_version":"2.31.0","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"},{"name":"scikit-learn","old_version":"1.3.2","new_version":"1.5.0","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"setuptools","old_version":"69.0.3","new_version":"78.1.1","repository_url":"https://github.com/pypa/setuptools"},{"name":"jinja2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"jupyter-server","old_version":"2.12.5","new_version":"2.18.0","repository_url":"https://github.com/jupyter-server/jupyter_server"},{"name":"jupyterlab","old_version":"4.0.11","new_version":"4.5.7","repository_url":"https://github.com/jupyterlab/jupyterlab"},{"name":"mistune","old_version":"3.0.2","new_version":"3.2.1","repository_url":"https://github.com/lepture/mistune"},{"name":"nbconvert","old_version":"7.14.2","new_version":"7.17.1","repository_url":"https://github.com/jupyter/nbconvert"},{"name":"notebook","old_version":"7.0.7","new_version":"7.5.6","repository_url":"https://github.com/jupyter/notebook"},{"name":"tornado","old_version":"6.4","new_version":"6.5.5","repository_url":"https://github.com/tornadoweb/tornado"},{"name":"cryptography","old_version":"41.0.7","new_version":"46.0.7","repository_url":"https://github.com/pyca/cryptography"},{"name":"tqdm","old_version":"4.66.1","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"zipp","old_version":"3.17.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"},{"name":"pyopenssl","old_version":"23.3.0","new_version":"26.0.0","repository_url":"https://github.com/pyca/pyopenssl"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 19 updates in the /test/requirements/compiled directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.3` | `2.7.0` |\n| [black](https://github.com/psf/black) | `23.12.1` | `26.3.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2023.11.17` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.6` | `3.15` |\n| [pytest](https://github.com/pytest-dev/pytest) | `7.4.4` | `9.0.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.33.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.3.2` | `1.5.0` |\n| [setuptools](https://github.com/pypa/setuptools) | `69.0.3` | `78.1.1` |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.6` |\n| [jupyter-server](https://github.com/jupyter-server/jupyter_server) | `2.12.5` | `2.18.0` |\n| [jupyterlab](https://github.com/jupyterlab/jupyterlab) | `4.0.11` | `4.5.7` |\n| [mistune](https://github.com/lepture/mistune) | `3.0.2` | `3.2.1` |\n| [nbconvert](https://github.com/jupyter/nbconvert) | `7.14.2` | `7.17.1` |\n| [notebook](https://github.com/jupyter/notebook) | `7.0.7` | `7.5.6` |\n| [tornado](https://github.com/tornadoweb/tornado) | `6.4` | `6.5.5` |\n| [cryptography](https://github.com/pyca/cryptography) | `41.0.7` | `46.0.7` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.66.1` | `4.66.3` |\n| [zipp](https://github.com/jaraco/zipp) | `3.17.0` | `3.19.1` |\n| [pyopenssl](https://github.com/pyca/pyopenssl) | `23.3.0` | `26.0.0` |\n\n\nUpdates `urllib3` from 1.25.3 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been read and decompressed partially. (Reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or \u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed using the official \u003ca href=\"https://pypi.org/project/brotli/\"\u003eBrotli\u003c/a\u003e library. (Reported by \u003ca href=\"https://github.com/kimkou2024\"\u003e\u003ccode\u003e@​kimkou2024\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee GHSA-mf9v-mfxr-j63j for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip sensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by \u003ca href=\"https://github.com/christos-spearbit\"\u003e\u003ccode\u003e@​christos-spearbit\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3763\"\u003eurllib3/urllib3#3763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3720\"\u003eurllib3/urllib3#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003eurllib3/urllib3#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3777\"\u003eurllib3/urllib3#3777\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed data buffered from previous partial reads. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3636\"\u003eurllib3/urllib3#3636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the response after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4967\"\u003eurllib3/urllib3#4967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.stream()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to handle \u003ccode\u003eamt=0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3793\"\u003eurllib3/urllib3#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003e_TYPE_BODY\u003c/code\u003e type alias to include missing \u003ccode\u003eIterable[str]\u003c/code\u003e, matching the documented and runtime behavior of chunked request bodies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3798\"\u003eurllib3/urllib3#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eLocationParseError\u003c/code\u003e when paths resembling schemeless URIs were passed to \u003ccode\u003eHTTPConnectionPool.urlopen()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3352\"\u003eurllib3/urllib3#3352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eBaseHTTPResponse.readinto()\u003c/code\u003e type annotation to accept \u003ccode\u003ememoryview\u003c/code\u003e in addition to \u003ccode\u003ebytearray\u003c/code\u003e, matching the \u003ccode\u003eio.RawIOBase.readinto\u003c/code\u003e contract and enabling use with \u003ccode\u003eio.BufferedReader\u003c/code\u003e without type errors. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3764\"\u003eurllib3/urllib3#3764\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.7.0 (2026-05-07)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues.\nImpact was limited to specific use cases detailed in the accompanying\nadvisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been\nread and decompressed partially.\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or\n\u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed\nusing the official \u003ccode\u003eBrotli \u0026lt;https://pypi.org/project/brotli/\u0026gt;\u003c/code\u003e__ library.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee \u003ccode\u003eGHSA-mf9v-mfxr-j63j \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j\u0026gt;\u003c/code\u003e__\nfor details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip\nsensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when\nredirecting to a different host.\n(\u003ccode\u003eGHSA-qccp-gfcp-xxvc \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\u0026gt;\u003c/code\u003e__)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better\nvisibility of existing deprecation notices. Rescheduled the removal of\ndeprecated features to version 3.0.\n(\u003ccode\u003e[#3763](https://github.com/urllib3/urllib3/issues/3763) \u0026lt;https://github.com/urllib3/urllib3/issues/3763\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9.\n(\u003ccode\u003e[#3720](https://github.com/urllib3/urllib3/issues/3720) \u0026lt;https://github.com/urllib3/urllib3/issues/3720\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10.\n(\u003ccode\u003e[#4979](https://github.com/urllib3/urllib3/issues/4979) \u0026lt;https://github.com/urllib3/urllib3/issues/4979\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0.\n(\u003ccode\u003e[#3777](https://github.com/urllib3/urllib3/issues/3777) \u0026lt;https://github.com/urllib3/urllib3/issues/3777\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed\ndata buffered from previous partial reads.\n(\u003ccode\u003e[#3636](https://github.com/urllib3/urllib3/issues/3636) \u0026lt;https://github.com/urllib3/urllib3/issues/3636\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the\nresponse after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9a950b92d999f906b6020bb2d1076ee56cddd5d2\"\u003e\u003ccode\u003e9a950b9\u003c/code\u003e\u003c/a\u003e Release 2.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc\"\u003e\u003ccode\u003e5ec0de4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2bdcc44d1e163fb5cc48a8662425e35e15adfe6a\"\u003e\u003ccode\u003e2bdcc44\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f45b0df09d8620ac6ed0491eb9362c8c87b7bc2c\"\u003e\u003ccode\u003ef45b0df\u003c/code\u003e\u003c/a\u003e Fix a misleading example for \u003ccode\u003eProxyManager\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/577193ca029872384f82c133449e0935f6d8a64b\"\u003e\u003ccode\u003e577193c\u003c/code\u003e\u003c/a\u003e Switch to nightly PyPy3.11 in CI for now (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4984\"\u003e#4984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/e90af45bb006c3a452a3a21644a2681523f5c7fc\"\u003e\u003ccode\u003ee90af45\u003c/code\u003e\u003c/a\u003e Avoid infinite loop in \u003ccode\u003eHTTPResponse.read_chunked\u003c/code\u003e when \u003ccode\u003eamt=0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4974\"\u003e#4974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/67ed74fdaec6659a6534621ec8e3aaaa6f976210\"\u003e\u003ccode\u003e67ed74f\u003c/code\u003e\u003c/a\u003e Bump dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4972\"\u003e#4972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/3abd481097b54d87b574ac7ea593c3f40938a84d\"\u003e\u003ccode\u003e3abd481\u003c/code\u003e\u003c/a\u003e Upgrade mypy to version 1.20.2 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4978\"\u003e#4978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2b8725dfcac4f21d4d93cc0cc3a64a33af08f890\"\u003e\u003ccode\u003e2b8725d\u003c/code\u003e\u003c/a\u003e Drop support for EOL PyPy3.10 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003e#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2944b2a0a6c573f5548a39cfd17196f98ee21b33\"\u003e\u003ccode\u003e2944b2a\u003c/code\u003e\u003c/a\u003e Upgrade \u003ccode\u003esetup-chrome\u003c/code\u003e and \u003ccode\u003esetup-firefox\u003c/code\u003e to fix warnings (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4973\"\u003e#4973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.25.3...2.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `black` from 23.12.1 to 26.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/releases\"\u003eblack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e26.3.1\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent Jupyter notebook magic masking collisions from corrupting cells by using\nexact-length placeholders for short magics and aborting if a placeholder can no longer\nbe unmasked safely (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlways hash cache filename components derived from \u003ccode\u003e--python-cell-magics\u003c/code\u003e so custom\nmagic names cannot affect cache paths (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003cem\u003eBlackd\u003c/em\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDisable browser-originated requests by default, add configurable origin allowlisting\nand request body limits, and bound executor submissions to improve backpressure\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/5039\"\u003e#5039\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e26.3.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't double-decode input, causing non-UTF-8 files to be corrupted (\u003ca href=\"https://redirect.github.com/psf/black/issues/4964\"\u003e#4964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash on standalone comment in lambda default arguments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4993\"\u003e#4993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve parentheses when \u003ccode\u003e# type: ignore\u003c/code\u003e comments would be merged with other\ncomments on the same line, preventing AST equivalence failures (\u003ca href=\"https://redirect.github.com/psf/black/issues/4888\"\u003e#4888\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug where \u003ccode\u003eif\u003c/code\u003e guards in \u003ccode\u003ecase\u003c/code\u003e blocks were incorrectly split when the pattern had\na trailing comma (\u003ca href=\"https://redirect.github.com/psf/black/issues/4884\"\u003e#4884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estring_processing\u003c/code\u003e crashing on unassigned long string literals with trailing\ncommas (one-item tuples) (\u003ca href=\"https://redirect.github.com/psf/black/issues/4929\"\u003e#4929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSimplify implementation of the power operator \u0026quot;hugging\u0026quot; logic (\u003ca href=\"https://redirect.github.com/psf/black/issues/4918\"\u003e#4918\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in\nfrozen environments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4930\"\u003e#4930\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce winloop for windows as an alternative to uvloop (\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove deprecated function \u003ccode\u003euvloop.install()\u003c/code\u003e in favor of \u003ccode\u003euvloop.new_event_loop()\u003c/code\u003e\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename \u003ccode\u003emaybe_install_uvloop\u003c/code\u003e function to \u003ccode\u003emaybe_use_uvloop\u003c/code\u003e to simplify loop\ninstallation and creation of either a uvloop/winloop evenloop or default eventloop\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOutput\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/blob/main/CHANGES.md\"\u003eblack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 26.3.1\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent Jupyter notebook magic masking collisions from corrupting cells by using\nexact-length placeholders for short magics and aborting if a placeholder can no longer\nbe unmasked safely (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlways hash cache filename components derived from \u003ccode\u003e--python-cell-magics\u003c/code\u003e so custom\nmagic names cannot affect cache paths (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003cem\u003eBlackd\u003c/em\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDisable browser-originated requests by default, add configurable origin allowlisting\nand request body limits, and bound executor submissions to improve backpressure\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/5039\"\u003e#5039\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 26.3.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't double-decode input, causing non-UTF-8 files to be corrupted (\u003ca href=\"https://redirect.github.com/psf/black/issues/4964\"\u003e#4964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash on standalone comment in lambda default arguments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4993\"\u003e#4993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve parentheses when \u003ccode\u003e# type: ignore\u003c/code\u003e comments would be merged with other\ncomments on the same line, preventing AST equivalence failures (\u003ca href=\"https://redirect.github.com/psf/black/issues/4888\"\u003e#4888\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug where \u003ccode\u003eif\u003c/code\u003e guards in \u003ccode\u003ecase\u003c/code\u003e blocks were incorrectly split when the pattern had\na trailing comma (\u003ca href=\"https://redirect.github.com/psf/black/issues/4884\"\u003e#4884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estring_processing\u003c/code\u003e crashing on unassigned long string literals with trailing\ncommas (one-item tuples) (\u003ca href=\"https://redirect.github.com/psf/black/issues/4929\"\u003e#4929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSimplify implementation of the power operator \u0026quot;hugging\u0026quot; logic (\u003ca href=\"https://redirect.github.com/psf/black/issues/4918\"\u003e#4918\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in\nfrozen environments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4930\"\u003e#4930\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce winloop for windows as an alternative to uvloop (\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove deprecated function \u003ccode\u003euvloop.install()\u003c/code\u003e in favor of \u003ccode\u003euvloop.new_event_loop()\u003c/code\u003e\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename \u003ccode\u003emaybe_install_uvloop\u003c/code\u003e function to \u003ccode\u003emaybe_use_uvloop\u003c/code\u003e to simplify loop\ninstallation and creation of either a uvloop/winloop eventloop or default eventloop\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c6755bb741b6481d6b3d3bb563c83fa060db96c9\"\u003e\u003ccode\u003ec6755bb\u003c/code\u003e\u003c/a\u003e Prepare release 26.3.1 (\u003ca href=\"https://redirect.github.com/psf/black/issues/5046\"\u003e#5046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/69973fd6950985fbeb1090d96da717dc4d8380b0\"\u003e\u003ccode\u003e69973fd\u003c/code\u003e\u003c/a\u003e Harden blackd browser-facing request handling (\u003ca href=\"https://redirect.github.com/psf/black/issues/5039\"\u003e#5039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/4937fe6cf241139ddbfc16b0bdbb5b422798909d\"\u003e\u003ccode\u003e4937fe6\u003c/code\u003e\u003c/a\u003e Fix some shenanigans with the cache file and IPython (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/2e641d174469c505d5ae905e75d4c769597e681f\"\u003e\u003ccode\u003e2e641d1\u003c/code\u003e\u003c/a\u003e docs: remove outdated Black Playground references (\u003ca href=\"https://redirect.github.com/psf/black/issues/5044\"\u003e#5044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c014b22a2d5e0632587b47b81151658bddfa0b88\"\u003e\u003ccode\u003ec014b22\u003c/code\u003e\u003c/a\u003e Remove unused internal code (\u003ca href=\"https://redirect.github.com/psf/black/issues/5041\"\u003e#5041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/0dae20b2d009f2f03de8696d06b0c947d3abafc9\"\u003e\u003ccode\u003e0dae20b\u003c/code\u003e\u003c/a\u003e Add new changelog (\u003ca href=\"https://redirect.github.com/psf/black/issues/5036\"\u003e#5036\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c5c1cbddd92cecb554ac2a77a24139dd76831030\"\u003e\u003ccode\u003ec5c1cbd\u003c/code\u003e\u003c/a\u003e Minor release patches (\u003ca href=\"https://redirect.github.com/psf/black/issues/5035\"\u003e#5035\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/7e5a828c37d71b6a6666e28eed444816def6a8f4\"\u003e\u003ccode\u003e7e5a828\u003c/code\u003e\u003c/a\u003e docs: clarify relationship between Black style and PEP 8 (\u003ca href=\"https://redirect.github.com/psf/black/issues/5025\"\u003e#5025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/69705deb8776e7c5e585668da106d1abe2cb8d77\"\u003e\u003ccode\u003e69705de\u003c/code\u003e\u003c/a\u003e docs: add clearer pyproject configuration guidance (\u003ca href=\"https://redirect.github.com/psf/black/issues/5026\"\u003e#5026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/35ea67920b7f6ac8e09be1c47278752b1e827f76\"\u003e\u003ccode\u003e35ea679\u003c/code\u003e\u003c/a\u003e Prepare release 26.3.0 (\u003ca href=\"https://redirect.github.com/psf/black/issues/5032\"\u003e#5032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/black/compare/23.12.1...26.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2023.11.17 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2023.11.17...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.6 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pytest` from 7.4.4 to 9.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/pytest/releases\"\u003epytest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.3\u003c/h2\u003e\n\u003ch1\u003epytest 9.0.3 (2026-04-07)\u003c/h1\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/12444\"\u003e#12444\u003c/a\u003e: Fixed \u003ccode\u003epytest.approx\u003c/code\u003e which now correctly takes into account \u003ccode\u003e~collections.abc.Mapping\u003c/code\u003e keys order to compare them.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13634\"\u003e#13634\u003c/a\u003e: Blocking a \u003ccode\u003econftest.py\u003c/code\u003e file using the \u003ccode\u003e-p no:\u003c/code\u003e option is now explicitly disallowed.\u003c/p\u003e\n\u003cp\u003ePreviously this resulted in an internal assertion failure during plugin loading.\u003c/p\u003e\n\u003cp\u003ePytest now raises a clear \u003ccode\u003eUsageError\u003c/code\u003e explaining that conftest files are not plugins and cannot be disabled via \u003ccode\u003e-p\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13734\"\u003e#13734\u003c/a\u003e: Fixed crash when a test raises an exceptiongroup with \u003ccode\u003e__tracebackhide__ = True\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14195\"\u003e#14195\u003c/a\u003e: Fixed an issue where non-string messages passed to \u003c!-- raw HTML omitted --\u003eunittest.TestCase.subTest()\u003c!-- raw HTML omitted --\u003e were not printed.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14343\"\u003e#14343\u003c/a\u003e: Fixed use of insecure temporary directory (CVE-2025-71176).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eImproved documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13388\"\u003e#13388\u003c/a\u003e: Clarified documentation for \u003ccode\u003e-p\u003c/code\u003e vs \u003ccode\u003ePYTEST_PLUGINS\u003c/code\u003e plugin loading and fixed an incorrect \u003ccode\u003e-p\u003c/code\u003e example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13731\"\u003e#13731\u003c/a\u003e: Clarified that capture fixtures (e.g. \u003ccode\u003ecapsys\u003c/code\u003e and \u003ccode\u003ecapfd\u003c/code\u003e) take precedence over the \u003ccode\u003e-s\u003c/code\u003e / \u003ccode\u003e--capture=no\u003c/code\u003e command-line options in \u003ccode\u003eAccessing captured output from a test function \u0026lt;accessing-captured-output\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14088\"\u003e#14088\u003c/a\u003e: Clarified that the default \u003ccode\u003epytest_collection\u003c/code\u003e hook sets \u003ccode\u003esession.items\u003c/code\u003e before it calls \u003ccode\u003epytest_collection_finish\u003c/code\u003e, not after.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14255\"\u003e#14255\u003c/a\u003e: TOML integer log levels must be quoted: Updating reference documentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eContributor-facing changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/12689\"\u003e#12689\u003c/a\u003e: The test reports are now published to Codecov from GitHub Actions.\nThe test statistics is visible \u003ca href=\"https://app.codecov.io/gh/pytest-dev/pytest/tests\"\u003eon the web interface\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e-- by \u003ccode\u003ealeguy02\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.2\u003c/h2\u003e\n\u003ch1\u003epytest 9.0.2 (2025-12-06)\u003c/h1\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13896\"\u003e#13896\u003c/a\u003e: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.\u003c/p\u003e\n\u003cp\u003eYou may enable it again by passing \u003ccode\u003e-p terminalprogress\u003c/code\u003e. We may enable it by default again once compatibility improves in the future.\u003c/p\u003e\n\u003cp\u003eAdditionally, when the environment variable \u003ccode\u003eTERM\u003c/code\u003e is \u003ccode\u003edumb\u003c/code\u003e, the escape codes are no longer emitted, even if the plugin is enabled.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13904\"\u003e#13904\u003c/a\u003e: Fixed the TOML type of the \u003ccode\u003etmp_path_retention_count\u003c/code\u003e settings in the API reference from number to string.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13946\"\u003e#13946\u003c/a\u003e: The private \u003ccode\u003econfig.inicfg\u003c/code\u003e attribute was changed in a breaking manner in pytest 9.0.0.\nDue to its usage in the ecosystem, it is now restored to working order using a compatibility shim.\nIt will be deprecated in pytest 9.1 and removed in pytest 10.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/a7d58d7a21b78581e636bbbdea13c66ad1657c1e\"\u003e\u003ccode\u003ea7d58d7\u003c/code\u003e\u003c/a\u003e Prepare release version 9.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/089d98199c253d8f89a040243bc4f2aa6cd5ab22\"\u003e\u003ccode\u003e089d981\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14366\"\u003e#14366\u003c/a\u003e from bluetech/revert-14193-backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/8127eaf4ab7f6b2fdd0dc1b38343ec97aeef05ac\"\u003e\u003ccode\u003e8127eaf\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Fix: assertrepr_compare respects dict insertion order (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14050\"\u003e#14050\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14193\"\u003e#14193\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/99a7e6029e7a6e8d53e5df114b1346e035370241\"\u003e\u003ccode\u003e99a7e60\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14363\"\u003e#14363\u003c/a\u003e from pytest-dev/patchback/backports/9.0.x/95d8423bd...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/ddee02a578da30dd43aedc39c1c1f1aaadfcee95\"\u003e\u003ccode\u003eddee02a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14343\"\u003e#14343\u003c/a\u003e from bluetech/cve-2025-71176-simple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/74eac6916fee34726cb194f16c516e96fbd29619\"\u003e\u003ccode\u003e74eac69\u003c/code\u003e\u003c/a\u003e doc: Update training info (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14298\"\u003e#14298\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14301\"\u003e#14301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/f92dee777cfdb77d1c43633d02766ddf1f07c869\"\u003e\u003ccode\u003ef92dee7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14267\"\u003e#14267\u003c/a\u003e from pytest-dev/patchback/backports/9.0.x/d6fa26c62...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/7ee58acc8777c31ac6cf388d01addf5a414a7439\"\u003e\u003ccode\u003e7ee58ac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/12378\"\u003e#12378\u003c/a\u003e from Pierre-Sassoulas/fix-implicit-str-concat-and-d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/37da870d37e3a2f5177cae075c7b9ae279432bf8\"\u003e\u003ccode\u003e37da870\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14259\"\u003e#14259\u003c/a\u003e from mitre88/patch-4 (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14268\"\u003e#14268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/c34bfa3b7acb65b594707c714f1d8461b0304eed\"\u003e\u003ccode\u003ec34bfa3\u003c/code\u003e\u003c/a\u003e Add explanation for string context diffs (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14257\"\u003e#14257\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14266\"\u003e#14266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/pytest/compare/7.4.4...9.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `scikit-learn` from 1.3.2 to 1.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/scikit-learn/scikit-learn/releases\"\u003escikit-learn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eScikit-learn 1.5.0\u003c/h2\u003e\n\u003cp\u003eWe're happy to announce the 1.5.0 release.\u003c/p\u003e\n\u003cp\u003eYou can read the release highlights under \u003ca href=\"https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html\"\u003ehttps://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html\u003c/a\u003e and the long version of the change log under \u003ca href=\"https://scikit-learn.org/stable/whats_new/v1.5.html\"\u003ehttps://scikit-learn.org/stable/whats_new/v1.5.html\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThis version supports Python versions 3.9 to 3.12.\u003c/p\u003e\n\u003cp\u003eYou can upgrade with pip as usual:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epip install -U scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe conda-forge builds can be installed using:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003econda install -c conda-forge scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eScikit-learn 1.4.2\u003c/h2\u003e\n\u003cp\u003eWe're happy to announce the 1.4.2 release.\u003c/p\u003e\n\u003cp\u003eThis release only includes support for numpy 2.\u003c/p\u003e\n\u003cp\u003eThis version supports Python versions 3.9 to 3.12.\u003c/p\u003e\n\u003cp\u003eYou can upgrade with pip as usual:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epip install -U scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eScikit-learn 1.4.1.post1\u003c/h2\u003e\n\u003cp\u003eWe're happy to announce the 1.4.1.post1 release.\u003c/p\u003e\n\u003cp\u003eYou can see the changelog here: \u003ca href=\"https://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1\"\u003ehttps://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThis version supports Python versions 3.9 to 3.12.\u003c/p\u003e\n\u003cp\u003eYou can upgrade with pip as usual:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epip install -U scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe conda-forge builds can be installed using:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003econda install -c conda-forge scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/b51d0c9648241d1fd53dc9151689f62a61633a3d\"\u003e\u003ccode\u003eb51d0c9\u003c/code\u003e\u003c/a\u003e trigger whell builder [cd build]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/919ae9bf72554a180baa3d8f4537b49c730b7580\"\u003e\u003ccode\u003e919ae9b\u003c/code\u003e\u003c/a\u003e MAINT Reoder what's new for 1.5 (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/29039\"\u003e#29039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/0ac28ade871ca71a89a71c834a7b47829b075829\"\u003e\u003ccode\u003e0ac28ad\u003c/code\u003e\u003c/a\u003e DOC Release highlights 1.5 (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/29007\"\u003e#29007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/729b54d5af208432f788ae7945842f0cf597bd36\"\u003e\u003ccode\u003e729b54d\u003c/code\u003e\u003c/a\u003e test py3.12 against numpy 2 [cd build]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/1e50434f18275bb8727c2a2e24cb953db143d8a5\"\u003e\u003ccode\u003e1e50434\u003c/code\u003e\u003c/a\u003e set version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/ffbe4ab45bd9a113737231721fa2f55a70f3d0ab\"\u003e\u003ccode\u003effbe4ab\u003c/code\u003e\u003c/a\u003e DOC remove obsolete SVM example (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/27108\"\u003e#27108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/4647729e5ee8c46e4fedace2d3c50c37f0a6693d\"\u003e\u003ccode\u003e4647729\u003c/code\u003e\u003c/a\u003e DOC Fix time complexity of MLP (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/28592\"\u003e#28592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/9bd7047b4a6c673bcfd2911997f124e265f8ad57\"\u003e\u003ccode\u003e9bd7047\u003c/code\u003e\u003c/a\u003e FIX convergence criterion of MeanShift (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/28951\"\u003e#28951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/b79420f1c2e82d814dec8026e96421751bfc9c96\"\u003e\u003ccode\u003eb79420f\u003c/code\u003e\u003c/a\u003e FIX add long long for int32/int64 windows compat in NumPy 2.0 (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/29029\"\u003e#29029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/37f544db78503ed1a50da02cbb4f1a4e466fb0a7\"\u003e\u003ccode\u003e37f544d\u003c/code\u003e\u003c/a\u003e DOC replace pandas with Polars in examples/gaussian_process/plot_gpr_co2.py (...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/scikit-learn/scikit-learn/compare/1.3.2...1.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `setuptools` from 69.0.3 to 78.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/setuptools/blob/main/NEWS.rst\"\u003esetuptools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev78.1.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMore fully sanitized the filename in PackageIndex._download. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4946\"\u003e#4946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore access to _get_vc_env with a warning. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4874\"\u003e#4874\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.2\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePostponed removals of deprecated dash-separated and uppercase fields in \u003ccode\u003esetup.cfg\u003c/code\u003e.\nAll packages with deprecated configurations are advised to move before 2026. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4911\"\u003e#4911\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.1\u003c/h1\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4909\"\u003e#4909\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.0\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReverted distutils changes that broke the monkey patching of command classes. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4902\"\u003e#4902\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSetuptools no longer accepts options containing uppercase or dash characters in \u003ccode\u003esetup.cfg\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8e4868a036b7fae3208d16cb4e5fe6d63c3752df\"\u003e\u003ccode\u003e8e4868a\u003c/code\u003e\u003c/a\u003e Bump version: 78.1.0 → 78.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/100e9a61ad24d5a147ada57357425a8d40626d09\"\u003e\u003ccode\u003e100e9a6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4951\"\u003e#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8faf1d7e0ca309983252e4f21837b73ee12e960f\"\u003e\u003ccode\u003e8faf1d7\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/2ca4a9fe4758fcd39d771d3d3a5b4840aacebdf7\"\u003e\u003ccode\u003e2ca4a9f\u003c/code\u003e\u003c/a\u003e Rely on re.sub to perform the decision in one expression.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/e409e8002932f2b86aae7b1abc8f8c2ebf96df2c\"\u003e\u003ccode\u003ee409e80\u003c/code\u003e\u003c/a\u003e Extract _sanitize method for sanitizing the filename.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b\"\u003e\u003ccode\u003e250a6d1\u003c/code\u003e\u003c/a\u003e Add a check to ensure the name resolves relative to the tmpdir.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a\"\u003e\u003ccode\u003ed8390fe\u003c/code\u003e\u003c/a\u003e Extract _resolve_download_filename with test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/4e1e89392de5cb405e7844cdc8b20fc2755dbaba\"\u003e\u003ccode\u003e4e1e893\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/3a3144f0d2887fa37c06550f42a101e9eebd953a\"\u003e\u003ccode\u003e3a3144f\u003c/code\u003e\u003c/a\u003e Fix typo: \u003ccode\u003epyproject.license\u003c/code\u003e -\u0026gt; \u003ccode\u003eproject.license\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4931\"\u003e#4931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d751068fd2627d6d8f1729e39cbcd8119049998f\"\u003e\u003ccode\u003ed751068\u003c/code\u003e\u003c/a\u003e Fix typo: pyproject.license -\u0026gt; project.license\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/setuptools/compare/v69.0.3...v78.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jupyter-ser...\n\n_Description has been truncated_\n\n---\n\n📦 This PR updates 19 Python dependencies across test requirement files, bringing packages to their latest versions with security fixes, bug fixes, and new features.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Security Updates**: Critical security fixes in urllib3 (CVE-2026-21441), requests (CVE-2026-25645), cryptography, and jinja2 (multiple CVEs)\n- **Major Version Bumps**: Black updated from 23.12.1 to 26.3.1, pytest from 7.4.4 to 9.0.3, scikit-learn from 1.3.2 to 1.5.0\n- **Jupyter Ecosystem**: Comprehensive updates to jupyter-server (2.12.5→2.18.0), jupyterlab (4.0.11→4.5.7), notebook (7.0.7→7.5.6)\n- **Infrastructure Libraries**: urllib3 major update (1.25.3→2.7.0), setuptools (69.0.3→78.1.1), cryptography (41.0.7→46.0.7)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 19 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[urllib3: Decompression bomb fixes]\n    C --\u003e F[requests: Malicious file replacement fix]\n    C --\u003e G[jinja2: Sandbox bypass fixes]\n    C --\u003e H[cryptography: Security patches]\n    D --\u003e I[Black: Jupyter notebook improvements]\n    D --\u003e J[pytest: Python 3.14 support]\n    D --\u003e K[scikit-learn: New ML features]\n    E --\u003e L[Updated Requirements Files]\n    F --\u003e L\n    G --\u003e L\n    H --\u003e L\n    I --\u003e L\n    J --\u003e L\n    K --\u003e L\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including decompression bomb vulnerabilities, malicious file replacement, and sandbox bypass issues\n- **Compatibility Improvements**: Adds Python 3.14 support in pytest, removes deprecated features, and improves Windows compatibility\n- **Development Experience**: Enhanced Jupyter notebook support, better error messages, improved type annotations, and performance optimizations\n- **Testing Infrastructure**: Updated pytest with better async support, improved error handling, and enhanced debugging capabilities\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/uv/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fuv/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4513707740","node_id":"PR_kwDOGmXyTM7e4JOh","number":136,"state":"open","title":"deps(deps): update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["automated","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T01:46:04.000Z","updated_at":"2026-05-25T01:48:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps): update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hostcc/pyg90alarm/pull/136","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hostcc%2Fpyg90alarm/issues/136","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/136/packages"},{"uuid":"4512747309","node_id":"PR_kwDOQGy9FM7e1OS3","number":1,"state":"open","title":"Bump the pip group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T19:58:20.000Z","updated_at":"2026-05-24T19:58:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":11,"packages":[{"name":"certifi","old_version":"2021.5.30","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"eventlet","old_version":"0.31.1","new_version":"0.41.0","repository_url":"https://github.com/eventlet/eventlet"},{"name":"flask","old_version":"2.0.1","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"gunicorn","old_version":"20.1.0","new_version":"22.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"3.2","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"3.0.1","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"python-socketio","old_version":"5.4.0","new_version":"5.14.0","repository_url":"https://github.com/miguelgrinberg/python-socketio"},{"name":"requests","old_version":"2.26.0","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.6","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"2.0.1","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"zipp","old_version":"3.5.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2021.5.30` | `2024.7.4` |\n| [eventlet](https://github.com/eventlet/eventlet) | `0.31.1` | `0.41.0` |\n| [flask](https://github.com/pallets/flask) | `2.0.1` | `3.1.3` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `20.1.0` | `22.0.0` |\n| [idna](https://github.com/kjd/idna) | `3.2` | `3.15` |\n| [jinja2](https://github.com/pallets/jinja) | `3.0.1` | `3.1.6` |\n| [python-socketio](https://github.com/miguelgrinberg/python-socketio) | `5.4.0` | `5.14.0` |\n| [requests](https://github.com/psf/requests) | `2.26.0` | `2.33.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.6` | `2.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.0.1` | `3.1.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.5.0` | `3.19.1` |\n\n\nUpdates `certifi` from 2021.5.30 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2021.05.30...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eventlet` from 0.31.1 to 0.41.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eventlet/eventlet/blob/master/NEWS\"\u003eeventlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.41.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to 3.14 for testing (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1086\"\u003e#1086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop 3.9 support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1085\"\u003e#1085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMore visible deprecation (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1077\"\u003e#1077\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.4\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove legacy setuptools configuration files (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1072\"\u003e#1072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd 3.14 to supported versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1070\"\u003e#1070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEmit warning on startup that eventlet is deprecated (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1065\"\u003e#1065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Python 3.14 on macOS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1067\"\u003e#1067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWorkaround for \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1068\"\u003e#1068\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1069\"\u003e#1069\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[SECURITY] Fix request smuggling vulnerability by discarding trailers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1062\"\u003e#1062\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.2\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility issues identified with Python 3.14 on Linux (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1058\"\u003e#1058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake database removal safer with IF EXISTS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1056\"\u003e#1056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare jobs and CI/CD for python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1055\"\u003e#1055\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] \u0026quot;Fix\u0026quot; fork() so it \u0026quot;works\u0026quot; on Python 3.13, and \u0026quot;works\u0026quot; better on older Python versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1047\"\u003e#1047\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eBehavior change: threads created by eventlet.green.threading.Thread and threading.Thead will be visible across both modules if monkey patching was used. Previously each module would only list threads created in that module.\u003c/li\u003e\n\u003cli\u003eBug fix: after fork(), greenlet threads are correctly listed in threading.enumerate() if monkey patching was used. You should not use fork()-without-execve().\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e[fix] Fix patching of removed URLopener class in Python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1053\"\u003e#1053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] ReferenceError except while count rlock (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1042\"\u003e#1042\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.utcfromtimestamp (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1050\"\u003e#1050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix][env] Remove duplicate steps (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1049\"\u003e#1049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.datetime.utcnow (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1046\"\u003e#1046\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Fix ssl test when linking against openssl 3.5 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1034\"\u003e#1034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop support Python 3.8 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1021\"\u003e#1021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[doc] Various doc updates (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/981\"\u003e#981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1033\"\u003e#1033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[env] Drop PyPy support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1035\"\u003e#1035\u003c/a\u003e \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1037\"\u003e#1037\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.39.1\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/5ec4b6dcd2e5bb41c63743bd59dedbce4a9c5381\"\u003e\u003ccode\u003e5ec4b6d\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.41.0 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1088\"\u003e#1088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/6de7dbbd71585e34ccbec99d220606febb286bb8\"\u003e\u003ccode\u003e6de7dbb\u003c/code\u003e\u003c/a\u003e Switch to 3.14 for testing, fix problems found along the way. (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1086\"\u003e#1086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/1ea81d9fbf12ce62a818ff9125ca14593c5506a7\"\u003e\u003ccode\u003e1ea81d9\u003c/code\u003e\u003c/a\u003e Drop 3.9 support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1085\"\u003e#1085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/62662af7002b531bed608c7dd73d81943ff638c9\"\u003e\u003ccode\u003e62662af\u003c/code\u003e\u003c/a\u003e More visible deprecation (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1077\"\u003e#1077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/f3254a1b401714f6dfdffa5045d25a4d36c76c06\"\u003e\u003ccode\u003ef3254a1\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.40.4 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1074\"\u003e#1074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/8cb20296f3455a1836cdbcbf1d3545666ee7f867\"\u003e\u003ccode\u003e8cb2029\u003c/code\u003e\u003c/a\u003e Remove legacy setuptools configuration files (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1072\"\u003e#1072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/220f82d843c0a57c267e77f0cc437e0b43be1cca\"\u003e\u003ccode\u003e220f82d\u003c/code\u003e\u003c/a\u003e add 3.14 to supported versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1070\"\u003e#1070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/01a3da5f9b552c7d58eb6de829d33f522d4b04cf\"\u003e\u003ccode\u003e01a3da5\u003c/code\u003e\u003c/a\u003e Emit warning on startup that eventlet is deprecated (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1065\"\u003e#1065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/1b2b959da1257dccd23956fda43d03dc6a28ca16\"\u003e\u003ccode\u003e1b2b959\u003c/code\u003e\u003c/a\u003e Fix Python 3.14 on macOS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1067\"\u003e#1067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d8bf4659cd8b178949cc2b1485b337d46bae6532\"\u003e\u003ccode\u003ed8bf465\u003c/code\u003e\u003c/a\u003e Workaround for \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1068\"\u003e#1068\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1069\"\u003e#1069\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eventlet/eventlet/compare/v0.31.1...0.41.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 2.0.1 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/2.0.1...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 20.1.0 to 22.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\r\n===================\r\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\u003c/li\u003e\n\u003cli\u003esupport Python 3.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eminimum version is Python 3.7\u003c/li\u003e\n\u003cli\u003ethe limitations on valid characters in the HTTP method have been bounded to Internet Standards\u003c/li\u003e\n\u003cli\u003erequests specifying unsupported transfer coding (order) are refused by default (rare)\u003c/li\u003e\n\u003cli\u003eHTTP methods are no longer casefolded by default (IANA method registry contains none affected)\u003c/li\u003e\n\u003cli\u003eHTTP methods containing the number sign (#) are no longer accepted by default (rare)\u003c/li\u003e\n\u003cli\u003eHTTP versions \u0026lt; 1.0 or \u0026gt;= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)\u003c/li\u003e\n\u003cli\u003eHTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted\u003c/li\u003e\n\u003cli\u003eHTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software\u003c/li\u003e\n\u003cli\u003eHTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)\u003c/li\u003e\n\u003cli\u003erequests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)\u003c/li\u003e\n\u003cli\u003eempty transfer codings are no longer permitted (reportedly seen with really old \u0026amp; broken proxies)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** SECURITY **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix CVE-2024-1135\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003col\u003e\n\u003cli\u003eDocumentation is available there: \u003ca href=\"https://docs.gunicorn.org/en/stable/news.html\"\u003ehttps://docs.gunicorn.org/en/stable/news.html\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackages: \u003ca href=\"https://pypi.org/project/gunicorn/\"\u003ehttps://pypi.org/project/gunicorn/\u003c/a\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eGunicorn 21.2.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 21.2.0 has been released.\u003c/strong\u003e This version fix the issue introduced in the threaded worker.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e21.2.0 - 2023-07-19\r\n===================\r\nfix thread worker: revert change considering connection as idle .\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/f63d59e4d73a8ee28748d2c700fb81c8780bc419\"\u003e\u003ccode\u003ef63d59e\u003c/code\u003e\u003c/a\u003e bump to 22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/4ac81e0a1037ba5b570323be7430e09caa233e38\"\u003e\u003ccode\u003e4ac81e0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3175\"\u003e#3175\u003c/a\u003e from e-kwsm/typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/401cecfaed85d79236c7a9a1f7d8946b01c466fc\"\u003e\u003ccode\u003e401cecf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3179\"\u003e#3179\u003c/a\u003e from dhdaines/exclude-eventlet-0360\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/0243ec39ef4fc1b479ff4e1659e165f0b980b571\"\u003e\u003ccode\u003e0243ec3\u003c/code\u003e\u003c/a\u003e fix(deps): exclude eventlet 0.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/628a0bcb61ef3a211d67dfd68ad1ba161cccb3b8\"\u003e\u003ccode\u003e628a0bc\u003c/code\u003e\u003c/a\u003e chore: fix typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/88fc4a43152039c28096c8ba3eeadb3fbaa4aff9\"\u003e\u003ccode\u003e88fc4a4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3131\"\u003e#3131\u003c/a\u003e from pajod/patch-py12-rebased\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/deae2fc4c5f93bfce59be5363055d4cd4ab1b0b6\"\u003e\u003ccode\u003edeae2fc\u003c/code\u003e\u003c/a\u003e CI: back off the agressive timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/f4703824c323fe6867dce0e2f11013b8de319353\"\u003e\u003ccode\u003ef470382\u003c/code\u003e\u003c/a\u003e docs: promise 3.12 compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/5e30bfa6b1a3e1f2bde7feb514d1734d28f39231\"\u003e\u003ccode\u003e5e30bfa\u003c/code\u003e\u003c/a\u003e add changelog to project.urls (updated for PEP621)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/481c3f9522edc58806a3efc5b49be4f202cc7700\"\u003e\u003ccode\u003e481c3f9\u003c/code\u003e\u003c/a\u003e remove setup.cfg - overridden by pyproject.toml\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/benoitc/gunicorn/compare/20.1.0...22.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.2 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.2...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.0.1 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.0.1...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-socketio` from 5.4.0 to 5.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/releases\"\u003epython-socketio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 5.14.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.13.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.12.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.12.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.4\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.3\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.10.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.8.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.7.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.7.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.7.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.6.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.5.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003epython-socketio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003epython-socketio change log\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.16.2\u003c/strong\u003e - 2026-05-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent unnecessary resource allocations \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1574\"\u003e#1574\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/ca140fe44d0ceb3004073645222abec182d8784b\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zizmor to CI builds \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1570\"\u003e#1570\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/664dc27ec6f34179ed1724430eda3520627fc642\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.16.1\u003c/strong\u003e - 2026-02-06\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse configured JSON module in managers \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1549\"\u003e#1549\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/6229261ae6e8c01e675097242e333ee84587a544\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdmin UI fixes: remove duplicate tasks, report transport upgrades (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/1c2eab13a92fac9e43663eb0b5f099eb1c40ea5b\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSwitch to Furo documentation template (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/add47d8c7abca697a2804141bbf29bfb095f7d5e\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Python free-threading to CI \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1554\"\u003e#1554\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/ccdd2004a038ae4b8171a05120c5d0787332f7ee\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.16.0\u003c/strong\u003e - 2025-12-24\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAddress deprecation warnings (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/b235699d9b06564753c570b76055997e9d62a938\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop Python 3.8 and 3.9 from CI builds (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/d0728d2f74538762dd551fa9cd0cd1fd5aedfa37\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.15.1\u003c/strong\u003e - 2025-12-16\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore support multiple arguments via pubsub emits \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1540\"\u003e#1540\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/c279f26bb8c9887c4ca99d4d81ad331c4844438c\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.15.0\u003c/strong\u003e - 2025-11-22\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRetry initial Redis connection \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1536\"\u003e#1534\u003c/a\u003e ([commit \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1\"\u003e#1\u003c/a\u003e](\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/1e903e173a2d7b04599c4f7f9630c1abbb531fad\"\u003ehttps://github.com/miguelgrinberg/python-socketio/commit/1e903e173a2d7b04599c4f7f9630c1abbb531fad\u003c/a\u003e) [commit \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/2\"\u003e#2\u003c/a\u003e](\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/5e898a9b93526e6e667767e54c60f4c84589989d\"\u003ehttps://github.com/miguelgrinberg/python-socketio/commit/5e898a9b93526e6e667767e54c60f4c84589989d\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eCorrectly regenerate RabbitMQ binding after a connection failure \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1516\"\u003e#1516\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/c52e93b4a328d98a968bfbdec0cfd598b73ee913\"\u003ecommit\u003c/a\u003e) (thanks \u003cstrong\u003eGritty_dev\u003c/strong\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eext_type\u003c/code\u003e in the \u003ccode\u003eMsgPackPacket\u003c/code\u003e class \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1521\"\u003e#1521\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/208925344a48485d2cd56e40eb74266c3bcb5311\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport sending \u003ccode\u003ebytesarray\u003c/code\u003es when using pub/sub managers (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/6c9b9974f72e2efdf62407ecab24ee6995448098\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typos in documentation \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1520\"\u003e#1520\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/db3f1c2a0105c30cb833ddfca8f05fe4320468fd\"\u003ecommit\u003c/a\u003e) (thanks \u003cstrong\u003eLê Nam Khánh\u003c/strong\u003e!)\u003c/li\u003e\n\u003cli\u003eImprovements to the logging documentation (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/b423d0e38eef559b7e81acb7e32059de305f982c\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.3\u003c/strong\u003e - 2025-10-29\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python's native \u003ccode\u003eConnectionRefusedError\u003c/code\u003e exception to reject a connection \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1515\"\u003e#1515\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/f3b18bde3f16437b223491d4c3e440ea37105fe3\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePush binary data to the aiopika client manager \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1514\"\u003e#1514\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/194e1b7f277b5f72e1de78d3f614e7b8b6c788ac\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.2\u003c/strong\u003e - 2025-10-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore binary message support in message queue setups \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1509\"\u003e#1509\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/bab4a10f48aaae11d7f832ebe5c30ad3f85d31b3\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix formatting of client connection error \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1507\"\u003e#1507\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/f298c9b54d76ab09ff72935937e1b9575bc45ffd\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd 3.14 and pypy-3.11 CI tasks (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/1f4cd3b025c294f25208ec3c05b5f8df6209e403\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove documentation of the \u003ccode\u003eBaseManager.get_participants()\u003c/code\u003e method (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/33722a0d96036f005188b07b8b46a5ef091fe65f\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.1\u003c/strong\u003e - 2025-10-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore support for \u003ccode\u003erediss://\u003c/code\u003e URLs, and add support for \u003ccode\u003evalkeys://\u003c/code\u003e as well (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/6e2d0de12bb4e4a99fdfc30bed0706ded620822c\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Redis connections using unix sockets \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1503\"\u003e#1503\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/a8deb3a8f3ee51d75c124157efa7fc9289fd592b\"\u003ecommit\u003c/a\u003e) (thanks \u003cstrong\u003eDarren Chang\u003c/strong\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.0\u003c/strong\u003e - 2025-09-30\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/400200e00625a49796b84baa44a09cd711fabe50\"\u003e\u003ccode\u003e400200e\u003c/code\u003e\u003c/a\u003e Release 5.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/53f6be094257ed81476b0e212c8cddd6d06ca39a\"\u003e\u003ccode\u003e53f6be0\u003c/code\u003e\u003c/a\u003e Replace pickle with json (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1502\"\u003e#1502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/a59c6f520059eb095ab4472e5192ce3e486875d9\"\u003e\u003ccode\u003ea59c6f5\u003c/code\u003e\u003c/a\u003e Fix: SimpleClient.call does not raise TimeoutError on timeout (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1501\"\u003e#1501\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/f61e0bec3750a83de619db9b779f9d93e449eade\"\u003e\u003ccode\u003ef61e0be\u003c/code\u003e\u003c/a\u003e wait for client to end background tasks on disconnect (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1500\"\u003e#1500\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/23556fb3dcb37074020494df40fb4495d47e7efe\"\u003e\u003ccode\u003e23556fb\u003c/code\u003e\u003c/a\u003e Fixed transport property of the simple clients to be a string as documented (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/e59acf146550d5c07f530a4766dfdfffda21e20c\"\u003e\u003ccode\u003ee59acf1\u003c/code\u003e\u003c/a\u003e Address failures of test suite on Mac (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1497\"\u003e#1497\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/36a89226a2fb18f876dcba48125a8c51904586ec\"\u003e\u003ccode\u003e36a8922\u003c/code\u003e\u003c/a\u003e Add support for valkey in the Redis client managers (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1488\"\u003e#1488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/5dc2aea077469ad318e47b28a84845c5efb6bdcf\"\u003e\u003ccode\u003e5dc2aea\u003c/code\u003e\u003c/a\u003e keep track of which namespaces failed to connect (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1496\"\u003e#1496\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/b3da354ed9eb46c0fb847c628b379ccae475a970\"\u003e\u003ccode\u003eb3da354\u003c/code\u003e\u003c/a\u003e Add message queue deployment recommendations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/3625fe821debf33e5430bff6375ec85056a5d95f\"\u003e\u003ccode\u003e3625fe8\u003c/code\u003e\u003c/a\u003e Bump eventlet from 0.35.2 to 0.40.3 in /examples/server/wsgi (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1491\"\u003e#1491\u003c/a\u003e) #nolog\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/compare/v5.4.0...v5.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.26.0 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.26.0...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.6 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable m...\n\n_Description has been truncated_","html_url":"https://github.com/thaliamontreux/OvenSpace/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/thaliamontreux%2FOvenSpace/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4506565730","node_id":"PR_kwDOSlaxQ87eiswO","number":12,"state":"open","title":"Bump zipp from 3.23.1 to 4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T02:34:22.000Z","updated_at":"2026-05-23T02:34:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.1 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.1\u0026new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/nludd25/openvino/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nludd25%2Fopenvino/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"4491187680","node_id":"PR_kwDOSSwFHc7dw07M","number":3,"state":"closed","title":"Bump the pip group across 23 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T02:22:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T02:19:12.000Z","updated_at":"2026-05-21T02:22:32.000Z","time_to_close":198,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":8,"packages":[{"name":"jinja2","old_version":"3.1.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"flask","old_version":"2.2.5","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"werkzeug","old_version":"2.2.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"cryptography","old_version":"42.0.5","new_version":"46.0.7","repository_url":"https://github.com/pyca/cryptography"},{"name":"pillow","old_version":"9.5.0","new_version":"12.2.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"zipp","old_version":"3.15.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 2 updates in the /benchmarks/XBEN-005-24/app directory: [idna](https://github.com/kjd/idna) and [jinja2](https://github.com/pallets/jinja).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-007-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-021-24/app directory: [idna](https://github.com/kjd/idna) and [jinja2](https://github.com/pallets/jinja).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-058-24/app directory: [idna](https://github.com/kjd/idna) and [jinja2](https://github.com/pallets/jinja).\nBumps the pip group with 1 update in the /benchmarks/XBEN-062-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-063-24/app/website directory: [flask](https://github.com/pallets/flask) and [pymysql](https://github.com/PyMySQL/PyMySQL).\nBumps the pip group with 1 update in the /benchmarks/XBEN-064-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-065-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-068-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-070-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-073-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-074-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-076-24/ssti-demo-app directory: [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 1 update in the /benchmarks/XBEN-082-24/api directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-082-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-087-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-089-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 4 updates in the /benchmarks/XBEN-091-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask), [werkzeug](https://github.com/pallets/werkzeug) and [cryptography](https://github.com/pyca/cryptography).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-094-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-100-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 6 updates in the /benchmarks/XBEN-101-24/app directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.3` | `3.1.6` |\n| [flask](https://github.com/pallets/flask) | `2.2.5` | `3.1.3` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.2.3` | `3.1.6` |\n| [cryptography](https://github.com/pyca/cryptography) | `42.0.5` | `46.0.7` |\n| [pillow](https://github.com/python-pillow/Pillow) | `9.5.0` | `12.2.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.15.0` | `3.19.1` |\n\nBumps the pip group with 1 update in the /benchmarks/XBEN-102-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-103-24/app directory: [flask](https://github.com/pallets/flask).\n\nUpdates `idna` from 3.7 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.4 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.4...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.4 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.4...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 3.0.3 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/3.0.3...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 3.0.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.6 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in multi-segment paths. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x\"\u003eGHSA-29vq-49wr-vm6x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/43?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/43?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless of extension or surrounding spaces. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-87hc-h4r5-73f7\"\u003eGHSA-87hc-h4r5-73f7\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3077\"\u003e#3077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with \u003ccode\u003epin_security=False\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3075\"\u003e#3075\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/42?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/42?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents reading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e already prevented writing to these. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2\"\u003eghsa-hgf8-39gv-g3f2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3020\"\u003e#3020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3054\"\u003e#3054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3067\"\u003e#3067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available source lines. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3044\"\u003e#3044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the distinction between WSGI and sans-IO responses. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3056\"\u003e#3056\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/41?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/41?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts \u003ccode\u003elist\u003c/code\u003e, \u003ccode\u003etuple\u003c/code\u003e, or \u003ccode\u003eset\u003c/code\u003e when passing multiple values. It had been changed to accept any \u003ccode\u003eCollection\u003c/code\u003e, but this matched types that should be treated as single values, such as \u003ccode\u003ebytes\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2994\"\u003e#2994\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the \u003ccode\u003eHost\u003c/code\u003e header is not set and \u003ccode\u003eRequest.host\u003c/code\u003e falls back to the WSGI \u003ccode\u003eSERVER_NAME\u003c/code\u003e value, if that value is an IPv6 address it is wrapped in \u003ccode\u003e[]\u003c/code\u003e to match the \u003ccode\u003eHost\u003c/code\u003e header. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2993\"\u003e#2993\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.2/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in\nmulti-segment paths. :ghsa:\u003ccode\u003e29vq-49wr-vm6x\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.make_conditional\u003c/code\u003e sets the \u003ccode\u003eAccept-Ranges\u003c/code\u003e header even if it\nis not a satisfiable range request. :issue:\u003ccode\u003e3108\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2026-01-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless\nof extension or surrounding spaces. :ghsa:\u003ccode\u003e87hc-h4r5-73f7\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\nThis fixes the previous attempt, which caused incorrect content lengths.\n:issue:\u003ccode\u003e3065\u003c/code\u003e :issue:\u003ccode\u003e3077\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with\n\u003ccode\u003epin_security=False\u003c/code\u003e. :issue:\u003ccode\u003e3075\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.4\u003c/h2\u003e\n\u003cp\u003eReleased 2025-11-28\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents\nreading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e\nalready prevented writing to these. :ghsa:\u003ccode\u003ehgf8-39gv-g3f2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. :pr:\u003ccode\u003e3020\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\n:issue:\u003ccode\u003e3065\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. :issue:\u003ccode\u003e3054\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. :issue:\u003ccode\u003e3067\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available\nsource lines. :issue:\u003ccode\u003e3044\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the\ndistinction between WSGI and sans-IO responses. :issue:\u003ccode\u003e3056\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/04da1b5221b7a7b57e82246e4b5741d37a6b2e56\"\u003e\u003ccode\u003e04da1b5\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d\"\u003e\u003ccode\u003ef407712\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f54fe98026253e70fbbcd35a6b52fb67cfff1c03\"\u003e\u003ccode\u003ef54fe98\u003c/code\u003e\u003c/a\u003e safe_join prevents Windows special device names in multi-segment paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/d005985ef69ffe3275eda8fb6fb25e074dbe871b\"\u003e\u003ccode\u003ed005985\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8565c2cbd6681ae8463e77d4fc0795324a7fdae7\"\u003e\u003ccode\u003e8565c2c\u003c/code\u003e\u003c/a\u003e document rule priority (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3102\"\u003e#3102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/3febc7e90072bffe04c27e6b7478dfc4f88930df\"\u003e\u003ccode\u003e3febc7e\u003c/code\u003e\u003c/a\u003e document rule priority\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2525b827646c10ab7adb334664e6a4af1b769181\"\u003e\u003ccode\u003e2525b82\u003c/code\u003e\u003c/a\u003e remove state machine docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/4abfbd553cdeb6d4e6fa693340d52b13c884079f\"\u003e\u003ccode\u003e4abfbd5\u003c/code\u003e\u003c/a\u003e rewrite build docstring (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3097\"\u003e#3097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/161c18b2a8800ae6ef377fb3cbdb933a878fea67\"\u003e\u003ccode\u003e161c18b\u003c/code\u003e\u003c/a\u003e rewrite build docstring\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/86e11c29e44726dae524cd9db11549b3b1ad681d\"\u003e\u003ccode\u003e86e11c2\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3085\"\u003e#3085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/3.0.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.7 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.4 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filte...\n\n_Description has been truncated_","html_url":"https://github.com/pellera9/validation-benchmarks/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pellera9%2Fvalidation-benchmarks/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4490521659","node_id":"PR_kwDOA-eq3c7duv0Y","number":2444,"state":"open","title":"Bump the pip group across 2 directories with 2 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T23:16:22.000Z","updated_at":"2026-05-21T00:54:24.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":2,"packages":[{"name":"requests","old_version":"2.34.1","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"requests","old_version":"2.34.1","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /.github/workflows directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 2 updates in the /scripts/copy_from_upstream directory: [requests](https://github.com/psf/requests) and [zipp](https://github.com/jaraco/zipp).\n\nUpdates `requests` from 2.34.1 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/psf/requests/compare/v2.34.1...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.34.1 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/psf/requests/compare/v2.34.1...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.23.1 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/open-quantum-safe/liboqs/pull/2444","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-quantum-safe%2Fliboqs/issues/2444","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2444/packages"},{"uuid":"4490491521","node_id":"PR_kwDOJusBKM7dupxH","number":1,"state":"open","title":"Bump the pip group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T23:09:09.000Z","updated_at":"2026-05-20T23:10:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":5,"packages":[{"name":"flask","old_version":"2.2.2","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"jinja2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"werkzeug","old_version":"2.2.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"zipp","old_version":"3.12.1","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"},{"name":"requests","old_version":"2.25.1","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 5 updates in the /docker-app directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [flask](https://github.com/pallets/flask) | `2.2.2` | `3.1.3` |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.6` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.2.2` | `3.1.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.12.1` | `3.19.1` |\n| [requests](https://github.com/psf/requests) | `2.25.1` | `2.33.0` |\n\n\nUpdates `flask` from 2.2.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/2.2.2...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 2.2.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.6 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in multi-segment paths. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x\"\u003eGHSA-29vq-49wr-vm6x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/43?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/43?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless of extension or surrounding spaces. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-87hc-h4r5-73f7\"\u003eGHSA-87hc-h4r5-73f7\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3077\"\u003e#3077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with \u003ccode\u003epin_security=False\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3075\"\u003e#3075\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/42?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/42?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents reading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e already prevented writing to these. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2\"\u003eghsa-hgf8-39gv-g3f2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3020\"\u003e#3020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3054\"\u003e#3054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3067\"\u003e#3067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available source lines. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3044\"\u003e#3044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the distinction between WSGI and sans-IO responses. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3056\"\u003e#3056\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/41?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/41?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts \u003ccode\u003elist\u003c/code\u003e, \u003ccode\u003etuple\u003c/code\u003e, or \u003ccode\u003eset\u003c/code\u003e when passing multiple values. It had been changed to accept any \u003ccode\u003eCollection\u003c/code\u003e, but this matched types that should be treated as single values, such as \u003ccode\u003ebytes\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2994\"\u003e#2994\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the \u003ccode\u003eHost\u003c/code\u003e header is not set and \u003ccode\u003eRequest.host\u003c/code\u003e falls back to the WSGI \u003ccode\u003eSERVER_NAME\u003c/code\u003e value, if that value is an IPv6 address it is wrapped in \u003ccode\u003e[]\u003c/code\u003e to match the \u003ccode\u003eHost\u003c/code\u003e header. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2993\"\u003e#2993\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.2/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in\nmulti-segment paths. :ghsa:\u003ccode\u003e29vq-49wr-vm6x\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.make_conditional\u003c/code\u003e sets the \u003ccode\u003eAccept-Ranges\u003c/code\u003e header even if it\nis not a satisfiable range request. :issue:\u003ccode\u003e3108\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2026-01-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless\nof extension or surrounding spaces. :ghsa:\u003ccode\u003e87hc-h4r5-73f7\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\nThis fixes the previous attempt, which caused incorrect content lengths.\n:issue:\u003ccode\u003e3065\u003c/code\u003e :issue:\u003ccode\u003e3077\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with\n\u003ccode\u003epin_security=False\u003c/code\u003e. :issue:\u003ccode\u003e3075\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.4\u003c/h2\u003e\n\u003cp\u003eReleased 2025-11-28\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents\nreading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e\nalready prevented writing to these. :ghsa:\u003ccode\u003ehgf8-39gv-g3f2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. :pr:\u003ccode\u003e3020\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\n:issue:\u003ccode\u003e3065\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. :issue:\u003ccode\u003e3054\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. :issue:\u003ccode\u003e3067\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available\nsource lines. :issue:\u003ccode\u003e3044\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the\ndistinction between WSGI and sans-IO responses. :issue:\u003ccode\u003e3056\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/04da1b5221b7a7b57e82246e4b5741d37a6b2e56\"\u003e\u003ccode\u003e04da1b5\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d\"\u003e\u003ccode\u003ef407712\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f54fe98026253e70fbbcd35a6b52fb67cfff1c03\"\u003e\u003ccode\u003ef54fe98\u003c/code\u003e\u003c/a\u003e safe_join prevents Windows special device names in multi-segment paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/d005985ef69ffe3275eda8fb6fb25e074dbe871b\"\u003e\u003ccode\u003ed005985\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8565c2cbd6681ae8463e77d4fc0795324a7fdae7\"\u003e\u003ccode\u003e8565c2c\u003c/code\u003e\u003c/a\u003e document rule priority (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3102\"\u003e#3102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/3febc7e90072bffe04c27e6b7478dfc4f88930df\"\u003e\u003ccode\u003e3febc7e\u003c/code\u003e\u003c/a\u003e document rule priority\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2525b827646c10ab7adb334664e6a4af1b769181\"\u003e\u003ccode\u003e2525b82\u003c/code\u003e\u003c/a\u003e remove state machine docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/4abfbd553cdeb6d4e6fa693340d52b13c884079f\"\u003e\u003ccode\u003e4abfbd5\u003c/code\u003e\u003c/a\u003e rewrite build docstring (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3097\"\u003e#3097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/161c18b2a8800ae6ef377fb3cbdb933a878fea67\"\u003e\u003ccode\u003e161c18b\u003c/code\u003e\u003c/a\u003e rewrite build docstring\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/86e11c29e44726dae524cd9db11549b3b1ad681d\"\u003e\u003ccode\u003e86e11c2\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3085\"\u003e#3085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/2.2.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.12.1 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.19.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved handling of malformed zip files. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.19.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement is_symlink. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.18.2\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.1\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBypass ZipFile.namelist in glob for better performance. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/106\"\u003e#106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactored glob functionality to support a more generalized solution with support for platform-specific path separators. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/108\"\u003e#108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd special accounting for pypy when computing the stack level for text encoding warnings. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.17.0\u003c/h1\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1cb72aa55e0536f35d2af128994b5a61ca4c1a\"\u003e\u003ccode\u003e6d1cb72\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd\"\u003e\u003ccode\u003efd604bd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/120\"\u003e#120\u003c/a\u003e from jaraco/bugfix/119-malformed-paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c18417ed2953e181728a7dac07bff88a2190abf7\"\u003e\u003ccode\u003ec18417e\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/58115d2be968644ce71ce6bcc9b79826c82a1806\"\u003e\u003ccode\u003e58115d2\u003c/code\u003e\u003c/a\u003e Employ SanitizedNames in CompleteDirs. Fixes broken test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/564fcc10cdbfdaecdb33688e149827465931c9e0\"\u003e\u003ccode\u003e564fcc1\u003c/code\u003e\u003c/a\u003e Add SanitizedNames mixin.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547\"\u003e\u003ccode\u003e79a309f\u003c/code\u003e\u003c/a\u003e Add some assertions about malformed paths.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/2d015c22348fab46ca765339f55f84fe9d6e8115\"\u003e\u003ccode\u003e2d015c2\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a595a0fad054cd20b69d3e954c99174e3a548938\"\u003e\u003ccode\u003ea595a0f\u003c/code\u003e\u003c/a\u003e Rename extras to align with core metadata spec.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/608f90a6e74919501577a1312dc5c7d8e1d391d7\"\u003e\u003ccode\u003e608f90a\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/3a22d724acf874111b43f87f7110225122ec3de5\"\u003e\u003ccode\u003e3a22d72\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/118\"\u003e#118\u003c/a\u003e from jaraco/feature/is-symlink\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.12.1...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.25.1 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.25.1...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/v4run75/SneakyBox/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/v4run75/SneakyBox/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/v4run75%2FSneakyBox/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4483648077","node_id":"PR_kwDOMpA0VM7dYeaJ","number":369,"state":"open","title":"Bump the dependabot group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T06:06:59.000Z","updated_at":"2026-05-20T08:16:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"dependabot","update_count":5,"packages":[{"name":"idna","old_version":"3.14","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"protobuf","old_version":"7.34.0","new_version":"7.35.0","repository_url":"https://github.com/protocolbuffers/protobuf"},{"name":"requests","old_version":"2.33.0","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"click","old_version":"8.3.1","new_version":"8.4.0","repository_url":"https://github.com/pallets/click"},{"name":"zipp","old_version":"3.23.0","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the dependabot group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [idna](https://github.com/kjd/idna) | `3.14` | `3.15` |\n| [protobuf](https://github.com/protocolbuffers/protobuf) | `7.34.0` | `7.35.0` |\n| [requests](https://github.com/psf/requests) | `2.33.0` | `2.34.2` |\n| [click](https://github.com/pallets/click) | `8.3.1` | `8.4.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `4.1.0` |\n\n\nUpdates `idna` from 3.14 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.14...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobuf` from 7.34.0 to 7.35.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protocolbuffers/protobuf/releases\"\u003eprotobuf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eProtocol Buffers v34.0-rc1\u003c/h2\u003e\n\u003ch1\u003eAnnouncements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis version includes breaking changes to: C++, Objective-C, PHP, Python.\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make generator headers private (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add [[nodiscard]] to many APIs. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make the arena-enabled constructors of \u003ccode\u003eRepeatedField\u003c/code\u003e, \u003ccode\u003eRepeatedPtrField\u003c/code\u003e, and \u003ccode\u003eMap\u003c/code\u003e private. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() \u0026amp;\u0026amp; !is_repeated()) instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] All entity names have length limit (2afb0dc)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003egenerate_minimal_imports\u003c/code\u003e generation option warning (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Fix nullability annotations on some \u003ccode\u003eGPB*Dictionary\u003c/code\u003e types. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003e-[GPBFieldDescriptor optional]\u003c/code\u003e (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Other] Remove deprecated flag for enabling MSVC support (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  Add PHP typehints for setters and remove redundant GPBUtil checks (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/pull/25296\"\u003eprotocolbuffers/protobuf#25296\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  support default values for editions/proto2 (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/pull/25161\"\u003eprotocolbuffers/protobuf#25161\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove float_format/double_format from python proto text_format (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove float_precision from python proto json_format (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove deprecated FieldDescriptor.label (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://protobuf.dev/news/\"\u003eProtobuf News\u003c/a\u003e may include additional announcements or pre-announcements for upcoming changes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://protobuf.dev/support/migration/\"\u003eMigration Guide\u003c/a\u003e may include additional guidance for breaking changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBazel\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/25168\"\u003e#25168\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBreaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat(bazel): wire up prebuilt protoc toolchain (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/24115\"\u003e#24115\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMigrate \u003ccode\u003eproto_descriptor_set\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/23369\"\u003e#23369\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eCompiler\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRuby codegen: support generation of rbs files (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/15633\"\u003e#15633\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid collision name problems between a message named \u003ccode\u003eXyz\u003c/code\u003e and a direct sibling enum named \u003ccode\u003eXyzView\u003c/code\u003e (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGeneralizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug with custom features outside of the \u003ccode\u003epb\u003c/code\u003e package. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix import option handling when include_imports isn't set. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent accidental stripping of \u003ccode\u003edebug_redact\u003c/code\u003e options via import option. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eC++\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd EnumerateEnumValues function. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.33.0 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.1\u003c/h2\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/k223kim\"\u003e\u003ccode\u003e@​k223kim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7433\"\u003epsf/requests#7433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.0\u003c/h2\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. \u003cstrong\u003eWe believe types are comprehensive but if you find issues, please\nreport them to the \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003epinned tracking issue\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. We believe types are comprehensive but if you find issues, please\nreport them to the pinned tracking issue.\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\nproxy_bypass implementation has been updated with CPython's fix from\nbpo-39057. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer incorrectly strips duplicate leading slashes in\nURI paths. This should address user issues with specific presigned\nURLs. Note the full fix requires urllib3 2.7.0+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7315\"\u003e#7315\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224\"\u003e\u003ccode\u003eb7b549b\u003c/code\u003e\u003c/a\u003e v2.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe\"\u003e\u003ccode\u003ee511bc7\u003c/code\u003e\u003c/a\u003e Fix mutability issues with headers input types (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61\"\u003e\u003ccode\u003e5691f59\u003c/code\u003e\u003c/a\u003e Update JsonType containers to read-based collections (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035\"\u003e\u003ccode\u003e2144213\u003c/code\u003e\u003c/a\u003e Constrain Response.reason to str (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232\"\u003e\u003ccode\u003e6404f34\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eprepare_body\u003c/code\u003e stream detection for \u003ccode\u003e__getattr__\u003c/code\u003e-based file wrappers (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7\"\u003e#7\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca\"\u003e\u003ccode\u003e0b401c7\u003c/code\u003e\u003c/a\u003e v2.34.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4\"\u003e\u003ccode\u003e86b378d\u003c/code\u003e\u003c/a\u003e Align Session.get parameters with requests.get (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7429\"\u003e#7429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f\"\u003e\u003ccode\u003ea4f9a59\u003c/code\u003e\u003c/a\u003e Port bpo-39057 to Requests (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.33.0...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.1 to 8.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.\u003c/p\u003e\n\u003cp\u003eWe encourage everyone to upgrade. You can read more about our \u003ca href=\"https://palletsprojects.com/versions\"\u003eVersion Support Policy\u003c/a\u003e on our website.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.0/\"\u003ehttps://pypi.org/project/click/8.4.0/\u003c/a\u003e\nChanges:  \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-0\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-0\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParamType\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3371\"\u003e#3371\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3372\"\u003e#3372\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParameter\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2805\"\u003e#2805\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2745\"\u003e#2745\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3364\"\u003e#3364\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAuto-detect \u003ccode\u003etype=UNPROCESSED\u003c/code\u003e for \u003ccode\u003eflag_value\u003c/code\u003e of non-basic types\n(not \u003ccode\u003estr\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e, \u003ccode\u003efloat\u003c/code\u003e, or \u003ccode\u003ebool\u003c/code\u003e), so programmer-provided\nPython objects like classes and enum members are passed through unchanged\ninstead of being stringified. Previously \u003ccode\u003etype=click.UNPROCESSED\u003c/code\u003e had\nto be set explicitly. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2012\"\u003e#2012\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3363\"\u003e#3363\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe error hint now uses \u003ccode\u003eCommand.get_help_option_names\u003c/code\u003e to pick\nnon-shadowed help option names, so \u003ccode\u003eTry '... -h'\u003c/code\u003e no longer points to a\nsubcommand option that shadows \u003ccode\u003e-h\u003c/code\u003e. All surviving names are shown\n(\u003ccode\u003e-h/--help\u003c/code\u003e). \u003ca href=\"https://redirect.github.com/pallets/click/issues/2790\"\u003e#2790\u003c/a\u003e  \u003ca href=\"https://redirect.github.com/pallets/click/issues/3208\"\u003e#3208\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix readline functionality on non-Windows platforms. Prompt text is now\npassed directly to readline instead of being printed separately, allowing\nproper backspace, line editing, and line wrapping behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2968\"\u003e#2968\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.4.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-17\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e3371\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n:pr:\u003ccode\u003e3372\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e2805\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\n:issue:\u003ccode\u003e2745\u003c/code\u003e :pr:\u003ccode\u003e3364\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAuto-detect \u003ccode\u003etype=UNPROCESSED\u003c/code\u003e for \u003ccode\u003eflag_value\u003c/code\u003e of non-basic types\n(not \u003ccode\u003estr\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e, \u003ccode\u003efloat\u003c/code\u003e, or \u003ccode\u003ebool\u003c/code\u003e), so programmer-provided\nPython objects like classes and enum members are passed through unchanged\ninstead of being stringified. Previously \u003ccode\u003etype=click.UNPROCESSED\u003c/code\u003e had\nto be set explicitly. :issue:\u003ccode\u003e2012\u003c/code\u003e :pr:\u003ccode\u003e3363\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe error hint now uses :meth:\u003ccode\u003eCommand.get_help_option_names\u003c/code\u003e to pick\nnon-shadowed help option names, so \u003ccode\u003eTry '... -h'\u003c/code\u003e no longer points to a\nsubcommand option that shadows \u003ccode\u003e-h\u003c/code\u003e. All surviving names are shown\n(\u003ccode\u003e-h/--help\u003c/code\u003e). :issue:\u003ccode\u003e2790\u003c/code\u003e :pr:\u003ccode\u003e3208\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix readline functionality on non-Windows platforms. Prompt text is now\npassed directly to readline instead of being printed separately, allowing\nproper backspace, line editing, and line wrapping behavior. :issue:\u003ccode\u003e2968\u003c/code\u003e\n:pr:\u003ccode\u003e2969\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse :func:\u003ccode\u003eos.startfile\u003c/code\u003e on Windows to open URLs in :func:\u003ccode\u003eopen_url\u003c/code\u003e,\nreplacing the \u003ccode\u003estart\u003c/code\u003e built-in which cannot be invoked without\n\u003ccode\u003eshell=True\u003c/code\u003e. :issue:\u003ccode\u003e3164\u003c/code\u003e :pr:\u003ccode\u003e3186\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix Fish shell completion errors when option help text contains newlines.\n:issue:\u003ccode\u003e3043\u003c/code\u003e :pr:\u003ccode\u003e3126\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/41f410fb7528305d7e87c8cfa704f6c2456f57fc\"\u003e\u003ccode\u003e41f410f\u003c/code\u003e\u003c/a\u003e Release 8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/e3e69e3bf8d749ac1a632f2ece4d38ec7f6588f5\"\u003e\u003ccode\u003ee3e69e3\u003c/code\u003e\u003c/a\u003e Add type annotations for instance attributes in \u003ccode\u003eutils\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3422\"\u003e#3422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/3bb230dcd5d751f8605b46e9df5a541639d5fd4e\"\u003e\u003ccode\u003e3bb230d\u003c/code\u003e\u003c/a\u003e WIP: Fix \u003ccode\u003eHelpFormatter.write_usage\u003c/code\u003e producing spurious characters (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3434\"\u003e#3434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/63274a79d08fdc5c19220696144489f7144a8547\"\u003e\u003ccode\u003e63274a7\u003c/code\u003e\u003c/a\u003e \u003ccode\u003eclick.get_pager_file\u003c/code\u003e: add tests (\u003ca href=\"https://redirect.github.com/pallets/click/issues/1572\"\u003e#1572\u003c/a\u003e followup) (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/0551bf53588ae87f462d336f24f853a156fefe3a\"\u003e\u003ccode\u003e0551bf5\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eHelpFormatter.write_usage\u003c/code\u003e producing spurious characters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/fc41aa1d0b62494eb93e92ff3929601221e3abf4\"\u003e\u003ccode\u003efc41aa1\u003c/code\u003e\u003c/a\u003e Apply class-body annotations to \u003ccode\u003eKeepOpenFile\u003c/code\u003e for consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/b761eda3bad977ec2f485451d85fd8ec365f0bf4\"\u003e\u003ccode\u003eb761eda\u003c/code\u003e\u003c/a\u003e Skip some tests on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/98302ac4f49e443a48abd3fbb95c86202b89547d\"\u003e\u003ccode\u003e98302ac\u003c/code\u003e\u003c/a\u003e Check \u003ccode\u003ePAGER\u003c/code\u003e usage, color preservation and edge-cases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/dbdae170879d460e78963f8af35c5cb9c5b86e89\"\u003e\u003ccode\u003edbdae17\u003c/code\u003e\u003c/a\u003e Fix documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/1aa2d53d63ff68bf14b35931177aac9270e39713\"\u003e\u003ccode\u003e1aa2d53\u003c/code\u003e\u003c/a\u003e Redesigned tests and get_pager_file branching to be more clear and not set color\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.1...8.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.23.0 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.0...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/google/sedpack/pull/369","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsedpack/issues/369","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/369/packages"},{"uuid":"4481489624","node_id":"PR_kwDOHTtbCs7dRqqg","number":174,"state":"open","title":"deps(deps): update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["dependencies","automated"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T22:21:42.000Z","updated_at":"2026-05-19T22:24:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps): update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hostcc/energomera-hass-mqtt/pull/174","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hostcc%2Fenergomera-hass-mqtt/issues/174","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/174/packages"},{"uuid":"4480113211","node_id":"PR_kwDOPNnOdc7dNIT2","number":9,"state":"closed","title":"Build(deps): Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-23T20:22:12.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T18:48:59.000Z","updated_at":"2026-05-23T20:22:22.000Z","time_to_close":351193,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Build(deps): Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/1121citrus/ha-offsite-backups/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/1121citrus%2Fha-offsite-backups/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4480113049","node_id":"PR_kwDOOgrlFM7dNIRw","number":13,"state":"closed","title":"Build(deps): Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-23T20:22:18.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T18:48:57.000Z","updated_at":"2026-05-23T20:22:26.000Z","time_to_close":351201,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Build(deps): Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/1121citrus/rotate-aws-backups/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/1121citrus%2Frotate-aws-backups/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"4474239914","node_id":"PR_kwDOCEmvW87c6G3U","number":261,"state":"closed","title":"chore(deps): bump zipp from 3.23.1 to 4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-23T23:14:39.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T03:49:08.000Z","updated_at":"2026-05-23T23:14:48.000Z","time_to_close":415531,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.1 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.1\u0026new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/saidsef/ml-classifier/pull/261","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/saidsef%2Fml-classifier/issues/261","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/261/packages"},{"uuid":"4473286400","node_id":"PR_kwDODe2eOM7c3F2S","number":481,"state":"open","title":"chore(deps): bump zipp from 3.23.1 to 4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T23:33:53.000Z","updated_at":"2026-05-18T23:34:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.1 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.1\u0026new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/saidsef/scapy-containerised/pull/481","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/saidsef%2Fscapy-containerised/issues/481","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/481/packages"},{"uuid":"4473230364","node_id":"PR_kwDONgNt1M7c26Si","number":74,"state":"closed","title":"Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2026-05-18T23:21:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T23:19:41.000Z","updated_at":"2026-05-18T23:21:32.000Z","time_to_close":110,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/PythonTemplate/pull/74","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2FPythonTemplate/issues/74","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/74/packages"},{"uuid":"4473230186","node_id":"PR_kwDONgNt1M7c26QU","number":73,"state":"closed","title":"Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-18T23:19:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T23:19:38.000Z","updated_at":"2026-05-18T23:20:40.000Z","time_to_close":14,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/PythonTemplate/pull/73","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2FPythonTemplate/issues/73","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/73/packages"},{"uuid":"4467864475","node_id":"PR_kwDOSgnht87cldUT","number":15,"state":"open","title":"Bump zipp from 3.23.0 to 3.23.1 in /backend","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T09:21:18.000Z","updated_at":"2026-05-18T09:21:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":"/backend","ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.0 to 3.23.1.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/157860e9d6a793787d22a3ba5ac238799065b9b7\"\u003e\u003ccode\u003e157860e\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/0c7638af5f0efd1a21bd15395726a1fb3926db2c\"\u003e\u003ccode\u003e0c7638a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/135\"\u003e#135\u003c/a\u003e from barneygale/fix-134\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1e280b31551cdf62645a441b44cec4f9f34c45\"\u003e\u003ccode\u003e6d1e280\u003c/code\u003e\u003c/a\u003e Update news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/0b072355dd6fcca620cd784b0ad22badf4e273ff\"\u003e\u003ccode\u003e0b07235\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-134\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c5f40d3757c797352970884e6156ccf311bc921b\"\u003e\u003ccode\u003ec5f40d3\u003c/code\u003e\u003c/a\u003e Moved none_as to _functools.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f7bdf7cc2227b18567378cd859709d44f8179c47\"\u003e\u003ccode\u003ef7bdf7c\u003c/code\u003e\u003c/a\u003e Use :zipfile: to designate an unnamed zipfile.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/e7956b726b1a19d7eae225a3c71de714af354530\"\u003e\u003ccode\u003ee7956b7\u003c/code\u003e\u003c/a\u003e Mark 3.21 as Python 3.15.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.0...v3.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.0\u0026new-version=3.23.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DamDoh/myGCNUdom/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DamDoh%2FmyGCNUdom/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"},{"uuid":"4459255827","node_id":"PR_kwDOJuLwIc7cLiZW","number":1,"state":"open","title":"Bump the pip group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T08:27:40.000Z","updated_at":"2026-05-16T08:28:12.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":10,"packages":[{"name":"certifi","old_version":"2022.12.7","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"flask","old_version":"2.2.2","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"python-dotenv","old_version":"0.21.0","new_version":"1.2.2","repository_url":"https://github.com/theskumar/python-dotenv"},{"name":"requests","old_version":"2.28.1","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"},{"name":"tqdm","old_version":"4.64.1","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"urllib3","old_version":"1.26.13","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"2.2.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"zipp","old_version":"3.11.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.12.7` | `2024.7.4` |\n| [flask](https://github.com/pallets/flask) | `2.2.2` | `3.1.3` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.6` |\n| [python-dotenv](https://github.com/theskumar/python-dotenv) | `0.21.0` | `1.2.2` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.33.0` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.64.1` | `4.66.3` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.13` | `2.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.2.2` | `3.1.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.11.0` | `3.19.1` |\n\n\nUpdates `certifi` from 2022.12.7 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.12.07...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 2.2.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/2.2.2...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7 (2024-04-11)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.6 (2023-11-25)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.5 (2023-11-24)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-dotenv` from 0.21.0 to 1.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/theskumar/python-dotenv/releases\"\u003epython-dotenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.2.2\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.14, including the free-threaded (3.14t) build. (#)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003edotenv run\u003c/code\u003e command now forwards flags directly to the specified command by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/607\"\u003etheskumar/python-dotenv#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation clarity regarding override behavior and the reference page.\u003c/li\u003e\n\u003cli\u003eUpdated PyPy support to version 3.11.\u003c/li\u003e\n\u003cli\u003eDocumentation for FIFO file support.\u003c/li\u003e\n\u003cli\u003eSupport for Python 3.9.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved \u003ccode\u003eset_key\u003c/code\u003e and \u003ccode\u003eunset_key\u003c/code\u003e behavior when interacting with symlinks by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311\"\u003e#790c5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrected the license specifier and added missing Python 3.14 classifiers in package metadata by \u003ca href=\"https://github.com/JYOuyang\"\u003e\u003ccode\u003e@​JYOuyang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/590\"\u003etheskumar/python-dotenv#590\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e and \u003ccode\u003edotenv.unset_key\u003c/code\u003e used to follow symlinks in some\nsituations. This is no longer the case. For that behavior to be restored in\nall cases, \u003ccode\u003efollow_symlinks=True\u003c/code\u003e should be used.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIn the CLI, \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e used to follow symlinks in some situations. This\nis no longer the case.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e, \u003ccode\u003edotenv.unset_key\u003c/code\u003e and the CLI commands \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e\nused to reset the file mode of the modified .env file to \u003ccode\u003e0o600\u003c/code\u003e in some\nsituations. This is no longer the case: The original mode of the file is now\npreserved. Is the file needed to be created or wasn't a regular file, mode\n\u003ccode\u003e0o600\u003c/code\u003e is used.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip 000 permission tests for root user by \u003ca href=\"https://github.com/burnout-projects\"\u003e\u003ccode\u003e@​burnout-projects\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/561\"\u003etheskumar/python-dotenv#561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 in the github-actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/593\"\u003etheskumar/python-dotenv#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Windows testing to CI by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/604\"\u003etheskumar/python-dotenv#604\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove workflow efficiency with best practices by \u003ca href=\"https://github.com/theskumar\"\u003e\u003ccode\u003e@​theskumar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/609\"\u003etheskumar/python-dotenv#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove the use of \u003ccode\u003esh\u003c/code\u003e in tests by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/612\"\u003etheskumar/python-dotenv#612\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/JYOuyang\"\u003e\u003ccode\u003e@​JYOuyang\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/590\"\u003etheskumar/python-dotenv#590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/burnout-projects\"\u003e\u003ccode\u003e@​burnout-projects\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/561\"\u003etheskumar/python-dotenv#561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cpackham-atlnz\"\u003e\u003ccode\u003e@​cpackham-atlnz\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/597\"\u003etheskumar/python-dotenv#597\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2\"\u003ehttps://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md\"\u003epython-dotenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[1.2.2] - 2026-03-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.14, including the free-threaded (3.14t) build. (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003edotenv run\u003c/code\u003e command now forwards flags directly to the specified command by [\u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/607\"\u003e#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation clarity regarding override behavior and the reference page.\u003c/li\u003e\n\u003cli\u003eUpdated PyPy support to version 3.11.\u003c/li\u003e\n\u003cli\u003eDocumentation for FIFO file support.\u003c/li\u003e\n\u003cli\u003eDropped Support for Python 3.9.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved \u003ccode\u003eset_key\u003c/code\u003e and \u003ccode\u003eunset_key\u003c/code\u003e behavior when interacting with symlinks by [\u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e] in [790c5c0]\u003c/li\u003e\n\u003cli\u003eCorrected the license specifier and added missing Python 3.14 classifiers in package metadata by [\u003ca href=\"https://github.com/JYOuyang\"\u003e\u003ccode\u003e@​JYOuyang\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/590\"\u003e#590\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e and \u003ccode\u003edotenv.unset_key\u003c/code\u003e used to follow symlinks in some\nsituations. This is no longer the case. For that behavior to be restored in\nall cases, \u003ccode\u003efollow_symlinks=True\u003c/code\u003e should be used.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIn the CLI, \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e used to follow symlinks in some situations. This\nis no longer the case.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e, \u003ccode\u003edotenv.unset_key\u003c/code\u003e and the CLI commands \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e\nused to reset the file mode of the modified .env file to \u003ccode\u003e0o600\u003c/code\u003e in some\nsituations. This is no longer the case: The original mode of the file is now\npreserved. Is the file needed to be created or wasn't a regular file, mode\n\u003ccode\u003e0o600\u003c/code\u003e is used.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.2.1] - 2025-10-26\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove more config to \u003ccode\u003epyproject.toml\u003c/code\u003e, removed \u003ccode\u003esetup.cfg\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for reading \u003ccode\u003e.env\u003c/code\u003e from FIFOs (Unix) by [\u003ca href=\"https://github.com/sidharth-sudhir\"\u003e\u003ccode\u003e@​sidharth-sudhir\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/586\"\u003e#586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.2.0] - 2025-10-26\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade build system to use PEP 517 \u0026amp; PEP 518 to use \u003ccode\u003ebuild\u003c/code\u003e and \u003ccode\u003epyproject.toml\u003c/code\u003e by [\u003ca href=\"https://github.com/EpicWink\"\u003e\u003ccode\u003e@​EpicWink\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/583\"\u003e#583\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.14 by [\u003ca href=\"https://github.com/23f3001135\"\u003e\u003ccode\u003e@​23f3001135\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/579\"\u003e#579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for disabling of \u003ccode\u003eload_dotenv()\u003c/code\u003e using \u003ccode\u003ePYTHON_DOTENV_DISABLED\u003c/code\u003e env var. by [\u003ca href=\"https://github.com/matthewfranglen\"\u003e\u003ccode\u003e@​matthewfranglen\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/569\"\u003e#569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.1.1] - 2025-06-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Ensure \u003ccode\u003efind_dotenv\u003c/code\u003e work reliably on python 3.13 by [\u003ca href=\"https://github.com/theskumar\"\u003e\u003ccode\u003e@​theskumar\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/563\"\u003e#563\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/36004e0e34be7665ff2b11a8a4005144f76f176d\"\u003e\u003ccode\u003e36004e0\u003c/code\u003e\u003c/a\u003e Bump version: 1.2.1 → 1.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/eb202520e5933c9daf42501e1e42fdb0144002c8\"\u003e\u003ccode\u003eeb20252\u003c/code\u003e\u003c/a\u003e docs: update changelog for v1.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311\"\u003e\u003ccode\u003e790c5c0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/43340da220fb4ca4f95357bbe21a3c7f8f1278b1\"\u003e\u003ccode\u003e43340da\u003c/code\u003e\u003c/a\u003e Remove the use of \u003ccode\u003esh\u003c/code\u003e in tests (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/612\"\u003e#612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/09d7cee32459e7abdcb5c9d8122a552589c06a9c\"\u003e\u003ccode\u003e09d7cee\u003c/code\u003e\u003c/a\u003e docs: clarify override behavior and document FIFO support (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/610\"\u003e#610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/c8de2887c00198c22842c5ae5e92d1747467363c\"\u003e\u003ccode\u003ec8de288\u003c/code\u003e\u003c/a\u003e ci: improve workflow efficiency with best practices (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/609\"\u003e#609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/7bd9e3dbfedc0983ad7d56d5570013035242bdf4\"\u003e\u003ccode\u003e7bd9e3d\u003c/code\u003e\u003c/a\u003e Add Windows testing to CI (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/604\"\u003e#604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/1baaf04f336072e0ee324d5df9563ec767f14f81\"\u003e\u003ccode\u003e1baaf04\u003c/code\u003e\u003c/a\u003e Drop Python 3.9 support and update to PyPy 3.11 (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/608\"\u003e#608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/4a22cf8993804aeede0c20b75bb1a29d3a99e9dc\"\u003e\u003ccode\u003e4a22cf8\u003c/code\u003e\u003c/a\u003e ci: enable testing on Python 3.14t (free-threaded) (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/e2e8e776b42e382ae38b44d3982dd649e7507dd4\"\u003e\u003ccode\u003ee2e8e77\u003c/code\u003e\u003c/a\u003e Fix license specifier (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/theskumar/python-dotenv/compare/v0.21.0...v1.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tqdm` from 4.64.1 to 4.66.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tqdm/tqdm/releases\"\u003etqdm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003etqdm v4.66.3 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecli\u003c/code\u003e: \u003ccode\u003eeval\u003c/code\u003e safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epandas\u003c/code\u003e: add \u003ccode\u003eDataFrame.progress_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003enotebook\u003c/code\u003e: fix HTML padding (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1506\"\u003e#1506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ekeras\u003c/code\u003e: fix resuming training when \u003ccode\u003everbose\u0026gt;=2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1508\"\u003e#1508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eformat_num\u003c/code\u003e negative fractions missing leading zero (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix Python 3.12 \u003ccode\u003eDeprecationWarning\u003c/code\u003e on \u003ccode\u003eimport\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003elinting: use f-strings (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003epandas\u003c/code\u003e warnings\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/airspeed-velocity/asv/issues/1323\"\u003eairspeed-velocity/asv#1323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix macos \u003ccode\u003enotebook\u003c/code\u003e docstring indentation\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCI: bump actions (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003eutils.envwrap\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1493\"\u003e#1493\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1320\"\u003e#1320\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/966\"\u003e#966\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1319\"\u003e#1319\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. cloudwatch \u0026amp; kubernetes workaround: \u003ccode\u003eexport TQDM_POSITION=-1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edrop mentions of unsupported Python versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eenvironment variables to override defaults (\u003ccode\u003eTQDM_*\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1061\"\u003e#1061\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/950\"\u003e#950\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/614\"\u003e#614\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1318\"\u003e#1318\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/619\"\u003e#619\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/612\"\u003e#612\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/370\"\u003e#370\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. in CI jobs, \u003ccode\u003eexport TQDM_MININTERVAL=5\u003c/code\u003e to avoid log spam\u003c/li\u003e\n\u003cli\u003eadd tests \u0026amp; docs for \u003ccode\u003etqdm.utils.envwrap\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CLI completion\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update API docs\u003c/li\u003e\n\u003cli\u003eminor code tidy: replace \u003ccode\u003eos.path\u003c/code\u003e =\u0026gt; \u003ccode\u003epathlib.Path\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003efix docs image hosting\u003c/li\u003e\n\u003cli\u003erelease with CI bot account again (\u003ca href=\"https://redirect.github.com/cli/cli/issues/6680\"\u003ecli/cli#6680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eexclude \u003ccode\u003eexamples\u003c/code\u003e from distributed wheel (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1492\"\u003e#1492\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emigrate \u003ccode\u003esetup.{cfg,py}\u003c/code\u003e =\u0026gt; \u003ccode\u003epyproject.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e benchmarks\u003c/li\u003e\n\u003cli\u003eupdate docs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix snap build (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix flaky notebook tests\u003c/li\u003e\n\u003cli\u003ebump \u003ccode\u003epre-commit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ebump workflow actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd Python 3.11 and drop Python 3.6 support (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1439\"\u003e#1439\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1419\"\u003e#1419\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/502\"\u003e#502\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/720\"\u003e#720\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/620\"\u003e#620\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emisc code \u0026amp; docs tidy\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CI workflows \u0026amp; tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316\"\u003e\u003ccode\u003e4e613f8\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g7vv-2v7x-gj9p\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721\"\u003e\u003ccode\u003eb53348c\u003c/code\u003e\u003c/a\u003e cli: eval safety\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/cc372d09dcd5a5eabdc6ed4cf365bdb0be004d44\"\u003e\u003ccode\u003ecc372d0\u003c/code\u003e\u003c/a\u003e bump version, merge pull request \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e from tqdm/devel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/e9f0c05097dc167031575391d83240d37556f098\"\u003e\u003ccode\u003ee9f0c05\u003c/code\u003e\u003c/a\u003e use PyPI trusted publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/7323d5bcc9b032d525f9d6468a9713f5be9c4174\"\u003e\u003ccode\u003e7323d5b\u003c/code\u003e\u003c/a\u003e slight makefile clean\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/5306125133d76e0f9326d747d29781fefe273c77\"\u003e\u003ccode\u003e5306125\u003c/code\u003e\u003c/a\u003e tests: bump pre-commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4a6fd4f690a4add231f4bef601521ed9bee513fb\"\u003e\u003ccode\u003e4a6fd4f\u003c/code\u003e\u003c/a\u003e fix datetime.utcfromtimestamp py3.12 warning (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/6f13759f4a0e1047a09732e72f6d07e44d3e6855\"\u003e\u003ccode\u003e6f13759\u003c/code\u003e\u003c/a\u003e tests: fix macos notebook indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/3abcd2ac90ecb01ac7f64071af600f803eab6a21\"\u003e\u003ccode\u003e3abcd2a\u003c/code\u003e\u003c/a\u003e tests: fix asv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/a4d15c8e2f6c7322c1a1cd1d845927f037281da1\"\u003e\u003ccode\u003ea4d15c8\u003c/code\u003e\u003c/a\u003e tests: fix pandas warnings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tqdm/tqdm/compare/v4.64.1...v4.66.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.13 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been read and decompressed partially. (Reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or \u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed using the official \u003ca href=\"https://pypi.org/project/brotli/\"\u003eBrotli\u003c/a\u003e library. (Reported by \u003ca href=\"https://github.com/kimkou2024\"\u003e\u003ccode\u003e@​kimkou2024\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee GHSA-mf9v-mfxr-j63j for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip sensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by \u003ca href=\"https://github.com/christos-spearbit\"\u003e\u003ccode\u003e@​christos-spearbit\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3763\"\u003eurllib3/urllib3#3763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3720\"\u003eurllib3/urllib3#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003eurllib3/urllib3#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3777\"\u003eurllib3/urllib3#3777\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed data buffered from previous partial reads. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3636\"\u003eurllib3/urllib3#3636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the response after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4967\"\u003eurllib3/urllib3#4967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.stream()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to handle \u003ccode\u003eamt=0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3793\"\u003eurllib3/urllib3#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003e_TYPE_BODY\u003c/code\u003e type alias to include missing \u003ccode\u003eIterable[str]\u003c/code\u003e, matching the documented and runtime behavior of chunked request bodies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3798\"\u003eurllib3/urllib3#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eLocationParseError\u003c/code\u003e when paths resembling schemeless URIs were passed to \u003ccode\u003eHTTPConnectionPool.urlopen()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3352\"\u003eurllib3/urllib3#3352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eBaseHTTPResponse.readinto()\u003c/code\u003e type annotation to accept \u003ccode\u003ememoryview\u003c/code\u003e in addition to \u003ccode\u003ebytearray\u003c/code\u003e, matching the \u003ccode\u003eio.RawIOBase.readinto\u003c/code\u003e contract and enabling use with \u003ccode\u003eio.BufferedReader\u003c/code\u003e without type errors. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3764\"\u003eurllib3/urllib3#3764\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.7.0 (2026-05-07)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues.\nImpact was limited to specific use cases detailed in the accompanying\nadvisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been\nread and decompressed partially.\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or\n\u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed\nusing the official \u003ccode\u003eBrotli \u0026lt;https://pypi.org/project/brotli/\u0026gt;\u003c/code\u003e__ library.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee \u003ccode\u003eGHSA-mf9v-mfxr-j63j \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j\u0026gt;\u003c/code\u003e__\nfor details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip\nsensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when\nredirecting to a different host.\n(\u003ccode\u003eGHSA-qccp-gfcp-xxvc \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\u0026gt;\u003c/code\u003e__)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better\nvisibility of existing deprecation notices. Rescheduled the removal of\ndeprecated features to version 3.0.\n(\u003ccode\u003e[#3763](https://github.com/urllib3/urllib3/issues/3763) \u0026lt;https://github.com/urllib3/urllib3/issues/3763\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9.\n(\u003ccode\u003e[#3720](https://github.com/urllib3/urllib3/issues/3720) \u0026lt;https://github.com/urllib3/urllib3/issues/3720\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10.\n(\u003ccode\u003e[#4979](https://github.com/urllib3/urllib3/issues/4979) \u0026lt;https://github.com/urllib3/urllib3/issues/4979\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0.\n(\u003ccode\u003e[#3777](https://github.com/urllib3/urllib3/issues/3777) \u0026lt;https://github.com/urllib3/urllib3/issues/3777\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed\ndata buffered from previous partial reads.\n(\u003ccode\u003e[#3636](https://github.com/urllib3/urllib3/issues/3636) \u0026lt;https://github.com/urllib3/urllib3/issues/3636\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the\nresponse after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9a950b92d999f906b6020bb2d1076ee56cddd5d2\"\u003e\u003ccode\u003e9a950b9\u003c/code\u003e\u003c/a\u003e Release 2.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc\"\u003e\u003ccode\u003e5ec0de4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2bdcc44d1e163fb5cc48a8662425e35e15adfe6a\"\u003e\u003ccode\u003e2bdcc44\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f45b0df09d8620ac6ed0491eb9362c8c87b7bc2c\"\u003e\u003ccode\u003ef45b0df\u003c/code\u003e\u003c/a\u003e Fix a misleading example for \u003ccode\u003eProxyManager\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/577193ca029872384f82c133449e0935f6d8a64b\"\u003e\u003ccode\u003e577193c\u003c/code\u003e\u003c/a\u003e Switch to nightly PyPy3.11 in CI for now (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4984\"\u003e#4984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/e90af45bb006c3a452a3a21644a2681523f5c7fc\"\u003e\u003ccode\u003ee90af45\u003c/code\u003e\u003c/a\u003e Avoid infinite loop in \u003ccode\u003eHTTPResponse.read_chunked\u003c/code\u003e when \u003ccode\u003eamt=0\u003c/code\u003e (\u003ca href=\"https...\n\n_Description has been truncated_","html_url":"https://github.com/adrianwedd/Openai-Dialogflow-CX-ES-Python/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrianwedd%2FOpenai-Dialogflow-CX-ES-Python/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4451620456","node_id":"PR_kwDOSV9uT87bzHgX","number":79,"state":"open","title":"build(deps): bump the simple group across 1 directory with 21 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T05:52:17.000Z","updated_at":"2026-05-15T05:52:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"simple","update_count":21,"packages":[{"name":"agate","old_version":"1.9.1","new_version":"1.14.2","repository_url":"https://github.com/wireservice/agate"},{"name":"certifi","old_version":"2026.2.25","new_version":"2026.4.22","repository_url":"https://github.com/certifi/python-certifi"},{"name":"click","old_version":"8.3.2","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"dbt-adapters","old_version":"1.22.10","new_version":"1.23.0","repository_url":"https://github.com/dbt-labs/dbt-adapters"},{"name":"dbt-common","old_version":"1.37.3","new_version":"1.38.0","repository_url":"https://github.com/dbt-labs/dbt-common"},{"name":"dbt-core","old_version":"1.11.7","new_version":"1.11.9","repository_url":"https://github.com/dbt-labs/dbt-core"},{"name":"dbt-protos","old_version":"1.0.443","new_version":"1.0.491","repository_url":"https://github.com/dbt-labs/proto-python-public"},{"name":"dbt-semantic-interfaces","old_version":"0.9.0","new_version":"0.10.5"},{"name":"idna","old_version":"3.11","new_version":"3.14","repository_url":"https://github.com/kjd/idna"},{"name":"isodate","old_version":"0.6.1","new_version":"0.7.2","repository_url":"https://github.com/gweis/isodate"},{"name":"mashumaro","old_version":"3.9","new_version":"3.21","repository_url":"https://github.com/Fatal1ty/mashumaro"},{"name":"networkx","old_version":"3.4.2","new_version":"3.6.1","repository_url":"https://github.com/networkx/networkx"},{"name":"packaging","old_version":"26.0","new_version":"26.2","repository_url":"https://github.com/pypa/packaging"},{"name":"psycopg2-binary","old_version":"2.9.11","new_version":"2.9.12","repository_url":"https://github.com/psycopg/psycopg2"},{"name":"pydantic","old_version":"2.12.5","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-core","old_version":"2.41.5","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pytz","old_version":"2026.1.post1","new_version":"2026.2","repository_url":"https://github.com/stub42/pytz"},{"name":"requests","old_version":"2.33.1","new_version":"2.34.0","repository_url":"https://github.com/psf/requests"},{"name":"sqlparse","old_version":"0.5.4","new_version":"0.5.5","repository_url":"https://github.com/andialbrecht/sqlparse"},{"name":"urllib3","old_version":"2.6.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the simple group with 21 updates in the /misc/dbt-materialize directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [agate](https://github.com/wireservice/agate) | `1.9.1` | `1.14.2` |\n| [certifi](https://github.com/certifi/python-certifi) | `2026.2.25` | `2026.4.22` |\n| [click](https://github.com/pallets/click) | `8.3.2` | `8.3.3` |\n| [dbt-adapters](https://github.com/dbt-labs/dbt-adapters) | `1.22.10` | `1.23.0` |\n| [dbt-common](https://github.com/dbt-labs/dbt-common) | `1.37.3` | `1.38.0` |\n| [dbt-core](https://github.com/dbt-labs/dbt-core) | `1.11.7` | `1.11.9` |\n| [dbt-protos](https://github.com/dbt-labs/proto-python-public) | `1.0.443` | `1.0.491` |\n| dbt-semantic-interfaces | `0.9.0` | `0.10.5` |\n| [idna](https://github.com/kjd/idna) | `3.11` | `3.14` |\n| [isodate](https://github.com/gweis/isodate) | `0.6.1` | `0.7.2` |\n| [mashumaro](https://github.com/Fatal1ty/mashumaro) | `3.9` | `3.21` |\n| [networkx](https://github.com/networkx/networkx) | `3.4.2` | `3.6.1` |\n| [packaging](https://github.com/pypa/packaging) | `26.0` | `26.2` |\n| [psycopg2-binary](https://github.com/psycopg/psycopg2) | `2.9.11` | `2.9.12` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.5` | `2.46.4` |\n| [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` |\n| [requests](https://github.com/psf/requests) | `2.33.1` | `2.34.0` |\n| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.5.4` | `0.5.5` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `3.23.1` |\n\n\nUpdates `agate` from 1.9.1 to 1.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wireservice/agate/blob/master/CHANGELOG.rst\"\u003eagate's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.14.2 - February 27, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.from_csv\u003c/code\u003e on empty CSV.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.1 - January 15, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.join\u003c/code\u003e was joining incorrectly when \u003ccode\u003efull_outer=True\u003c/code\u003e and \u003ccode\u003eleft_key\u003c/code\u003e and \u003ccode\u003eright_key\u003c/code\u003e were sequences.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.0 - December 15, 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.print_table\u003c/code\u003e replaces newlines with \u003ccode\u003e↵\u003c/code\u003e to avoid broken output.\u003c/li\u003e\n\u003cli\u003eAdd Python 3.13 and 3.14 support. Drop support for end-of-life versions 3.8 and 3.9.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.13.0 - January 29, 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.order_by\u003c/code\u003e sorts None as equal to None.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.12.0 - July 29, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: :class:\u003ccode\u003e.Number\u003c/code\u003e accepts a \u003ccode\u003eno_leading_zeroes\u003c/code\u003e keyword argument, to indicate whether to disallow numbers with leading zeroes (not including a single zero, or a single zero before a decimal).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.11.0 - May 27, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: The \u003ccode\u003ekey\u003c/code\u003e argument to :meth:\u003ccode\u003e.Table.to_json\u003c/code\u003e errors if two values are equal, even if their CSV representation is different: for example, \u0026quot;1/1/2020\u0026quot; and \u0026quot;01/01/2020\u0026quot;. However, until now, this was not the case for numbers: for example, \u0026quot;3.0\u0026quot; was treated as unequal to \u0026quot;3.00\u0026quot;.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 - April 28, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Version 1.10.0 errors on piped data.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 - April 28, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Version 1.10.0 errors on empty tables and seeks to the file's beginning, instead of to the original offset.\u003c/li\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Number.csvify\u003c/code\u003e returns a \u003ccode\u003eDecimal\u003c/code\u003e (or \u003ccode\u003eNone\u003c/code\u003e), instead of \u003ccode\u003estr\u003c/code\u003e. :meth:\u003ccode\u003e.Table.to_csv\u003c/code\u003e with \u003ccode\u003equoting=csv.QUOTE_NONNUMERIC\u003c/code\u003e now works.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 - April 27, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efeat: :meth:\u003ccode\u003e.Table.from_csv\u003c/code\u003e reads the file line by line. If \u003ccode\u003ecolumn_types\u003c/code\u003e is a :class:\u003ccode\u003e.TypeTester\u003c/code\u003e, it reads the file into memory. (\u003ca href=\"https://redirect.github.com/wireservice/agate/issues/778\"\u003e#778\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: Fix :meth:\u003ccode\u003e.TableSet.print_structure\u003c/code\u003e for nested tablesets. (\u003ca href=\"https://redirect.github.com/wireservice/agate/issues/765\"\u003e#765\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e.. code-block:: python\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/eab4f62e6cf1c9a0d68c4c3c9faace91355f49da\"\u003e\u003ccode\u003eeab4f62\u003c/code\u003e\u003c/a\u003e build: Iterate the version number. Add \u003ca href=\"https://github.com/karthiksai109\"\u003e\u003ccode\u003e@​karthiksai109\u003c/code\u003e\u003c/a\u003e to authors.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/2897c4162d7d9f9a7e37be9a2a0585a27d469b88\"\u003e\u003ccode\u003e2897c41\u003c/code\u003e\u003c/a\u003e Handle empty CSV input in Table.from_csv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/479a18d6bf896f332406f211d4cea6702bf719e3\"\u003e\u003ccode\u003e479a18d\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/download-artifact from 7 to 8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/f8cc6c908c96ca5c1442b5077d722ec1329df8ca\"\u003e\u003ccode\u003ef8cc6c9\u003c/code\u003e\u003c/a\u003e ci: Migrate from Coveralls to Codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/2934ae7a8c61cf7f628abdb5e19831bc622888d8\"\u003e\u003ccode\u003e2934ae7\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/wireservice/agate/issues/799\"\u003e#799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/553e30ac3a856deffb64178e77a7024bec93028a\"\u003e\u003ccode\u003e553e30a\u003c/code\u003e\u003c/a\u003e build: Use automatic package discovery to fix stray files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/c36a7afcafd1516e3c0f6c535e7a0bffa06b11b0\"\u003e\u003ccode\u003ec36a7af\u003c/code\u003e\u003c/a\u003e docs: Update references to setup.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/cc2062fdc9c4fa65ac826836e0aeeef1a42f6b22\"\u003e\u003ccode\u003ecc2062f\u003c/code\u003e\u003c/a\u003e ci: Use pyproject.toml for cache-dependency-path\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/e8b5961c4750f425328408ea633d99a193069b11\"\u003e\u003ccode\u003ee8b5961\u003c/code\u003e\u003c/a\u003e ci: Run apt update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/f69a0389f728750ac605ac70916877ebc0b2cef1\"\u003e\u003ccode\u003ef69a038\u003c/code\u003e\u003c/a\u003e fix: Fix full_outer when left_key and right_key are sequences, closes \u003ca href=\"https://redirect.github.com/wireservice/agate/issues/795\"\u003e#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/wireservice/agate/compare/1.9.1...1.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2026.2.25 to 2026.4.22\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/5dddfb072243da27adde885b73ba9b809c3224ca\"\u003e\u003ccode\u003e5dddfb0\u003c/code\u003e\u003c/a\u003e 2026.04.22 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/410\"\u003e#410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/f99eccdaf87f7c10e521a58a700ca3eb94a0787e\"\u003e\u003ccode\u003ef99eccd\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/918bed055f7291719512af186c1c24710f845660\"\u003e\u003ccode\u003e918bed0\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 7.0.0 to 7.0.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/405\"\u003e#405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/0a49067eb434e53e1f8df5f7707d5dc05ef9def4\"\u003e\u003ccode\u003e0a49067\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/403\"\u003e#403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/acf6ce8e39e3b125f4349e11904295e4fe4c1bed\"\u003e\u003ccode\u003eacf6ce8\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 8.0.0 to 8.0.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/398\"\u003e#398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/feb0ed26163a9417ea0fb8eb52d47e79fcf202ab\"\u003e\u003ccode\u003efeb0ed2\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 7.0.0 to 8.0.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/397\"\u003e#397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/d9c11a50369cc377abb40f7909ded3d6da4d98a3\"\u003e\u003ccode\u003ed9c11a5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/396\"\u003e#396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2026.02.25...2026.04.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.2 to 8.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.3.3\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.3/\"\u003ehttps://pypi.org/project/click/8.3.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-3\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/1026\"\u003e#1026\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/1477\"\u003e#1477\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2775\"\u003e#2775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3298\"\u003e#3298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3299\"\u003e#3299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3238\"\u003e#3238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3224\"\u003e#3224\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/654\"\u003e#654\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/824\"\u003e#824\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/843\"\u003e#843\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/951\"\u003e#951\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3235\"\u003e#3235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3177\"\u003e#3177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2836\"\u003e#2836\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2837\"\u003e#2837\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3165\"\u003e#3165\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3262\"\u003e#3262\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3280\"\u003e#3280\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3111\"\u003e#3111\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3189\"\u003e#3189\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3250\"\u003e#3250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2865\"\u003e#2865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2879\"\u003e#2879\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.3.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-20\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n:issue:\u003ccode\u003e1026\u003c/code\u003e :pr:\u003ccode\u003e1477\u003c/code\u003e :pr:\u003ccode\u003e2775\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. :issue:\u003ccode\u003e3298\u003c/code\u003e :pr:\u003ccode\u003e3299\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. :pr:\u003ccode\u003e3238\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n:issue:\u003ccode\u003e3224\u003c/code\u003e :pr:\u003ccode\u003e3240\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n:issue:\u003ccode\u003e654\u003c/code\u003e :issue:\u003ccode\u003e824\u003c/code\u003e :issue:\u003ccode\u003e843\u003c/code\u003e :pr:\u003ccode\u003e951\u003c/code\u003e :pr:\u003ccode\u003e3235\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. :pr:\u003ccode\u003e3151\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. :pr:\u003ccode\u003e3151\u003c/code\u003e :pr:\u003ccode\u003e3177\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. :issue:\u003ccode\u003e2836\u003c/code\u003e :pr:\u003ccode\u003e2837\u003c/code\u003e :pr:\u003ccode\u003e3165\u003c/code\u003e :pr:\u003ccode\u003e3262\u003c/code\u003e :pr:\u003ccode\u003e3280\u003c/code\u003e\n:pr:\u003ccode\u003e3328\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. :issue:\u003ccode\u003e3111\u003c/code\u003e :pr:\u003ccode\u003e3239\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. :issue:\u003ccode\u003e3189\u003c/code\u003e :pr:\u003ccode\u003e3250\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n:issue:\u003ccode\u003e2865\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. :issue:\u003ccode\u003e2879\u003c/code\u003e :pr:\u003ccode\u003e3248\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c06d2d0a6aee6bcc50bd8257be2a4a592f4e75d0\"\u003e\u003ccode\u003ec06d2d0\u003c/code\u003e\u003c/a\u003e Release 8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/f1f191ecd2c790b161187c78e7c88440e9524e5c\"\u003e\u003ccode\u003ef1f191e\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3343\"\u003e#3343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/bb59ba0fd279ca085d1113f0499b6a602ca31081\"\u003e\u003ccode\u003ebb59ba0\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4a352253c9ff013e36d11e4a6820d36d00ff2cd4\"\u003e\u003ccode\u003e4a35225\u003c/code\u003e\u003c/a\u003e Reduce blast-radius of \u003ccode\u003eUNSET\u003c/code\u003e in \u003ccode\u003edefault_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c07bb936de43fd303f9cfbefe248ab23fd2199c8\"\u003e\u003ccode\u003ec07bb93\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into unset-in-default-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c7e1ba8448cbcb2cdd9c1c7f4a592e863dcc3995\"\u003e\u003ccode\u003ec7e1ba8\u003c/code\u003e\u003c/a\u003e Reorder \u003ccode\u003eParameterSource\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/76552ff1e8c85837f911fc34037e702ae4327eda\"\u003e\u003ccode\u003e76552ff\u003c/code\u003e\u003c/a\u003e Show default string in prompt (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/ac5cec5fe54e5a691e7bac17f441ce9498e0744c\"\u003e\u003ccode\u003eac5cec5\u003c/code\u003e\u003c/a\u003e Reorder ParameterSource from most to least explicit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c452e00e6772931b7071d9316b82b77e5b8f280\"\u003e\u003ccode\u003e8c452e0\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into show-default-string-in-prompt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c95c73bd5ef89eac638f85f1904a104ba4b1a32\"\u003e\u003ccode\u003e8c95c73\u003c/code\u003e\u003c/a\u003e Reconcile default value passing and default activation (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.2...8.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-adapters` from 1.22.10 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-adapters/blob/main/dbt-adapters/CHANGELOG.md\"\u003edbt-adapters's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-adapters 1.23.0 - May 07, 2026\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd scaffolding for resolving function relations from data warehouses (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1488\"\u003e#1488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded --empty support for dbt seed (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1865\"\u003e#1865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for python 3.14 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/12098\"\u003e#12098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix snapshot UNION ALL type mismatch when adding new source columns with hard_deletes=new_record by casting NULL placeholders to the correct data type (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty catalog tables before merge to prevent agate type conflicts during \u003ccode\u003edbt docs generate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1833\"\u003e#1833\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tauhidanjum\"\u003e\u003ccode\u003e@​tauhidanjum\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1833\"\u003e#1833\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dbt-labs/dbt-adapters/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-common` from 1.37.3 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-common/blob/main/CHANGELOG.md\"\u003edbt-common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-common 1.38.0 - May 04, 2026\u003c/h2\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExplicitly keep bool serde as a passthrough for mashumaro 3.15+ compat with versions before 3.15 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-common/issues/12098\"\u003e#12098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-common 1.37.5 - April 23, 2026\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds public helper functions for event deferral functionality (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-common/issues/12339\"\u003e#12339\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-common 1.37.4 - April 23, 2026\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd event deferral capability to EventManager (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-common/issues/12339\"\u003e#12339\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dbt-labs/dbt-common/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-core` from 1.11.7 to 1.11.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-core/releases\"\u003edbt-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-core v1.11.9\u003c/h2\u003e\n\u003ch2\u003edbt-core 1.11.9 - May 06, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003estatic_analysis: off\u003c/code\u003e being interpreted as boolean \u003ccode\u003efalse\u003c/code\u003e instead of string \u003ccode\u003e\u0026quot;off\u0026quot;\u003c/code\u003e in manifest.json (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix state:modified not detecting .yml property changes for resource_type:function (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate jsonschemas for more accurate deprecation warnings: macro.config should not warn (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u1 to 13.23-0+deb11u2 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u2 to 13.23-0+deb11u3 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Thrasi\"\u003e\u003ccode\u003e@​Thrasi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/b-per\"\u003e\u003ccode\u003e@​b-per\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michelleark\"\u003e\u003ccode\u003e@​michelleark\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tauhid621\"\u003e\u003ccode\u003e@​tauhid621\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e, \u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-core v1.11.8\u003c/h2\u003e\n\u003ch2\u003edbt-core 1.11.8 - April 08, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to compile command to fix REST Catalog-Linked database compilation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12353\"\u003e#12353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove logic for detecting config with missing plus prefix in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12371\"\u003e#12371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd config and allow meta and docs to exist under it for macros (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12383\"\u003e#12383\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/9447\"\u003e#9447\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDBT_ENGINE\u003c/code\u003e prefixed env vars picked up by CLI (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12583\"\u003e#12583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow deferral for UDFs (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12080\"\u003e#12080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve full node description while running udfs for better logging (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12600\"\u003e#12600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise PropertyMovedToConfigDeprecation instead of MissingArgumentsPropertyInGenericTestDeprecation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12572\"\u003e#12572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to test command to fix custom catalog integration support (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise custom key in config deprecation warning for invalid config keys in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12542\"\u003e#12542\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure MAX_GROUPING_TOKENS and MAX_GROUPING_DEPTH default to None independently (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure property depr checks check for aliases with plus prefix (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12327\"\u003e#12327\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnable display of unit tests ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/501\"\u003e#501\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/501\"\u003edbt-labs/dbt-docs#501\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eUnit tests not rendering ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/506\"\u003e#506\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/506\"\u003edbt-labs/dbt-docs#506\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for Saved Query node ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/486\"\u003e#486\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/486\"\u003edbt-labs/dbt-docs#486\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eFix npm security vulnerabilities as of June 2024 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/513\"\u003e#513\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/513\"\u003edbt-labs/dbt-docs#513\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eBump form-data from 3.0.1 to 3.0.4 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/554\"\u003e#554\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/554\"\u003edbt-labs/dbt-docs#554\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for UDF (function) resource type in lineage graph ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/574\"\u003e#574\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/574\"\u003edbt-labs/dbt-docs#574\u003c/a\u003e))\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-core/blob/v1.11.9/CHANGELOG.md\"\u003edbt-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-core 1.11.9 - May 06, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003estatic_analysis: off\u003c/code\u003e being interpreted as boolean \u003ccode\u003efalse\u003c/code\u003e instead of string \u003ccode\u003e\u0026quot;off\u0026quot;\u003c/code\u003e in manifest.json (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix state:modified not detecting .yml property changes for resource_type:function (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate jsonschemas for more accurate deprecation warnings: macro.config should not warn (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u1 to 13.23-0+deb11u2 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u2 to 13.23-0+deb11u3 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Thrasi\"\u003e\u003ccode\u003e@​Thrasi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/b-per\"\u003e\u003ccode\u003e@​b-per\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michelleark\"\u003e\u003ccode\u003e@​michelleark\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tauhid621\"\u003e\u003ccode\u003e@​tauhid621\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e, \u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-core 1.11.8 - April 08, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to compile command to fix REST Catalog-Linked database compilation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12353\"\u003e#12353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove logic for detecting config with missing plus prefix in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12371\"\u003e#12371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd config and allow meta and docs to exist under it for macros (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12383\"\u003e#12383\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/9447\"\u003e#9447\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDBT_ENGINE\u003c/code\u003e prefixed env vars picked up by CLI (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12583\"\u003e#12583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow deferral for UDFs (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12080\"\u003e#12080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve full node description while running udfs for better logging (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12600\"\u003e#12600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise PropertyMovedToConfigDeprecation instead of MissingArgumentsPropertyInGenericTestDeprecation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12572\"\u003e#12572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to test command to fix custom catalog integration support (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise custom key in config deprecation warning for invalid config keys in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12542\"\u003e#12542\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure MAX_GROUPING_TOKENS and MAX_GROUPING_DEPTH default to None independently (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure property depr checks check for aliases with plus prefix (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12327\"\u003e#12327\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnable display of unit tests ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/501\"\u003e#501\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/501\"\u003edbt-labs/dbt-docs#501\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eUnit tests not rendering ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/506\"\u003e#506\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/506\"\u003edbt-labs/dbt-docs#506\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for Saved Query node ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/486\"\u003e#486\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/486\"\u003edbt-labs/dbt-docs#486\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eFix npm security vulnerabilities as of June 2024 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/513\"\u003e#513\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/513\"\u003edbt-labs/dbt-docs#513\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eBump form-data from 3.0.1 to 3.0.4 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/554\"\u003e#554\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/554\"\u003edbt-labs/dbt-docs#554\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for UDF (function) resource type in lineage graph ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/574\"\u003e#574\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/574\"\u003edbt-labs/dbt-docs#574\u003c/a\u003e))\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/c8cafcd97850d5cf8e159ac16b0f05cf342affaa\"\u003e\u003ccode\u003ec8cafcd\u003c/code\u003e\u003c/a\u003e Bumping version to 1.11.9 and generate changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/9b39f55060936ab520961298d07ff04fd0b8eb35\"\u003e\u003ccode\u003e9b39f55\u003c/code\u003e\u003c/a\u003e Bump libpq-dev to 13.23-0+deb11u3 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12906\"\u003e#12906\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12907\"\u003e#12907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/610abeee7bc42e5dbb4ba2f8527677b9b1e4e816\"\u003e\u003ccode\u003e610abee\u003c/code\u003e\u003c/a\u003e bring in latest jsonschema updates, add macros config test to happy path proj...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/53c8c121f2b919a5db29bbccecdb7a6b16394975\"\u003e\u003ccode\u003e53c8c12\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003estatic_analysis: off\u003c/code\u003e interpreted as boolean false (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12515\"\u003e#12515\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/184eb45c3f4c574d90162e428412f2542357d422\"\u003e\u003ccode\u003e184eb45\u003c/code\u003e\u003c/a\u003e fix: state:modified does not detect .yml property changes for resource_type:f...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/ecea2e764188951178284a24b58d5578f83dfe03\"\u003e\u003ccode\u003eecea2e7\u003c/code\u003e\u003c/a\u003e Bump libpq-dev from 13.23-0+deb11u1 to 13.23-0+deb11u2 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12806\"\u003e#12806\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12807\"\u003e#12807\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/154c77f34380b27ea237e7bb99cf44400df7f366\"\u003e\u003ccode\u003e154c77f\u003c/code\u003e\u003c/a\u003e Update version for libpq-dev in Dockerfile (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12373\"\u003e#12373\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12801\"\u003e#12801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/6d86efdc9a84aa8d9f8432a263bd0d956437959d\"\u003e\u003ccode\u003e6d86efd\u003c/code\u003e\u003c/a\u003e [Automated] Merged prep-release/1.11.8_24147166240 into target 1.11.latest du...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/725ec855bcc0238afc16818494dd6c74b10fab25\"\u003e\u003ccode\u003e725ec85\u003c/code\u003e\u003c/a\u003e Bumping version to 1.11.8 and generate changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/5bbdb593c7b559aa815329f67a8f3320332064c5\"\u003e\u003ccode\u003e5bbdb59\u003c/code\u003e\u003c/a\u003e improve independent default settings of sqlparse.MAX_GROUPING_TOKENS and MAX_...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dbt-labs/dbt-core/compare/v1.11.7...v1.11.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-protos` from 1.0.443 to 1.0.491\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/97db584a8e659a0019ce8cf5cf038379863a7756\"\u003e\u003ccode\u003e97db584\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.491\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/09710535d04d2f8a2b4535136dfbc2f6ce5c46f1\"\u003e\u003ccode\u003e0971053\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.490\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/8d573a619bfd288d470768ff9df2937a1efb3c36\"\u003e\u003ccode\u003e8d573a6\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.489\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/34143857acdeebeab8d8cdad559b9f299054abd7\"\u003e\u003ccode\u003e3414385\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.488\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/ed8a6851db625dcf5c3fe9fc2ae2cb6f37201e0c\"\u003e\u003ccode\u003eed8a685\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.487\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/83eb2484aa266075170453cc4d4695ec5634c578\"\u003e\u003ccode\u003e83eb248\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.486\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/8e0648a0efea3a19c498c5ba3af37c49fd98d160\"\u003e\u003ccode\u003e8e0648a\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.485\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/c1970d51eb9a669fde6fa9948100c101d434d4f3\"\u003e\u003ccode\u003ec1970d5\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.484\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/5fcfdf0b65ebb0da0ad22282b5c27d11fb17f479\"\u003e\u003ccode\u003e5fcfdf0\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.483\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/ed0b440ac573a0f956a477b8518bd12a74c3dc92\"\u003e\u003ccode\u003eed0b440\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.482\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dbt-labs/proto-python-public/compare/v1.0.443...v1.0.491\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-semantic-interfaces` from 0.9.0 to 0.10.5\n\nUpdates `idna` from 3.11 to 3.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/37b6b7497aee4805f7a74a7d86206ac05be9669a\"\u003e\u003ccode\u003e37b6b74\u003c/code\u003e\u003c/a\u003e Release v3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead\"\u003e\u003ccode\u003e628fef8\u003c/code\u003e\u003c/a\u003e Use valid_string_length() for early oversized-input check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1e26c7fd93c67995422af9d1f071f45ee6433fd0\"\u003e\u003ccode\u003e1e26c7f\u003c/code\u003e\u003c/a\u003e Tweak release wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ab5668fb6eaf4254d91d6993c0b23e98e21202fb\"\u003e\u003ccode\u003eab5668f\u003c/code\u003e\u003c/a\u003e Pre-release 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c0dda4501df5d91c3181ce6f962dc5de74e82cc1\"\u003e\u003ccode\u003ec0dda45\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b7391f4c240bf2eae80eaed0a2ef7c2e0496af96\"\u003e\u003ccode\u003eb7391f4\u003c/code\u003e\u003c/a\u003e Add docstrings to package (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0f4a28d88f8cce54269f0b6a42edf5e6a5424319\"\u003e\u003ccode\u003e0f4a28d\u003c/code\u003e\u003c/a\u003e Raise IDNAError on non-string input to encode/decode (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/224\"\u003e#224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7e6df7196e6396b5b84b9530eab8272b5ad51898\"\u003e\u003ccode\u003e7e6df71\u003c/code\u003e\u003c/a\u003e Address type issues found by \u003ccode\u003ety\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6ebfaab9ea718dce38a7c17ddafd7fb28b0468d4\"\u003e\u003ccode\u003e6ebfaab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/221\"\u003e#221\u003c/a\u003e from kjd/release-3.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/89cdfd27338896cee6b1ee18e64c96ac28684ce0\"\u003e\u003ccode\u003e89cdfd2\u003c/code\u003e\u003c/a\u003e Release v3.13\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.11...v3.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `isodate` from 0.6.1 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gweis/isodate/blob/master/CHANGES.txt\"\u003eisodate's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.7.2 (2024-10-08)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edrop end of life python versions\u003c/li\u003e\n\u003cli\u003eDon't match garbage characters at the end of parsed strings \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/16\"\u003e#16\u003c/a\u003e (Gabriel de Perthuis)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePotentially breaking changes:\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFractional seconds are cut off to microseconds (always round down)\u003c/li\u003e\n\u003cli\u003eAllow control over return type of parse_duration \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/64\"\u003e#64\u003c/a\u003e (Felix Claessen)\u003c/li\u003e\n\u003cli\u003ePython \u0026gt;= 3.7 required\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/4408b60fecfc682a021047b3e5d9095a8face012\"\u003e\u003ccode\u003e4408b60\u003c/code\u003e\u003c/a\u003e update changelog, release 0.7.2 (0.7.x so missed python version requirements ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/31ff7675fb64bf9d67a6de7f0cf6761b067a4cd5\"\u003e\u003ccode\u003e31ff767\u003c/code\u003e\u003c/a\u003e restrict to python\u0026gt;=3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/9443e63119579217699dce88b86753a81a9bec52\"\u003e\u003ccode\u003e9443e63\u003c/code\u003e\u003c/a\u003e some packaging updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/2ace19f248305e0063f4350b77aad91f00a801f6\"\u003e\u003ccode\u003e2ace19f\u003c/code\u003e\u003c/a\u003e modernise packaging\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/8856fdf0e46c7bca00229faa1aae6b7e8ad6e76c\"\u003e\u003ccode\u003e8856fdf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/70\"\u003e#70\u003c/a\u003e from kianmeng/fix-typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/14aefddd4952a29958f3110bd884bf90b9d5fa9a\"\u003e\u003ccode\u003e14aefdd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/66\"\u003e#66\u003c/a\u003e from isodate/test-gha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/68a4bbe0a460dc7a8f038fe0f3714851558c379d\"\u003e\u003ccode\u003e68a4bbe\u003c/code\u003e\u003c/a\u003e Join classifier string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/cc57560c10b7128840f133b6fc296dbf4d44d352\"\u003e\u003ccode\u003ecc57560\u003c/code\u003e\u003c/a\u003e Fix typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/c19e4c3ab2cb3adf10e278f4abce14d15ee66745\"\u003e\u003ccode\u003ec19e4c3\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/4a74ce214ba23ab6c0404a2ec31ab7429e8f42c6\"\u003e\u003ccode\u003e4a74ce2\u003c/code\u003e\u003c/a\u003e Update pre-commit\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gweis/isodate/compare/0.6.1...0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mashumaro` from 3.9 to 3.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Fatal1ty/mashumaro/releases\"\u003emashumaro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.21\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for recursive dataclasses in JSON Schema (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/308\"\u003e#308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed building JSON Schema for dataclasses with slots (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue with deferred evaluation of annotations for serialization strategies and serializable types that include PEP 695 generic type parameters (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/310\"\u003e#310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed errors for PEP 695 type aliases with generic arguments or cyclic references (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/311\"\u003e#311\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCode coverage report tool coveralls.io was replaced by codecov.io (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed propagation of \u003ccode\u003elazy_compilation\u003c/code\u003e config value in generic dataclasses with inheritance (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/319\"\u003e#319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded ability for serialization strategies to match subclasses (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/298\"\u003e#298\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.9 (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.20\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed type name for for PEP 695 types created with \u003ccode\u003etype\u003c/code\u003e keyword (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/305\"\u003e#305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for recursive types in JSON Schema (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/303\"\u003e#303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u0026quot;Trusted Publishing\u0026quot; workflow (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/304\"\u003e#304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed support for PEP 695 types created with \u003ccode\u003etype\u003c/code\u003e keyword in JSON Schema (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/301\"\u003e#301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed serialization problem when collections with passing through items were used with \u003ccode\u003eno_copy_collections\u003c/code\u003e in unions (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/302\"\u003e#302\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14 (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/285\"\u003e#285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved generating JSON Schema references and titles for generic dataclasses (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed JSON Schema for a generic dataclass with a field type \u003ccode\u003eT\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed ignoring \u003ccode\u003eNotRequired\u003c/code\u003e when using \u003ccode\u003efrom __future__ import annotations\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for user extra args in \u003ccode\u003efield_options\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved packaging by switching from setup.py to pyproject.toml (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.16\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for custom JSON Schema instance formats defined by users (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for \u003ccode\u003etyping.ReadOnly\u003c/code\u003e and \u003ccode\u003etyping_extensions.ReadOnly\u003c/code\u003e from PEP 705 (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eAttributeError\u003c/code\u003e when using generic \u003ccode\u003eSerializableType\u003c/code\u003e subclass (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved \u003ccode\u003eUnion\u003c/code\u003e and basic types deserialization (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/256\"\u003e#256\u003c/a\u003e), highlighted changes:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/69143a268e90c99b1e399fd5b79c1b8629255592\"\u003e\u003ccode\u003e69143a2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/5b74f3f5a7bc3e93d543be2db891815310b828cd\"\u003e\u003ccode\u003e5b74f3f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/325\"\u003e#325\u003c/a\u003e from Fatal1ty/py39-eol\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/01ae942e2beb488b2ab994e2c301e21af14f4588\"\u003e\u003ccode\u003e01ae942\u003c/code\u003e\u003c/a\u003e Remove KW_ONLY fallback import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/bb37ef408ca9d34f51177d490485966bb061bbfd\"\u003e\u003ccode\u003ebb37ef4\u003c/code\u003e\u003c/a\u003e Update black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/a895a7810aab7fe15103a3ff6489230eb30479e3\"\u003e\u003ccode\u003ea895a78\u003c/code\u003e\u003c/a\u003e Deprecate py39\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/447beeebaf7ca43bb79629d6bf428032efebbf94\"\u003e\u003ccode\u003e447beee\u003c/code\u003e\u003c/a\u003e Merge branch 'kdkavanagh-kdkavanagh/298'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/1a5b4c2b5165d4fcab2966123bd8dce46e7b0882\"\u003e\u003ccode\u003e1a5b4c2\u003c/code\u003e\u003c/a\u003e Improve test coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/e167f927a8115fc1b529532b7f63f967b50e7513\"\u003e\u003ccode\u003ee167f92\u003c/code\u003e\u003c/a\u003e Improve typing in _get_strategy_for_type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/35a894e652f31251434bf28332f2c8fbcd506606\"\u003e\u003ccode\u003e35a894e\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'kdkavanagh/kdkavanagh/298' into kdkavanagh-kdka...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/23c56adaa3569ba6b625ccee70f75e566d1c5141\"\u003e\u003ccode\u003e23c56ad\u003c/code\u003e\u003c/a\u003e Bad import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Fatal1ty/mashumaro/compare/v3.9...v3.21\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `networkx` from 3.4.2 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/networkx/networkx/releases\"\u003enetworkx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eNetworkX 3.6.1\u003c/h2\u003e\n\u003ch1\u003enetworkx 3.6.1\u003c/h1\u003e\n\u003cp\u003eWe're happy to announce the release of networkx 3.6.1!\u003c/p\u003e\n\u003ch2\u003eAPI Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd spectral bipartition community finding and greedy bipartition using node swaps (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8347\"\u003e#8347\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNodelists for \u003ccode\u003efrom_biadjacency_matrix\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/7993\"\u003e#7993\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdd spectral bipartition community finding and greedy bipartition using node swaps (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8347\"\u003e#8347\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix draw_networkx_nodes with list node_shape and add regression test (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8363\"\u003e#8363\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: allow graph subclasses to have additional arguments (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8369\"\u003e#8369\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDOC: Improve benchmarking readme (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8358\"\u003e#8358\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: More details re: RC releases in the release process devdocs (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8346\"\u003e#8346\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: clarify difference between G.nodes/G.nodes() and G.edges/G.edges() in tutorial (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8300\"\u003e#8300\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: Add blurb to contributor guide about drawing tests (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8370\"\u003e#8370\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: Fix underline lens in docstrings (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8371\"\u003e#8371\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eRolling back shortest paths links (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8373\"\u003e#8373\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMAINT: Replace string literal with comment (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8359\"\u003e#8359\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 in the actions group (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8360\"\u003e#8360\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003epin python 3.14 to be version 3.14.0 until dataclasses are fixed (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8365\"\u003e#8365\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBlocklist Python 3.14.1 (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8372\"\u003e#8372\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTST: add tests for unsupported graph types in MST algorithms (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8353\"\u003e#8353\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eTST: clean up isomorphism tests (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8364\"\u003e#8364\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eContributors\u003c/h2\u003e\n\u003cp\u003e10 authors added to this release (alphabetically):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Aka2210\"\u003e\u003ccode\u003e@​Aka2210\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jfinkels\"\u003e\u003ccode\u003e@​jfinkels\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaorTIRAM\"\u003e\u003ccode\u003e@​NaorTIRAM\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAditi Juneja (\u003ca href=\"https://github.com/Schefflera-Arboricola\"\u003e\u003ccode\u003e@​Schefflera-Arboricola\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAlejandro Candioti (\u003ca href=\"https://github.com/amcandio\"\u003e\u003ccode\u003e@​amcandio\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eColman Bouton (\u003ca href=\"https://github.com/LorentzFactor\"\u003e\u003ccode\u003e@​LorentzFactor\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/7530809bfa1ea7ed6fdf918a4d1431488953cb1f\"\u003e\u003ccode\u003e7530809\u003c/code\u003e\u003c/a\u003e Designate 3.6.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/4788eb08f2492dd6bf6f97ce8ee07cd52aa6cf89\"\u003e\u003ccode\u003e4788eb0\u003c/code\u003e\u003c/a\u003e Rolling back shortest paths links (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8373\"\u003e#8373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/696edb6efbbbb622959e96f1276fc0db68dc0954\"\u003e\u003ccode\u003e696edb6\u003c/code\u003e\u003c/a\u003e Fix draw_networkx_nodes with list node_shape and add regression test  (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8363\"\u003e#8363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/c38830c61a6fee3ee10f216071bb63cb9b92bfb9\"\u003e\u003ccode\u003ec38830c\u003c/code\u003e\u003c/a\u003e Blocklist Python 3.14.1 (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8372\"\u003e#8372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/81d231141b08600ebfd1c781e28ecbf791e94016\"\u003e\u003ccode\u003e81d2311\u003c/code\u003e\u003c/a\u003e DOC: Fix underline lens in docstrings. (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8371\"\u003e#8371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/a6e2bfadef51dda47df6466b32642e0d428c5801\"\u003e\u003ccode\u003ea6e2bfa\u003c/code\u003e\u003c/a\u003e DOC: Add blurb to contributor guide about drawing tests. (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8370\"\u003e#8370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/96b628295eff29d266e1c75355556fc9fe58cc16\"\u003e\u003ccode\u003e96b6282\u003c/code\u003e\u003c/a\u003e DOC: clarify difference between G.nodes/G.nodes() and G.edges/G.edges() in tu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/75bdd737ca8382d06eb76ff9018a81870c9f3443\"\u003e\u003ccode\u003e75bdd73\u003c/code\u003e\u003c/a\u003e Fix: allow graph subclasses to have additional arguments (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8369\"\u003e#8369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/7663fa5e5fd73d6921410a18c7ac4116ffa04f4d\"\u003e\u003ccode\u003e7663fa5\u003c/code\u003e\u003c/a\u003e TST: clean up isomorphism tests (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8364\"\u003e#8364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/3dacd1bdcbd976b9e148a60ddebafd868c0a52f3\"\u003e\u003ccode\u003e3dacd1b\u003c/code\u003e\u003c/a\u003e Add spectral bipartition community finding and greedy bipartition using node ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/networkx/networkx/compare/networkx-3.4.2...networkx-3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `packaging` from 26.0 to 26.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/packaging/releases\"\u003epackaging's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e26.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eFixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect sysconfig var name for pyemscripten by \u003ca href=\"https://github.com/ryanking13\"\u003e\u003ccode\u003e@​ryanking13\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1160\"\u003epypa/packaging#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eVersion\u003c/code\u003e, \u003ccode\u003eSpecifier\u003c/code\u003e, \u003ccode\u003eSpecifierSet\u003c/code\u003e, \u003ccode\u003eTag\u003c/code\u003e, \u003ccode\u003eMarker\u003c/code\u003e, and \u003ccode\u003eRequirement\u003c/code\u003e pickle-safe\nand backward-compatible with pickles created in 25.0-26.1 (including references to the removed\n\u003ccode\u003epackaging._structures\u003c/code\u003e module) by \u003ca href=\"https://github.com/eachimei\"\u003e\u003ccode\u003e@​eachimei\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1163\"\u003epypa/packaging#1163\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1168\"\u003epypa/packaging#1168\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1170\"\u003epypa/packaging#1170\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1171\"\u003epypa/packaging#1171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: re-export ExceptionGroup for now by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1164\"\u003epypa/packaging#1164\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDocumentation:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add errors section and fix missing details by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1159\"\u003epypa/packaging#1159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(dev): document property-based test suite by \u003ca href=\"https://github.com/r266-tech\"\u003e\u003ccode\u003e@​r266-tech\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1167\"\u003epypa/packaging#1167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in DirectUrl documentation by \u003ca href=\"https://github.com/sbidoul\"\u003e\u003ccode\u003e@​sbidoul\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1169\"\u003epypa/packaging#1169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(specifiers): add is_unsatisfiable() usage example by \u003ca href=\"https://github.com/r266-tech\"\u003e\u003ccode\u003e@​r266-tech\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1166\"\u003epypa/packaging#1166\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eInternal:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnable the auditor persona on zizmor by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1158\"\u003epypa/packaging#1158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest new pickle guarantees by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1174\"\u003epypa/packaging#1174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse native uv integration in rtd by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1175\"\u003epypa/packaging#1175\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ryanking13\"\u003e\u003ccode\u003e@​ryanking13\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1160\"\u003epypa/packaging#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eachimei\"\u003e\u003ccode\u003e@​eachimei\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1163\"\u003epypa/packaging#1163\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/packaging/compare/26.1...26.2\"\u003ehttps://github.com/pypa/packaging/compare/26.1...26.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e26.1\u003c/h2\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cdel\u003ePEP 783: add handling for Emscripten wheel tags by \u003ca href=\"https://github.com/hoodmane\"\u003e\u003ccode\u003e@​hoodmane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/804\"\u003epypa/packaging#804\u003c/a\u003e\u003c/del\u003e (old name used in implementation, will be fixed in next release)\u003c/li\u003e\n\u003cli\u003ePEP 803: add handling for the \u003ccode\u003eabi3.abi3t\u003c/code\u003e free-threading tag by \u003ca href=\"https://github.com/ngoldbaum\"\u003e\u003ccode\u003e@​ngoldbaum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1099\"\u003epypa/packaging#1099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePEP 723: add \u003ccode\u003epackaging.dependency_groups\u003c/code\u003e module, based on the \u003ccode\u003edependency-groups\u003c/code\u003e package by \u003ca href=\"https://github.com/sirosen\"\u003e\u003ccode\u003e@​sirosen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1065\"\u003epypa/packaging#1065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.direct_url\u003c/code\u003e module by \u003ca href=\"https://github.com/sbidoul\"\u003e\u003ccode\u003e@​sbidoul\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/944\"\u003epypa/packaging#944\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.errors\u003c/code\u003e module by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1071\"\u003epypa/packaging#1071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSpecifierSet.is_unsatisfiable\u003c/code\u003e using ranges (new internals that will be expanded in future versions) by \u003ca href=\"https://github.com/notatallshaw\"\u003e\u003ccode\u003e@​notatallshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1119\"\u003epypa/packaging#1119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecreate_compatible_tags_selector\u003c/code\u003e to select compatible tags by \u003ca href=\"https://github.com/sbidoul\"\u003e\u003ccode\u003e@​sbidoul\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1110\"\u003epypa/packaging#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a \u003ccode\u003ekey\u003c/code\u003e argument to \u003ccode\u003eSpecifierSet.filter()\u003c/code\u003e by \u003ca href=\"https://github.com/frostming\"\u003e\u003ccode\u003e@​frostming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1068\"\u003epypa/packaging#1068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e\u0026amp;\u003c/code\u003e and \u003ccode\u003e|\u003c/code\u003e for \u003ccode\u003eMarker\u003c/code\u003e's by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1146\"\u003epypa/packaging#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNormalize \u003ccode\u003eVersion.__replace__\u003c/code\u003e and add \u003ccode\u003eVersion.from_parts\u003c/code\u003e by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1078\"\u003epypa/packaging#1078\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd an option to validate compressed tag set sort order in \u003ccode\u003eparse_wheel_filename\u003c/code\u003e by \u003ca href=\"https://github.com/r266-tech\"\u003e\u003ccode\u003e@​r266-tech\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1150\"\u003epypa/packaging#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBehavior adaptations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNarrow exclusion of pre-releases for \u003ccode\u003e\u0026lt;V.postN\u003c/code\u003e to match spec by \u003ca href=\"https://github.com/notatallshaw\"\u003e\u003ccode\u003e@​notatallshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1140\"\u003epypa/packaging#1140\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/packaging/blob/main/CHANGELOG.rst\"\u003epackaging's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e26.2 - 2026-04-24\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\nFixes:\n\u003cul\u003e\n\u003cli\u003eFix incorrect sysconfig var name for pyemscripten in (:pull:\u003ccode\u003e1160\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eVersion\u003c/code\u003e, \u003ccode\u003eSpecifier\u003c/code\u003e, \u003ccode\u003eSpecifierSet\u003c/code\u003e, \u003ccode\u003eTag\u003c/code\u003e, \u003ccode\u003eMarker\u003c/code\u003e, and \u003ccode\u003eRequirement\u003c/code\u003e pickle-safe\u003cbr /\u003e\nand backward-compatible with pickles created in 25.0-26.1 (including references to the removed\u003cbr /\u003e\n\u003ccode\u003epackaging._structures\u003c/code\u003e module) (:pull:\u003ccode\u003e1163\u003c/code\u003e, :pull:\u003ccode\u003e1168\u003c/code\u003e, :pull:\u003ccode\u003e1170\u003c/code\u003e, :pull:\u003ccode\u003e1171\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eRe-export \u003ccode\u003eExceptionGroup\u003c/code\u003e in metadata for now in (:pull:\u003ccode\u003e1164\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDocumentation:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd errors section and fix missing details in (:pull:\u003ccode\u003e1159\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eDocument our property-based test suite in (:pull:\u003ccode\u003e1167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eFix a \u003ccode\u003eDirectUrl\u003c/code\u003e typo in (:pull:\u003ccode\u003e1169\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd example of \u003ccode\u003eis_unsatisfiable\u003c/code\u003e in (:pull:\u003ccode\u003e1166\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eInternal:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnable the auditor persona on zizmor in (:pull:\u003ccode\u003e1158\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eTest new pickle guarantees in (:pull:\u003ccode\u003e1174\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eUse new native ReadTheDocs uv integration in (:pull:\u003ccode\u003e1175\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e26.1 - 2026-04-14\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePEP 783: add handling for Emscripten wheel tags in (:pull:\u003ccode\u003e804\u003c/code\u003e) (old name used in implementation, fixed in next release)\u003c/li\u003e\n\u003cli\u003ePEP 803: add handling for the \u003ccode\u003eabi3.abi3t\u003c/code\u003e free-threading tag in (:pull:\u003ccode\u003e1099\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ePEP 723: add \u003ccode\u003epackaging.dependency_groups\u003c/code\u003e module, based on the \u003ccode\u003edependency-groups\u003c/code\u003e package in (:pull:\u003ccode\u003e1065\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.direct_url\u003c/code\u003e module in (:pull:\u003ccode\u003e944\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.errors\u003c/code\u003e module in (:pull:\u003ccode\u003e1071\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSpecifierSet.is_unsatisfiable\u003c/code\u003e using rang...\n\n_Description has been truncated_","html_url":"https://github.com/antithesishq/materialize-poc/pull/79","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/antithesishq%2Fmaterialize-poc/issues/79","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/79/packages"},{"uuid":"4425816311","node_id":"PR_kwDOSEHuZs7agIbu","number":14,"state":"closed","title":"deps(py): bump the python-minor group across 1 directory with 39 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T05:19:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-12T02:55:59.000Z","updated_at":"2026-05-19T05:19:30.000Z","time_to_close":613409,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(py): bump","group_name":"python-minor","update_count":39,"packages":[{"name":"anyio","old_version":"4.12.1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"cachetools","old_version":"7.0.4","new_version":"7.1.1","repository_url":"https://github.com/tkem/cachetools"},{"name":"charset-normalizer","old_version":"3.4.6","new_version":"3.4.7","repository_url":"https://github.com/jawah/charset_normalizer"},{"name":"choreographer","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/plotly/choreographer"},{"name":"click","old_version":"8.3.1","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"duckdb","old_version":"1.5.0","new_version":"1.5.2","repository_url":"https://github.com/duckdb/duckdb-python"},{"name":"flask-wtf","old_version":"1.2.2","new_version":"1.3.0","repository_url":"https://github.com/pallets-eco/flask-wtf"},{"name":"greenlet","old_version":"3.3.2","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"idna","old_version":"3.11","new_version":"3.14","repository_url":"https://github.com/kjd/idna"},{"name":"ipython","old_version":"9.11.0","new_version":"9.13.0","repository_url":"https://github.com/ipython/ipython"},{"name":"jedi","old_version":"0.19.2","new_version":"0.20.0","repository_url":"https://github.com/davidhalter/jedi"},{"name":"kaleido","old_version":"1.2.0","new_version":"1.3.0","repository_url":"https://github.com/plotly/kaleido"},{"name":"markdown-it-py","old_version":"4.0.0","new_version":"4.2.0","repository_url":"https://github.com/executablebooks/markdown-it-py"},{"name":"matplotlib-inline","old_version":"0.2.1","new_version":"0.2.2","repository_url":"https://github.com/ipython/matplotlib-inline"},{"name":"mcp","old_version":"1.26.0","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/python-sdk"},{"name":"py-vollib","old_version":"1.0.1","new_version":"1.0.7","repository_url":"https://github.com/vollib/py_vollib"},{"name":"narwhals","old_version":"2.18.0","new_version":"2.21.0","repository_url":"https://github.com/narwhals-dev/narwhals"},{"name":"numpy","old_version":"2.4.3","new_version":"2.4.4","repository_url":"https://github.com/numpy/numpy"},{"name":"openalgo","old_version":"1.0.47","new_version":"1.0.49","repository_url":"https://github.com/openalgo/openalgo-python"},{"name":"orjson","old_version":"3.11.7","new_version":"3.11.9","repository_url":"https://github.com/ijl/orjson"},{"name":"parso","old_version":"0.8.6","new_version":"0.8.7","repository_url":"https://github.com/davidhalter/parso"},{"name":"platformdirs","old_version":"4.9.4","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"plotly","old_version":"6.6.0","new_version":"6.7.0","repository_url":"https://github.com/plotly/plotly.py"},{"name":"pydantic","old_version":"2.12.5","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-core","old_version":"2.41.5","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-settings","old_version":"2.13.1","new_version":"2.14.1","repository_url":"https://github.com/pydantic/pydantic-settings"},{"name":"python-multipart","old_version":"0.0.22","new_version":"0.0.28","repository_url":"https://github.com/Kludex/python-multipart"},{"name":"python-telegram-bot","old_version":"22.6","new_version":"22.7","repository_url":"https://github.com/python-telegram-bot/python-telegram-bot"},{"name":"pytz","old_version":"2026.1.post1","new_version":"2026.2","repository_url":"https://github.com/stub42/pytz"},{"name":"requests","old_version":"2.33.0","new_version":"2.34.0","repository_url":"https://github.com/psf/requests"},{"name":"sqlalchemy","old_version":"2.0.48","new_version":"2.0.49","repository_url":"https://github.com/sqlalchemy/sqlalchemy"},{"name":"traitlets","old_version":"5.14.3","new_version":"5.15.0","repository_url":"https://github.com/ipython/traitlets"},{"name":"urllib3","old_version":"2.6.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.42.0","new_version":"0.46.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"wcwidth","old_version":"0.6.0","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"werkzeug","old_version":"3.1.6","new_version":"3.1.8","repository_url":"https://github.com/pallets/werkzeug"},{"name":"wheel","old_version":"0.46.3","new_version":"0.47.0","repository_url":"https://github.com/pypa/wheel"},{"name":"wtforms","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/pallets-eco/wtforms"},{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the python-minor group with 39 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [anyio](https://github.com/agronholm/anyio) | `4.12.1` | `4.13.0` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.0.4` | `7.1.1` |\n| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.6` | `3.4.7` |\n| [choreographer](https://github.com/plotly/choreographer) | `1.2.1` | `1.3.0` |\n| [click](https://github.com/pallets/click) | `8.3.1` | `8.3.3` |\n| [duckdb](https://github.com/duckdb/duckdb-python) | `1.5.0` | `1.5.2` |\n| [flask-wtf](https://github.com/pallets-eco/flask-wtf) | `1.2.2` | `1.3.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.3.2` | `3.5.0` |\n| [idna](https://github.com/kjd/idna) | `3.11` | `3.14` |\n| [ipython](https://github.com/ipython/ipython) | `9.11.0` | `9.13.0` |\n| [jedi](https://github.com/davidhalter/jedi) | `0.19.2` | `0.20.0` |\n| [kaleido](https://github.com/plotly/kaleido) | `1.2.0` | `1.3.0` |\n| [markdown-it-py](https://github.com/executablebooks/markdown-it-py) | `4.0.0` | `4.2.0` |\n| [matplotlib-inline](https://github.com/ipython/matplotlib-inline) | `0.2.1` | `0.2.2` |\n| [mcp](https://github.com/modelcontextprotocol/python-sdk) | `1.26.0` | `1.27.1` |\n| [py-vollib](https://github.com/vollib/py_vollib) | `1.0.1` | `1.0.7` |\n| [narwhals](https://github.com/narwhals-dev/narwhals) | `2.18.0` | `2.21.0` |\n| [numpy](https://github.com/numpy/numpy) | `2.4.3` | `2.4.4` |\n| [openalgo](https://github.com/openalgo/openalgo-python) | `1.0.47` | `1.0.49` |\n| [orjson](https://github.com/ijl/orjson) | `3.11.7` | `3.11.9` |\n| [parso](https://github.com/davidhalter/parso) | `0.8.6` | `0.8.7` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.4` | `4.9.6` |\n| [plotly](https://github.com/plotly/plotly.py) | `6.6.0` | `6.7.0` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.5` | `2.46.4` |\n| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.13.1` | `2.14.1` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.22` | `0.0.28` |\n| [python-telegram-bot](https://github.com/python-telegram-bot/python-telegram-bot) | `22.6` | `22.7` |\n| [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` |\n| [requests](https://github.com/psf/requests) | `2.33.0` | `2.34.0` |\n| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.48` | `2.0.49` |\n| [traitlets](https://github.com/ipython/traitlets) | `5.14.3` | `5.15.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.42.0` | `0.46.0` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.6.0` | `0.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `3.1.6` | `3.1.8` |\n| [wheel](https://github.com/pypa/wheel) | `0.46.3` | `0.47.0` |\n| [wtforms](https://github.com/pallets-eco/wtforms) | `3.2.1` | `3.2.2` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `3.23.1` |\n\n\nUpdates `anyio` from 4.12.1 to 4.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/agronholm/anyio/releases\"\u003eanyio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9\u003c/li\u003e\n\u003cli\u003eAdded a \u003ccode\u003ettl\u003c/code\u003e parameter to the \u003ccode\u003eanyio.functools.lru_cache\u003c/code\u003e wrapper (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1073\"\u003e#1073\u003c/a\u003e; PR by \u003ca href=\"https://github.com/Graeme22\"\u003e\u003ccode\u003e@​Graeme22\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWidened the type annotations of file I/O streams to accept \u003ccode\u003eIO[bytes]\u003c/code\u003e instead of just \u003ccode\u003eBinaryIO\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1078\"\u003e#1078\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eanyio.Path\u003c/code\u003e not being compatible with Python 3.15 due to the removal of \u003ccode\u003epathlib.Path.is_reserved()\u003c/code\u003e and the addition of \u003ccode\u003epathlib.Path.__vfspath__()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1061\"\u003e#1061\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eBrokenResourceError\u003c/code\u003e raised by the asyncio \u003ccode\u003eSocketStream\u003c/code\u003e not having the original exception as its cause (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1055\"\u003e#1055\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eTypeError\u003c/code\u003e raised when using \u0026quot;func\u0026quot; as a parameter name in \u003ccode\u003epytest.mark.parametrize\u003c/code\u003e when using the pytest plugin (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1068\"\u003e#1068\u003c/a\u003e; PR by \u003ca href=\"https://github.com/JohnnyDeuss\"\u003e\u003ccode\u003e@​JohnnyDeuss\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the pytest plugin not running tests that had the \u003ccode\u003eanyio\u003c/code\u003e marker added programmatically via \u003ccode\u003epytest_collection_modifyitems\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/422\"\u003e#422\u003c/a\u003e; PR by \u003ca href=\"https://github.com/chbndrhnns\"\u003e\u003ccode\u003e@​chbndrhnns\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when they are contained in an exception group alongside non-cancellation exceptions (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1091\"\u003e#1091\u003c/a\u003e; PR by \u003ca href=\"https://github.com/gschaffner\"\u003e\u003ccode\u003e@​gschaffner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCondition.wait()\u003c/code\u003e not passing on a notification when the task is cancelled but already received a notification\u003c/li\u003e\n\u003cli\u003eFixed inverted condition in the process pool shutdown phase which would cause still-running pooled processes not to be terminated (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1074\"\u003e#1074\u003c/a\u003e; PR by \u003ca href=\"https://github.com/bysiber\"\u003e\u003ccode\u003e@​bysiber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/afbe93ca9d0c447adf26e9c1715ac20870622bf2\"\u003e\u003ccode\u003eafbe93c\u003c/code\u003e\u003c/a\u003e Bumped up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/33bdf2e4b4f40c2df178123746147a6d2471808d\"\u003e\u003ccode\u003e33bdf2e\u003c/code\u003e\u003c/a\u003e Rearranged the changelog entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/19e09e25bc5a23dd78a577d8c3909dd377057c78\"\u003e\u003ccode\u003e19e09e2\u003c/code\u003e\u003c/a\u003e Fixed inverted condition in _forcibly_shutdown_process_pool_on_exit (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1074\"\u003e#1074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/9369d80b9e8292f2a892a9d5c73923c6a28aa08c\"\u003e\u003ccode\u003e9369d80\u003c/code\u003e\u003c/a\u003e Fixed Condition.wait() not handing over notification when cancelled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/6f122abdc6f6b166c6b6ac27d36d55cdf8fa08e8\"\u003e\u003ccode\u003e6f122ab\u003c/code\u003e\u003c/a\u003e Fixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/beaa45aff568a4020f2faf317321dd92f0e1f4a0\"\u003e\u003ccode\u003ebeaa45a\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/602f6606dcf3f37702686a4f3e161328c537b07f\"\u003e\u003ccode\u003e602f660\u003c/code\u003e\u003c/a\u003e Widened type annotations to accept IO[bytes] in file streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/b5dcd45170701a756ba634197398f05d4710cab3\"\u003e\u003ccode\u003eb5dcd45\u003c/code\u003e\u003c/a\u003e Added note about erasing the template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/d68670b3b4e0917d4caff2de082e03220f3e05a1\"\u003e\u003ccode\u003ed68670b\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1090\"\u003e#1090\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/fc17a22dd948e6a3d90d99908813f0010dfc3d2c\"\u003e\u003ccode\u003efc17a22\u003c/code\u003e\u003c/a\u003e tweak to_thread docs about abandon_on_cancel (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1088\"\u003e#1088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/agronholm/anyio/compare/4.12.1...4.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.0.4 to 7.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.1 (2026-05-03)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eVarious type stub improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.0 (2026-05-01)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type stubs based on the work of the good people at \u003ccode\u003etypeshed \u0026lt;https://github.com/python/typeshed/tree/main/stubs/cachetools/\u0026gt;\u003c/code\u003e__.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate unit tests.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.6 (2026-04-20)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor code improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate project URLs.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate CI environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.5 (2026-03-09)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor \u003ccode\u003e@cachedmethod\u003c/code\u003e performance improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/2e6a2d21c44e83b56c06cc9dd738e5b7a097ce6a\"\u003e\u003ccode\u003e2e6a2d2\u003c/code\u003e\u003c/a\u003e Release v7.1.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/cc065582849e3658d2c92aac0f5c2b6271ed077f\"\u003e\u003ccode\u003ecc06558\u003c/code\u003e\u003c/a\u003e Minor typing improvements.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/193dd62d9be4e1099039e8fba59a1fe50e8f4d08\"\u003e\u003ccode\u003e193dd62\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/tkem/cachetools/issues/393\"\u003e#393\u003c/a\u003e: Improve ambiguous overloads for decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/1ea3422e058ef8b6b7dc15beb9d44d8f7c195a62\"\u003e\u003ccode\u003e1ea3422\u003c/code\u003e\u003c/a\u003e Bump release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/d9874465a6ab6f9d1d56cef91370f9c237a7eca6\"\u003e\u003ccode\u003ed987446\u003c/code\u003e\u003c/a\u003e Release v7.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/3d79e80a4a54892d1552cd17da8e27920c1918d8\"\u003e\u003ccode\u003e3d79e80\u003c/code\u003e\u003c/a\u003e Update Copilot Instructions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/83fe6bc78d0155a0036dda8a8eb1a2ddb8f26c60\"\u003e\u003ccode\u003e83fe6bc\u003c/code\u003e\u003c/a\u003e Add tox pyright check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/bd3fbc49212eb948e08e9c478e5901f1293fd1f4\"\u003e\u003ccode\u003ebd3fbc4\u003c/code\u003e\u003c/a\u003e Improve typing support.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/09dd6fec4b1b2339451ab26d1ca3c7a049b8c38c\"\u003e\u003ccode\u003e09dd6fe\u003c/code\u003e\u003c/a\u003e Improve original type stubs from typeshed.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/873c7013ea92b16f2f24a6001e625fabfdf951a5\"\u003e\u003ccode\u003e873c701\u003c/code\u003e\u003c/a\u003e Add typeshed typings.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.0.4...v7.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `charset-normalizer` from 3.4.6 to 3.4.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/releases\"\u003echarset-normalizer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.4.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md\"\u003echarset-normalizer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/0f07891bf516b5d5231f1bd4dd2d8da7d4d09a9a\"\u003e\u003ccode\u003e0f07891\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/729\"\u003e#729\u003c/a\u003e from jawah/release-3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/fdbeb299479e8f4d737e4d227cd0b2bd5d273dc0\"\u003e\u003ccode\u003efdbeb29\u003c/code\u003e\u003c/a\u003e chore: update dev, and ci requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b66f922bfbdbdd9dd46af18a8964d4fb888756d4\"\u003e\u003ccode\u003eb66f922\u003c/code\u003e\u003c/a\u003e chore: add ft classifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/f94249d0a2c712f2d03124f4de6b77f5e03aaa96\"\u003e\u003ccode\u003ef94249d\u003c/code\u003e\u003c/a\u003e chore: add test cases for utf_7 recent fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/95c866f6c984bbd043e7e3ed0628aa4f3f8d5a26\"\u003e\u003ccode\u003e95c866f\u003c/code\u003e\u003c/a\u003e chore: bump version to 3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/4f429bb764c7e893f99bb4bceb60856da1baacfb\"\u003e\u003ccode\u003e4f429bb\u003c/code\u003e\u003c/a\u003e chore: bump mypy pre-commit to v1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b579cd6cab9bd83aa3fc0ca169d4df022bf4888c\"\u003e\u003ccode\u003eb579cd6\u003c/code\u003e\u003c/a\u003e fix: correctly remove SIG remnant in utf-7 decoded string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/58bf944a77cc0883fc46a6ee8edac3549fea5d59\"\u003e\u003ccode\u003e58bf944\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump github/codeql-action from 4.32.4 to 4.35.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/44cf8a1b676a2532a8f1694e62e4f4f98f9132e1\"\u003e\u003ccode\u003e44cf8a1\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump actions/download-artifact from 8.0.0 to 8.0.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/362bc20073f737b1ba4ca2f68cffb0c4cc024d20\"\u003e\u003ccode\u003e362bc20\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/725\"\u003e#725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jawah/charset_normalizer/compare/3.4.6...3.4.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `choreographer` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/choreographer/blob/main/CHANGELOG.txt\"\u003echoreographer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.3.0\nv1.3.0rc2\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCheck path validity for browser with is_file()\u003c/li\u003e\n\u003cli\u003eAdd option --verify_local in choreo_diagnose and fix local reporting logic\nv1.3.0rc1\u003c/li\u003e\n\u003cli\u003eWe now look for old download path as well as new download path\nv1.3.0rc0\u003c/li\u003e\n\u003cli\u003eChange to process group for better killing of multi-process chrome\u003c/li\u003e\n\u003cli\u003eAdd argument to Session/Target \u003ccode\u003esend_command(..., *, with_perf: bool)\u003c/code\u003e to\nreturn timing information about browser write/read.\u003c/li\u003e\n\u003cli\u003eUpdate default chrome from 135.0.7011.0/1418433 to 144.0.7527.0/1544685\u003c/li\u003e\n\u003cli\u003eFix: New chrome takes longer/doesn't populate targets right away, so add a\nretry loop to populate targets\u003c/li\u003e\n\u003cli\u003eAlter \u003ccode\u003eget_chrome\u003c/code\u003e verbose to print whole JSON\u003c/li\u003e\n\u003cli\u003eChange chrome download path to use XDG cache dir\u003c/li\u003e\n\u003cli\u003eDon't download chrome if we already have that version: add force argument\u003c/li\u003e\n\u003cli\u003eRemove unused system inspection code\u003c/li\u003e\n\u003cli\u003eAdd a set of helper functions to await for tab loading and send javascript\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/92147b1ccf024ae647f29ebf43057564011e06c9\"\u003e\u003ccode\u003e92147b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/296\"\u003e#296\u003c/a\u003e from plotly/cam/update-changelog-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/8851fc919bc7dfb27a48541543f1ff195c48eda3\"\u003e\u003ccode\u003e8851fc9\u003c/code\u003e\u003c/a\u003e Updates to release version v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/3128bddf909381a2b4205f0e28c0c3cb8b13498c\"\u003e\u003ccode\u003e3128bdd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/288\"\u003e#288\u003c/a\u003e from plotly/andrew/more_local_logic\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/a6f478e00fb81ad22db7c7c1d31028fb4ab20311\"\u003e\u003ccode\u003ea6f478e\u003c/code\u003e\u003c/a\u003e Add to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/953e19ad5dc395a3554cfbaf25599a8a3db6d933\"\u003e\u003ccode\u003e953e19a\u003c/code\u003e\u003c/a\u003e Check browser is file whwen checking path validity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/d062e355b819b84e57060d4e48fbe2aa6f063259\"\u003e\u003ccode\u003ed062e35\u003c/code\u003e\u003c/a\u003e Change default setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c0c97fc64a55c773dd7484674996cf55d74249a1\"\u003e\u003ccode\u003ec0c97fc\u003c/code\u003e\u003c/a\u003e Add option to verify local with choreo_diagnose\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/7ade1922269a6999c06f2ff92b34a1770bba6d3e\"\u003e\u003ccode\u003e7ade192\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/286\"\u003e#286\u003c/a\u003e from plotly/andrew/roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/edf284c8973dd9dc7f7b2f77a53481fe6f0d2671\"\u003e\u003ccode\u003eedf284c\u003c/code\u003e\u003c/a\u003e Update Roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c1b7abce535feb79748c888ba1130b985c13eb3f\"\u003e\u003ccode\u003ec1b7abc\u003c/code\u003e\u003c/a\u003e Changelog\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/choreographer/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.1 to 8.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.3.3\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.3/\"\u003ehttps://pypi.org/project/click/8.3.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-3\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/1026\"\u003e#1026\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/1477\"\u003e#1477\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2775\"\u003e#2775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3298\"\u003e#3298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3299\"\u003e#3299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3238\"\u003e#3238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3224\"\u003e#3224\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/654\"\u003e#654\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/824\"\u003e#824\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/843\"\u003e#843\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/951\"\u003e#951\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3235\"\u003e#3235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3177\"\u003e#3177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2836\"\u003e#2836\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2837\"\u003e#2837\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3165\"\u003e#3165\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3262\"\u003e#3262\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3280\"\u003e#3280\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3111\"\u003e#3111\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3189\"\u003e#3189\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3250\"\u003e#3250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2865\"\u003e#2865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2879\"\u003e#2879\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.2\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.2/\"\u003ehttps://pypi.org/project/click/8.3.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-2\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/29\"\u003ehttps://github.com/pallets/click/milestone/29\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.3.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-20\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n:issue:\u003ccode\u003e1026\u003c/code\u003e :pr:\u003ccode\u003e1477\u003c/code\u003e :pr:\u003ccode\u003e2775\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. :issue:\u003ccode\u003e3298\u003c/code\u003e :pr:\u003ccode\u003e3299\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. :pr:\u003ccode\u003e3238\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n:issue:\u003ccode\u003e3224\u003c/code\u003e :pr:\u003ccode\u003e3240\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n:issue:\u003ccode\u003e654\u003c/code\u003e :issue:\u003ccode\u003e824\u003c/code\u003e :issue:\u003ccode\u003e843\u003c/code\u003e :pr:\u003ccode\u003e951\u003c/code\u003e :pr:\u003ccode\u003e3235\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. :pr:\u003ccode\u003e3151\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. :pr:\u003ccode\u003e3151\u003c/code\u003e :pr:\u003ccode\u003e3177\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. :issue:\u003ccode\u003e2836\u003c/code\u003e :pr:\u003ccode\u003e2837\u003c/code\u003e :pr:\u003ccode\u003e3165\u003c/code\u003e :pr:\u003ccode\u003e3262\u003c/code\u003e :pr:\u003ccode\u003e3280\u003c/code\u003e\n:pr:\u003ccode\u003e3328\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. :issue:\u003ccode\u003e3111\u003c/code\u003e :pr:\u003ccode\u003e3239\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. :issue:\u003ccode\u003e3189\u003c/code\u003e :pr:\u003ccode\u003e3250\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n:issue:\u003ccode\u003e2865\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. :issue:\u003ccode\u003e2879\u003c/code\u003e :pr:\u003ccode\u003e3248\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 8.3.2\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eflag_value\u003c/code\u003e when \u003ccode\u003eis_flag=False\u003c/code\u003e to allow such options to be\nused without an explicit value. :issue:\u003ccode\u003e3084\u003c/code\u003e :pr:\u003ccode\u003e3152\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eHide \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values as \u003ccode\u003eNone\u003c/code\u003e when using \u003ccode\u003elookup_default()\u003c/code\u003e.\n:issue:\u003ccode\u003e3136\u003c/code\u003e :pr:\u003ccode\u003e3199\u003c/code\u003e :pr:\u003ccode\u003e3202\u003c/code\u003e :pr:\u003ccode\u003e3209\u003c/code\u003e :pr:\u003ccode\u003e3212\u003c/code\u003e :pr:\u003ccode\u003e3224\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c06d2d0a6aee6bcc50bd8257be2a4a592f4e75d0\"\u003e\u003ccode\u003ec06d2d0\u003c/code\u003e\u003c/a\u003e Release 8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/f1f191ecd2c790b161187c78e7c88440e9524e5c\"\u003e\u003ccode\u003ef1f191e\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3343\"\u003e#3343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/bb59ba0fd279ca085d1113f0499b6a602ca31081\"\u003e\u003ccode\u003ebb59ba0\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4a352253c9ff013e36d11e4a6820d36d00ff2cd4\"\u003e\u003ccode\u003e4a35225\u003c/code\u003e\u003c/a\u003e Reduce blast-radius of \u003ccode\u003eUNSET\u003c/code\u003e in \u003ccode\u003edefault_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c07bb936de43fd303f9cfbefe248ab23fd2199c8\"\u003e\u003ccode\u003ec07bb93\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into unset-in-default-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c7e1ba8448cbcb2cdd9c1c7f4a592e863dcc3995\"\u003e\u003ccode\u003ec7e1ba8\u003c/code\u003e\u003c/a\u003e Reorder \u003ccode\u003eParameterSource\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/76552ff1e8c85837f911fc34037e702ae4327eda\"\u003e\u003ccode\u003e76552ff\u003c/code\u003e\u003c/a\u003e Show default string in prompt (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/ac5cec5fe54e5a691e7bac17f441ce9498e0744c\"\u003e\u003ccode\u003eac5cec5\u003c/code\u003e\u003c/a\u003e Reorder ParameterSource from most to least explicit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c452e00e6772931b7071d9316b82b77e5b8f280\"\u003e\u003ccode\u003e8c452e0\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into show-default-string-in-prompt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c95c73bd5ef89eac638f85f1904a104ba4b1a32\"\u003e\u003ccode\u003e8c95c73\u003c/code\u003e\u003c/a\u003e Reconcile default value passing and default activation (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.1...8.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `duckdb` from 1.5.0 to 1.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/duckdb/duckdb-python/releases\"\u003educkdb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.5.2 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eSee the DuckDB core release notes here: \u003ca href=\"https://github.com/duckdb/duckdb/releases/tag/v1.5.2\"\u003ehttps://github.com/duckdb/duckdb/releases/tag/v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed in duckdb-python\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hints overhaul by \u003ca href=\"https://github.com/OutSquareCapital\"\u003e\u003ccode\u003e@​OutSquareCapital\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/352\"\u003educkdb/duckdb-python#352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache arrow schema for streaming types by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/423\"\u003educkdb/duckdb-python#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix segfault on join with None by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/422\"\u003educkdb/duckdb-python#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stubs for path_or_buffer param by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/425\"\u003educkdb/duckdb-python#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.5.1 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eDuckDB core v1.5.1 Changelog: \u003ca href=\"https://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-added basic support for the GEOMETRY type\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/2aea44eeae35b9c77dc2ff672634034a75c9bb16\"\u003e\u003ccode\u003e2aea44e\u003c/code\u003e\u003c/a\u003e pin submodule at release hash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/3aa2bf2022b91dc9a96c3f91c8bb1fb0296586ef\"\u003e\u003ccode\u003e3aa2bf2\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/018fe057d5a003355deb4213a894af559a947aa7\"\u003e\u003ccode\u003e018fe05\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/0ef05d69fc8a123cf532f3ffb3e088212bbbfaf7\"\u003e\u003ccode\u003e0ef05d6\u003c/code\u003e\u003c/a\u003e Fix segfault on join with None (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/4acb9f71e00c5002d3ab3aba78a172df8f7ebbc4\"\u003e\u003ccode\u003e4acb9f7\u003c/code\u003e\u003c/a\u003e Fix segfault on join\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/6f161de62403c209633fcbd52c6c0403dadef7da\"\u003e\u003ccode\u003e6f161de\u003c/code\u003e\u003c/a\u003e Cache arrow schema for streaming types (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/87d6a319674c5e2fb855e140bf539e997e978a2e\"\u003e\u003ccode\u003e87d6a31\u003c/code\u003e\u003c/a\u003e Add CLAUDE.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/ae356cb03926372b9cd3736f39662efd25bb4915\"\u003e\u003ccode\u003eae356cb\u003c/code\u003e\u003c/a\u003e Cache the arrow schema for streams so we don't need an active client context\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/b71639f215d29c4f8b1c53cb3d7cf45603f4c5d2\"\u003e\u003ccode\u003eb71639f\u003c/code\u003e\u003c/a\u003e Test that client context stays open on arrow streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/305d11457efd4ca0767cad0868b16310b04160a7\"\u003e\u003ccode\u003e305d114\u003c/code\u003e\u003c/a\u003e fix spark test (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/duckdb/duckdb-python/compare/v1.5.0...v1.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask-wtf` from 1.2.2 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/releases\"\u003eflask-wtf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epre-commit autoupdate by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/607\"\u003epallets-eco/flask-wtf#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove slsa provenance by \u003ca href=\"https://github.com/davidism\"\u003e\u003ccode\u003e@​davidism\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/638\"\u003epallets-eco/flask-wtf#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport for Python 3.14 by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/648\"\u003epallets-eco/flask-wtf#648\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry not to read uploaded files into memory by \u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/649\"\u003epallets-eco/flask-wtf#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReCaptcha field testing mode documentation by \u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow nonce in reCaptcha by \u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCSRF meta tag helper by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/674\"\u003epallets-eco/flask-wtf#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewidget support the kwargs to add custom html attributes by \u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect exempts in CSRFProtect.protect() by \u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding RECAPTCHA_ENABLE to disable recaptcha by \u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CSRF Documentation by \u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ehttps://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/blob/main/docs/changes.rst\"\u003eflask-wtf's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.3.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-23\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't read the whole uploaded files to know their size. :pr:\u003ccode\u003e635\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eStop support for Python 3.9. Start support for Python 3.14. :pr:\u003ccode\u003e648\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv. :pr:\u003ccode\u003e649\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAllow setting a \u003ccode\u003enonce\u003c/code\u003e on :class:\u003ccode\u003e~flask_wtf.recaptcha.RecaptchaField\u003c/code\u003e\n(string or zero-argument callable) for nonce-based Content Security\nPolicies. :pr:\u003ccode\u003e312\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecsrf_meta_tag()\u003c/code\u003e helper and \u003ccode\u003eWTF_CSRF_META_NAME\u003c/code\u003e setting to render\nthe CSRF token as an HTML \u003ccode\u003e\u0026lt;meta\u0026gt;\u003c/code\u003e tag.\u003c/li\u003e\n\u003cli\u003eForward keyword arguments passed to the reCAPTCHA widget as HTML attributes\non the captcha \u003ccode\u003e\u0026lt;div\u0026gt;\u003c/code\u003e, with the field id used as a default \u003ccode\u003eid\u003c/code\u003e.\n:pr:\u003ccode\u003e353\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eapply_exemptions\u003c/code\u003e parameter to\n:meth:\u003ccode\u003e~flask_wtf.csrf.CSRFProtect.protect\u003c/code\u003e so \u003ccode\u003e@csrf.exempt\u003c/code\u003e keeps working\nwhen validation is triggered manually. :pr:\u003ccode\u003e419\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRECAPTCHA_ENABLED\u003c/code\u003e setting. :pr:\u003ccode\u003e509\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/63eb4d3bd55735fc136bdc6f23a90ca2b220b602\"\u003e\u003ccode\u003e63eb4d3\u003c/code\u003e\u003c/a\u003e chore: bump to v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/192ece3da0d98682c13e12574d7b1fc938bdd8e8\"\u003e\u003ccode\u003e192ece3\u003c/code\u003e\u003c/a\u003e Improve CSRF Documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/1f8522d4a362ee66ab12a1ebf55379501dfcef0d\"\u003e\u003ccode\u003e1f8522d\u003c/code\u003e\u003c/a\u003e Adding RECAPTCHA_ENABLE to disable recaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/64b9215be16dc123f7eb187494dbba6bd0e5c2cd\"\u003e\u003ccode\u003e64b9215\u003c/code\u003e\u003c/a\u003e Respect exempts in CSRFProtect.protect() (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/419\"\u003e#419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/adf674f80c5c5e55c050729e3ec086b4d6cb0f26\"\u003e\u003ccode\u003eadf674f\u003c/code\u003e\u003c/a\u003e widget support the kwargs to add custom html attributes (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/353\"\u003e#353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ea1f797112f857c783dcd2c6e3954357df8e1bb7\"\u003e\u003ccode\u003eea1f797\u003c/code\u003e\u003c/a\u003e feat: CSRF meta tag helper (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/412e3efda3703b141ca75afbcbf0538a7797b713\"\u003e\u003ccode\u003e412e3ef\u003c/code\u003e\u003c/a\u003e Allow nonce in reCaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/a7b764a1fa8f4ea960d81104c364a2d29429e1b8\"\u003e\u003ccode\u003ea7b764a\u003c/code\u003e\u003c/a\u003e ReCaptcha field testing mode documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/650\"\u003e#650\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/c053c0ec11560e68e558636962bbec1115a7ae2a\"\u003e\u003ccode\u003ec053c0e\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump pytest from 9.0.1 to 9.0.3 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ca2216cdf72717aa3c2355ba5f454080c78d9273\"\u003e\u003ccode\u003eca2216c\u003c/code\u003e\u003c/a\u003e chore(deps): bump uv from 0.9.11 to 0.11.6 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `greenlet` from 3.3.2 to 3.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst\"\u003egreenlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.5.0 (2026-04-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove the \u003ccode\u003eatexit\u003c/code\u003e callback. This callback caused greenlet APIs\nto become unavailable far too soon during interpreter shutdown. Now\nthey remain available while all \u003ccode\u003eatexit\u003c/code\u003e callbacks run. Sometime\nafter \u003ccode\u003ePy_IsFinalizing\u003c/code\u003e becomes true, they may begin misbehaving.\nBecause the order in which C extensions are finalized is undefined,\nC extensions that are sensitive to this need to check the results of\nthat function before invoking greenlet APIs. As a convenience,\n\u003ccode\u003ePyGreenlet_GetCurrent\u003c/code\u003e sets an exception and returns \u003ccode\u003eNULL\u003c/code\u003e\nwhen this happens (and \u003ccode\u003egreenlet.getcurrent\u003c/code\u003e begins returning\n\u003ccode\u003eNone\u003c/code\u003e); other greenlet C API functions have undefined behaviour.\nMethods invoked directly on pre-existing \u003ccode\u003egreenlet.greenlet\u003c/code\u003e\nobjects will continue to function at least until the greenlet C\nextension has been garbage collected and finalized.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 508 \u0026lt;https://github.com/python-greenlet/greenlet/pull/508\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.4.0 (2026-04-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePublish binary wheels for RiscV 64.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix multiple rare crash paths during interpreter shutdown.\u003c/p\u003e\n\u003cp\u003eNote that this now relies on the \u003ccode\u003eatexit\u003c/code\u003e module, and introduces\nsubtle API changes during interpreter shutdown (for example,\n\u003ccode\u003egetcurrent\u003c/code\u003e is no longer available once the \u003ccode\u003eatexit\u003c/code\u003e callback fires).\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR [#499](https://github.com/python-greenlet/greenlet/issues/499) \u0026lt;https://github.com/python-greenlet/greenlet/pull/499\u0026gt;\u003c/code\u003e_ by Nicolas\nBouvrette.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress the results of an automated code audit performed by\nDaniel Diniz. This includes several minor correctness changes that\ntheoretically could have been crashing bugs, but typically only in\nvery rare circumstances.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 502 \u0026lt;https://github.com/python-greenlet/greenlet/pull/502\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix several race conditions that could arise in free-threaded\nbuilds when using greenlet objects from multiple threads, some of\nwhich could lead to assertion failures or interpreter crashes.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003eissue 503 \u0026lt;https://github.com/python-greenlet/greenlet/issues/503\u0026gt;\u003c/code\u003e_, with\nthanks to Nitay Dariel and Daniel Diniz.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/c7acc72000572811d6462ebe01733a974f194990\"\u003e\u003ccode\u003ec7acc72\u003c/code\u003e\u003c/a\u003e Preparing release 3.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/d08f99bf40801c5d57af6e13631c0ba68300ecf7\"\u003e\u003ccode\u003ed08f99b\u003c/code\u003e\u003c/a\u003e CHANGES: Update link from \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/507\"\u003e#507\u003c/a\u003e to more full description in \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/fd3391e33cedc7a17a86059f18dfbec2b3a320bd\"\u003e\u003ccode\u003efd3391e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e from python-greenlet/issue507-remove-atexit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/004e1e9bd5c0fa49c66b733c28ec92a3cd41fe09\"\u003e\u003ccode\u003e004e1e9\u003c/code\u003e\u003c/a\u003e Remove the atexit callback.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/b784a69a0da6abd6e66b15a2c1415d272fdd1292\"\u003e\u003ccode\u003eb784a69\u003c/code\u003e\u003c/a\u003e Back to development: 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/df6734edbef6a0e54ecc4ba4735d93ae6d721095\"\u003e\u003ccode\u003edf6734e\u003c/code\u003e\u003c/a\u003e Preparing release 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/0f860756608b767b2ed70f935053b319d1a1b828\"\u003e\u003ccode\u003e0f86075\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/504\"\u003e#504\u003c/a\u003e from python-greenlet/freethreading-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/459657482f3efaee294edff672bde45ac3fac208\"\u003e\u003ccode\u003e4596574\u003c/code\u003e\u003c/a\u003e TLBC: crash appears to still happen on CI 3.14t ubuntu. Re-enable workaround.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/2f4a1cf53fa282ab28ea4815164a9cb09b9320ce\"\u003e\u003ccode\u003e2f4a1cf\u003c/code\u003e\u003c/a\u003e Make green_switch (python level greenlet.switch) and green_throw check for (p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/a0c2a2a7519985d5fe2c034a54f1a0fed82a5905\"\u003e\u003ccode\u003ea0c2a2a\u003c/code\u003e\u003c/a\u003e Fix unused variable warning when asserts are disabled.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-greenlet/greenlet/compare/3.3.2...3.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.11 to 3.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.14 (2026-05-10)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [GHSA-65pc-fj4g-8rjx]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.13 (2026-04-22)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.12 (2026-04-21)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/37b6b7497aee4805f7a74a7d86206ac05be9669a\"\u003e\u003ccode\u003e37b6b74\u003c/code\u003e\u003c/a\u003e Release v3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead\"\u003e\u003ccode\u003e628fef8\u003c/code\u003e\u003c/a\u003e Use valid_string_length() for early oversized-input check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1e26c7fd93c67995422af9d1f071f45ee6433fd0\"\u003e\u003ccode\u003e1e26c7f\u003c/code\u003e\u003c/a\u003e Tweak release wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ab5668fb6eaf4254d91d6993c0b23e98e21202fb\"\u003e\u003ccode\u003eab5668f\u003c/code\u003e\u003c/a\u003e Pre-release 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c0dda4501df5d91c3181ce6f962dc5de74e82cc1\"\u003e\u003ccode\u003ec0dda45\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b7391f4c240bf2eae80eaed0a2ef7c2e0496af96\"\u003e\u003ccode\u003eb7391f4\u003c/code\u003e\u003c/a\u003e Add docstrings to package (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0f4a28d88f8cce54269f0b6a42edf5e6a5424319\"\u003e\u003ccode\u003e0f4a28d\u003c/code\u003e\u003c/a\u003e Raise IDNAError on non-string input to encode/decode (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/224\"\u003e#224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7e6df7196e6396b5b84b9530eab8272b5ad51898\"\u003e\u003ccode\u003e7e6df71\u003c/code\u003e\u003c/a\u003e Address type issues found by \u003ccode\u003ety\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6ebfaab9ea718dce38a7c17ddafd7fb28b0468d4\"\u003e\u003ccode\u003e6ebfaab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/221\"\u003e#221\u003c/a\u003e from kjd/release-3.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/89cdfd27338896cee6b1ee18e64c96ac28684ce0\"\u003e\u003ccode\u003e89cdfd2\u003c/code\u003e\u003c/a\u003e Release v3.13\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.11...v3.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ipython` from 9.11.0 to 9.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/7c1654dcb4bc0d4c841fbee1f5abf7c6c6007111\"\u003e\u003ccode\u003e7c1654d\u003c/code\u003e\u003c/a\u003e release 9.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/d7cd8a44234ddbdba782a42fce7893a4ff4529f4\"\u003e\u003ccode\u003ed7cd8a4\u003c/code\u003e\u003c/a\u003e Fix reStructuredText heading underline consistency in whatsnew (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15189\"\u003e#15189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/6542c95bef054c7ed4c1725047726b7140fe0e4d\"\u003e\u003ccode\u003e6542c95\u003c/code\u003e\u003c/a\u003e Fix RST header levels in whatsnew/version9.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/0ca3e92249fb0af429b40e4827000955d5ceeeb3\"\u003e\u003ccode\u003e0ca3e92\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13 (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15188\"\u003e#15188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/9c8ce1184eceb865d392b39030d6c670caea89c5\"\u003e\u003ccode\u003e9c8ce11\u003c/code\u003e\u003c/a\u003e Revert release.py change, keep as dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1fb2f7dc221e9b889d857b79c38704eab594d4c0\"\u003e\u003ccode\u003e1fb2f7d\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/be4179d1ba8b5c4e0f0d35a7d2f1654fd15c96e3\"\u003e\u003ccode\u003ebe4179d\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15184\"\u003e#15184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1ec6bc9ca9558877b5bfccf66c22e8e61ceba83d\"\u003e\u003ccode\u003e1ec6bc9\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/c6f48bceeec68b6ad9b9e6270eee9a7f4277b245\"\u003e\u003ccode\u003ec6f48bc\u003c/code\u003e\u003c/a\u003e solves \u003ca href=\"https://redirect.github.com/ipython/ipython/issues/14901\"\u003e#14901\u003c/a\u003e illegible yellow string on yellow background issue (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15156\"\u003e#15156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/8635f71fc551d76f017ad47c826bb7c7bfcb6b24\"\u003e\u003ccode\u003e8635f71\u003c/code\u003e\u003c/a\u003e fix: CapturedIO.\u003cstrong\u003einit\u003c/strong\u003e type annotations to accept Optional[StringIO] (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15172\"\u003e#15172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ipython/ipython/compare/9.11.0...9.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jedi` from 0.19.2 to 0.20.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidhalter/jedi/blob/master/CHANGELOG.rst\"\u003ejedi's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e0.20.0 (2026-05-02)\n+++++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3.14 support\u003c/li\u003e\n\u003cli\u003eRemoved support for Python 3.8 and 3.9\u003c/li\u003e\n\u003cli\u003eUpgraded Typeshed\u003c/li\u003e\n\u003cli\u003eBetter support for Final/ClassVar\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e__new__\u003c/code\u003e is now also recognized as a signature and TypeVar inference\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eSelf\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eTypeAlias\u003c/code\u003e, generics for \u003ccode\u003etype[...]\u003c/code\u003e and \u003ccode\u003etuple[...]\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/3102215478fe07b965dcd8221c17436d1dd7e8ac\"\u003e\u003ccode\u003e3102215\u003c/code\u003e\u003c/a\u003e Move the type parameter syntax tests so that it works for all versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/1b37f2eb946e825cbc2887c6dd34ee046f0ae68c\"\u003e\u003ccode\u003e1b37f2e\u003c/code\u003e\u003c/a\u003e Prepare for the 0.20.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8e4df5cc0ec511db1af6d358182b1fb7c1e0cbff\"\u003e\u003ccode\u003e8e4df5c\u003c/code\u003e\u003c/a\u003e Make sure the new generic syntax does not fail with latest parso\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/4c9dbcca0329454b638bfa32e2825bedcfdf0eac\"\u003e\u003ccode\u003e4c9dbcc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/davidhalter/jedi/issues/2098\"\u003e#2098\u003c/a\u003e from davidhalter/updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/fedb1a5eb0d74446f6d431db2920ab5f1e1d5b18\"\u003e\u003ccode\u003efedb1a5\u003c/code\u003e\u003c/a\u003e Fix 3.10 tests in one more case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/87e782f9c82de7297e243a770ac8888570bffa8e\"\u003e\u003ccode\u003e87e782f\u003c/code\u003e\u003c/a\u003e Fix flake8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/cd52d982e10ac54f0ebef06e0bd414f79589998a\"\u003e\u003ccode\u003ecd52d98\u003c/code\u003e\u003c/a\u003e Fixes to get the tests passing for 3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/d0b11806d4d1def377234bc2dc512992c997a977\"\u003e\u003ccode\u003ed0b1180\u003c/code\u003e\u003c/a\u003e Finally make tests work for 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8520a9958b489bd8d30cf20b4d2798f7289aab45\"\u003e\u003ccode\u003e8520a99\u003c/code\u003e\u003c/a\u003e Implement support for TypeVar inference for \u003cstrong\u003enew\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/55e5f0cb92dd92d5bdc80ecfc38664a1afd921d1\"\u003e\u003ccode\u003e55e5f0c\u003c/code\u003e\u003c/a\u003e Implement new-style unions with TypeVars\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidhalter/jedi/compare/v0.19.2...v0.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kaleido` from 1.2.0 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/kaleido/releases\"\u003ekaleido's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/Kaleido/blob/master/CHANGELOG.md\"\u003ekaleido's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.3.0rc0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b7a00c41895ab71b67e5b89b40f186c3f1cecbed\"\u003e\u003ccode\u003eb7a00c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/451\"\u003e#451\u003c/a\u003e from plotly/release-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/423a4f1cc6cbc701f9238281d63324508f12a272\"\u003e\u003ccode\u003e423a4f1\u003c/code\u003e\u003c/a\u003e Update setuptools config to find required subpackages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/28131a743143cc5d134c6e962b603ff3a5ed6253\"\u003e\u003ccode\u003e28131a7\u003c/code\u003e\u003c/a\u003e Updates for release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f72dc86fa75afbca8756fcd9c9b5af550f038d75\"\u003e\u003ccode\u003ef72dc86\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/366\"\u003e#366\u003c/a\u003e from tschm/patch-3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0c5e89030709bc873806c08542ae66afea304f71\"\u003e\u003ccode\u003e0c5e890\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/450\"\u003e#450\u003c/a\u003e from plotly/cam/js-dependency-updates-may-2026\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/4e95de54ad7874e254665444070cf613104749f5\"\u003e\u003ccode\u003e4e95de5\u003c/code\u003e\u003c/a\u003e Bump pygments from 2.19.2 to 2.20.0 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/90ddc9d7e83d4b27cc11a44a9ca15c5d2c6c5688\"\u003e\u003ccode\u003e90ddc9d\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.2.3 to 2.6.3 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f9b850eb38d7d9bb3f24258012d776f03ad355a0\"\u003e\u003ccode\u003ef9b850e\u003c/code\u003e\u003c/a\u003e chore: Update JS dependencies for security fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0978e65f23fbba486d005df1508e008a080d20e4\"\u003e\u003ccode\u003e0978e65\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/432\"\u003e#432\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/minimatch-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b639582c0416f48a682ad01d157af22881d94f75\"\u003e\u003ccode\u003eb639582\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/429\"\u003e#429\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/qs-6.14.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/kaleido/compare/v1.2.0...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it-py` from 4.0.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/executablebooks/markdown-it-py/releases\"\u003emarkdown-it-py's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003emake_fence_rule()\u003c/code\u003e factory for configurable fence markers by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/394\"\u003eexecutablebooks/markdown-it-py#394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🚀 RELEASE v4.2.0 by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/395\"\u003eexecutablebooks/markdown-it-py#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003e--stdin\u003c/code\u003e option to CLI by \u003ca href=\"https://github.com/mcepl\"\u003e\u003ccode\u003e@​mcepl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/379\"\u003eexecutablebooks/markdown-it-py#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd AGENTS.md and copilot-setup-steps workflow by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/380\"\u003eexecutablebooks/markdown-it-py#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔧 Add typing to Scanner by \u003ca href=\"https://github.com/Alunderin\"\u003e\u003ccode\u003e@​Alunderin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/382\"\u003eexecutablebooks/markdown-it-py#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e👌 Fix quadratic complexity in \u003ccode\u003efragments_join\u003c/code\u003e / \u003ccode\u003etext_join\u003c/code\u003e by \u003ca href=\"https://github.com/petricevich\"\u003e\u003ccode\u003e@​petricevich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/389\"\u003eexecutablebooks/markdown-it-py#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨Allow plugins to register inline terminator characters by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/391\"\u003eexecutablebooks/markdown-it-py#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Add \u003ccode\u003egfm-like2\u003c/code\u003e preset with task lists, alerts, and single-tilde strikethrough by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/388\"\u003eexecutablebooks/markdown-it-py#388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔧 Update pre-commit hooks by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/392\"\u003eexecutablebooks/markdown-it-py#392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🚀 RELEASE v4.1.0 by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/393\"\u003eexecutablebooks/markdown-it-py#393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mcepl\"\u003e\u003ccode\u003e@​mcepl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/379\"\u003eexecutablebooks/markdown-it-py#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/380\"\u003eexecutablebooks/markdown-it-py#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Alunderin\"\u003e\u003ccode\u003e@​Alunderin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/382\"\u003eexecutablebooks/markdown-it-py#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petricevich\"\u003e\u003ccode\u003e@​petricevich\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/389\"\u003eexecutablebooks/markdown-it-py#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/executablebooks/markdown-it-py/compare/v4.0.0...v4.1.0\"\u003ehttps://github.com/executablebooks/markdown-it-py/compare/v4.0.0...v4.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/executablebooks/markdown-it-py/blob/master/CHANGELOG.md\"\u003emarkdown-it-py's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 - 2026-05-07\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003emake_fence_rule()\u003c/code\u003e factory for configurable fence markers in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/394\"\u003e#394\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 - 2025-05-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003egfm-like2\u003c/code\u003e preset with task lists, alerts, and single-tilde striketh...\n\n_Description has been truncated_","html_url":"https://github.com/vijayverma-techy/OPENALGO/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vijayverma-techy%2FOPENALGO/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4425760124","node_id":"PR_kwDOR5r03M7af9XF","number":15,"state":"closed","title":"deps(py): bump the python-minor group across 1 directory with 44 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T04:59:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-12T02:40:35.000Z","updated_at":"2026-05-19T04:59:39.000Z","time_to_close":613143,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(py): bump","group_name":"python-minor","update_count":44,"packages":[{"name":"anyio","old_version":"4.12.1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"cachetools","old_version":"7.0.4","new_version":"7.1.1","repository_url":"https://github.com/tkem/cachetools"},{"name":"charset-normalizer","old_version":"3.4.6","new_version":"3.4.7","repository_url":"https://github.com/jawah/charset_normalizer"},{"name":"choreographer","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/plotly/choreographer"},{"name":"click","old_version":"8.3.1","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"duckdb","old_version":"1.5.0","new_version":"1.5.2","repository_url":"https://github.com/duckdb/duckdb-python"},{"name":"flask-wtf","old_version":"1.2.2","new_version":"1.3.0","repository_url":"https://github.com/pallets-eco/flask-wtf"},{"name":"greenlet","old_version":"3.3.2","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"idna","old_version":"3.11","new_version":"3.14","repository_url":"https://github.com/kjd/idna"},{"name":"ipython","old_version":"9.11.0","new_version":"9.13.0","repository_url":"https://github.com/ipython/ipython"},{"name":"jedi","old_version":"0.19.2","new_version":"0.20.0","repository_url":"https://github.com/davidhalter/jedi"},{"name":"kaleido","old_version":"1.2.0","new_version":"1.3.0","repository_url":"https://github.com/plotly/kaleido"},{"name":"llvmlite","old_version":"0.46.0b1","new_version":"0.47.0","repository_url":"https://github.com/numba/llvmlite"},{"name":"markdown-it-py","old_version":"4.0.0","new_version":"4.2.0","repository_url":"https://github.com/executablebooks/markdown-it-py"},{"name":"matplotlib-inline","old_version":"0.2.1","new_version":"0.2.2","repository_url":"https://github.com/ipython/matplotlib-inline"},{"name":"mcp","old_version":"1.26.0","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/python-sdk"},{"name":"py-vollib","old_version":"1.0.1","new_version":"1.0.7","repository_url":"https://github.com/vollib/py_vollib"},{"name":"narwhals","old_version":"2.18.0","new_version":"2.21.0","repository_url":"https://github.com/narwhals-dev/narwhals"},{"name":"numba","old_version":"0.64.0","new_version":"0.65.1","repository_url":"https://github.com/numba/numba"},{"name":"numpy","old_version":"2.4.3","new_version":"2.4.4","repository_url":"https://github.com/numpy/numpy"},{"name":"openalgo","old_version":"1.0.46","new_version":"1.0.49","repository_url":"https://github.com/openalgo/openalgo-python"},{"name":"orjson","old_version":"3.11.7","new_version":"3.11.9","repository_url":"https://github.com/ijl/orjson"},{"name":"parso","old_version":"0.8.6","new_version":"0.8.7","repository_url":"https://github.com/davidhalter/parso"},{"name":"pillow","old_version":"12.1.1","new_version":"12.2.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"platformdirs","old_version":"4.9.4","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"plotly","old_version":"6.6.0","new_version":"6.7.0","repository_url":"https://github.com/plotly/plotly.py"},{"name":"pydantic","old_version":"2.12.5","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-core","old_version":"2.41.5","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-settings","old_version":"2.13.1","new_version":"2.14.1","repository_url":"https://github.com/pydantic/pydantic-settings"},{"name":"pygments","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pytest","old_version":"9.0.2","new_version":"9.0.3","repository_url":"https://github.com/pytest-dev/pytest"},{"name":"python-multipart","old_version":"0.0.22","new_version":"0.0.28","repository_url":"https://github.com/Kludex/python-multipart"},{"name":"python-telegram-bot","old_version":"22.6","new_version":"22.7","repository_url":"https://github.com/python-telegram-bot/python-telegram-bot"},{"name":"pytz","old_version":"2026.1.post1","new_version":"2026.2","repository_url":"https://github.com/stub42/pytz"},{"name":"requests","old_version":"2.33.0","new_version":"2.34.0","repository_url":"https://github.com/psf/requests"},{"name":"sqlalchemy","old_version":"2.0.48","new_version":"2.0.49","repository_url":"https://github.com/sqlalchemy/sqlalchemy"},{"name":"traitlets","old_version":"5.14.3","new_version":"5.15.0","repository_url":"https://github.com/ipython/traitlets"},{"name":"urllib3","old_version":"2.6.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.42.0","new_version":"0.46.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"wcwidth","old_version":"0.6.0","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"werkzeug","old_version":"3.1.6","new_version":"3.1.8","repository_url":"https://github.com/pallets/werkzeug"},{"name":"wheel","old_version":"0.46.3","new_version":"0.47.0","repository_url":"https://github.com/pypa/wheel"},{"name":"wtforms","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/pallets-eco/wtforms"},{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the python-minor group with 44 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [anyio](https://github.com/agronholm/anyio) | `4.12.1` | `4.13.0` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.0.4` | `7.1.1` |\n| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.6` | `3.4.7` |\n| [choreographer](https://github.com/plotly/choreographer) | `1.2.1` | `1.3.0` |\n| [click](https://github.com/pallets/click) | `8.3.1` | `8.3.3` |\n| [duckdb](https://github.com/duckdb/duckdb-python) | `1.5.0` | `1.5.2` |\n| [flask-wtf](https://github.com/pallets-eco/flask-wtf) | `1.2.2` | `1.3.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.3.2` | `3.5.0` |\n| [idna](https://github.com/kjd/idna) | `3.11` | `3.14` |\n| [ipython](https://github.com/ipython/ipython) | `9.11.0` | `9.13.0` |\n| [jedi](https://github.com/davidhalter/jedi) | `0.19.2` | `0.20.0` |\n| [kaleido](https://github.com/plotly/kaleido) | `1.2.0` | `1.3.0` |\n| [llvmlite](https://github.com/numba/llvmlite) | `0.46.0b1` | `0.47.0` |\n| [markdown-it-py](https://github.com/executablebooks/markdown-it-py) | `4.0.0` | `4.2.0` |\n| [matplotlib-inline](https://github.com/ipython/matplotlib-inline) | `0.2.1` | `0.2.2` |\n| [mcp](https://github.com/modelcontextprotocol/python-sdk) | `1.26.0` | `1.27.1` |\n| [py-vollib](https://github.com/vollib/py_vollib) | `1.0.1` | `1.0.7` |\n| [narwhals](https://github.com/narwhals-dev/narwhals) | `2.18.0` | `2.21.0` |\n| [numba](https://github.com/numba/numba) | `0.64.0` | `0.65.1` |\n| [numpy](https://github.com/numpy/numpy) | `2.4.3` | `2.4.4` |\n| [openalgo](https://github.com/openalgo/openalgo-python) | `1.0.46` | `1.0.49` |\n| [orjson](https://github.com/ijl/orjson) | `3.11.7` | `3.11.9` |\n| [parso](https://github.com/davidhalter/parso) | `0.8.6` | `0.8.7` |\n| [pillow](https://github.com/python-pillow/Pillow) | `12.1.1` | `12.2.0` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.4` | `4.9.6` |\n| [plotly](https://github.com/plotly/plotly.py) | `6.6.0` | `6.7.0` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.5` | `2.46.4` |\n| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.13.1` | `2.14.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.19.2` | `2.20.0` |\n| [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.22` | `0.0.28` |\n| [python-telegram-bot](https://github.com/python-telegram-bot/python-telegram-bot) | `22.6` | `22.7` |\n| [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` |\n| [requests](https://github.com/psf/requests) | `2.33.0` | `2.34.0` |\n| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.48` | `2.0.49` |\n| [traitlets](https://github.com/ipython/traitlets) | `5.14.3` | `5.15.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.42.0` | `0.46.0` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.6.0` | `0.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `3.1.6` | `3.1.8` |\n| [wheel](https://github.com/pypa/wheel) | `0.46.3` | `0.47.0` |\n| [wtforms](https://github.com/pallets-eco/wtforms) | `3.2.1` | `3.2.2` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `3.23.1` |\n\n\nUpdates `anyio` from 4.12.1 to 4.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/agronholm/anyio/releases\"\u003eanyio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9\u003c/li\u003e\n\u003cli\u003eAdded a \u003ccode\u003ettl\u003c/code\u003e parameter to the \u003ccode\u003eanyio.functools.lru_cache\u003c/code\u003e wrapper (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1073\"\u003e#1073\u003c/a\u003e; PR by \u003ca href=\"https://github.com/Graeme22\"\u003e\u003ccode\u003e@​Graeme22\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWidened the type annotations of file I/O streams to accept \u003ccode\u003eIO[bytes]\u003c/code\u003e instead of just \u003ccode\u003eBinaryIO\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1078\"\u003e#1078\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eanyio.Path\u003c/code\u003e not being compatible with Python 3.15 due to the removal of \u003ccode\u003epathlib.Path.is_reserved()\u003c/code\u003e and the addition of \u003ccode\u003epathlib.Path.__vfspath__()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1061\"\u003e#1061\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eBrokenResourceError\u003c/code\u003e raised by the asyncio \u003ccode\u003eSocketStream\u003c/code\u003e not having the original exception as its cause (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1055\"\u003e#1055\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eTypeError\u003c/code\u003e raised when using \u0026quot;func\u0026quot; as a parameter name in \u003ccode\u003epytest.mark.parametrize\u003c/code\u003e when using the pytest plugin (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1068\"\u003e#1068\u003c/a\u003e; PR by \u003ca href=\"https://github.com/JohnnyDeuss\"\u003e\u003ccode\u003e@​JohnnyDeuss\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the pytest plugin not running tests that had the \u003ccode\u003eanyio\u003c/code\u003e marker added programmatically via \u003ccode\u003epytest_collection_modifyitems\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/422\"\u003e#422\u003c/a\u003e; PR by \u003ca href=\"https://github.com/chbndrhnns\"\u003e\u003ccode\u003e@​chbndrhnns\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when they are contained in an exception group alongside non-cancellation exceptions (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1091\"\u003e#1091\u003c/a\u003e; PR by \u003ca href=\"https://github.com/gschaffner\"\u003e\u003ccode\u003e@​gschaffner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCondition.wait()\u003c/code\u003e not passing on a notification when the task is cancelled but already received a notification\u003c/li\u003e\n\u003cli\u003eFixed inverted condition in the process pool shutdown phase which would cause still-running pooled processes not to be terminated (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1074\"\u003e#1074\u003c/a\u003e; PR by \u003ca href=\"https://github.com/bysiber\"\u003e\u003ccode\u003e@​bysiber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/afbe93ca9d0c447adf26e9c1715ac20870622bf2\"\u003e\u003ccode\u003eafbe93c\u003c/code\u003e\u003c/a\u003e Bumped up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/33bdf2e4b4f40c2df178123746147a6d2471808d\"\u003e\u003ccode\u003e33bdf2e\u003c/code\u003e\u003c/a\u003e Rearranged the changelog entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/19e09e25bc5a23dd78a577d8c3909dd377057c78\"\u003e\u003ccode\u003e19e09e2\u003c/code\u003e\u003c/a\u003e Fixed inverted condition in _forcibly_shutdown_process_pool_on_exit (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1074\"\u003e#1074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/9369d80b9e8292f2a892a9d5c73923c6a28aa08c\"\u003e\u003ccode\u003e9369d80\u003c/code\u003e\u003c/a\u003e Fixed Condition.wait() not handing over notification when cancelled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/6f122abdc6f6b166c6b6ac27d36d55cdf8fa08e8\"\u003e\u003ccode\u003e6f122ab\u003c/code\u003e\u003c/a\u003e Fixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/beaa45aff568a4020f2faf317321dd92f0e1f4a0\"\u003e\u003ccode\u003ebeaa45a\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/602f6606dcf3f37702686a4f3e161328c537b07f\"\u003e\u003ccode\u003e602f660\u003c/code\u003e\u003c/a\u003e Widened type annotations to accept IO[bytes] in file streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/b5dcd45170701a756ba634197398f05d4710cab3\"\u003e\u003ccode\u003eb5dcd45\u003c/code\u003e\u003c/a\u003e Added note about erasing the template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/d68670b3b4e0917d4caff2de082e03220f3e05a1\"\u003e\u003ccode\u003ed68670b\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1090\"\u003e#1090\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/fc17a22dd948e6a3d90d99908813f0010dfc3d2c\"\u003e\u003ccode\u003efc17a22\u003c/code\u003e\u003c/a\u003e tweak to_thread docs about abandon_on_cancel (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1088\"\u003e#1088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/agronholm/anyio/compare/4.12.1...4.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.0.4 to 7.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.1 (2026-05-03)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eVarious type stub improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.0 (2026-05-01)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type stubs based on the work of the good people at \u003ccode\u003etypeshed \u0026lt;https://github.com/python/typeshed/tree/main/stubs/cachetools/\u0026gt;\u003c/code\u003e__.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate unit tests.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.6 (2026-04-20)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor code improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate project URLs.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate CI environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.5 (2026-03-09)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor \u003ccode\u003e@cachedmethod\u003c/code\u003e performance improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/2e6a2d21c44e83b56c06cc9dd738e5b7a097ce6a\"\u003e\u003ccode\u003e2e6a2d2\u003c/code\u003e\u003c/a\u003e Release v7.1.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/cc065582849e3658d2c92aac0f5c2b6271ed077f\"\u003e\u003ccode\u003ecc06558\u003c/code\u003e\u003c/a\u003e Minor typing improvements.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/193dd62d9be4e1099039e8fba59a1fe50e8f4d08\"\u003e\u003ccode\u003e193dd62\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/tkem/cachetools/issues/393\"\u003e#393\u003c/a\u003e: Improve ambiguous overloads for decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/1ea3422e058ef8b6b7dc15beb9d44d8f7c195a62\"\u003e\u003ccode\u003e1ea3422\u003c/code\u003e\u003c/a\u003e Bump release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/d9874465a6ab6f9d1d56cef91370f9c237a7eca6\"\u003e\u003ccode\u003ed987446\u003c/code\u003e\u003c/a\u003e Release v7.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/3d79e80a4a54892d1552cd17da8e27920c1918d8\"\u003e\u003ccode\u003e3d79e80\u003c/code\u003e\u003c/a\u003e Update Copilot Instructions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/83fe6bc78d0155a0036dda8a8eb1a2ddb8f26c60\"\u003e\u003ccode\u003e83fe6bc\u003c/code\u003e\u003c/a\u003e Add tox pyright check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/bd3fbc49212eb948e08e9c478e5901f1293fd1f4\"\u003e\u003ccode\u003ebd3fbc4\u003c/code\u003e\u003c/a\u003e Improve typing support.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/09dd6fec4b1b2339451ab26d1ca3c7a049b8c38c\"\u003e\u003ccode\u003e09dd6fe\u003c/code\u003e\u003c/a\u003e Improve original type stubs from typeshed.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/873c7013ea92b16f2f24a6001e625fabfdf951a5\"\u003e\u003ccode\u003e873c701\u003c/code\u003e\u003c/a\u003e Add typeshed typings.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.0.4...v7.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `charset-normalizer` from 3.4.6 to 3.4.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/releases\"\u003echarset-normalizer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.4.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md\"\u003echarset-normalizer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/0f07891bf516b5d5231f1bd4dd2d8da7d4d09a9a\"\u003e\u003ccode\u003e0f07891\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/729\"\u003e#729\u003c/a\u003e from jawah/release-3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/fdbeb299479e8f4d737e4d227cd0b2bd5d273dc0\"\u003e\u003ccode\u003efdbeb29\u003c/code\u003e\u003c/a\u003e chore: update dev, and ci requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b66f922bfbdbdd9dd46af18a8964d4fb888756d4\"\u003e\u003ccode\u003eb66f922\u003c/code\u003e\u003c/a\u003e chore: add ft classifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/f94249d0a2c712f2d03124f4de6b77f5e03aaa96\"\u003e\u003ccode\u003ef94249d\u003c/code\u003e\u003c/a\u003e chore: add test cases for utf_7 recent fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/95c866f6c984bbd043e7e3ed0628aa4f3f8d5a26\"\u003e\u003ccode\u003e95c866f\u003c/code\u003e\u003c/a\u003e chore: bump version to 3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/4f429bb764c7e893f99bb4bceb60856da1baacfb\"\u003e\u003ccode\u003e4f429bb\u003c/code\u003e\u003c/a\u003e chore: bump mypy pre-commit to v1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b579cd6cab9bd83aa3fc0ca169d4df022bf4888c\"\u003e\u003ccode\u003eb579cd6\u003c/code\u003e\u003c/a\u003e fix: correctly remove SIG remnant in utf-7 decoded string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/58bf944a77cc0883fc46a6ee8edac3549fea5d59\"\u003e\u003ccode\u003e58bf944\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump github/codeql-action from 4.32.4 to 4.35.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/44cf8a1b676a2532a8f1694e62e4f4f98f9132e1\"\u003e\u003ccode\u003e44cf8a1\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump actions/download-artifact from 8.0.0 to 8.0.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/362bc20073f737b1ba4ca2f68cffb0c4cc024d20\"\u003e\u003ccode\u003e362bc20\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/725\"\u003e#725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jawah/charset_normalizer/compare/3.4.6...3.4.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `choreographer` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/choreographer/blob/main/CHANGELOG.txt\"\u003echoreographer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.3.0\nv1.3.0rc2\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCheck path validity for browser with is_file()\u003c/li\u003e\n\u003cli\u003eAdd option --verify_local in choreo_diagnose and fix local reporting logic\nv1.3.0rc1\u003c/li\u003e\n\u003cli\u003eWe now look for old download path as well as new download path\nv1.3.0rc0\u003c/li\u003e\n\u003cli\u003eChange to process group for better killing of multi-process chrome\u003c/li\u003e\n\u003cli\u003eAdd argument to Session/Target \u003ccode\u003esend_command(..., *, with_perf: bool)\u003c/code\u003e to\nreturn timing information about browser write/read.\u003c/li\u003e\n\u003cli\u003eUpdate default chrome from 135.0.7011.0/1418433 to 144.0.7527.0/1544685\u003c/li\u003e\n\u003cli\u003eFix: New chrome takes longer/doesn't populate targets right away, so add a\nretry loop to populate targets\u003c/li\u003e\n\u003cli\u003eAlter \u003ccode\u003eget_chrome\u003c/code\u003e verbose to print whole JSON\u003c/li\u003e\n\u003cli\u003eChange chrome download path to use XDG cache dir\u003c/li\u003e\n\u003cli\u003eDon't download chrome if we already have that version: add force argument\u003c/li\u003e\n\u003cli\u003eRemove unused system inspection code\u003c/li\u003e\n\u003cli\u003eAdd a set of helper functions to await for tab loading and send javascript\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/92147b1ccf024ae647f29ebf43057564011e06c9\"\u003e\u003ccode\u003e92147b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/296\"\u003e#296\u003c/a\u003e from plotly/cam/update-changelog-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/8851fc919bc7dfb27a48541543f1ff195c48eda3\"\u003e\u003ccode\u003e8851fc9\u003c/code\u003e\u003c/a\u003e Updates to release version v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/3128bddf909381a2b4205f0e28c0c3cb8b13498c\"\u003e\u003ccode\u003e3128bdd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/288\"\u003e#288\u003c/a\u003e from plotly/andrew/more_local_logic\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/a6f478e00fb81ad22db7c7c1d31028fb4ab20311\"\u003e\u003ccode\u003ea6f478e\u003c/code\u003e\u003c/a\u003e Add to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/953e19ad5dc395a3554cfbaf25599a8a3db6d933\"\u003e\u003ccode\u003e953e19a\u003c/code\u003e\u003c/a\u003e Check browser is file whwen checking path validity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/d062e355b819b84e57060d4e48fbe2aa6f063259\"\u003e\u003ccode\u003ed062e35\u003c/code\u003e\u003c/a\u003e Change default setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c0c97fc64a55c773dd7484674996cf55d74249a1\"\u003e\u003ccode\u003ec0c97fc\u003c/code\u003e\u003c/a\u003e Add option to verify local with choreo_diagnose\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/7ade1922269a6999c06f2ff92b34a1770bba6d3e\"\u003e\u003ccode\u003e7ade192\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/286\"\u003e#286\u003c/a\u003e from plotly/andrew/roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/edf284c8973dd9dc7f7b2f77a53481fe6f0d2671\"\u003e\u003ccode\u003eedf284c\u003c/code\u003e\u003c/a\u003e Update Roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c1b7abce535feb79748c888ba1130b985c13eb3f\"\u003e\u003ccode\u003ec1b7abc\u003c/code\u003e\u003c/a\u003e Changelog\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/choreographer/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.1 to 8.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.3.3\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.3/\"\u003ehttps://pypi.org/project/click/8.3.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-3\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/1026\"\u003e#1026\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/1477\"\u003e#1477\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2775\"\u003e#2775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3298\"\u003e#3298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3299\"\u003e#3299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3238\"\u003e#3238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3224\"\u003e#3224\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/654\"\u003e#654\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/824\"\u003e#824\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/843\"\u003e#843\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/951\"\u003e#951\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3235\"\u003e#3235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3177\"\u003e#3177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2836\"\u003e#2836\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2837\"\u003e#2837\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3165\"\u003e#3165\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3262\"\u003e#3262\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3280\"\u003e#3280\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3111\"\u003e#3111\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3189\"\u003e#3189\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3250\"\u003e#3250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2865\"\u003e#2865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2879\"\u003e#2879\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.2\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.2/\"\u003ehttps://pypi.org/project/click/8.3.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-2\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/29\"\u003ehttps://github.com/pallets/click/milestone/29\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.3.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-20\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n:issue:\u003ccode\u003e1026\u003c/code\u003e :pr:\u003ccode\u003e1477\u003c/code\u003e :pr:\u003ccode\u003e2775\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. :issue:\u003ccode\u003e3298\u003c/code\u003e :pr:\u003ccode\u003e3299\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. :pr:\u003ccode\u003e3238\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n:issue:\u003ccode\u003e3224\u003c/code\u003e :pr:\u003ccode\u003e3240\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n:issue:\u003ccode\u003e654\u003c/code\u003e :issue:\u003ccode\u003e824\u003c/code\u003e :issue:\u003ccode\u003e843\u003c/code\u003e :pr:\u003ccode\u003e951\u003c/code\u003e :pr:\u003ccode\u003e3235\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. :pr:\u003ccode\u003e3151\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. :pr:\u003ccode\u003e3151\u003c/code\u003e :pr:\u003ccode\u003e3177\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. :issue:\u003ccode\u003e2836\u003c/code\u003e :pr:\u003ccode\u003e2837\u003c/code\u003e :pr:\u003ccode\u003e3165\u003c/code\u003e :pr:\u003ccode\u003e3262\u003c/code\u003e :pr:\u003ccode\u003e3280\u003c/code\u003e\n:pr:\u003ccode\u003e3328\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. :issue:\u003ccode\u003e3111\u003c/code\u003e :pr:\u003ccode\u003e3239\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. :issue:\u003ccode\u003e3189\u003c/code\u003e :pr:\u003ccode\u003e3250\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n:issue:\u003ccode\u003e2865\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. :issue:\u003ccode\u003e2879\u003c/code\u003e :pr:\u003ccode\u003e3248\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 8.3.2\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eflag_value\u003c/code\u003e when \u003ccode\u003eis_flag=False\u003c/code\u003e to allow such options to be\nused without an explicit value. :issue:\u003ccode\u003e3084\u003c/code\u003e :pr:\u003ccode\u003e3152\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eHide \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values as \u003ccode\u003eNone\u003c/code\u003e when using \u003ccode\u003elookup_default()\u003c/code\u003e.\n:issue:\u003ccode\u003e3136\u003c/code\u003e :pr:\u003ccode\u003e3199\u003c/code\u003e :pr:\u003ccode\u003e3202\u003c/code\u003e :pr:\u003ccode\u003e3209\u003c/code\u003e :pr:\u003ccode\u003e3212\u003c/code\u003e :pr:\u003ccode\u003e3224\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c06d2d0a6aee6bcc50bd8257be2a4a592f4e75d0\"\u003e\u003ccode\u003ec06d2d0\u003c/code\u003e\u003c/a\u003e Release 8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/f1f191ecd2c790b161187c78e7c88440e9524e5c\"\u003e\u003ccode\u003ef1f191e\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3343\"\u003e#3343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/bb59ba0fd279ca085d1113f0499b6a602ca31081\"\u003e\u003ccode\u003ebb59ba0\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4a352253c9ff013e36d11e4a6820d36d00ff2cd4\"\u003e\u003ccode\u003e4a35225\u003c/code\u003e\u003c/a\u003e Reduce blast-radius of \u003ccode\u003eUNSET\u003c/code\u003e in \u003ccode\u003edefault_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c07bb936de43fd303f9cfbefe248ab23fd2199c8\"\u003e\u003ccode\u003ec07bb93\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into unset-in-default-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c7e1ba8448cbcb2cdd9c1c7f4a592e863dcc3995\"\u003e\u003ccode\u003ec7e1ba8\u003c/code\u003e\u003c/a\u003e Reorder \u003ccode\u003eParameterSource\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/76552ff1e8c85837f911fc34037e702ae4327eda\"\u003e\u003ccode\u003e76552ff\u003c/code\u003e\u003c/a\u003e Show default string in prompt (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/ac5cec5fe54e5a691e7bac17f441ce9498e0744c\"\u003e\u003ccode\u003eac5cec5\u003c/code\u003e\u003c/a\u003e Reorder ParameterSource from most to least explicit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c452e00e6772931b7071d9316b82b77e5b8f280\"\u003e\u003ccode\u003e8c452e0\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into show-default-string-in-prompt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c95c73bd5ef89eac638f85f1904a104ba4b1a32\"\u003e\u003ccode\u003e8c95c73\u003c/code\u003e\u003c/a\u003e Reconcile default value passing and default activation (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.1...8.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `duckdb` from 1.5.0 to 1.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/duckdb/duckdb-python/releases\"\u003educkdb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.5.2 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eSee the DuckDB core release notes here: \u003ca href=\"https://github.com/duckdb/duckdb/releases/tag/v1.5.2\"\u003ehttps://github.com/duckdb/duckdb/releases/tag/v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed in duckdb-python\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hints overhaul by \u003ca href=\"https://github.com/OutSquareCapital\"\u003e\u003ccode\u003e@​OutSquareCapital\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/352\"\u003educkdb/duckdb-python#352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache arrow schema for streaming types by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/423\"\u003educkdb/duckdb-python#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix segfault on join with None by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/422\"\u003educkdb/duckdb-python#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stubs for path_or_buffer param by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/425\"\u003educkdb/duckdb-python#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.5.1 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eDuckDB core v1.5.1 Changelog: \u003ca href=\"https://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-added basic support for the GEOMETRY type\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/2aea44eeae35b9c77dc2ff672634034a75c9bb16\"\u003e\u003ccode\u003e2aea44e\u003c/code\u003e\u003c/a\u003e pin submodule at release hash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/3aa2bf2022b91dc9a96c3f91c8bb1fb0296586ef\"\u003e\u003ccode\u003e3aa2bf2\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/018fe057d5a003355deb4213a894af559a947aa7\"\u003e\u003ccode\u003e018fe05\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/0ef05d69fc8a123cf532f3ffb3e088212bbbfaf7\"\u003e\u003ccode\u003e0ef05d6\u003c/code\u003e\u003c/a\u003e Fix segfault on join with None (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/4acb9f71e00c5002d3ab3aba78a172df8f7ebbc4\"\u003e\u003ccode\u003e4acb9f7\u003c/code\u003e\u003c/a\u003e Fix segfault on join\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/6f161de62403c209633fcbd52c6c0403dadef7da\"\u003e\u003ccode\u003e6f161de\u003c/code\u003e\u003c/a\u003e Cache arrow schema for streaming types (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/87d6a319674c5e2fb855e140bf539e997e978a2e\"\u003e\u003ccode\u003e87d6a31\u003c/code\u003e\u003c/a\u003e Add CLAUDE.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/ae356cb03926372b9cd3736f39662efd25bb4915\"\u003e\u003ccode\u003eae356cb\u003c/code\u003e\u003c/a\u003e Cache the arrow schema for streams so we don't need an active client context\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/b71639f215d29c4f8b1c53cb3d7cf45603f4c5d2\"\u003e\u003ccode\u003eb71639f\u003c/code\u003e\u003c/a\u003e Test that client context stays open on arrow streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/305d11457efd4ca0767cad0868b16310b04160a7\"\u003e\u003ccode\u003e305d114\u003c/code\u003e\u003c/a\u003e fix spark test (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/duckdb/duckdb-python/compare/v1.5.0...v1.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask-wtf` from 1.2.2 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/releases\"\u003eflask-wtf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epre-commit autoupdate by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/607\"\u003epallets-eco/flask-wtf#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove slsa provenance by \u003ca href=\"https://github.com/davidism\"\u003e\u003ccode\u003e@​davidism\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/638\"\u003epallets-eco/flask-wtf#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport for Python 3.14 by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/648\"\u003epallets-eco/flask-wtf#648\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry not to read uploaded files into memory by \u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/649\"\u003epallets-eco/flask-wtf#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReCaptcha field testing mode documentation by \u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow nonce in reCaptcha by \u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCSRF meta tag helper by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/674\"\u003epallets-eco/flask-wtf#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewidget support the kwargs to add custom html attributes by \u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect exempts in CSRFProtect.protect() by \u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding RECAPTCHA_ENABLE to disable recaptcha by \u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CSRF Documentation by \u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ehttps://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/blob/main/docs/changes.rst\"\u003eflask-wtf's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.3.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-23\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't read the whole uploaded files to know their size. :pr:\u003ccode\u003e635\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eStop support for Python 3.9. Start support for Python 3.14. :pr:\u003ccode\u003e648\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv. :pr:\u003ccode\u003e649\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAllow setting a \u003ccode\u003enonce\u003c/code\u003e on :class:\u003ccode\u003e~flask_wtf.recaptcha.RecaptchaField\u003c/code\u003e\n(string or zero-argument callable) for nonce-based Content Security\nPolicies. :pr:\u003ccode\u003e312\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecsrf_meta_tag()\u003c/code\u003e helper and \u003ccode\u003eWTF_CSRF_META_NAME\u003c/code\u003e setting to render\nthe CSRF token as an HTML \u003ccode\u003e\u0026lt;meta\u0026gt;\u003c/code\u003e tag.\u003c/li\u003e\n\u003cli\u003eForward keyword arguments passed to the reCAPTCHA widget as HTML attributes\non the captcha \u003ccode\u003e\u0026lt;div\u0026gt;\u003c/code\u003e, with the field id used as a default \u003ccode\u003eid\u003c/code\u003e.\n:pr:\u003ccode\u003e353\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eapply_exemptions\u003c/code\u003e parameter to\n:meth:\u003ccode\u003e~flask_wtf.csrf.CSRFProtect.protect\u003c/code\u003e so \u003ccode\u003e@csrf.exempt\u003c/code\u003e keeps working\nwhen validation is triggered manually. :pr:\u003ccode\u003e419\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRECAPTCHA_ENABLED\u003c/code\u003e setting. :pr:\u003ccode\u003e509\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/63eb4d3bd55735fc136bdc6f23a90ca2b220b602\"\u003e\u003ccode\u003e63eb4d3\u003c/code\u003e\u003c/a\u003e chore: bump to v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/192ece3da0d98682c13e12574d7b1fc938bdd8e8\"\u003e\u003ccode\u003e192ece3\u003c/code\u003e\u003c/a\u003e Improve CSRF Documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/1f8522d4a362ee66ab12a1ebf55379501dfcef0d\"\u003e\u003ccode\u003e1f8522d\u003c/code\u003e\u003c/a\u003e Adding RECAPTCHA_ENABLE to disable recaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/64b9215be16dc123f7eb187494dbba6bd0e5c2cd\"\u003e\u003ccode\u003e64b9215\u003c/code\u003e\u003c/a\u003e Respect exempts in CSRFProtect.protect() (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/419\"\u003e#419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/adf674f80c5c5e55c050729e3ec086b4d6cb0f26\"\u003e\u003ccode\u003eadf674f\u003c/code\u003e\u003c/a\u003e widget support the kwargs to add custom html attributes (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/353\"\u003e#353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ea1f797112f857c783dcd2c6e3954357df8e1bb7\"\u003e\u003ccode\u003eea1f797\u003c/code\u003e\u003c/a\u003e feat: CSRF meta tag helper (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/412e3efda3703b141ca75afbcbf0538a7797b713\"\u003e\u003ccode\u003e412e3ef\u003c/code\u003e\u003c/a\u003e Allow nonce in reCaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/a7b764a1fa8f4ea960d81104c364a2d29429e1b8\"\u003e\u003ccode\u003ea7b764a\u003c/code\u003e\u003c/a\u003e ReCaptcha field testing mode documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/650\"\u003e#650\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/c053c0ec11560e68e558636962bbec1115a7ae2a\"\u003e\u003ccode\u003ec053c0e\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump pytest from 9.0.1 to 9.0.3 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ca2216cdf72717aa3c2355ba5f454080c78d9273\"\u003e\u003ccode\u003eca2216c\u003c/code\u003e\u003c/a\u003e chore(deps): bump uv from 0.9.11 to 0.11.6 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `greenlet` from 3.3.2 to 3.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst\"\u003egreenlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.5.0 (2026-04-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove the \u003ccode\u003eatexit\u003c/code\u003e callback. This callback caused greenlet APIs\nto become unavailable far too soon during interpreter shutdown. Now\nthey remain available while all \u003ccode\u003eatexit\u003c/code\u003e callbacks run. Sometime\nafter \u003ccode\u003ePy_IsFinalizing\u003c/code\u003e becomes true, they may begin misbehaving.\nBecause the order in which C extensions are finalized is undefined,\nC extensions that are sensitive to this need to check the results of\nthat function before invoking greenlet APIs. As a convenience,\n\u003ccode\u003ePyGreenlet_GetCurrent\u003c/code\u003e sets an exception and returns \u003ccode\u003eNULL\u003c/code\u003e\nwhen this happens (and \u003ccode\u003egreenlet.getcurrent\u003c/code\u003e begins returning\n\u003ccode\u003eNone\u003c/code\u003e); other greenlet C API functions have undefined behaviour.\nMethods invoked directly on pre-existing \u003ccode\u003egreenlet.greenlet\u003c/code\u003e\nobjects will continue to function at least until the greenlet C\nextension has been garbage collected and finalized.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 508 \u0026lt;https://github.com/python-greenlet/greenlet/pull/508\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.4.0 (2026-04-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePublish binary wheels for RiscV 64.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix multiple rare crash paths during interpreter shutdown.\u003c/p\u003e\n\u003cp\u003eNote that this now relies on the \u003ccode\u003eatexit\u003c/code\u003e module, and introduces\nsubtle API changes during interpreter shutdown (for example,\n\u003ccode\u003egetcurrent\u003c/code\u003e is no longer available once the \u003ccode\u003eatexit\u003c/code\u003e callback fires).\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR [#499](https://github.com/python-greenlet/greenlet/issues/499) \u0026lt;https://github.com/python-greenlet/greenlet/pull/499\u0026gt;\u003c/code\u003e_ by Nicolas\nBouvrette.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress the results of an automated code audit performed by\nDaniel Diniz. This includes several minor correctness changes that\ntheoretically could have been crashing bugs, but typically only in\nvery rare circumstances.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 502 \u0026lt;https://github.com/python-greenlet/greenlet/pull/502\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix several race conditions that could arise in free-threaded\nbuilds when using greenlet objects from multiple threads, some of\nwhich could lead to assertion failures or interpreter crashes.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003eissue 503 \u0026lt;https://github.com/python-greenlet/greenlet/issues/503\u0026gt;\u003c/code\u003e_, with\nthanks to Nitay Dariel and Daniel Diniz.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/c7acc72000572811d6462ebe01733a974f194990\"\u003e\u003ccode\u003ec7acc72\u003c/code\u003e\u003c/a\u003e Preparing release 3.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/d08f99bf40801c5d57af6e13631c0ba68300ecf7\"\u003e\u003ccode\u003ed08f99b\u003c/code\u003e\u003c/a\u003e CHANGES: Update link from \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/507\"\u003e#507\u003c/a\u003e to more full description in \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/fd3391e33cedc7a17a86059f18dfbec2b3a320bd\"\u003e\u003ccode\u003efd3391e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e from python-greenlet/issue507-remove-atexit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/004e1e9bd5c0fa49c66b733c28ec92a3cd41fe09\"\u003e\u003ccode\u003e004e1e9\u003c/code\u003e\u003c/a\u003e Remove the atexit callback.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/b784a69a0da6abd6e66b15a2c1415d272fdd1292\"\u003e\u003ccode\u003eb784a69\u003c/code\u003e\u003c/a\u003e Back to development: 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/df6734edbef6a0e54ecc4ba4735d93ae6d721095\"\u003e\u003ccode\u003edf6734e\u003c/code\u003e\u003c/a\u003e Preparing release 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/0f860756608b767b2ed70f935053b319d1a1b828\"\u003e\u003ccode\u003e0f86075\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/504\"\u003e#504\u003c/a\u003e from python-greenlet/freethreading-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/459657482f3efaee294edff672bde45ac3fac208\"\u003e\u003ccode\u003e4596574\u003c/code\u003e\u003c/a\u003e TLBC: crash appears to still happen on CI 3.14t ubuntu. Re-enable workaround.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/2f4a1cf53fa282ab28ea4815164a9cb09b9320ce\"\u003e\u003ccode\u003e2f4a1cf\u003c/code\u003e\u003c/a\u003e Make green_switch (python level greenlet.switch) and green_throw check for (p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/a0c2a2a7519985d5fe2c034a54f1a0fed82a5905\"\u003e\u003ccode\u003ea0c2a2a\u003c/code\u003e\u003c/a\u003e Fix unused variable warning when asserts are disabled.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-greenlet/greenlet/compare/3.3.2...3.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.11 to 3.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.14 (2026-05-10)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [GHSA-65pc-fj4g-8rjx]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.13 (2026-04-22)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.12 (2026-04-21)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/37b6b7497aee4805f7a74a7d86206ac05be9669a\"\u003e\u003ccode\u003e37b6b74\u003c/code\u003e\u003c/a\u003e Release v3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead\"\u003e\u003ccode\u003e628fef8\u003c/code\u003e\u003c/a\u003e Use valid_string_length() for early oversized-input check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1e26c7fd93c67995422af9d1f071f45ee6433fd0\"\u003e\u003ccode\u003e1e26c7f\u003c/code\u003e\u003c/a\u003e Tweak release wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ab5668fb6eaf4254d91d6993c0b23e98e21202fb\"\u003e\u003ccode\u003eab5668f\u003c/code\u003e\u003c/a\u003e Pre-release 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c0dda4501df5d91c3181ce6f962dc5de74e82cc1\"\u003e\u003ccode\u003ec0dda45\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b7391f4c240bf2eae80eaed0a2ef7c2e0496af96\"\u003e\u003ccode\u003eb7391f4\u003c/code\u003e\u003c/a\u003e Add docstrings to package (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0f4a28d88f8cce54269f0b6a42edf5e6a5424319\"\u003e\u003ccode\u003e0f4a28d\u003c/code\u003e\u003c/a\u003e Raise IDNAError on non-string input to encode/decode (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/224\"\u003e#224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7e6df7196e6396b5b84b9530eab8272b5ad51898\"\u003e\u003ccode\u003e7e6df71\u003c/code\u003e\u003c/a\u003e Address type issues found by \u003ccode\u003ety\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6ebfaab9ea718dce38a7c17ddafd7fb28b0468d4\"\u003e\u003ccode\u003e6ebfaab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/221\"\u003e#221\u003c/a\u003e from kjd/release-3.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/89cdfd27338896cee6b1ee18e64c96ac28684ce0\"\u003e\u003ccode\u003e89cdfd2\u003c/code\u003e\u003c/a\u003e Release v3.13\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.11...v3.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ipython` from 9.11.0 to 9.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/7c1654dcb4bc0d4c841fbee1f5abf7c6c6007111\"\u003e\u003ccode\u003e7c1654d\u003c/code\u003e\u003c/a\u003e release 9.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/d7cd8a44234ddbdba782a42fce7893a4ff4529f4\"\u003e\u003ccode\u003ed7cd8a4\u003c/code\u003e\u003c/a\u003e Fix reStructuredText heading underline consistency in whatsnew (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15189\"\u003e#15189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/6542c95bef054c7ed4c1725047726b7140fe0e4d\"\u003e\u003ccode\u003e6542c95\u003c/code\u003e\u003c/a\u003e Fix RST header levels in whatsnew/version9.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/0ca3e92249fb0af429b40e4827000955d5ceeeb3\"\u003e\u003ccode\u003e0ca3e92\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13 (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15188\"\u003e#15188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/9c8ce1184eceb865d392b39030d6c670caea89c5\"\u003e\u003ccode\u003e9c8ce11\u003c/code\u003e\u003c/a\u003e Revert release.py change, keep as dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1fb2f7dc221e9b889d857b79c38704eab594d4c0\"\u003e\u003ccode\u003e1fb2f7d\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/be4179d1ba8b5c4e0f0d35a7d2f1654fd15c96e3\"\u003e\u003ccode\u003ebe4179d\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15184\"\u003e#15184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1ec6bc9ca9558877b5bfccf66c22e8e61ceba83d\"\u003e\u003ccode\u003e1ec6bc9\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/c6f48bceeec68b6ad9b9e6270eee9a7f4277b245\"\u003e\u003ccode\u003ec6f48bc\u003c/code\u003e\u003c/a\u003e solves \u003ca href=\"https://redirect.github.com/ipython/ipython/issues/14901\"\u003e#14901\u003c/a\u003e illegible yellow string on yellow background issue (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15156\"\u003e#15156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/8635f71fc551d76f017ad47c826bb7c7bfcb6b24\"\u003e\u003ccode\u003e8635f71\u003c/code\u003e\u003c/a\u003e fix: CapturedIO.\u003cstrong\u003einit\u003c/strong\u003e type annotations to accept Optional[StringIO] (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15172\"\u003e#15172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ipython/ipython/compare/9.11.0...9.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jedi` from 0.19.2 to 0.20.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidhalter/jedi/blob/master/CHANGELOG.rst\"\u003ejedi's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e0.20.0 (2026-05-02)\n+++++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3.14 support\u003c/li\u003e\n\u003cli\u003eRemoved support for Python 3.8 and 3.9\u003c/li\u003e\n\u003cli\u003eUpgraded Typeshed\u003c/li\u003e\n\u003cli\u003eBetter support for Final/ClassVar\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e__new__\u003c/code\u003e is now also recognized as a signature and TypeVar inference\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eSelf\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eTypeAlias\u003c/code\u003e, generics for \u003ccode\u003etype[...]\u003c/code\u003e and \u003ccode\u003etuple[...]\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/3102215478fe07b965dcd8221c17436d1dd7e8ac\"\u003e\u003ccode\u003e3102215\u003c/code\u003e\u003c/a\u003e Move the type parameter syntax tests so that it works for all versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/1b37f2eb946e825cbc2887c6dd34ee046f0ae68c\"\u003e\u003ccode\u003e1b37f2e\u003c/code\u003e\u003c/a\u003e Prepare for the 0.20.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8e4df5cc0ec511db1af6d358182b1fb7c1e0cbff\"\u003e\u003ccode\u003e8e4df5c\u003c/code\u003e\u003c/a\u003e Make sure the new generic syntax does not fail with latest parso\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/4c9dbcca0329454b638bfa32e2825bedcfdf0eac\"\u003e\u003ccode\u003e4c9dbcc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/davidhalter/jedi/issues/2098\"\u003e#2098\u003c/a\u003e from davidhalter/updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/fedb1a5eb0d74446f6d431db2920ab5f1e1d5b18\"\u003e\u003ccode\u003efedb1a5\u003c/code\u003e\u003c/a\u003e Fix 3.10 tests in one more case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/87e782f9c82de7297e243a770ac8888570bffa8e\"\u003e\u003ccode\u003e87e782f\u003c/code\u003e\u003c/a\u003e Fix flake8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/cd52d982e10ac54f0ebef06e0bd414f79589998a\"\u003e\u003ccode\u003ecd52d98\u003c/code\u003e\u003c/a\u003e Fixes to get the tests passing for 3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/d0b11806d4d1def377234bc2dc512992c997a977\"\u003e\u003ccode\u003ed0b1180\u003c/code\u003e\u003c/a\u003e Finally make tests work for 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8520a9958b489bd8d30cf20b4d2798f7289aab45\"\u003e\u003ccode\u003e8520a99\u003c/code\u003e\u003c/a\u003e Implement support for TypeVar inference for \u003cstrong\u003enew\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/55e5f0cb92dd92d5bdc80ecfc38664a1afd921d1\"\u003e\u003ccode\u003e55e5f0c\u003c/code\u003e\u003c/a\u003e Implement new-style unions with TypeVars\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidhalter/jedi/compare/v0.19.2...v0.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kaleido` from 1.2.0 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/kaleido/releases\"\u003ekaleido's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/Kaleido/blob/master/CHANGELOG.md\"\u003ekaleido's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.3.0rc0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b7a00c41895ab71b67e5b89b40f186c3f1cecbed\"\u003e\u003ccode\u003eb7a00c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/451\"\u003e#451\u003c/a\u003e from plotly/release-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/423a4f1cc6cbc701f9238281d63324508f12a272\"\u003e\u003ccode\u003e423a4f1\u003c/code\u003e\u003c/a\u003e Update setuptools config to find required subpackages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/28131a743143cc5d134c6e962b603ff3a5ed6253\"\u003e\u003ccode\u003e28131a7\u003c/code\u003e\u003c/a\u003e Updates for release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f72dc86fa75afbca8756fcd9c9b5af550f038d75\"\u003e\u003ccode\u003ef72dc86\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/366\"\u003e#366\u003c/a\u003e from tschm/patch-3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0c5e89030709bc873806c08542ae66afea304f71\"\u003e\u003ccode\u003e0c5e890\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/450\"\u003e#450\u003c/a\u003e from plotly/cam/js-dependency-updates-may-2026\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/4e95de54ad7874e254665444070cf613104749f5\"\u003e\u003ccode\u003e4e95de5\u003c/code\u003e\u003c/a\u003e Bump pygments from 2.19.2 to 2.20.0 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/90ddc9d7e83d4b27cc11a44a9ca15c5d2c6c5688\"\u003e\u003ccode\u003e90ddc9d\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.2.3 to 2.6.3 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f9b850eb38d7d9bb3f24258012d776f03ad355a0\"\u003e\u003ccode\u003ef9b850e\u003c/code\u003e\u003c/a\u003e chore: Update JS dependencies for security fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0978e65f23fbba486d005df1508e008a080d20e4\"\u003e\u003ccode\u003e0978e65\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/432\"\u003e#432\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/minimatch-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b639582c0416f48a682ad01d157af22881d94f75\"\u003e\u003ccode\u003eb639582\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/429\"\u003e#429\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/qs-6.14.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/kaleido/compare/v1.2.0...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `llvmlite` from 0.46.0b1 to 0.47.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/numba/llvmlite/releases\"\u003ellvmlite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.47.0\u003c/h2\u003e\n\u003cp\u003eFor detailed release notes, see: \u003ca href=\"https://llvmlite.readthedocs.io/en/v0.47.0/\"\u003ehttps://llvmlite.readthedocs.io/en/v0.47.0/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.46.0\u003c/h2\u003e\n\u003cp\u003eFor detailed release notes, see: \u003ca href=\"https://llvmlite.readthedocs.io/en/v0.46.0\"\u003ehttps://llvmlite.readthedocs.io/en/v0.46.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/a1b33d2c2dac939a6263c544afd46eb66189b740\"\u003e\u003ccode\u003ea1b33d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/1412\"\u003e#1412\u003c/a\u003e from swap357/release0.47\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/908fd0e36e1e8f0be1a36d66394b5bc838853106\"\u003e\u003ccode\u003e908fd0e\u003c/code\u003e\u003c/a\u003e add final changelog entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/f4f904208aec1d1516946f5f38a2737a61a8087e\"\u003e\u003ccode\u003ef4f9042\u003c/code\u003e\u003c/a\u003e update CHANGE_LOG for v0.47.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/01d2b0401d1a5e19b185c582c69421e15f166561\"\u003e\u003ccode\u003e01d2b04\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/1406\"\u003e#1406\u003c/a\u003e from swap357/release0.47\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/2b62a94af24c109bfd9213422363f3e42e6b8070\"\u003e\u003ccode\u003e2b62a94\u003c/code\u003e\u003c/a\u003e update changelog for 0.47.0rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/fafaa85470bd70aa31711f075f8fee7f3e5d3dee\"\u003e\u003ccode\u003efafaa85\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/1403\"\u003e#1403\u003c/a\u003e from numba/renovate/major-github-artifact-actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/ec1375e4ba338a7960050260d6599c3549e48891\"\u003e\u003ccode\u003eec1375e\u003c/code\u003e\u003c/a\u003e chore(deps): update github artifact actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/d869142f16105eee20353379e65a4e6805d34c9d\"\u003e\u003ccode\u003ed869142\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/569\"\u003e#569\u003c/a\u003e from ARF1/wip/fix_setup_clean\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/dd23d71d1ec24bb56ba266937a52cabd886774c9\"\u003e\u003ccode\u003edd23d71\u003c/code\u003e\u003c/a\u003e refactor cleanup logic to restrict removal to llvmlite directory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/37586b026abd5df51b730ac26650ba6331371615\"\u003e\u003ccode\u003e37586b0\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'upstream/main' into wip/fix_setup_clean\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/numba/llvmlite/compare/v0.46.0b1...v0.47.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it-py` from 4.0.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/executablebooks/markdown-it-py/releases\"\u003emarkdown-it-py's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003emake_fence_rule()\u003c/code\u003e factory for configurable fence markers by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/394\"\u003eexecutablebooks/markdown-it-py#394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🚀 RELEASE v4.2.0 by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/395\"\u003eexecutablebooks/markdown-it-py#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003e--stdin\u003c/code\u003e option to CLI by \u003ca href=\"https://github.com/mcepl\"\u003e\u003ccode\u003e@​mcepl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/379\"\u003eexecutablebooks/markdown-it-py#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd AGENTS.md and copilot-setup-steps workflow by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/380\"\u003eexecutablebooks/markdown-it-py#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔧 Add typing to Scanner by \u003ca href=\"https://github.com/Alunderin\"\u003e\u003ccode\u003e@​Alunderin\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/Rrudra1995/Openai-new/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Rrudra1995%2FOpenai-new/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}],"issue_packages":[{"old_version":"3.17.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-05-26T02:35:02.000Z","version_change":"3.17.0 → 3.19.1","issue":{"uuid":"4520870249","node_id":"PR_kwDOPiJZBs7fPRt2","number":15,"state":"open","title":"Bump the pip group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T02:35:02.000Z","updated_at":"2026-05-26T04:57:34.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":19,"packages":[{"name":"urllib3","old_version":"1.25.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"black","old_version":"23.12.1","new_version":"26.3.1","repository_url":"https://github.com/psf/black"},{"name":"certifi","old_version":"2023.11.17","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"idna","old_version":"3.6","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"pytest","old_version":"7.4.4","new_version":"9.0.3","repository_url":"https://github.com/pytest-dev/pytest"},{"name":"requests","old_version":"2.31.0","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"},{"name":"scikit-learn","old_version":"1.3.2","new_version":"1.5.0","repository_url":"https://github.com/scikit-learn/scikit-learn"},{"name":"setuptools","old_version":"69.0.3","new_version":"78.1.1","repository_url":"https://github.com/pypa/setuptools"},{"name":"jinja2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"jupyter-server","old_version":"2.12.5","new_version":"2.18.0","repository_url":"https://github.com/jupyter-server/jupyter_server"},{"name":"jupyterlab","old_version":"4.0.11","new_version":"4.5.7","repository_url":"https://github.com/jupyterlab/jupyterlab"},{"name":"mistune","old_version":"3.0.2","new_version":"3.2.1","repository_url":"https://github.com/lepture/mistune"},{"name":"nbconvert","old_version":"7.14.2","new_version":"7.17.1","repository_url":"https://github.com/jupyter/nbconvert"},{"name":"notebook","old_version":"7.0.7","new_version":"7.5.6","repository_url":"https://github.com/jupyter/notebook"},{"name":"tornado","old_version":"6.4","new_version":"6.5.5","repository_url":"https://github.com/tornadoweb/tornado"},{"name":"cryptography","old_version":"41.0.7","new_version":"46.0.7","repository_url":"https://github.com/pyca/cryptography"},{"name":"tqdm","old_version":"4.66.1","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"zipp","old_version":"3.17.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"},{"name":"pyopenssl","old_version":"23.3.0","new_version":"26.0.0","repository_url":"https://github.com/pyca/pyopenssl"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 19 updates in the /test/requirements/compiled directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.25.3` | `2.7.0` |\n| [black](https://github.com/psf/black) | `23.12.1` | `26.3.1` |\n| [certifi](https://github.com/certifi/python-certifi) | `2023.11.17` | `2024.7.4` |\n| [idna](https://github.com/kjd/idna) | `3.6` | `3.15` |\n| [pytest](https://github.com/pytest-dev/pytest) | `7.4.4` | `9.0.3` |\n| [requests](https://github.com/psf/requests) | `2.31.0` | `2.33.0` |\n| [scikit-learn](https://github.com/scikit-learn/scikit-learn) | `1.3.2` | `1.5.0` |\n| [setuptools](https://github.com/pypa/setuptools) | `69.0.3` | `78.1.1` |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.6` |\n| [jupyter-server](https://github.com/jupyter-server/jupyter_server) | `2.12.5` | `2.18.0` |\n| [jupyterlab](https://github.com/jupyterlab/jupyterlab) | `4.0.11` | `4.5.7` |\n| [mistune](https://github.com/lepture/mistune) | `3.0.2` | `3.2.1` |\n| [nbconvert](https://github.com/jupyter/nbconvert) | `7.14.2` | `7.17.1` |\n| [notebook](https://github.com/jupyter/notebook) | `7.0.7` | `7.5.6` |\n| [tornado](https://github.com/tornadoweb/tornado) | `6.4` | `6.5.5` |\n| [cryptography](https://github.com/pyca/cryptography) | `41.0.7` | `46.0.7` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.66.1` | `4.66.3` |\n| [zipp](https://github.com/jaraco/zipp) | `3.17.0` | `3.19.1` |\n| [pyopenssl](https://github.com/pyca/pyopenssl) | `23.3.0` | `26.0.0` |\n\n\nUpdates `urllib3` from 1.25.3 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been read and decompressed partially. (Reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or \u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed using the official \u003ca href=\"https://pypi.org/project/brotli/\"\u003eBrotli\u003c/a\u003e library. (Reported by \u003ca href=\"https://github.com/kimkou2024\"\u003e\u003ccode\u003e@​kimkou2024\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee GHSA-mf9v-mfxr-j63j for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip sensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by \u003ca href=\"https://github.com/christos-spearbit\"\u003e\u003ccode\u003e@​christos-spearbit\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3763\"\u003eurllib3/urllib3#3763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3720\"\u003eurllib3/urllib3#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003eurllib3/urllib3#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3777\"\u003eurllib3/urllib3#3777\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed data buffered from previous partial reads. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3636\"\u003eurllib3/urllib3#3636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the response after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4967\"\u003eurllib3/urllib3#4967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.stream()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to handle \u003ccode\u003eamt=0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3793\"\u003eurllib3/urllib3#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003e_TYPE_BODY\u003c/code\u003e type alias to include missing \u003ccode\u003eIterable[str]\u003c/code\u003e, matching the documented and runtime behavior of chunked request bodies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3798\"\u003eurllib3/urllib3#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eLocationParseError\u003c/code\u003e when paths resembling schemeless URIs were passed to \u003ccode\u003eHTTPConnectionPool.urlopen()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3352\"\u003eurllib3/urllib3#3352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eBaseHTTPResponse.readinto()\u003c/code\u003e type annotation to accept \u003ccode\u003ememoryview\u003c/code\u003e in addition to \u003ccode\u003ebytearray\u003c/code\u003e, matching the \u003ccode\u003eio.RawIOBase.readinto\u003c/code\u003e contract and enabling use with \u003ccode\u003eio.BufferedReader\u003c/code\u003e without type errors. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3764\"\u003eurllib3/urllib3#3764\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.7.0 (2026-05-07)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues.\nImpact was limited to specific use cases detailed in the accompanying\nadvisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been\nread and decompressed partially.\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or\n\u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed\nusing the official \u003ccode\u003eBrotli \u0026lt;https://pypi.org/project/brotli/\u0026gt;\u003c/code\u003e__ library.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee \u003ccode\u003eGHSA-mf9v-mfxr-j63j \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j\u0026gt;\u003c/code\u003e__\nfor details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip\nsensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when\nredirecting to a different host.\n(\u003ccode\u003eGHSA-qccp-gfcp-xxvc \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\u0026gt;\u003c/code\u003e__)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better\nvisibility of existing deprecation notices. Rescheduled the removal of\ndeprecated features to version 3.0.\n(\u003ccode\u003e[#3763](https://github.com/urllib3/urllib3/issues/3763) \u0026lt;https://github.com/urllib3/urllib3/issues/3763\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9.\n(\u003ccode\u003e[#3720](https://github.com/urllib3/urllib3/issues/3720) \u0026lt;https://github.com/urllib3/urllib3/issues/3720\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10.\n(\u003ccode\u003e[#4979](https://github.com/urllib3/urllib3/issues/4979) \u0026lt;https://github.com/urllib3/urllib3/issues/4979\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0.\n(\u003ccode\u003e[#3777](https://github.com/urllib3/urllib3/issues/3777) \u0026lt;https://github.com/urllib3/urllib3/issues/3777\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed\ndata buffered from previous partial reads.\n(\u003ccode\u003e[#3636](https://github.com/urllib3/urllib3/issues/3636) \u0026lt;https://github.com/urllib3/urllib3/issues/3636\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the\nresponse after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9a950b92d999f906b6020bb2d1076ee56cddd5d2\"\u003e\u003ccode\u003e9a950b9\u003c/code\u003e\u003c/a\u003e Release 2.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc\"\u003e\u003ccode\u003e5ec0de4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2bdcc44d1e163fb5cc48a8662425e35e15adfe6a\"\u003e\u003ccode\u003e2bdcc44\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f45b0df09d8620ac6ed0491eb9362c8c87b7bc2c\"\u003e\u003ccode\u003ef45b0df\u003c/code\u003e\u003c/a\u003e Fix a misleading example for \u003ccode\u003eProxyManager\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/577193ca029872384f82c133449e0935f6d8a64b\"\u003e\u003ccode\u003e577193c\u003c/code\u003e\u003c/a\u003e Switch to nightly PyPy3.11 in CI for now (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4984\"\u003e#4984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/e90af45bb006c3a452a3a21644a2681523f5c7fc\"\u003e\u003ccode\u003ee90af45\u003c/code\u003e\u003c/a\u003e Avoid infinite loop in \u003ccode\u003eHTTPResponse.read_chunked\u003c/code\u003e when \u003ccode\u003eamt=0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4974\"\u003e#4974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/67ed74fdaec6659a6534621ec8e3aaaa6f976210\"\u003e\u003ccode\u003e67ed74f\u003c/code\u003e\u003c/a\u003e Bump dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4972\"\u003e#4972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/3abd481097b54d87b574ac7ea593c3f40938a84d\"\u003e\u003ccode\u003e3abd481\u003c/code\u003e\u003c/a\u003e Upgrade mypy to version 1.20.2 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4978\"\u003e#4978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2b8725dfcac4f21d4d93cc0cc3a64a33af08f890\"\u003e\u003ccode\u003e2b8725d\u003c/code\u003e\u003c/a\u003e Drop support for EOL PyPy3.10 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003e#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2944b2a0a6c573f5548a39cfd17196f98ee21b33\"\u003e\u003ccode\u003e2944b2a\u003c/code\u003e\u003c/a\u003e Upgrade \u003ccode\u003esetup-chrome\u003c/code\u003e and \u003ccode\u003esetup-firefox\u003c/code\u003e to fix warnings (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4973\"\u003e#4973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.25.3...2.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `black` from 23.12.1 to 26.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/releases\"\u003eblack's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e26.3.1\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent Jupyter notebook magic masking collisions from corrupting cells by using\nexact-length placeholders for short magics and aborting if a placeholder can no longer\nbe unmasked safely (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlways hash cache filename components derived from \u003ccode\u003e--python-cell-magics\u003c/code\u003e so custom\nmagic names cannot affect cache paths (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003cem\u003eBlackd\u003c/em\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDisable browser-originated requests by default, add configurable origin allowlisting\nand request body limits, and bound executor submissions to improve backpressure\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/5039\"\u003e#5039\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e26.3.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't double-decode input, causing non-UTF-8 files to be corrupted (\u003ca href=\"https://redirect.github.com/psf/black/issues/4964\"\u003e#4964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash on standalone comment in lambda default arguments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4993\"\u003e#4993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve parentheses when \u003ccode\u003e# type: ignore\u003c/code\u003e comments would be merged with other\ncomments on the same line, preventing AST equivalence failures (\u003ca href=\"https://redirect.github.com/psf/black/issues/4888\"\u003e#4888\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug where \u003ccode\u003eif\u003c/code\u003e guards in \u003ccode\u003ecase\u003c/code\u003e blocks were incorrectly split when the pattern had\na trailing comma (\u003ca href=\"https://redirect.github.com/psf/black/issues/4884\"\u003e#4884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estring_processing\u003c/code\u003e crashing on unassigned long string literals with trailing\ncommas (one-item tuples) (\u003ca href=\"https://redirect.github.com/psf/black/issues/4929\"\u003e#4929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSimplify implementation of the power operator \u0026quot;hugging\u0026quot; logic (\u003ca href=\"https://redirect.github.com/psf/black/issues/4918\"\u003e#4918\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in\nfrozen environments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4930\"\u003e#4930\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce winloop for windows as an alternative to uvloop (\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove deprecated function \u003ccode\u003euvloop.install()\u003c/code\u003e in favor of \u003ccode\u003euvloop.new_event_loop()\u003c/code\u003e\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename \u003ccode\u003emaybe_install_uvloop\u003c/code\u003e function to \u003ccode\u003emaybe_use_uvloop\u003c/code\u003e to simplify loop\ninstallation and creation of either a uvloop/winloop evenloop or default eventloop\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eOutput\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/black/blob/main/CHANGES.md\"\u003eblack's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 26.3.1\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent Jupyter notebook magic masking collisions from corrupting cells by using\nexact-length placeholders for short magics and aborting if a placeholder can no longer\nbe unmasked safely (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eConfiguration\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAlways hash cache filename components derived from \u003ccode\u003e--python-cell-magics\u003c/code\u003e so custom\nmagic names cannot affect cache paths (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003cem\u003eBlackd\u003c/em\u003e\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDisable browser-originated requests by default, add configurable origin allowlisting\nand request body limits, and bound executor submissions to improve backpressure\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/5039\"\u003e#5039\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 26.3.0\u003c/h2\u003e\n\u003ch3\u003eStable style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't double-decode input, causing non-UTF-8 files to be corrupted (\u003ca href=\"https://redirect.github.com/psf/black/issues/4964\"\u003e#4964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix crash on standalone comment in lambda default arguments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4993\"\u003e#4993\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePreserve parentheses when \u003ccode\u003e# type: ignore\u003c/code\u003e comments would be merged with other\ncomments on the same line, preventing AST equivalence failures (\u003ca href=\"https://redirect.github.com/psf/black/issues/4888\"\u003e#4888\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePreview style\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug where \u003ccode\u003eif\u003c/code\u003e guards in \u003ccode\u003ecase\u003c/code\u003e blocks were incorrectly split when the pattern had\na trailing comma (\u003ca href=\"https://redirect.github.com/psf/black/issues/4884\"\u003e#4884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003estring_processing\u003c/code\u003e crashing on unassigned long string literals with trailing\ncommas (one-item tuples) (\u003ca href=\"https://redirect.github.com/psf/black/issues/4929\"\u003e#4929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSimplify implementation of the power operator \u0026quot;hugging\u0026quot; logic (\u003ca href=\"https://redirect.github.com/psf/black/issues/4918\"\u003e#4918\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePackaging\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in\nfrozen environments (\u003ca href=\"https://redirect.github.com/psf/black/issues/4930\"\u003e#4930\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePerformance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce winloop for windows as an alternative to uvloop (\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemove deprecated function \u003ccode\u003euvloop.install()\u003c/code\u003e in favor of \u003ccode\u003euvloop.new_event_loop()\u003c/code\u003e\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRename \u003ccode\u003emaybe_install_uvloop\u003c/code\u003e function to \u003ccode\u003emaybe_use_uvloop\u003c/code\u003e to simplify loop\ninstallation and creation of either a uvloop/winloop eventloop or default eventloop\n(\u003ca href=\"https://redirect.github.com/psf/black/issues/4996\"\u003e#4996\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c6755bb741b6481d6b3d3bb563c83fa060db96c9\"\u003e\u003ccode\u003ec6755bb\u003c/code\u003e\u003c/a\u003e Prepare release 26.3.1 (\u003ca href=\"https://redirect.github.com/psf/black/issues/5046\"\u003e#5046\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/69973fd6950985fbeb1090d96da717dc4d8380b0\"\u003e\u003ccode\u003e69973fd\u003c/code\u003e\u003c/a\u003e Harden blackd browser-facing request handling (\u003ca href=\"https://redirect.github.com/psf/black/issues/5039\"\u003e#5039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/4937fe6cf241139ddbfc16b0bdbb5b422798909d\"\u003e\u003ccode\u003e4937fe6\u003c/code\u003e\u003c/a\u003e Fix some shenanigans with the cache file and IPython (\u003ca href=\"https://redirect.github.com/psf/black/issues/5038\"\u003e#5038\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/2e641d174469c505d5ae905e75d4c769597e681f\"\u003e\u003ccode\u003e2e641d1\u003c/code\u003e\u003c/a\u003e docs: remove outdated Black Playground references (\u003ca href=\"https://redirect.github.com/psf/black/issues/5044\"\u003e#5044\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c014b22a2d5e0632587b47b81151658bddfa0b88\"\u003e\u003ccode\u003ec014b22\u003c/code\u003e\u003c/a\u003e Remove unused internal code (\u003ca href=\"https://redirect.github.com/psf/black/issues/5041\"\u003e#5041\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/0dae20b2d009f2f03de8696d06b0c947d3abafc9\"\u003e\u003ccode\u003e0dae20b\u003c/code\u003e\u003c/a\u003e Add new changelog (\u003ca href=\"https://redirect.github.com/psf/black/issues/5036\"\u003e#5036\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/c5c1cbddd92cecb554ac2a77a24139dd76831030\"\u003e\u003ccode\u003ec5c1cbd\u003c/code\u003e\u003c/a\u003e Minor release patches (\u003ca href=\"https://redirect.github.com/psf/black/issues/5035\"\u003e#5035\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/7e5a828c37d71b6a6666e28eed444816def6a8f4\"\u003e\u003ccode\u003e7e5a828\u003c/code\u003e\u003c/a\u003e docs: clarify relationship between Black style and PEP 8 (\u003ca href=\"https://redirect.github.com/psf/black/issues/5025\"\u003e#5025\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/69705deb8776e7c5e585668da106d1abe2cb8d77\"\u003e\u003ccode\u003e69705de\u003c/code\u003e\u003c/a\u003e docs: add clearer pyproject configuration guidance (\u003ca href=\"https://redirect.github.com/psf/black/issues/5026\"\u003e#5026\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/black/commit/35ea67920b7f6ac8e09be1c47278752b1e827f76\"\u003e\u003ccode\u003e35ea679\u003c/code\u003e\u003c/a\u003e Prepare release 26.3.0 (\u003ca href=\"https://redirect.github.com/psf/black/issues/5032\"\u003e#5032\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/black/compare/23.12.1...26.3.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2023.11.17 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2023.11.17...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.6 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pytest` from 7.4.4 to 9.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytest-dev/pytest/releases\"\u003epytest's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e9.0.3\u003c/h2\u003e\n\u003ch1\u003epytest 9.0.3 (2026-04-07)\u003c/h1\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/12444\"\u003e#12444\u003c/a\u003e: Fixed \u003ccode\u003epytest.approx\u003c/code\u003e which now correctly takes into account \u003ccode\u003e~collections.abc.Mapping\u003c/code\u003e keys order to compare them.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13634\"\u003e#13634\u003c/a\u003e: Blocking a \u003ccode\u003econftest.py\u003c/code\u003e file using the \u003ccode\u003e-p no:\u003c/code\u003e option is now explicitly disallowed.\u003c/p\u003e\n\u003cp\u003ePreviously this resulted in an internal assertion failure during plugin loading.\u003c/p\u003e\n\u003cp\u003ePytest now raises a clear \u003ccode\u003eUsageError\u003c/code\u003e explaining that conftest files are not plugins and cannot be disabled via \u003ccode\u003e-p\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13734\"\u003e#13734\u003c/a\u003e: Fixed crash when a test raises an exceptiongroup with \u003ccode\u003e__tracebackhide__ = True\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14195\"\u003e#14195\u003c/a\u003e: Fixed an issue where non-string messages passed to \u003c!-- raw HTML omitted --\u003eunittest.TestCase.subTest()\u003c!-- raw HTML omitted --\u003e were not printed.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14343\"\u003e#14343\u003c/a\u003e: Fixed use of insecure temporary directory (CVE-2025-71176).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eImproved documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13388\"\u003e#13388\u003c/a\u003e: Clarified documentation for \u003ccode\u003e-p\u003c/code\u003e vs \u003ccode\u003ePYTEST_PLUGINS\u003c/code\u003e plugin loading and fixed an incorrect \u003ccode\u003e-p\u003c/code\u003e example.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13731\"\u003e#13731\u003c/a\u003e: Clarified that capture fixtures (e.g. \u003ccode\u003ecapsys\u003c/code\u003e and \u003ccode\u003ecapfd\u003c/code\u003e) take precedence over the \u003ccode\u003e-s\u003c/code\u003e / \u003ccode\u003e--capture=no\u003c/code\u003e command-line options in \u003ccode\u003eAccessing captured output from a test function \u0026lt;accessing-captured-output\u0026gt;\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14088\"\u003e#14088\u003c/a\u003e: Clarified that the default \u003ccode\u003epytest_collection\u003c/code\u003e hook sets \u003ccode\u003esession.items\u003c/code\u003e before it calls \u003ccode\u003epytest_collection_finish\u003c/code\u003e, not after.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14255\"\u003e#14255\u003c/a\u003e: TOML integer log levels must be quoted: Updating reference documentation.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eContributor-facing changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/12689\"\u003e#12689\u003c/a\u003e: The test reports are now published to Codecov from GitHub Actions.\nThe test statistics is visible \u003ca href=\"https://app.codecov.io/gh/pytest-dev/pytest/tests\"\u003eon the web interface\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e-- by \u003ccode\u003ealeguy02\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e9.0.2\u003c/h2\u003e\n\u003ch1\u003epytest 9.0.2 (2025-12-06)\u003c/h1\u003e\n\u003ch2\u003eBug fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13896\"\u003e#13896\u003c/a\u003e: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.\u003c/p\u003e\n\u003cp\u003eYou may enable it again by passing \u003ccode\u003e-p terminalprogress\u003c/code\u003e. We may enable it by default again once compatibility improves in the future.\u003c/p\u003e\n\u003cp\u003eAdditionally, when the environment variable \u003ccode\u003eTERM\u003c/code\u003e is \u003ccode\u003edumb\u003c/code\u003e, the escape codes are no longer emitted, even if the plugin is enabled.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13904\"\u003e#13904\u003c/a\u003e: Fixed the TOML type of the \u003ccode\u003etmp_path_retention_count\u003c/code\u003e settings in the API reference from number to string.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/13946\"\u003e#13946\u003c/a\u003e: The private \u003ccode\u003econfig.inicfg\u003c/code\u003e attribute was changed in a breaking manner in pytest 9.0.0.\nDue to its usage in the ecosystem, it is now restored to working order using a compatibility shim.\nIt will be deprecated in pytest 9.1 and removed in pytest 10.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/a7d58d7a21b78581e636bbbdea13c66ad1657c1e\"\u003e\u003ccode\u003ea7d58d7\u003c/code\u003e\u003c/a\u003e Prepare release version 9.0.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/089d98199c253d8f89a040243bc4f2aa6cd5ab22\"\u003e\u003ccode\u003e089d981\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14366\"\u003e#14366\u003c/a\u003e from bluetech/revert-14193-backport\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/8127eaf4ab7f6b2fdd0dc1b38343ec97aeef05ac\"\u003e\u003ccode\u003e8127eaf\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Fix: assertrepr_compare respects dict insertion order (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14050\"\u003e#14050\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14193\"\u003e#14193\u003c/a\u003e)\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/99a7e6029e7a6e8d53e5df114b1346e035370241\"\u003e\u003ccode\u003e99a7e60\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14363\"\u003e#14363\u003c/a\u003e from pytest-dev/patchback/backports/9.0.x/95d8423bd...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/ddee02a578da30dd43aedc39c1c1f1aaadfcee95\"\u003e\u003ccode\u003eddee02a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14343\"\u003e#14343\u003c/a\u003e from bluetech/cve-2025-71176-simple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/74eac6916fee34726cb194f16c516e96fbd29619\"\u003e\u003ccode\u003e74eac69\u003c/code\u003e\u003c/a\u003e doc: Update training info (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14298\"\u003e#14298\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14301\"\u003e#14301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/f92dee777cfdb77d1c43633d02766ddf1f07c869\"\u003e\u003ccode\u003ef92dee7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14267\"\u003e#14267\u003c/a\u003e from pytest-dev/patchback/backports/9.0.x/d6fa26c62...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/7ee58acc8777c31ac6cf388d01addf5a414a7439\"\u003e\u003ccode\u003e7ee58ac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/12378\"\u003e#12378\u003c/a\u003e from Pierre-Sassoulas/fix-implicit-str-concat-and-d...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/37da870d37e3a2f5177cae075c7b9ae279432bf8\"\u003e\u003ccode\u003e37da870\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14259\"\u003e#14259\u003c/a\u003e from mitre88/patch-4 (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14268\"\u003e#14268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytest-dev/pytest/commit/c34bfa3b7acb65b594707c714f1d8461b0304eed\"\u003e\u003ccode\u003ec34bfa3\u003c/code\u003e\u003c/a\u003e Add explanation for string context diffs (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14257\"\u003e#14257\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pytest-dev/pytest/issues/14266\"\u003e#14266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytest-dev/pytest/compare/7.4.4...9.0.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.31.0 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.31.0...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `scikit-learn` from 1.3.2 to 1.5.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/scikit-learn/scikit-learn/releases\"\u003escikit-learn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eScikit-learn 1.5.0\u003c/h2\u003e\n\u003cp\u003eWe're happy to announce the 1.5.0 release.\u003c/p\u003e\n\u003cp\u003eYou can read the release highlights under \u003ca href=\"https://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html\"\u003ehttps://scikit-learn.org/stable/auto_examples/release_highlights/plot_release_highlights_1_5_0.html\u003c/a\u003e and the long version of the change log under \u003ca href=\"https://scikit-learn.org/stable/whats_new/v1.5.html\"\u003ehttps://scikit-learn.org/stable/whats_new/v1.5.html\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThis version supports Python versions 3.9 to 3.12.\u003c/p\u003e\n\u003cp\u003eYou can upgrade with pip as usual:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epip install -U scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe conda-forge builds can be installed using:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003econda install -c conda-forge scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eScikit-learn 1.4.2\u003c/h2\u003e\n\u003cp\u003eWe're happy to announce the 1.4.2 release.\u003c/p\u003e\n\u003cp\u003eThis release only includes support for numpy 2.\u003c/p\u003e\n\u003cp\u003eThis version supports Python versions 3.9 to 3.12.\u003c/p\u003e\n\u003cp\u003eYou can upgrade with pip as usual:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epip install -U scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eScikit-learn 1.4.1.post1\u003c/h2\u003e\n\u003cp\u003eWe're happy to announce the 1.4.1.post1 release.\u003c/p\u003e\n\u003cp\u003eYou can see the changelog here: \u003ca href=\"https://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1\"\u003ehttps://scikit-learn.org/stable/whats_new/v1.4.html#version-1-4-1-post1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eThis version supports Python versions 3.9 to 3.12.\u003c/p\u003e\n\u003cp\u003eYou can upgrade with pip as usual:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epip install -U scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThe conda-forge builds can be installed using:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003econda install -c conda-forge scikit-learn\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/b51d0c9648241d1fd53dc9151689f62a61633a3d\"\u003e\u003ccode\u003eb51d0c9\u003c/code\u003e\u003c/a\u003e trigger whell builder [cd build]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/919ae9bf72554a180baa3d8f4537b49c730b7580\"\u003e\u003ccode\u003e919ae9b\u003c/code\u003e\u003c/a\u003e MAINT Reoder what's new for 1.5 (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/29039\"\u003e#29039\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/0ac28ade871ca71a89a71c834a7b47829b075829\"\u003e\u003ccode\u003e0ac28ad\u003c/code\u003e\u003c/a\u003e DOC Release highlights 1.5 (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/29007\"\u003e#29007\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/729b54d5af208432f788ae7945842f0cf597bd36\"\u003e\u003ccode\u003e729b54d\u003c/code\u003e\u003c/a\u003e test py3.12 against numpy 2 [cd build]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/1e50434f18275bb8727c2a2e24cb953db143d8a5\"\u003e\u003ccode\u003e1e50434\u003c/code\u003e\u003c/a\u003e set version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/ffbe4ab45bd9a113737231721fa2f55a70f3d0ab\"\u003e\u003ccode\u003effbe4ab\u003c/code\u003e\u003c/a\u003e DOC remove obsolete SVM example (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/27108\"\u003e#27108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/4647729e5ee8c46e4fedace2d3c50c37f0a6693d\"\u003e\u003ccode\u003e4647729\u003c/code\u003e\u003c/a\u003e DOC Fix time complexity of MLP (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/28592\"\u003e#28592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/9bd7047b4a6c673bcfd2911997f124e265f8ad57\"\u003e\u003ccode\u003e9bd7047\u003c/code\u003e\u003c/a\u003e FIX convergence criterion of MeanShift (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/28951\"\u003e#28951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/b79420f1c2e82d814dec8026e96421751bfc9c96\"\u003e\u003ccode\u003eb79420f\u003c/code\u003e\u003c/a\u003e FIX add long long for int32/int64 windows compat in NumPy 2.0 (\u003ca href=\"https://redirect.github.com/scikit-learn/scikit-learn/issues/29029\"\u003e#29029\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scikit-learn/scikit-learn/commit/37f544db78503ed1a50da02cbb4f1a4e466fb0a7\"\u003e\u003ccode\u003e37f544d\u003c/code\u003e\u003c/a\u003e DOC replace pandas with Polars in examples/gaussian_process/plot_gpr_co2.py (...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/scikit-learn/scikit-learn/compare/1.3.2...1.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `setuptools` from 69.0.3 to 78.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/setuptools/blob/main/NEWS.rst\"\u003esetuptools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev78.1.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMore fully sanitized the filename in PackageIndex._download. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4946\"\u003e#4946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRestore access to _get_vc_env with a warning. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4874\"\u003e#4874\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.2\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePostponed removals of deprecated dash-separated and uppercase fields in \u003ccode\u003esetup.cfg\u003c/code\u003e.\nAll packages with deprecated configurations are advised to move before 2026. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4911\"\u003e#4911\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.1\u003c/h1\u003e\n\u003ch2\u003eMisc\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4909\"\u003e#4909\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev78.0.0\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReverted distutils changes that broke the monkey patching of command classes. (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4902\"\u003e#4902\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSetuptools no longer accepts options containing uppercase or dash characters in \u003ccode\u003esetup.cfg\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8e4868a036b7fae3208d16cb4e5fe6d63c3752df\"\u003e\u003ccode\u003e8e4868a\u003c/code\u003e\u003c/a\u003e Bump version: 78.1.0 → 78.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/100e9a61ad24d5a147ada57357425a8d40626d09\"\u003e\u003ccode\u003e100e9a6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4951\"\u003e#4951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/8faf1d7e0ca309983252e4f21837b73ee12e960f\"\u003e\u003ccode\u003e8faf1d7\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/2ca4a9fe4758fcd39d771d3d3a5b4840aacebdf7\"\u003e\u003ccode\u003e2ca4a9f\u003c/code\u003e\u003c/a\u003e Rely on re.sub to perform the decision in one expression.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/e409e8002932f2b86aae7b1abc8f8c2ebf96df2c\"\u003e\u003ccode\u003ee409e80\u003c/code\u003e\u003c/a\u003e Extract _sanitize method for sanitizing the filename.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/250a6d17978f9f6ac3ac887091f2d32886fbbb0b\"\u003e\u003ccode\u003e250a6d1\u003c/code\u003e\u003c/a\u003e Add a check to ensure the name resolves relative to the tmpdir.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d8390feaa99091d1ba9626bec0e4ba7072fc507a\"\u003e\u003ccode\u003ed8390fe\u003c/code\u003e\u003c/a\u003e Extract _resolve_download_filename with test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/4e1e89392de5cb405e7844cdc8b20fc2755dbaba\"\u003e\u003ccode\u003e4e1e893\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/3a3144f0d2887fa37c06550f42a101e9eebd953a\"\u003e\u003ccode\u003e3a3144f\u003c/code\u003e\u003c/a\u003e Fix typo: \u003ccode\u003epyproject.license\u003c/code\u003e -\u0026gt; \u003ccode\u003eproject.license\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pypa/setuptools/issues/4931\"\u003e#4931\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pypa/setuptools/commit/d751068fd2627d6d8f1729e39cbcd8119049998f\"\u003e\u003ccode\u003ed751068\u003c/code\u003e\u003c/a\u003e Fix typo: pyproject.license -\u0026gt; project.license\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pypa/setuptools/compare/v69.0.3...v78.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jupyter-ser...\n\n_Description has been truncated_\n\n---\n\n📦 This PR updates 19 Python dependencies across test requirement files, bringing packages to their latest versions with security fixes, bug fixes, and new features.\n\n\u003cdetails\u003e\n\u003csummary\u003e🔍 \u003cstrong\u003eDetailed Analysis\u003c/strong\u003e\u003c/summary\u003e\n\n### Key Changes\n- **Security Updates**: Critical security fixes in urllib3 (CVE-2026-21441), requests (CVE-2026-25645), cryptography, and jinja2 (multiple CVEs)\n- **Major Version Bumps**: Black updated from 23.12.1 to 26.3.1, pytest from 7.4.4 to 9.0.3, scikit-learn from 1.3.2 to 1.5.0\n- **Jupyter Ecosystem**: Comprehensive updates to jupyter-server (2.12.5→2.18.0), jupyterlab (4.0.11→4.5.7), notebook (7.0.7→7.5.6)\n- **Infrastructure Libraries**: urllib3 major update (1.25.3→2.7.0), setuptools (69.0.3→78.1.1), cryptography (41.0.7→46.0.7)\n\n### Technical Implementation\n```mermaid\nflowchart TD\n    A[Dependabot Scan] --\u003e B[Identify 19 Outdated Packages]\n    B --\u003e C[Security Vulnerabilities Found]\n    B --\u003e D[Feature Updates Available]\n    C --\u003e E[urllib3: Decompression bomb fixes]\n    C --\u003e F[requests: Malicious file replacement fix]\n    C --\u003e G[jinja2: Sandbox bypass fixes]\n    C --\u003e H[cryptography: Security patches]\n    D --\u003e I[Black: Jupyter notebook improvements]\n    D --\u003e J[pytest: Python 3.14 support]\n    D --\u003e K[scikit-learn: New ML features]\n    E --\u003e L[Updated Requirements Files]\n    F --\u003e L\n    G --\u003e L\n    H --\u003e L\n    I --\u003e L\n    J --\u003e L\n    K --\u003e L\n```\n\n### Impact\n- **Security Enhancement**: Addresses multiple CVEs including decompression bomb vulnerabilities, malicious file replacement, and sandbox bypass issues\n- **Compatibility Improvements**: Adds Python 3.14 support in pytest, removes deprecated features, and improves Windows compatibility\n- **Development Experience**: Enhanced Jupyter notebook support, better error messages, improved type annotations, and performance optimizations\n- **Testing Infrastructure**: Updated pytest with better async support, improved error handling, and enhanced debugging capabilities\n\n\u003c/details\u003e\n\n_Created with [Palmier](https://www.palmier.io)_","html_url":"https://github.com/GlacierEQ/uv/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/GlacierEQ%2Fuv/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","update_type":null,"path":null,"pr_created_at":"2026-05-25T01:46:04.000Z","version_change":"\u003e=3.23.1 → \u003e=4.1.0","issue":{"uuid":"4513707740","node_id":"PR_kwDOGmXyTM7e4JOh","number":136,"state":"open","title":"deps(deps): update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["automated","dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T01:46:04.000Z","updated_at":"2026-05-25T01:48:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps): update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hostcc/pyg90alarm/pull/136","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hostcc%2Fpyg90alarm/issues/136","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/136/packages"}},{"old_version":"3.5.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-05-24T19:58:20.000Z","version_change":"3.5.0 → 3.19.1","issue":{"uuid":"4512747309","node_id":"PR_kwDOQGy9FM7e1OS3","number":1,"state":"open","title":"Bump the pip group across 1 directory with 11 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T19:58:20.000Z","updated_at":"2026-05-24T19:58:43.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":11,"packages":[{"name":"certifi","old_version":"2021.5.30","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"eventlet","old_version":"0.31.1","new_version":"0.41.0","repository_url":"https://github.com/eventlet/eventlet"},{"name":"flask","old_version":"2.0.1","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"gunicorn","old_version":"20.1.0","new_version":"22.0.0","repository_url":"https://github.com/benoitc/gunicorn"},{"name":"idna","old_version":"3.2","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"3.0.1","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"python-socketio","old_version":"5.4.0","new_version":"5.14.0","repository_url":"https://github.com/miguelgrinberg/python-socketio"},{"name":"requests","old_version":"2.26.0","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"},{"name":"urllib3","old_version":"1.26.6","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"2.0.1","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"zipp","old_version":"3.5.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 11 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2021.5.30` | `2024.7.4` |\n| [eventlet](https://github.com/eventlet/eventlet) | `0.31.1` | `0.41.0` |\n| [flask](https://github.com/pallets/flask) | `2.0.1` | `3.1.3` |\n| [gunicorn](https://github.com/benoitc/gunicorn) | `20.1.0` | `22.0.0` |\n| [idna](https://github.com/kjd/idna) | `3.2` | `3.15` |\n| [jinja2](https://github.com/pallets/jinja) | `3.0.1` | `3.1.6` |\n| [python-socketio](https://github.com/miguelgrinberg/python-socketio) | `5.4.0` | `5.14.0` |\n| [requests](https://github.com/psf/requests) | `2.26.0` | `2.33.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.6` | `2.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.0.1` | `3.1.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.5.0` | `3.19.1` |\n\n\nUpdates `certifi` from 2021.5.30 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2021.05.30...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `eventlet` from 0.31.1 to 0.41.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/eventlet/eventlet/blob/master/NEWS\"\u003eeventlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e0.41.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eSwitch to 3.14 for testing (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1086\"\u003e#1086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop 3.9 support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1085\"\u003e#1085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMore visible deprecation (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1077\"\u003e#1077\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.4\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRemove legacy setuptools configuration files (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1072\"\u003e#1072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd 3.14 to supported versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1070\"\u003e#1070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEmit warning on startup that eventlet is deprecated (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1065\"\u003e#1065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix Python 3.14 on macOS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1067\"\u003e#1067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWorkaround for \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1068\"\u003e#1068\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1069\"\u003e#1069\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.3\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[SECURITY] Fix request smuggling vulnerability by discarding trailers (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1062\"\u003e#1062\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.2\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility issues identified with Python 3.14 on Linux (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1058\"\u003e#1058\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake database removal safer with IF EXISTS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1056\"\u003e#1056\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrepare jobs and CI/CD for python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1055\"\u003e#1055\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.1\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] \u0026quot;Fix\u0026quot; fork() so it \u0026quot;works\u0026quot; on Python 3.13, and \u0026quot;works\u0026quot; better on older Python versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1047\"\u003e#1047\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eBehavior change: threads created by eventlet.green.threading.Thread and threading.Thead will be visible across both modules if monkey patching was used. Previously each module would only list threads created in that module.\u003c/li\u003e\n\u003cli\u003eBug fix: after fork(), greenlet threads are correctly listed in threading.enumerate() if monkey patching was used. You should not use fork()-without-execve().\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e[fix] Fix patching of removed URLopener class in Python 3.14 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1053\"\u003e#1053\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] ReferenceError except while count rlock (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1042\"\u003e#1042\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.utcfromtimestamp (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1050\"\u003e#1050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix][env] Remove duplicate steps (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1049\"\u003e#1049\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] Replace deprecated datetime.datetime.utcnow (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1046\"\u003e#1046\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.40.0\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e[fix] Fix ssl test when linking against openssl 3.5 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1034\"\u003e#1034\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop support Python 3.8 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1021\"\u003e#1021\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[doc] Various doc updates (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/981\"\u003e#981\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1033\"\u003e#1033\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[env] Drop PyPy support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1035\"\u003e#1035\u003c/a\u003e \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1037\"\u003e#1037\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e0.39.1\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/5ec4b6dcd2e5bb41c63743bd59dedbce4a9c5381\"\u003e\u003ccode\u003e5ec4b6d\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.41.0 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1088\"\u003e#1088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/6de7dbbd71585e34ccbec99d220606febb286bb8\"\u003e\u003ccode\u003e6de7dbb\u003c/code\u003e\u003c/a\u003e Switch to 3.14 for testing, fix problems found along the way. (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1086\"\u003e#1086\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/1ea81d9fbf12ce62a818ff9125ca14593c5506a7\"\u003e\u003ccode\u003e1ea81d9\u003c/code\u003e\u003c/a\u003e Drop 3.9 support (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1085\"\u003e#1085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/62662af7002b531bed608c7dd73d81943ff638c9\"\u003e\u003ccode\u003e62662af\u003c/code\u003e\u003c/a\u003e More visible deprecation (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1077\"\u003e#1077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/f3254a1b401714f6dfdffa5045d25a4d36c76c06\"\u003e\u003ccode\u003ef3254a1\u003c/code\u003e\u003c/a\u003e Update changelog for version 0.40.4 (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1074\"\u003e#1074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/8cb20296f3455a1836cdbcbf1d3545666ee7f867\"\u003e\u003ccode\u003e8cb2029\u003c/code\u003e\u003c/a\u003e Remove legacy setuptools configuration files (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1072\"\u003e#1072\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/220f82d843c0a57c267e77f0cc437e0b43be1cca\"\u003e\u003ccode\u003e220f82d\u003c/code\u003e\u003c/a\u003e add 3.14 to supported versions (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1070\"\u003e#1070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/01a3da5f9b552c7d58eb6de829d33f522d4b04cf\"\u003e\u003ccode\u003e01a3da5\u003c/code\u003e\u003c/a\u003e Emit warning on startup that eventlet is deprecated (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1065\"\u003e#1065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/1b2b959da1257dccd23956fda43d03dc6a28ca16\"\u003e\u003ccode\u003e1b2b959\u003c/code\u003e\u003c/a\u003e Fix Python 3.14 on macOS (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1067\"\u003e#1067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eventlet/eventlet/commit/d8bf4659cd8b178949cc2b1485b337d46bae6532\"\u003e\u003ccode\u003ed8bf465\u003c/code\u003e\u003c/a\u003e Workaround for \u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1068\"\u003e#1068\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/eventlet/eventlet/issues/1069\"\u003e#1069\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/eventlet/eventlet/compare/v0.31.1...0.41.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 2.0.1 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/2.0.1...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `gunicorn` from 20.1.0 to 22.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benoitc/gunicorn/releases\"\u003egunicorn's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eGunicorn 22.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 22.0.0 has been released.\u003c/strong\u003e This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e22.0.0 - 2024-04-17\r\n===================\r\n\u003cul\u003e\n\u003cli\u003euse \u003ccode\u003eutime\u003c/code\u003e to notify workers liveness\u003c/li\u003e\n\u003cli\u003emigrate setup to pyproject.toml\u003c/li\u003e\n\u003cli\u003efix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)\u003c/li\u003e\n\u003cli\u003eparsing additional requests is no longer attempted past unsupported request framing\u003c/li\u003e\n\u003cli\u003eon HTTP versions \u0026lt; 1.1 support for chunked transfer is refused (only used in exploits)\u003c/li\u003e\n\u003cli\u003erequests conflicting configured or passed SCRIPT_NAME now produce a verbose error\u003c/li\u003e\n\u003cli\u003eTrailer fields are no longer inspected for headers indicating secure scheme\u003c/li\u003e\n\u003cli\u003esupport Python 3.12\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** Breaking changes **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eminimum version is Python 3.7\u003c/li\u003e\n\u003cli\u003ethe limitations on valid characters in the HTTP method have been bounded to Internet Standards\u003c/li\u003e\n\u003cli\u003erequests specifying unsupported transfer coding (order) are refused by default (rare)\u003c/li\u003e\n\u003cli\u003eHTTP methods are no longer casefolded by default (IANA method registry contains none affected)\u003c/li\u003e\n\u003cli\u003eHTTP methods containing the number sign (#) are no longer accepted by default (rare)\u003c/li\u003e\n\u003cli\u003eHTTP versions \u0026lt; 1.0 or \u0026gt;= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)\u003c/li\u003e\n\u003cli\u003eHTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted\u003c/li\u003e\n\u003cli\u003eHTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software\u003c/li\u003e\n\u003cli\u003eHTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)\u003c/li\u003e\n\u003cli\u003erequests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)\u003c/li\u003e\n\u003cli\u003eempty transfer codings are no longer permitted (reportedly seen with really old \u0026amp; broken proxies)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e** SECURITY **\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003efix CVE-2024-1135\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003col\u003e\n\u003cli\u003eDocumentation is available there: \u003ca href=\"https://docs.gunicorn.org/en/stable/news.html\"\u003ehttps://docs.gunicorn.org/en/stable/news.html\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePackages: \u003ca href=\"https://pypi.org/project/gunicorn/\"\u003ehttps://pypi.org/project/gunicorn/\u003c/a\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eGunicorn 21.2.0 has been released\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eGunicorn 21.2.0 has been released.\u003c/strong\u003e This version fix the issue introduced in the threaded worker.\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e21.2.0 - 2023-07-19\r\n===================\r\nfix thread worker: revert change considering connection as idle .\r\n\u0026lt;/tr\u0026gt;\u0026lt;/table\u0026gt; \n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/f63d59e4d73a8ee28748d2c700fb81c8780bc419\"\u003e\u003ccode\u003ef63d59e\u003c/code\u003e\u003c/a\u003e bump to 22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/4ac81e0a1037ba5b570323be7430e09caa233e38\"\u003e\u003ccode\u003e4ac81e0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3175\"\u003e#3175\u003c/a\u003e from e-kwsm/typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/401cecfaed85d79236c7a9a1f7d8946b01c466fc\"\u003e\u003ccode\u003e401cecf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3179\"\u003e#3179\u003c/a\u003e from dhdaines/exclude-eventlet-0360\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/0243ec39ef4fc1b479ff4e1659e165f0b980b571\"\u003e\u003ccode\u003e0243ec3\u003c/code\u003e\u003c/a\u003e fix(deps): exclude eventlet 0.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/628a0bcb61ef3a211d67dfd68ad1ba161cccb3b8\"\u003e\u003ccode\u003e628a0bc\u003c/code\u003e\u003c/a\u003e chore: fix typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/88fc4a43152039c28096c8ba3eeadb3fbaa4aff9\"\u003e\u003ccode\u003e88fc4a4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/benoitc/gunicorn/issues/3131\"\u003e#3131\u003c/a\u003e from pajod/patch-py12-rebased\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/deae2fc4c5f93bfce59be5363055d4cd4ab1b0b6\"\u003e\u003ccode\u003edeae2fc\u003c/code\u003e\u003c/a\u003e CI: back off the agressive timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/f4703824c323fe6867dce0e2f11013b8de319353\"\u003e\u003ccode\u003ef470382\u003c/code\u003e\u003c/a\u003e docs: promise 3.12 compat\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/5e30bfa6b1a3e1f2bde7feb514d1734d28f39231\"\u003e\u003ccode\u003e5e30bfa\u003c/code\u003e\u003c/a\u003e add changelog to project.urls (updated for PEP621)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benoitc/gunicorn/commit/481c3f9522edc58806a3efc5b49be4f202cc7700\"\u003e\u003ccode\u003e481c3f9\u003c/code\u003e\u003c/a\u003e remove setup.cfg - overridden by pyproject.toml\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/benoitc/gunicorn/compare/20.1.0...22.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.2 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.2...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.0.1 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.0.1...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-socketio` from 5.4.0 to 5.14.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/releases\"\u003epython-socketio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 5.14.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.13.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.12.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.12.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.4\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.3\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.11.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.10.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.9.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGES.md\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.8.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.7.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.7.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.7.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.6.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003ch2\u003eRelease 5.5.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003eCHANGE.LOG\u003c/a\u003e for release notes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/blob/main/CHANGES.md\"\u003epython-socketio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003epython-socketio change log\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.16.2\u003c/strong\u003e - 2026-05-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent unnecessary resource allocations \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1574\"\u003e#1574\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/ca140fe44d0ceb3004073645222abec182d8784b\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd zizmor to CI builds \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1570\"\u003e#1570\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/664dc27ec6f34179ed1724430eda3520627fc642\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.16.1\u003c/strong\u003e - 2026-02-06\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse configured JSON module in managers \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1549\"\u003e#1549\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/6229261ae6e8c01e675097242e333ee84587a544\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdmin UI fixes: remove duplicate tasks, report transport upgrades (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/1c2eab13a92fac9e43663eb0b5f099eb1c40ea5b\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSwitch to Furo documentation template (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/add47d8c7abca697a2804141bbf29bfb095f7d5e\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd Python free-threading to CI \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1554\"\u003e#1554\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/ccdd2004a038ae4b8171a05120c5d0787332f7ee\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.16.0\u003c/strong\u003e - 2025-12-24\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAddress deprecation warnings (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/b235699d9b06564753c570b76055997e9d62a938\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop Python 3.8 and 3.9 from CI builds (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/d0728d2f74538762dd551fa9cd0cd1fd5aedfa37\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.15.1\u003c/strong\u003e - 2025-12-16\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore support multiple arguments via pubsub emits \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1540\"\u003e#1540\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/c279f26bb8c9887c4ca99d4d81ad331c4844438c\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.15.0\u003c/strong\u003e - 2025-11-22\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRetry initial Redis connection \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1536\"\u003e#1534\u003c/a\u003e ([commit \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1\"\u003e#1\u003c/a\u003e](\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/1e903e173a2d7b04599c4f7f9630c1abbb531fad\"\u003ehttps://github.com/miguelgrinberg/python-socketio/commit/1e903e173a2d7b04599c4f7f9630c1abbb531fad\u003c/a\u003e) [commit \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/2\"\u003e#2\u003c/a\u003e](\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/5e898a9b93526e6e667767e54c60f4c84589989d\"\u003ehttps://github.com/miguelgrinberg/python-socketio/commit/5e898a9b93526e6e667767e54c60f4c84589989d\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eCorrectly regenerate RabbitMQ binding after a connection failure \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1516\"\u003e#1516\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/c52e93b4a328d98a968bfbdec0cfd598b73ee913\"\u003ecommit\u003c/a\u003e) (thanks \u003cstrong\u003eGritty_dev\u003c/strong\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003eext_type\u003c/code\u003e in the \u003ccode\u003eMsgPackPacket\u003c/code\u003e class \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1521\"\u003e#1521\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/208925344a48485d2cd56e40eb74266c3bcb5311\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport sending \u003ccode\u003ebytesarray\u003c/code\u003es when using pub/sub managers (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/6c9b9974f72e2efdf62407ecab24ee6995448098\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix typos in documentation \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1520\"\u003e#1520\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/db3f1c2a0105c30cb833ddfca8f05fe4320468fd\"\u003ecommit\u003c/a\u003e) (thanks \u003cstrong\u003eLê Nam Khánh\u003c/strong\u003e!)\u003c/li\u003e\n\u003cli\u003eImprovements to the logging documentation (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/b423d0e38eef559b7e81acb7e32059de305f982c\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.3\u003c/strong\u003e - 2025-10-29\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport Python's native \u003ccode\u003eConnectionRefusedError\u003c/code\u003e exception to reject a connection \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1515\"\u003e#1515\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/f3b18bde3f16437b223491d4c3e440ea37105fe3\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePush binary data to the aiopika client manager \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1514\"\u003e#1514\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/194e1b7f277b5f72e1de78d3f614e7b8b6c788ac\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.2\u003c/strong\u003e - 2025-10-15\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore binary message support in message queue setups \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1509\"\u003e#1509\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/bab4a10f48aaae11d7f832ebe5c30ad3f85d31b3\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix formatting of client connection error \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1507\"\u003e#1507\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/f298c9b54d76ab09ff72935937e1b9575bc45ffd\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd 3.14 and pypy-3.11 CI tasks (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/1f4cd3b025c294f25208ec3c05b5f8df6209e403\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove documentation of the \u003ccode\u003eBaseManager.get_participants()\u003c/code\u003e method (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/33722a0d96036f005188b07b8b46a5ef091fe65f\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.1\u003c/strong\u003e - 2025-10-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRestore support for \u003ccode\u003erediss://\u003c/code\u003e URLs, and add support for \u003ccode\u003evalkeys://\u003c/code\u003e as well (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/6e2d0de12bb4e4a99fdfc30bed0706ded620822c\"\u003ecommit\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for Redis connections using unix sockets \u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1503\"\u003e#1503\u003c/a\u003e (\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/a8deb3a8f3ee51d75c124157efa7fc9289fd592b\"\u003ecommit\u003c/a\u003e) (thanks \u003cstrong\u003eDarren Chang\u003c/strong\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRelease 5.14.0\u003c/strong\u003e - 2025-09-30\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/400200e00625a49796b84baa44a09cd711fabe50\"\u003e\u003ccode\u003e400200e\u003c/code\u003e\u003c/a\u003e Release 5.14.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/53f6be094257ed81476b0e212c8cddd6d06ca39a\"\u003e\u003ccode\u003e53f6be0\u003c/code\u003e\u003c/a\u003e Replace pickle with json (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1502\"\u003e#1502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/a59c6f520059eb095ab4472e5192ce3e486875d9\"\u003e\u003ccode\u003ea59c6f5\u003c/code\u003e\u003c/a\u003e Fix: SimpleClient.call does not raise TimeoutError on timeout (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1501\"\u003e#1501\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/f61e0bec3750a83de619db9b779f9d93e449eade\"\u003e\u003ccode\u003ef61e0be\u003c/code\u003e\u003c/a\u003e wait for client to end background tasks on disconnect (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1500\"\u003e#1500\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/23556fb3dcb37074020494df40fb4495d47e7efe\"\u003e\u003ccode\u003e23556fb\u003c/code\u003e\u003c/a\u003e Fixed transport property of the simple clients to be a string as documented (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/e59acf146550d5c07f530a4766dfdfffda21e20c\"\u003e\u003ccode\u003ee59acf1\u003c/code\u003e\u003c/a\u003e Address failures of test suite on Mac (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1497\"\u003e#1497\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/36a89226a2fb18f876dcba48125a8c51904586ec\"\u003e\u003ccode\u003e36a8922\u003c/code\u003e\u003c/a\u003e Add support for valkey in the Redis client managers (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1488\"\u003e#1488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/5dc2aea077469ad318e47b28a84845c5efb6bdcf\"\u003e\u003ccode\u003e5dc2aea\u003c/code\u003e\u003c/a\u003e keep track of which namespaces failed to connect (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1496\"\u003e#1496\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/b3da354ed9eb46c0fb847c628b379ccae475a970\"\u003e\u003ccode\u003eb3da354\u003c/code\u003e\u003c/a\u003e Add message queue deployment recommendations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/miguelgrinberg/python-socketio/commit/3625fe821debf33e5430bff6375ec85056a5d95f\"\u003e\u003ccode\u003e3625fe8\u003c/code\u003e\u003c/a\u003e Bump eventlet from 0.35.2 to 0.40.3 in /examples/server/wsgi (\u003ca href=\"https://redirect.github.com/miguelgrinberg/python-socketio/issues/1491\"\u003e#1491\u003c/a\u003e) #nolog\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/miguelgrinberg/python-socketio/compare/v5.4.0...v5.14.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.26.0 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.26.0...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.6 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable m...\n\n_Description has been truncated_","html_url":"https://github.com/thaliamontreux/OvenSpace/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/thaliamontreux%2FOvenSpace/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.23.1","new_version":"4.1.0","update_type":"major","path":null,"pr_created_at":"2026-05-23T02:34:22.000Z","version_change":"3.23.1 → 4.1.0","issue":{"uuid":"4506565730","node_id":"PR_kwDOSlaxQ87eiswO","number":12,"state":"open","title":"Bump zipp from 3.23.1 to 4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T02:34:22.000Z","updated_at":"2026-05-23T02:34:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.1 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.1\u0026new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/nludd25/openvino/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nludd25%2Fopenvino/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"3.15.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-05-21T02:19:12.000Z","version_change":"3.15.0 → 3.19.1","issue":{"uuid":"4491187680","node_id":"PR_kwDOSSwFHc7dw07M","number":3,"state":"closed","title":"Bump the pip group across 23 directories with 8 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T02:22:30.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-21T02:19:12.000Z","updated_at":"2026-05-21T02:22:32.000Z","time_to_close":198,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":8,"packages":[{"name":"jinja2","old_version":"3.1.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"flask","old_version":"2.2.5","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"werkzeug","old_version":"2.2.3","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"cryptography","old_version":"42.0.5","new_version":"46.0.7","repository_url":"https://github.com/pyca/cryptography"},{"name":"pillow","old_version":"9.5.0","new_version":"12.2.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"zipp","old_version":"3.15.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 2 updates in the /benchmarks/XBEN-005-24/app directory: [idna](https://github.com/kjd/idna) and [jinja2](https://github.com/pallets/jinja).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-007-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-021-24/app directory: [idna](https://github.com/kjd/idna) and [jinja2](https://github.com/pallets/jinja).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-058-24/app directory: [idna](https://github.com/kjd/idna) and [jinja2](https://github.com/pallets/jinja).\nBumps the pip group with 1 update in the /benchmarks/XBEN-062-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-063-24/app/website directory: [flask](https://github.com/pallets/flask) and [pymysql](https://github.com/PyMySQL/PyMySQL).\nBumps the pip group with 1 update in the /benchmarks/XBEN-064-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-065-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-068-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-070-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-073-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-074-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 2 updates in the /benchmarks/XBEN-076-24/ssti-demo-app directory: [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 1 update in the /benchmarks/XBEN-082-24/api directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-082-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-087-24/src directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-089-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 4 updates in the /benchmarks/XBEN-091-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask), [werkzeug](https://github.com/pallets/werkzeug) and [cryptography](https://github.com/pyca/cryptography).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-094-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 3 updates in the /benchmarks/XBEN-100-24/app directory: [jinja2](https://github.com/pallets/jinja), [flask](https://github.com/pallets/flask) and [werkzeug](https://github.com/pallets/werkzeug).\nBumps the pip group with 6 updates in the /benchmarks/XBEN-101-24/app directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.3` | `3.1.6` |\n| [flask](https://github.com/pallets/flask) | `2.2.5` | `3.1.3` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.2.3` | `3.1.6` |\n| [cryptography](https://github.com/pyca/cryptography) | `42.0.5` | `46.0.7` |\n| [pillow](https://github.com/python-pillow/Pillow) | `9.5.0` | `12.2.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.15.0` | `3.19.1` |\n\nBumps the pip group with 1 update in the /benchmarks/XBEN-102-24/app directory: [flask](https://github.com/pallets/flask).\nBumps the pip group with 1 update in the /benchmarks/XBEN-103-24/app directory: [flask](https://github.com/pallets/flask).\n\nUpdates `idna` from 3.7 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.4 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.4...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.4 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.4...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 3.0.3 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/3.0.3...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 3.0.3 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.6 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in multi-segment paths. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x\"\u003eGHSA-29vq-49wr-vm6x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/43?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/43?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless of extension or surrounding spaces. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-87hc-h4r5-73f7\"\u003eGHSA-87hc-h4r5-73f7\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3077\"\u003e#3077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with \u003ccode\u003epin_security=False\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3075\"\u003e#3075\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/42?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/42?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents reading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e already prevented writing to these. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2\"\u003eghsa-hgf8-39gv-g3f2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3020\"\u003e#3020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3054\"\u003e#3054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3067\"\u003e#3067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available source lines. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3044\"\u003e#3044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the distinction between WSGI and sans-IO responses. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3056\"\u003e#3056\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/41?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/41?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts \u003ccode\u003elist\u003c/code\u003e, \u003ccode\u003etuple\u003c/code\u003e, or \u003ccode\u003eset\u003c/code\u003e when passing multiple values. It had been changed to accept any \u003ccode\u003eCollection\u003c/code\u003e, but this matched types that should be treated as single values, such as \u003ccode\u003ebytes\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2994\"\u003e#2994\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the \u003ccode\u003eHost\u003c/code\u003e header is not set and \u003ccode\u003eRequest.host\u003c/code\u003e falls back to the WSGI \u003ccode\u003eSERVER_NAME\u003c/code\u003e value, if that value is an IPv6 address it is wrapped in \u003ccode\u003e[]\u003c/code\u003e to match the \u003ccode\u003eHost\u003c/code\u003e header. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2993\"\u003e#2993\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.2/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in\nmulti-segment paths. :ghsa:\u003ccode\u003e29vq-49wr-vm6x\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.make_conditional\u003c/code\u003e sets the \u003ccode\u003eAccept-Ranges\u003c/code\u003e header even if it\nis not a satisfiable range request. :issue:\u003ccode\u003e3108\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2026-01-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless\nof extension or surrounding spaces. :ghsa:\u003ccode\u003e87hc-h4r5-73f7\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\nThis fixes the previous attempt, which caused incorrect content lengths.\n:issue:\u003ccode\u003e3065\u003c/code\u003e :issue:\u003ccode\u003e3077\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with\n\u003ccode\u003epin_security=False\u003c/code\u003e. :issue:\u003ccode\u003e3075\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.4\u003c/h2\u003e\n\u003cp\u003eReleased 2025-11-28\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents\nreading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e\nalready prevented writing to these. :ghsa:\u003ccode\u003ehgf8-39gv-g3f2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. :pr:\u003ccode\u003e3020\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\n:issue:\u003ccode\u003e3065\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. :issue:\u003ccode\u003e3054\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. :issue:\u003ccode\u003e3067\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available\nsource lines. :issue:\u003ccode\u003e3044\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the\ndistinction between WSGI and sans-IO responses. :issue:\u003ccode\u003e3056\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/04da1b5221b7a7b57e82246e4b5741d37a6b2e56\"\u003e\u003ccode\u003e04da1b5\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d\"\u003e\u003ccode\u003ef407712\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f54fe98026253e70fbbcd35a6b52fb67cfff1c03\"\u003e\u003ccode\u003ef54fe98\u003c/code\u003e\u003c/a\u003e safe_join prevents Windows special device names in multi-segment paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/d005985ef69ffe3275eda8fb6fb25e074dbe871b\"\u003e\u003ccode\u003ed005985\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8565c2cbd6681ae8463e77d4fc0795324a7fdae7\"\u003e\u003ccode\u003e8565c2c\u003c/code\u003e\u003c/a\u003e document rule priority (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3102\"\u003e#3102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/3febc7e90072bffe04c27e6b7478dfc4f88930df\"\u003e\u003ccode\u003e3febc7e\u003c/code\u003e\u003c/a\u003e document rule priority\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2525b827646c10ab7adb334664e6a4af1b769181\"\u003e\u003ccode\u003e2525b82\u003c/code\u003e\u003c/a\u003e remove state machine docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/4abfbd553cdeb6d4e6fa693340d52b13c884079f\"\u003e\u003ccode\u003e4abfbd5\u003c/code\u003e\u003c/a\u003e rewrite build docstring (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3097\"\u003e#3097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/161c18b2a8800ae6ef377fb3cbdb933a878fea67\"\u003e\u003ccode\u003e161c18b\u003c/code\u003e\u003c/a\u003e rewrite build docstring\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/86e11c29e44726dae524cd9db11549b3b1ad681d\"\u003e\u003ccode\u003e86e11c2\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3085\"\u003e#3085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/3.0.3...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.7 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.14\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.13\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.12\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.10\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.9\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression where IDNAError exception was not being produced for certain inputs.\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.13, drop support for Python 3.5 as it is no longer testable.\u003c/li\u003e\n\u003cli\u003eDocumentation improvements\u003c/li\u003e\n\u003cli\u003eUpdates to package testing using Github actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Hugo van Kemenade for contributions to this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.8\"\u003ehttps://github.com/kjd/idna/compare/v3.7...v3.8\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003ch2\u003e3.11 (2025-10-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 16.0.0, including significant changes to UTS46\nprocessing. As a result of Unicode ending support for it, transitional\nprocessing no longer has an effect and returns the same result.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.7...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.4 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filte...\n\n_Description has been truncated_","html_url":"https://github.com/pellera9/validation-benchmarks/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pellera9%2Fvalidation-benchmarks/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.23.1","new_version":"4.1.0","update_type":"major","path":null,"pr_created_at":"2026-05-20T23:16:22.000Z","version_change":"3.23.1 → 4.1.0","issue":{"uuid":"4490521659","node_id":"PR_kwDOA-eq3c7duv0Y","number":2444,"state":"open","title":"Bump the pip group across 2 directories with 2 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T23:16:22.000Z","updated_at":"2026-05-21T00:54:24.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":2,"packages":[{"name":"requests","old_version":"2.34.1","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"requests","old_version":"2.34.1","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 1 update in the /.github/workflows directory: [requests](https://github.com/psf/requests).\nBumps the pip group with 2 updates in the /scripts/copy_from_upstream directory: [requests](https://github.com/psf/requests) and [zipp](https://github.com/jaraco/zipp).\n\nUpdates `requests` from 2.34.1 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/psf/requests/compare/v2.34.1...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.34.1 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/psf/requests/compare/v2.34.1...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.23.1 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/open-quantum-safe/liboqs/pull/2444","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/open-quantum-safe%2Fliboqs/issues/2444","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2444/packages"}},{"old_version":"3.12.1","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-05-20T23:09:09.000Z","version_change":"3.12.1 → 3.19.1","issue":{"uuid":"4490491521","node_id":"PR_kwDOJusBKM7dupxH","number":1,"state":"open","title":"Bump the pip group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T23:09:09.000Z","updated_at":"2026-05-20T23:10:42.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":5,"packages":[{"name":"flask","old_version":"2.2.2","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"jinja2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"werkzeug","old_version":"2.2.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"zipp","old_version":"3.12.1","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"},{"name":"requests","old_version":"2.25.1","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 5 updates in the /docker-app directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [flask](https://github.com/pallets/flask) | `2.2.2` | `3.1.3` |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.6` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.2.2` | `3.1.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.12.1` | `3.19.1` |\n| [requests](https://github.com/psf/requests) | `2.25.1` | `2.33.0` |\n\n\nUpdates `flask` from 2.2.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/2.2.2...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `werkzeug` from 2.2.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/releases\"\u003ewerkzeug's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.6 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.6/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in multi-segment paths. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x\"\u003eGHSA-29vq-49wr-vm6x\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.5/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/43?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/43?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless of extension or surrounding spaces. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-87hc-h4r5-73f7\"\u003eGHSA-87hc-h4r5-73f7\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3077\"\u003e#3077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with \u003ccode\u003epin_security=False\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3075\"\u003e#3075\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.4/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\"\u003ehttps://werkzeug.palletsprojects.com/page/changes/#version-3-1-4\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/42?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/42?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents reading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e already prevented writing to these. \u003ca href=\"https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2\"\u003eghsa-hgf8-39gv-g3f2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3020\"\u003e#3020\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3065\"\u003e#3065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3054\"\u003e#3054\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3067\"\u003e#3067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available source lines. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3044\"\u003e#3044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the distinction between WSGI and sans-IO responses. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3056\"\u003e#3056\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.3/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/werkzeug/milestone/41?closed=1\"\u003ehttps://github.com/pallets/werkzeug/milestone/41?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts \u003ccode\u003elist\u003c/code\u003e, \u003ccode\u003etuple\u003c/code\u003e, or \u003ccode\u003eset\u003c/code\u003e when passing multiple values. It had been changed to accept any \u003ccode\u003eCollection\u003c/code\u003e, but this matched types that should be treated as single values, such as \u003ccode\u003ebytes\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2994\"\u003e#2994\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen the \u003ccode\u003eHost\u003c/code\u003e header is not set and \u003ccode\u003eRequest.host\u003c/code\u003e falls back to the WSGI \u003ccode\u003eSERVER_NAME\u003c/code\u003e value, if that value is an IPv6 address it is wrapped in \u003ccode\u003e[]\u003c/code\u003e to match the \u003ccode\u003eHost\u003c/code\u003e header. \u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/2993\"\u003e#2993\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Werkzeug 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes vs 3.1.0.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Werkzeug/3.1.2/\"\u003ehttps://pypi.org/project/Werkzeug/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\"\u003ehttps://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/werkzeug/blob/main/CHANGES.rst\"\u003ewerkzeug's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special devices names in\nmulti-segment paths. :ghsa:\u003ccode\u003e29vq-49wr-vm6x\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.make_conditional\u003c/code\u003e sets the \u003ccode\u003eAccept-Ranges\u003c/code\u003e header even if it\nis not a satisfiable range request. :issue:\u003ccode\u003e3108\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2026-01-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow more special device names, regardless\nof extension or surrounding spaces. :ghsa:\u003ccode\u003e87hc-h4r5-73f7\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\nThis fixes the previous attempt, which caused incorrect content lengths.\n:issue:\u003ccode\u003e3065\u003c/code\u003e :issue:\u003ccode\u003e3077\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eAttributeError\u003c/code\u003e when initializing \u003ccode\u003eDebuggedApplication\u003c/code\u003e with\n\u003ccode\u003epin_security=False\u003c/code\u003e. :issue:\u003ccode\u003e3075\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.4\u003c/h2\u003e\n\u003cp\u003eReleased 2025-11-28\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esafe_join\u003c/code\u003e on Windows does not allow special device names. This prevents\nreading from these when using \u003ccode\u003esend_from_directory\u003c/code\u003e. \u003ccode\u003esecure_filename\u003c/code\u003e\nalready prevented writing to these. :ghsa:\u003ccode\u003ehgf8-39gv-g3f2\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe debugger pin fails after 10 attempts instead of 11. :pr:\u003ccode\u003e3020\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe multipart form parser handles a \u003ccode\u003e\\r\\n\u003c/code\u003e sequence at a chunk boundary.\n:issue:\u003ccode\u003e3065\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove CPU usage during Watchdog reloader. :issue:\u003ccode\u003e3054\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.json\u003c/code\u003e annotation is more accurate. :issue:\u003ccode\u003e3067\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTraceback rendering handles when the line number is beyond the available\nsource lines. :issue:\u003ccode\u003e3044\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eHTTPException.get_response\u003c/code\u003e annotation and doc better conveys the\ndistinction between WSGI and sans-IO responses. :issue:\u003ccode\u003e3056\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-08\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eInitial data passed to \u003ccode\u003eMultiDict\u003c/code\u003e and similar interfaces only accepts\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/04da1b5221b7a7b57e82246e4b5741d37a6b2e56\"\u003e\u003ccode\u003e04da1b5\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d\"\u003e\u003ccode\u003ef407712\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/f54fe98026253e70fbbcd35a6b52fb67cfff1c03\"\u003e\u003ccode\u003ef54fe98\u003c/code\u003e\u003c/a\u003e safe_join prevents Windows special device names in multi-segment paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/d005985ef69ffe3275eda8fb6fb25e074dbe871b\"\u003e\u003ccode\u003ed005985\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/8565c2cbd6681ae8463e77d4fc0795324a7fdae7\"\u003e\u003ccode\u003e8565c2c\u003c/code\u003e\u003c/a\u003e document rule priority (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3102\"\u003e#3102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/3febc7e90072bffe04c27e6b7478dfc4f88930df\"\u003e\u003ccode\u003e3febc7e\u003c/code\u003e\u003c/a\u003e document rule priority\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/2525b827646c10ab7adb334664e6a4af1b769181\"\u003e\u003ccode\u003e2525b82\u003c/code\u003e\u003c/a\u003e remove state machine docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/4abfbd553cdeb6d4e6fa693340d52b13c884079f\"\u003e\u003ccode\u003e4abfbd5\u003c/code\u003e\u003c/a\u003e rewrite build docstring (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3097\"\u003e#3097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/161c18b2a8800ae6ef377fb3cbdb933a878fea67\"\u003e\u003ccode\u003e161c18b\u003c/code\u003e\u003c/a\u003e rewrite build docstring\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/werkzeug/commit/86e11c29e44726dae524cd9db11549b3b1ad681d\"\u003e\u003ccode\u003e86e11c2\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/werkzeug/issues/3085\"\u003e#3085\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/werkzeug/compare/2.2.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.12.1 to 3.19.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.19.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved handling of malformed zip files. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/119\"\u003e#119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.19.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImplement is_symlink. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/117\"\u003e#117\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.18.2\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.1\u003c/h1\u003e\n\u003cp\u003eNo significant changes.\u003c/p\u003e\n\u003ch1\u003ev3.18.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBypass ZipFile.namelist in glob for better performance. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/106\"\u003e#106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRefactored glob functionality to support a more generalized solution with support for platform-specific path separators. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/108\"\u003e#108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd special accounting for pypy when computing the stack level for text encoding warnings. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.17.0\u003c/h1\u003e\n\u003cp\u003eFeatures\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1cb72aa55e0536f35d2af128994b5a61ca4c1a\"\u003e\u003ccode\u003e6d1cb72\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fd604bd34f0343472521a36da1fbd22e793e14fd\"\u003e\u003ccode\u003efd604bd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/120\"\u003e#120\u003c/a\u003e from jaraco/bugfix/119-malformed-paths\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c18417ed2953e181728a7dac07bff88a2190abf7\"\u003e\u003ccode\u003ec18417e\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/58115d2be968644ce71ce6bcc9b79826c82a1806\"\u003e\u003ccode\u003e58115d2\u003c/code\u003e\u003c/a\u003e Employ SanitizedNames in CompleteDirs. Fixes broken test.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/564fcc10cdbfdaecdb33688e149827465931c9e0\"\u003e\u003ccode\u003e564fcc1\u003c/code\u003e\u003c/a\u003e Add SanitizedNames mixin.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547\"\u003e\u003ccode\u003e79a309f\u003c/code\u003e\u003c/a\u003e Add some assertions about malformed paths.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/2d015c22348fab46ca765339f55f84fe9d6e8115\"\u003e\u003ccode\u003e2d015c2\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a595a0fad054cd20b69d3e954c99174e3a548938\"\u003e\u003ccode\u003ea595a0f\u003c/code\u003e\u003c/a\u003e Rename extras to align with core metadata spec.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/608f90a6e74919501577a1312dc5c7d8e1d391d7\"\u003e\u003ccode\u003e608f90a\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/3a22d724acf874111b43f87f7110225122ec3de5\"\u003e\u003ccode\u003e3a22d72\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/118\"\u003e#118\u003c/a\u003e from jaraco/feature/is-symlink\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.12.1...v3.19.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.25.1 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.25.1...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/v4run75/SneakyBox/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/v4run75/SneakyBox/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/v4run75%2FSneakyBox/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.23.0","new_version":"4.1.0","update_type":"major","path":null,"pr_created_at":"2026-05-20T06:06:59.000Z","version_change":"3.23.0 → 4.1.0","issue":{"uuid":"4483648077","node_id":"PR_kwDOMpA0VM7dYeaJ","number":369,"state":"open","title":"Bump the dependabot group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T06:06:59.000Z","updated_at":"2026-05-20T08:16:06.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"dependabot","update_count":5,"packages":[{"name":"idna","old_version":"3.14","new_version":"3.15","repository_url":"https://github.com/kjd/idna"},{"name":"protobuf","old_version":"7.34.0","new_version":"7.35.0","repository_url":"https://github.com/protocolbuffers/protobuf"},{"name":"requests","old_version":"2.33.0","new_version":"2.34.2","repository_url":"https://github.com/psf/requests"},{"name":"click","old_version":"8.3.1","new_version":"8.4.0","repository_url":"https://github.com/pallets/click"},{"name":"zipp","old_version":"3.23.0","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the dependabot group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [idna](https://github.com/kjd/idna) | `3.14` | `3.15` |\n| [protobuf](https://github.com/protocolbuffers/protobuf) | `7.34.0` | `7.35.0` |\n| [requests](https://github.com/psf/requests) | `2.33.0` | `2.34.2` |\n| [click](https://github.com/pallets/click) | `8.3.1` | `8.4.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `4.1.0` |\n\n\nUpdates `idna` from 3.14 to 3.15\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.15 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnforce DNS-length cap on individual labels early in \u003ccode\u003echeck_label\u003c/code\u003e,\nshort-circuiting contextual-rule processing for oversized input\nwhile staying compatible with UTS 46 usage.\u003c/li\u003e\n\u003cli\u003eTidy core helpers: hoist bidi category sets to module-level\nfrozensets (avoiding per-codepoint list construction), simplify\nlength checks, and reuse the shared \u003ccode\u003e_unicode_dots_re\u003c/code\u003e from\n\u003ccode\u003eidna.core\u003c/code\u003e in the codec module.\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003eraise ... from err\u003c/code\u003e for proper exception chaining and\nswitch internal string formatting to f-strings.\u003c/li\u003e\n\u003cli\u003eAllow \u003ccode\u003eflit_core\u003c/code\u003e 4.x in the build backend.\u003c/li\u003e\n\u003cli\u003eExpand the ruff lint set (flake8-bugbear, flake8-simplify,\npyupgrade, perflint) and apply the surfaced fixes; pin lint CI\nto Python 3.14.\u003c/li\u003e\n\u003cli\u003eAdd Dependabot configuration for GitHub Actions.\u003c/li\u003e\n\u003cli\u003eConvert README and HISTORY from reStructuredText to Markdown.\u003c/li\u003e\n\u003cli\u003eReference CVE-2026-45409 for the 3.14 advisory in place of the\ninitial GHSA identifier.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Felix Yan, Stan Ulbrych, and metsw24-max for\ncontributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/af30a092e158181d0b35ac66dfa813788126bdd8\"\u003e\u003ccode\u003eaf30a09\u003c/code\u003e\u003c/a\u003e Release 3.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/30314d4628744ca14cf2b5820564e5127a9f86f2\"\u003e\u003ccode\u003e30314d4\u003c/code\u003e\u003c/a\u003e Pre-release 3.15rc0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/05d4b219aa9eddc47371fcbd2000f0301016f3e9\"\u003e\u003ccode\u003e05d4b21\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/237\"\u003e#237\u003c/a\u003e from kjd/convert-docs-to-markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/2987fdba1962bbb2358399e0084ba062b98a0bee\"\u003e\u003ccode\u003e2987fdb\u003c/code\u003e\u003c/a\u003e Convert README and HISTORY from reStructuredText to Markdown\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/59fa8002d514bf4a5ce7b58f67b9ec587d53fa9c\"\u003e\u003ccode\u003e59fa800\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/236\"\u003e#236\u003c/a\u003e from kjd/dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/def69834ced5d4b3c50439d8b99c4c856ec19ca2\"\u003e\u003ccode\u003edef6983\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/bbd8004a797185d8c56bb555cd5c88fde05e0631\"\u003e\u003ccode\u003ebbd8004\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/234\"\u003e#234\u003c/a\u003e from StanFromIreland/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/edd07c05024344a6ccb517414ccb36683aee99fc\"\u003e\u003ccode\u003eedd07c0\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5557db030c11bdec50d62aa5f631d705d33ba123\"\u003e\u003ccode\u003e5557db0\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/f11746cf4981d25123ef7830d3ee60f07de8ae3d\"\u003e\u003ccode\u003ef11746c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/235\"\u003e#235\u003c/a\u003e from StanFromIreland/patch-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.14...v3.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobuf` from 7.34.0 to 7.35.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protocolbuffers/protobuf/releases\"\u003eprotobuf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eProtocol Buffers v34.0-rc1\u003c/h2\u003e\n\u003ch1\u003eAnnouncements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis version includes breaking changes to: C++, Objective-C, PHP, Python.\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make generator headers private (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add [[nodiscard]] to many APIs. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make the arena-enabled constructors of \u003ccode\u003eRepeatedField\u003c/code\u003e, \u003ccode\u003eRepeatedPtrField\u003c/code\u003e, and \u003ccode\u003eMap\u003c/code\u003e private. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() \u0026amp;\u0026amp; !is_repeated()) instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] All entity names have length limit (2afb0dc)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003egenerate_minimal_imports\u003c/code\u003e generation option warning (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Fix nullability annotations on some \u003ccode\u003eGPB*Dictionary\u003c/code\u003e types. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003e-[GPBFieldDescriptor optional]\u003c/code\u003e (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Other] Remove deprecated flag for enabling MSVC support (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  Add PHP typehints for setters and remove redundant GPBUtil checks (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/pull/25296\"\u003eprotocolbuffers/protobuf#25296\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  support default values for editions/proto2 (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/pull/25161\"\u003eprotocolbuffers/protobuf#25161\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b01099d56350551bae3da88b97bf3027274c9f17\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/5b116fe2f14f49dd0cc3b76089983717f211025c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove float_format/double_format from python proto text_format (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/e4854a186e0bfa867d5bfa5cd850608a948fd488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/00aaca1b4d98954bc2933d7c8a5379ba6088124c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove float_precision from python proto json_format (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/f027f1fcd52b9d080b7ee79f4024f53cf54e0dc5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove deprecated FieldDescriptor.label (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a8ff55518ea5874478ad5b26515b31d186045a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://protobuf.dev/news/\"\u003eProtobuf News\u003c/a\u003e may include additional announcements or pre-announcements for upcoming changes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://protobuf.dev/support/migration/\"\u003eMigration Guide\u003c/a\u003e may include additional guidance for breaking changes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBazel\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eFix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/25168\"\u003e#25168\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/8c857c3a1c6a106b0a096f1c9fa504bfaca035a9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBreaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat(bazel): wire up prebuilt protoc toolchain (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/24115\"\u003e#24115\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/cc23698b486e690ea2eb873cc7596a87c74a3ba6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMigrate \u003ccode\u003eproto_descriptor_set\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/23369\"\u003e#23369\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/8d4dfdd39a7a242a9ed631a6ab2192c57dd9b9c8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eCompiler\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eRuby codegen: support generation of rbs files (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/issues/15633\"\u003e#15633\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/6ebdf851ba78728f0aa145d38454ed9a316fb08d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid collision name problems between a message named \u003ccode\u003eXyz\u003c/code\u003e and a direct sibling enum named \u003ccode\u003eXyzView\u003c/code\u003e (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/eba53e8f172b273d679759a72ce4250131ee3df1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eGeneralizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ed3c57114d8e2b47cca7697ddaa50c1b3762a6b0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug with custom features outside of the \u003ccode\u003epb\u003c/code\u003e package. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/872d3ce7a4da00d7dcec33ced20cfe45235935e8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix import option handling when include_imports isn't set. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9ef9e80afd9bc8379d578fe67e5ab0738728c04e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/1229d4adba24c0952ab85ce96bc7b7f8a1fe6d0f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePrevent accidental stripping of \u003ccode\u003edebug_redact\u003c/code\u003e options via import option. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/f58b098bffa7ca4045ef7773b09151a6af5d0c28\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eC++\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eAdd EnumerateEnumValues function. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/397d5d99db274b379d1384814074bf7df39d32f7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.33.0 to 2.34.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.34.2\u003c/h2\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues with \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling \u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.1\u003c/h2\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/k223kim\"\u003e\u003ccode\u003e@​k223kim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7433\"\u003epsf/requests#7433\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2341-2026-05-13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.34.0\u003c/h2\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. \u003cstrong\u003eWe believe types are comprehensive but if you find issues, please\nreport them to the \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003epinned tracking issue\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.34.2 (2026-05-14)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMoved \u003ccode\u003eheaders\u003c/code\u003e input type back to \u003ccode\u003eMapping\u003c/code\u003e to avoid invariance issues\nwith \u003ccode\u003eMutableMapping\u003c/code\u003e and inferred dict types. Users calling\n\u003ccode\u003eRequest.headers.update()\u003c/code\u003e may need to narrow typing in their code. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.1 (2026-05-13)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWidened \u003ccode\u003ejson\u003c/code\u003e input type from \u003ccode\u003edict\u003c/code\u003e and \u003ccode\u003elist\u003c/code\u003e to \u003ccode\u003eMapping\u003c/code\u003e\nand \u003ccode\u003eSequence\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eChanged \u003ccode\u003eheaders\u003c/code\u003e input type to MutableMapping and removed \u003ccode\u003eNone\u003c/code\u003e from\n\u003ccode\u003eRequest.headers\u003c/code\u003e typing to improve handling for users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eResponse.reason\u003c/code\u003e moved from \u003ccode\u003estr | None\u003c/code\u003e to \u003ccode\u003estr\u003c/code\u003e to improve handling\nfor users. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where some bodies with custom \u003ccode\u003e__getattr__\u003c/code\u003e implementations\nweren't being properly detected as Iterables. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7433\"\u003e#7433\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.34.0 (2026-05-11)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRequests 2.34.0 introduces inline types, replacing those provided by\ntypeshed. Public API types should be fully compatible with mypy, pyright,\nand ty. We believe types are comprehensive but if you find issues, please\nreport them to the pinned tracking issue.\u003c/p\u003e\n\u003cp\u003eSpecial thanks to \u003ca href=\"https://github.com/bastimeyer\"\u003e\u003ccode\u003e@​bastimeyer\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/cthoyt\"\u003e\u003ccode\u003e@​cthoyt\u003c/code\u003e\u003c/a\u003e, \u003ca href=\"https://github.com/edgarrmondragon\"\u003e\u003ccode\u003e@​edgarrmondragon\u003c/code\u003e\u003c/a\u003e, and \u003ca href=\"https://github.com/srittau\"\u003e\u003ccode\u003e@​srittau\u003c/code\u003e\u003c/a\u003e for\nhelping review and test the types ahead of the release. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7272\"\u003e#7272\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDigest Auth hashing algorithms have added \u003ccode\u003eusedforsecurity=False\u003c/code\u003e to clarify\nsecurity considerations. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7310\"\u003e#7310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.15 based on beta1. Downstream projects\nshould be able to start testing prior to its release in October. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7422\"\u003e#7422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests added support for Python 3.14t. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7419\"\u003e#7419\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eResponse.history\u003c/code\u003e no longer contains a reference to itself, preventing\naccidental looping when traversing the history list. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7328\"\u003e#7328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer performs greedy matching on no_proxy domains. The\nproxy_bypass implementation has been updated with CPython's fix from\nbpo-39057. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRequests no longer incorrectly strips duplicate leading slashes in\nURI paths. This should address user issues with specific presigned\nURLs. Note the full fix requires urllib3 2.7.0+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7315\"\u003e#7315\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3\"\u003e\u003ccode\u003e6e83187\u003c/code\u003e\u003c/a\u003e v2.34.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b\"\u003e\u003ccode\u003e84d10f0\u003c/code\u003e\u003c/a\u003e Move Request.headers back to Mapping (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7441\"\u003e#7441\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224\"\u003e\u003ccode\u003eb7b549b\u003c/code\u003e\u003c/a\u003e v2.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe\"\u003e\u003ccode\u003ee511bc7\u003c/code\u003e\u003c/a\u003e Fix mutability issues with headers input types (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7431\"\u003e#7431\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61\"\u003e\u003ccode\u003e5691f59\u003c/code\u003e\u003c/a\u003e Update JsonType containers to read-based collections (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7436\"\u003e#7436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035\"\u003e\u003ccode\u003e2144213\u003c/code\u003e\u003c/a\u003e Constrain Response.reason to str (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7437\"\u003e#7437\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232\"\u003e\u003ccode\u003e6404f34\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eprepare_body\u003c/code\u003e stream detection for \u003ccode\u003e__getattr__\u003c/code\u003e-based file wrappers (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7\"\u003e#7\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca\"\u003e\u003ccode\u003e0b401c7\u003c/code\u003e\u003c/a\u003e v2.34.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4\"\u003e\u003ccode\u003e86b378d\u003c/code\u003e\u003c/a\u003e Align Session.get parameters with requests.get (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7429\"\u003e#7429\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f\"\u003e\u003ccode\u003ea4f9a59\u003c/code\u003e\u003c/a\u003e Port bpo-39057 to Requests (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7427\"\u003e#7427\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.33.0...v2.34.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.1 to 8.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.4.0\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.4.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.\u003c/p\u003e\n\u003cp\u003eWe encourage everyone to upgrade. You can read more about our \u003ca href=\"https://palletsprojects.com/versions\"\u003eVersion Support Policy\u003c/a\u003e on our website.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.4.0/\"\u003ehttps://pypi.org/project/click/8.4.0/\u003c/a\u003e\nChanges:  \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-4-0\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-4-0\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParamType\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3371\"\u003e#3371\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3372\"\u003e#3372\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eParameter\u003c/code\u003e typing improvements. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2805\"\u003e#2805\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2745\"\u003e#2745\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3364\"\u003e#3364\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAuto-detect \u003ccode\u003etype=UNPROCESSED\u003c/code\u003e for \u003ccode\u003eflag_value\u003c/code\u003e of non-basic types\n(not \u003ccode\u003estr\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e, \u003ccode\u003efloat\u003c/code\u003e, or \u003ccode\u003ebool\u003c/code\u003e), so programmer-provided\nPython objects like classes and enum members are passed through unchanged\ninstead of being stringified. Previously \u003ccode\u003etype=click.UNPROCESSED\u003c/code\u003e had\nto be set explicitly. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2012\"\u003e#2012\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3363\"\u003e#3363\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe error hint now uses \u003ccode\u003eCommand.get_help_option_names\u003c/code\u003e to pick\nnon-shadowed help option names, so \u003ccode\u003eTry '... -h'\u003c/code\u003e no longer points to a\nsubcommand option that shadows \u003ccode\u003e-h\u003c/code\u003e. All surviving names are shown\n(\u003ccode\u003e-h/--help\u003c/code\u003e). \u003ca href=\"https://redirect.github.com/pallets/click/issues/2790\"\u003e#2790\u003c/a\u003e  \u003ca href=\"https://redirect.github.com/pallets/click/issues/3208\"\u003e#3208\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix readline functionality on non-Windows platforms. Prompt text is now\npassed directly to readline instead of being printed separately, allowing\nproper backspace, line editing, and line wrapping behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2968\"\u003e#2968\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.4.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-05-17\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e3371\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParamType\u003c/code\u003e is now a generic abstract base class,\nparameterized by its converted value type.\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.convert\u003c/code\u003e return types are narrowed on all\nconcrete types (\u003ccode\u003estr\u003c/code\u003e for :class:\u003ccode\u003eSTRING\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e for\n:class:\u003ccode\u003eINT\u003c/code\u003e, etc.).\u003c/li\u003e\n\u003cli\u003e:meth:\u003ccode\u003e~ParamType.to_info_dict\u003c/code\u003e returns specific\n:class:\u003ccode\u003e~typing.TypedDict\u003c/code\u003e subclasses instead of\n\u003ccode\u003edict[str, Any]\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e:class:\u003ccode\u003eCompositeParamType\u003c/code\u003e and the number-range base are now\ngeneric with abstract methods.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eRefactor \u003ccode\u003econvert_type\u003c/code\u003e to extract type inference into a private\n\u003ccode\u003e_guess_type\u003c/code\u003e helper, and add :func:\u003ccode\u003etyping.overload\u003c/code\u003e signatures.\n:pr:\u003ccode\u003e3372\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e typing improvements. :pr:\u003ccode\u003e2805\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e:class:\u003ccode\u003eParameter\u003c/code\u003e is now an abstract base class, making explicit\nthat it cannot be instantiated directly.\u003c/li\u003e\n\u003cli\u003e:attr:\u003ccode\u003eParameter.name\u003c/code\u003e is now \u003ccode\u003estr\u003c/code\u003e instead of \u003ccode\u003estr | None\u003c/code\u003e.\nWhen \u003ccode\u003eexpose_value=False\u003c/code\u003e, the name is set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e instead\nof \u003ccode\u003eNone\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003ectx\u003c/code\u003e parameter of :meth:\u003ccode\u003eParameter.get_error_hint\u003c/code\u003e is now\ntyped as \u003ccode\u003eContext | None\u003c/code\u003e, matching the runtime behavior.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSplit string values from \u003ccode\u003edefault_map\u003c/code\u003e for parameters with \u003ccode\u003enargs \u0026gt; 1\u003c/code\u003e\nor :class:\u003ccode\u003eTuple\u003c/code\u003e type, matching environment variable behavior.\n:issue:\u003ccode\u003e2745\u003c/code\u003e :pr:\u003ccode\u003e3364\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAuto-detect \u003ccode\u003etype=UNPROCESSED\u003c/code\u003e for \u003ccode\u003eflag_value\u003c/code\u003e of non-basic types\n(not \u003ccode\u003estr\u003c/code\u003e, \u003ccode\u003eint\u003c/code\u003e, \u003ccode\u003efloat\u003c/code\u003e, or \u003ccode\u003ebool\u003c/code\u003e), so programmer-provided\nPython objects like classes and enum members are passed through unchanged\ninstead of being stringified. Previously \u003ccode\u003etype=click.UNPROCESSED\u003c/code\u003e had\nto be set explicitly. :issue:\u003ccode\u003e2012\u003c/code\u003e :pr:\u003ccode\u003e3363\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe error hint now uses :meth:\u003ccode\u003eCommand.get_help_option_names\u003c/code\u003e to pick\nnon-shadowed help option names, so \u003ccode\u003eTry '... -h'\u003c/code\u003e no longer points to a\nsubcommand option that shadows \u003ccode\u003e-h\u003c/code\u003e. All surviving names are shown\n(\u003ccode\u003e-h/--help\u003c/code\u003e). :issue:\u003ccode\u003e2790\u003c/code\u003e :pr:\u003ccode\u003e3208\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix readline functionality on non-Windows platforms. Prompt text is now\npassed directly to readline instead of being printed separately, allowing\nproper backspace, line editing, and line wrapping behavior. :issue:\u003ccode\u003e2968\u003c/code\u003e\n:pr:\u003ccode\u003e2969\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse :func:\u003ccode\u003eos.startfile\u003c/code\u003e on Windows to open URLs in :func:\u003ccode\u003eopen_url\u003c/code\u003e,\nreplacing the \u003ccode\u003estart\u003c/code\u003e built-in which cannot be invoked without\n\u003ccode\u003eshell=True\u003c/code\u003e. :issue:\u003ccode\u003e3164\u003c/code\u003e :pr:\u003ccode\u003e3186\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix Fish shell completion errors when option help text contains newlines.\n:issue:\u003ccode\u003e3043\u003c/code\u003e :pr:\u003ccode\u003e3126\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/41f410fb7528305d7e87c8cfa704f6c2456f57fc\"\u003e\u003ccode\u003e41f410f\u003c/code\u003e\u003c/a\u003e Release 8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/e3e69e3bf8d749ac1a632f2ece4d38ec7f6588f5\"\u003e\u003ccode\u003ee3e69e3\u003c/code\u003e\u003c/a\u003e Add type annotations for instance attributes in \u003ccode\u003eutils\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3422\"\u003e#3422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/3bb230dcd5d751f8605b46e9df5a541639d5fd4e\"\u003e\u003ccode\u003e3bb230d\u003c/code\u003e\u003c/a\u003e WIP: Fix \u003ccode\u003eHelpFormatter.write_usage\u003c/code\u003e producing spurious characters (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3434\"\u003e#3434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/63274a79d08fdc5c19220696144489f7144a8547\"\u003e\u003ccode\u003e63274a7\u003c/code\u003e\u003c/a\u003e \u003ccode\u003eclick.get_pager_file\u003c/code\u003e: add tests (\u003ca href=\"https://redirect.github.com/pallets/click/issues/1572\"\u003e#1572\u003c/a\u003e followup) (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3405\"\u003e#3405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/0551bf53588ae87f462d336f24f853a156fefe3a\"\u003e\u003ccode\u003e0551bf5\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eHelpFormatter.write_usage\u003c/code\u003e producing spurious characters\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/fc41aa1d0b62494eb93e92ff3929601221e3abf4\"\u003e\u003ccode\u003efc41aa1\u003c/code\u003e\u003c/a\u003e Apply class-body annotations to \u003ccode\u003eKeepOpenFile\u003c/code\u003e for consistency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/b761eda3bad977ec2f485451d85fd8ec365f0bf4\"\u003e\u003ccode\u003eb761eda\u003c/code\u003e\u003c/a\u003e Skip some tests on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/98302ac4f49e443a48abd3fbb95c86202b89547d\"\u003e\u003ccode\u003e98302ac\u003c/code\u003e\u003c/a\u003e Check \u003ccode\u003ePAGER\u003c/code\u003e usage, color preservation and edge-cases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/dbdae170879d460e78963f8af35c5cb9c5b86e89\"\u003e\u003ccode\u003edbdae17\u003c/code\u003e\u003c/a\u003e Fix documentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/1aa2d53d63ff68bf14b35931177aac9270e39713\"\u003e\u003ccode\u003e1aa2d53\u003c/code\u003e\u003c/a\u003e Redesigned tests and get_pager_file branching to be more clear and not set color\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.1...8.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zipp` from 3.23.0 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.0...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/google/sedpack/pull/369","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fsedpack/issues/369","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/369/packages"}},{"old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","update_type":null,"path":null,"pr_created_at":"2026-05-19T22:21:42.000Z","version_change":"\u003e=3.23.1 → \u003e=4.1.0","issue":{"uuid":"4481489624","node_id":"PR_kwDOHTtbCs7dRqqg","number":174,"state":"open","title":"deps(deps): update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["dependencies","automated"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T22:21:42.000Z","updated_at":"2026-05-19T22:24:01.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps): update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/hostcc/energomera-hass-mqtt/pull/174","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/hostcc%2Fenergomera-hass-mqtt/issues/174","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/174/packages"}},{"old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","update_type":null,"path":null,"pr_created_at":"2026-05-19T18:48:59.000Z","version_change":"\u003e=3.23.1 → \u003e=4.1.0","issue":{"uuid":"4480113211","node_id":"PR_kwDOPNnOdc7dNIT2","number":9,"state":"closed","title":"Build(deps): Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-23T20:22:12.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T18:48:59.000Z","updated_at":"2026-05-23T20:22:22.000Z","time_to_close":351193,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Build(deps): Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/1121citrus/ha-offsite-backups/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/1121citrus%2Fha-offsite-backups/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","update_type":null,"path":null,"pr_created_at":"2026-05-19T18:48:57.000Z","version_change":"\u003e=3.23.1 → \u003e=4.1.0","issue":{"uuid":"4480113049","node_id":"PR_kwDOOgrlFM7dNIRw","number":13,"state":"closed","title":"Build(deps): Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-23T20:22:18.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T18:48:57.000Z","updated_at":"2026-05-23T20:22:26.000Z","time_to_close":351201,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Build(deps): Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/1121citrus/rotate-aws-backups/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/1121citrus%2Frotate-aws-backups/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"3.23.1","new_version":"4.1.0","update_type":"major","path":null,"pr_created_at":"2026-05-19T03:49:08.000Z","version_change":"3.23.1 → 4.1.0","issue":{"uuid":"4474239914","node_id":"PR_kwDOCEmvW87c6G3U","number":261,"state":"closed","title":"chore(deps): bump zipp from 3.23.1 to 4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-23T23:14:39.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-19T03:49:08.000Z","updated_at":"2026-05-23T23:14:48.000Z","time_to_close":415531,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.1 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.1\u0026new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/saidsef/ml-classifier/pull/261","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/saidsef%2Fml-classifier/issues/261","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/261/packages"}},{"old_version":"3.23.1","new_version":"4.1.0","update_type":"major","path":null,"pr_created_at":"2026-05-18T23:33:53.000Z","version_change":"3.23.1 → 4.1.0","issue":{"uuid":"4473286400","node_id":"PR_kwDODe2eOM7c3F2S","number":481,"state":"open","title":"chore(deps): bump zipp from 3.23.1 to 4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T23:33:53.000Z","updated_at":"2026-05-18T23:34:37.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"zipp","old_version":"3.23.1","new_version":"4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.1 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.1\u0026new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/saidsef/scapy-containerised/pull/481","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/saidsef%2Fscapy-containerised/issues/481","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/481/packages"}},{"old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","update_type":null,"path":null,"pr_created_at":"2026-05-18T23:19:41.000Z","version_change":"\u003e=3.23.1 → \u003e=4.1.0","issue":{"uuid":"4473230364","node_id":"PR_kwDONgNt1M7c26Si","number":74,"state":"closed","title":"Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2026-05-18T23:21:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T23:19:41.000Z","updated_at":"2026-05-18T23:21:32.000Z","time_to_close":110,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/PythonTemplate/pull/74","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2FPythonTemplate/issues/74","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/74/packages"}},{"old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","update_type":null,"path":null,"pr_created_at":"2026-05-18T23:19:38.000Z","version_change":"\u003e=3.23.1 → \u003e=4.1.0","issue":{"uuid":"4473230186","node_id":"PR_kwDONgNt1M7c26QU","number":73,"state":"closed","title":"Update zipp requirement from \u003e=3.23.1 to \u003e=4.1.0","user":"dependabot[bot]","labels":["dependencies","python:uv"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-18T23:19:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-18T23:19:38.000Z","updated_at":"2026-05-18T23:20:40.000Z","time_to_close":14,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"zipp","old_version":"\u003e=3.23.1","new_version":"\u003e=4.1.0","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [zipp](https://github.com/jaraco/zipp) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev4.1.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePath.iterdir now raises NotADirectoryError (formerly ValueError) when call on something that's not a directory. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev4.0.0\u003c/h1\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDrop workaround for stacklevel bug on older PyPy releases. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.23.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd a compatibility shim for Python 3.13 and earlier. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/145\"\u003e#145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev3.22.0\u003c/h1\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBackported simplified tests from \u003ca href=\"https://redirect.github.com/python/cpython/issues/123424\"\u003epython/cpython#123424\u003c/a\u003e. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ccode\u003e.name\u003c/code\u003e, \u003ccode\u003e.stem\u003c/code\u003e, and other basename-based properties on Windows when working with a zipfile on disk. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/29a7a55c6bac1a6f705b54135dbea82d03e997c3\"\u003e\u003ccode\u003e29a7a55\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/bf9bf8cb1cfb2935d519349b8e7809462eedbccb\"\u003e\u003ccode\u003ebf9bf8c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/154\"\u003e#154\u003c/a\u003e from ShipItAndPray/fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/a43226aba25ed257013d35cd412fcaac07ce8c38\"\u003e\u003ccode\u003ea43226a\u003c/code\u003e\u003c/a\u003e Add news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/5b41b49e477cf977c18d91042e737000f87105c9\"\u003e\u003ccode\u003e5b41b49\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-129-iterdir-notadirectory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f2f3e7990d89af94ff6675d87eeef973983a49bf\"\u003e\u003ccode\u003ef2f3e79\u003c/code\u003e\u003c/a\u003e 👹 Feed the hobgoblins (delint).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/d14b72023b442e0eab42d59a6d849e31c2ab243e\"\u003e\u003ccode\u003ed14b720\u003c/code\u003e\u003c/a\u003e Merge \u003ca href=\"https://github.com/jaraco/skeleton\"\u003ehttps://github.com/jaraco/skeleton\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/b8f103031f45efad23afc7816be7c79238264a60\"\u003e\u003ccode\u003eb8f1030\u003c/code\u003e\u003c/a\u003e More aggressively direct Agents not to add generated artifacts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/fb8483bd52023e910a9d37d7508315ffa8c48db6\"\u003e\u003ccode\u003efb8483b\u003c/code\u003e\u003c/a\u003e Use Python 3.14 as the latest stable.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/91aed9a991ac5ca8ebcd631c8f32ab81ede0d652\"\u003e\u003ccode\u003e91aed9a\u003c/code\u003e\u003c/a\u003e\u003ccode\u003ejaraco/skeleton#198\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/225b2afaa7819c07d3d1cd306070d0f200b8d086\"\u003e\u003ccode\u003e225b2af\u003c/code\u003e\u003c/a\u003e Add agent guidance pointing to skeleton documentation.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.1...v4.1.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/PythonTemplate/pull/73","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2FPythonTemplate/issues/73","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/73/packages"}},{"old_version":"3.23.0","new_version":"3.23.1","update_type":"patch","path":"/backend","pr_created_at":"2026-05-18T09:21:18.000Z","version_change":"3.23.0 → 3.23.1","issue":{"uuid":"4467864475","node_id":"PR_kwDOSgnht87cldUT","number":15,"state":"open","title":"Bump zipp from 3.23.0 to 3.23.1 in /backend","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T09:21:18.000Z","updated_at":"2026-05-18T09:21:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":"/backend","ecosystem":"pip"},"body":"Bumps [zipp](https://github.com/jaraco/zipp) from 3.23.0 to 3.23.1.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jaraco/zipp/blob/main/NEWS.rst\"\u003ezipp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev3.23.1\u003c/h1\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estr(Path(...))\u003c/code\u003e now renders \u0026quot;:zipfile\u0026quot; for the filename when a zipfile has no filename instead of failing with a TypeError. (\u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/134\"\u003e#134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/157860e9d6a793787d22a3ba5ac238799065b9b7\"\u003e\u003ccode\u003e157860e\u003c/code\u003e\u003c/a\u003e Finalize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/0c7638af5f0efd1a21bd15395726a1fb3926db2c\"\u003e\u003ccode\u003e0c7638a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jaraco/zipp/issues/135\"\u003e#135\u003c/a\u003e from barneygale/fix-134\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/6d1e280b31551cdf62645a441b44cec4f9f34c45\"\u003e\u003ccode\u003e6d1e280\u003c/code\u003e\u003c/a\u003e Update news fragment.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/0b072355dd6fcca620cd784b0ad22badf4e273ff\"\u003e\u003ccode\u003e0b07235\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into fix-134\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/c5f40d3757c797352970884e6156ccf311bc921b\"\u003e\u003ccode\u003ec5f40d3\u003c/code\u003e\u003c/a\u003e Moved none_as to _functools.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/f7bdf7cc2227b18567378cd859709d44f8179c47\"\u003e\u003ccode\u003ef7bdf7c\u003c/code\u003e\u003c/a\u003e Use :zipfile: to designate an unnamed zipfile.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jaraco/zipp/commit/e7956b726b1a19d7eae225a3c71de714af354530\"\u003e\u003ccode\u003ee7956b7\u003c/code\u003e\u003c/a\u003e Mark 3.21 as Python 3.15.\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jaraco/zipp/compare/v3.23.0...v3.23.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp\u0026package-manager=pip\u0026previous-version=3.23.0\u0026new-version=3.23.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DamDoh/myGCNUdom/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DamDoh%2FmyGCNUdom/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}},{"old_version":"3.11.0","new_version":"3.19.1","update_type":"minor","path":null,"pr_created_at":"2026-05-16T08:27:40.000Z","version_change":"3.11.0 → 3.19.1","issue":{"uuid":"4459255827","node_id":"PR_kwDOJuLwIc7cLiZW","number":1,"state":"open","title":"Bump the pip group across 1 directory with 10 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T08:27:40.000Z","updated_at":"2026-05-16T08:28:12.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":10,"packages":[{"name":"certifi","old_version":"2022.12.7","new_version":"2024.7.4","repository_url":"https://github.com/certifi/python-certifi"},{"name":"flask","old_version":"2.2.2","new_version":"3.1.3","repository_url":"https://github.com/pallets/flask"},{"name":"idna","old_version":"3.4","new_version":"3.7","repository_url":"https://github.com/kjd/idna"},{"name":"jinja2","old_version":"3.1.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/jinja"},{"name":"python-dotenv","old_version":"0.21.0","new_version":"1.2.2","repository_url":"https://github.com/theskumar/python-dotenv"},{"name":"requests","old_version":"2.28.1","new_version":"2.33.0","repository_url":"https://github.com/psf/requests"},{"name":"tqdm","old_version":"4.64.1","new_version":"4.66.3","repository_url":"https://github.com/tqdm/tqdm"},{"name":"urllib3","old_version":"1.26.13","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"werkzeug","old_version":"2.2.2","new_version":"3.1.6","repository_url":"https://github.com/pallets/werkzeug"},{"name":"zipp","old_version":"3.11.0","new_version":"3.19.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 10 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [certifi](https://github.com/certifi/python-certifi) | `2022.12.7` | `2024.7.4` |\n| [flask](https://github.com/pallets/flask) | `2.2.2` | `3.1.3` |\n| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |\n| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.6` |\n| [python-dotenv](https://github.com/theskumar/python-dotenv) | `0.21.0` | `1.2.2` |\n| [requests](https://github.com/psf/requests) | `2.28.1` | `2.33.0` |\n| [tqdm](https://github.com/tqdm/tqdm) | `4.64.1` | `4.66.3` |\n| [urllib3](https://github.com/urllib3/urllib3) | `1.26.13` | `2.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `2.2.2` | `3.1.6` |\n| [zipp](https://github.com/jaraco/zipp) | `3.11.0` | `3.19.1` |\n\n\nUpdates `certifi` from 2022.12.7 to 2024.7.4\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463\"\u003e\u003ccode\u003ebd81538\u003c/code\u003e\u003c/a\u003e 2024.07.04 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3\"\u003e\u003ccode\u003e06a2cbf\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/294\"\u003e#294\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23\"\u003e\u003ccode\u003e13bba02\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/293\"\u003e#293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554\"\u003e\u003ccode\u003ee8abcd0\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1\"\u003e\u003ccode\u003e124f4ad\u003c/code\u003e\u003c/a\u003e 2024.06.02 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a\"\u003e\u003ccode\u003ec2196ce\u003c/code\u003e\u003c/a\u003e --- (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2\"\u003e\u003ccode\u003efefdeec\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.4 to 4.1.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/289\"\u003e#289\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf\"\u003e\u003ccode\u003e3c5fb15\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 4.1.6 to 4.1.7 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1\"\u003e\u003ccode\u003e4a9569a\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.2 to 4.1.4 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3\"\u003e\u003ccode\u003e1fc8086\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/288\"\u003e#288\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2022.12.07...2024.07.04\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask` from 2.2.2 to 3.1.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/releases\"\u003eflask's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.3/\"\u003ehttps://pypi.org/project/Flask/3.1.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-3\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-3\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys but not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. \u003ca href=\"https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726\"\u003eGHSA-68rp-wp8r-4726\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.2\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.2/\"\u003ehttps://pypi.org/project/Flask/3.1.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/page/changes/#version-3-1-2\"\u003ehttps://flask.palletsprojects.com/page/changes/#version-3-1-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/38?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/38?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5774\"\u003e#5774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state of \u003ccode\u003esession\u003c/code\u003e is correct. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5786\"\u003e#5786\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5776\"\u003e#5776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.1\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.1/\"\u003ehttps://pypi.org/project/Flask/3.1.1/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-1\u003c/a\u003e\nMilestone \u003ca href=\"https://github.com/pallets/flask/milestone/36?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/36?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. GHSA-4grg-w6v8-c28g\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5645\"\u003e#5645\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands are shown. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5673\"\u003e#5673\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return \u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier for Quart. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5659\"\u003e#5659\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.0\u003c/h2\u003e\n\u003cp\u003eThis is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as \u003ca href=\"https://pypi.org/project/pip-tools/\"\u003epip-tools\u003c/a\u003e to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Flask/3.1.0/\"\u003ehttps://pypi.org/project/Flask/3.1.0/\u003c/a\u003e\nChanges: \u003ca href=\"https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\"\u003ehttps://flask.palletsprojects.com/en/stable/changes/#version-3-1-0\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/flask/milestone/33?closed=1\"\u003ehttps://github.com/pallets/flask/milestone/33?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5623\"\u003e#5623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases. Werkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5624\"\u003e#5624\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5633\"\u003e#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option responses. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5496\"\u003e#5496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and \u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when opening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5504\"\u003e#5504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only through the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added \u003ccode\u003eMAX_FORM_MEMORY_SIZE\u003c/code\u003e and \u003ccode\u003eMAX_FORM_PARTS\u003c/code\u003e config. Added documentation about resource limits to the security page. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5625\"\u003e#5625\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for the \u003ccode\u003ePartitioned\u003c/code\u003e cookie attribute (CHIPS), with the \u003ccode\u003eSESSION_COOKIE_PARTITIONED\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5472\"\u003e#5472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-e path\u003c/code\u003e takes precedence over default \u003ccode\u003e.env\u003c/code\u003e and \u003ccode\u003e.flaskenv\u003c/code\u003e files. \u003ccode\u003eload_dotenv\u003c/code\u003e loads default files in addition to a path unless \u003ccode\u003eload_defaults=False\u003c/code\u003e is passed. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5628\"\u003e#5628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport key rotation with the \u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5621\"\u003e#5621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix how setting \u003ccode\u003ehost_matching=True\u003c/code\u003e or \u003ccode\u003esubdomain_matching=False\u003c/code\u003e interacts with \u003ccode\u003eSERVER_NAME\u003c/code\u003e. Setting \u003ccode\u003eSERVER_NAME\u003c/code\u003e no longer restricts requests to only that domain. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5553\"\u003e#5553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.trusted_hosts\u003c/code\u003e is checked during routing, and can be set through the \u003ccode\u003eTRUSTED_HOSTS\u003c/code\u003e config. \u003ca href=\"https://redirect.github.com/pallets/flask/issues/5636\"\u003e#5636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/flask/blob/main/CHANGES.rst\"\u003eflask's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-02-18\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe session is marked as accessed for operations that only access the keys\nbut not the values, such as \u003ccode\u003ein\u003c/code\u003e and \u003ccode\u003elen\u003c/code\u003e. :ghsa:\u003ccode\u003e68rp-wp8r-4726\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.2\u003c/h2\u003e\n\u003cp\u003eReleased 2025-08-19\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003estream_with_context\u003c/code\u003e does not fail inside async views. :issue:\u003ccode\u003e5774\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eWhen using \u003ccode\u003efollow_redirects\u003c/code\u003e in the test client, the final state\nof \u003ccode\u003esession\u003c/code\u003e is correct. :issue:\u003ccode\u003e5786\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eRelax type hint for passing bytes IO to \u003ccode\u003esend_file\u003c/code\u003e. :issue:\u003ccode\u003e5776\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.1\u003c/h2\u003e\n\u003cp\u003eReleased 2025-05-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix signing key selection order when key rotation is enabled via\n\u003ccode\u003eSECRET_KEY_FALLBACKS\u003c/code\u003e. :ghsa:\u003ccode\u003e4grg-w6v8-c28g\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix type hint for \u003ccode\u003ecli_runner.invoke\u003c/code\u003e. :issue:\u003ccode\u003e5645\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eflask --help\u003c/code\u003e loads the app and plugins first to make sure all commands\nare shown. :issue:\u003ccode\u003e5673\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark sans-io base class as being able to handle views that return\n\u003ccode\u003eAsyncIterable\u003c/code\u003e. This is not accurate for Flask, but makes typing easier\nfor Quart. :pr:\u003ccode\u003e5659\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.0\u003c/h2\u003e\n\u003cp\u003eReleased 2024-11-13\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDrop support for Python 3.8. :pr:\u003ccode\u003e5623\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eUpdate minimum dependency versions to latest feature releases.\nWerkzeug \u0026gt;= 3.1, ItsDangerous \u0026gt;= 2.2, Blinker \u0026gt;= 1.9. :pr:\u003ccode\u003e5624,5633\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eProvide a configuration option to control automatic option\nresponses. :pr:\u003ccode\u003e5496\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eFlask.open_resource\u003c/code\u003e/\u003ccode\u003eopen_instance_resource\u003c/code\u003e and\n\u003ccode\u003eBlueprint.open_resource\u003c/code\u003e take an \u003ccode\u003eencoding\u003c/code\u003e parameter to use when\nopening in text mode. It defaults to \u003ccode\u003eutf-8\u003c/code\u003e. :issue:\u003ccode\u003e5504\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRequest.max_content_length\u003c/code\u003e can be customized per-request instead of only\nthrough the \u003ccode\u003eMAX_CONTENT_LENGTH\u003c/code\u003e config. Added\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65\"\u003e\u003ccode\u003e22d9247\u003c/code\u003e\u003c/a\u003e release version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4\"\u003e\u003ccode\u003e089cb86\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa\"\u003e\u003ccode\u003ec17f379\u003c/code\u003e\u003c/a\u003e request context tracks session access\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602\"\u003e\u003ccode\u003e27be933\u003c/code\u003e\u003c/a\u003e start version 3.1.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d\"\u003e\u003ccode\u003e4e652d3\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5903\"\u003e#5903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a\"\u003e\u003ccode\u003e3d03098\u003c/code\u003e\u003c/a\u003e Abort if the instance folder cannot be created\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4\"\u003e\u003ccode\u003e407eb76\u003c/code\u003e\u003c/a\u003e document using gevent for async (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5900\"\u003e#5900\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60\"\u003e\u003ccode\u003eac5664d\u003c/code\u003e\u003c/a\u003e document using gevent for async\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3\"\u003e\u003ccode\u003e4f79d5b\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11 (\u003ca href=\"https://redirect.github.com/pallets/flask/issues/5865\"\u003e#5865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f\"\u003e\u003ccode\u003efe3b215\u003c/code\u003e\u003c/a\u003e Increase required flit_core version to 3.11\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/flask/compare/2.2.2...3.1.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.4 to 3.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/releases\"\u003eidna's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.7 (2024-04-11)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.6 (2023-11-25)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.5 (2023-11-24)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the system codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some downstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to comport\nwith PEP 517 and the Python Packaging User Guide for sdist archives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions\nto this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e Release v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from kjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from elliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e More efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e Update ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e Update Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e Fix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.4...v3.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jinja2` from 3.1.2 to 3.1.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/releases\"\u003ejinja2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.1.6\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.6/\"\u003ehttps://pypi.org/project/Jinja2/3.1.6/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\"\u003ehttps://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\"\u003ehttps://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.5\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.5/\"\u003ehttps://pypi.org/project/Jinja2/3.1.5/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/changes/#version-3-1-5\"\u003ehttps://jinja.palletsprojects.com/changes/#version-3-1-5\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/jinja/milestone/16?closed=1\"\u003ehttps://github.com/pallets/jinja/milestone/16?closed=1\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as by passing a stored reference to a filter that calls its argument. \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h\"\u003eGHSA-q2x7-8rv6-6q7h\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1792\"\u003e#1792\u003c/a\u003e, \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699\"\u003eGHSA-gmj6-6f8f-6699\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence types. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2032\"\u003e#2032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1952\"\u003e#1952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in \u003ccode\u003eTemplate.generate_async\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1960\"\u003e#1960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment when calling block references. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1701\"\u003e#1701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another async-aware filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1781\"\u003e#1781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1921\"\u003e#1921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e call. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2021\"\u003e#2021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e objects. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2025\"\u003e#2025\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2027\"\u003e#2027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2061\"\u003e#2061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were searched. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1661\"\u003e#1661\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not contain the templates directory. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1705\"\u003e#1705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1880\"\u003e#1880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1870\"\u003e#1870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTests decorated with \u003ccode\u003e@pass_context\u003c/code\u003e can be used with the \u003ccode\u003e|select\u003c/code\u003e filter. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1624\"\u003e#1624\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e for multiple assignment (\u003ccode\u003ea, b = 1, 2\u003c/code\u003e) does not fail when the target is a namespace attribute. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1413\"\u003e#1413\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003eset\u003c/code\u003e in all branches of \u003ccode\u003e{% if %}{% elif %}{% else %}\u003c/code\u003e blocks does not cause the variable to be considered initially undefined. \u003ca href=\"https://redirect.github.com/pallets/jinja/issues/1253\"\u003e#1253\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.4\u003c/h2\u003e\n\u003cp\u003eThis is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/Jinja2/3.1.4/\"\u003ehttps://pypi.org/project/Jinja2/3.1.4/\u003c/a\u003e\nChanges: \u003ca href=\"https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\"\u003ehttps://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003exmlattr\u003c/code\u003e filter does not allow keys with \u003ccode\u003e/\u003c/code\u003e solidus, \u003ccode\u003e\u0026gt;\u003c/code\u003e greater-than sign, or \u003ccode\u003e=\u003c/code\u003e equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.1.3\u003c/h2\u003e\n\u003cp\u003eThis is a fix release for the 3.1.x feature branch.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix for \u003ca href=\"https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95\"\u003eGHSA-h5c8-rqwp-cp95\u003c/a\u003e. You are affected if you are using \u003ccode\u003exmlattr\u003c/code\u003e and passing user input as attribute keys.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/jinja/blob/main/CHANGES.rst\"\u003ejinja2's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.1.6\u003c/h2\u003e\n\u003cp\u003eReleased 2025-03-05\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003e|attr\u003c/code\u003e filter does not bypass the environment's attribute lookup,\nallowing the sandbox to apply its checks. :ghsa:\u003ccode\u003ecpwx-vrp4-4pq7\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.1.5\u003c/h2\u003e\n\u003cp\u003eReleased 2024-12-21\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe sandboxed environment handles indirect calls to \u003ccode\u003estr.format\u003c/code\u003e, such as\nby passing a stored reference to a filter that calls its argument.\n:ghsa:\u003ccode\u003eq2x7-8rv6-6q7h\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEscape template name before formatting it into error messages, to avoid\nissues with names that contain f-string syntax.\n:issue:\u003ccode\u003e1792\u003c/code\u003e, :ghsa:\u003ccode\u003egmj6-6f8f-6699\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSandbox does not allow \u003ccode\u003eclear\u003c/code\u003e and \u003ccode\u003epop\u003c/code\u003e on known mutable sequence\ntypes. :issue:\u003ccode\u003e2032\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eCalling sync \u003ccode\u003erender\u003c/code\u003e for an async template uses \u003ccode\u003easyncio.run\u003c/code\u003e.\n:pr:\u003ccode\u003e1952\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unclosed \u003ccode\u003eauto_aiter\u003c/code\u003e warnings. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eReturn an \u003ccode\u003eaclose\u003c/code\u003e-able \u003ccode\u003eAsyncGenerator\u003c/code\u003e from\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving \u003ccode\u003eroot_render_func()\u003c/code\u003e unclosed in\n\u003ccode\u003eTemplate.generate_async\u003c/code\u003e. :pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leaving async generators unclosed in blocks, includes and extends.\n:pr:\u003ccode\u003e1960\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe runtime uses the correct \u003ccode\u003econcat\u003c/code\u003e function for the current environment\nwhen calling block references. :issue:\u003ccode\u003e1701\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003e|unique\u003c/code\u003e async-aware, allowing it to be used after another\nasync-aware filter. :issue:\u003ccode\u003e1781\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e|int\u003c/code\u003e filter handles \u003ccode\u003eOverflowError\u003c/code\u003e from scientific notation.\n:issue:\u003ccode\u003e1921\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMake compiling deterministic for tuple unpacking in a \u003ccode\u003e{% set ... %}\u003c/code\u003e\ncall. :issue:\u003ccode\u003e2021\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix dunder protocol (\u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e/etc) interaction with \u003ccode\u003eUndefined\u003c/code\u003e\nobjects. :issue:\u003ccode\u003e2025\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003ecopy\u003c/code\u003e/\u003ccode\u003epickle\u003c/code\u003e support for the internal \u003ccode\u003emissing\u003c/code\u003e object.\n:issue:\u003ccode\u003e2027\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEnvironment.overlay(enable_async)\u003c/code\u003e is applied correctly. :pr:\u003ccode\u003e2061\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eThe error message from \u003ccode\u003eFileSystemLoader\u003c/code\u003e includes the paths that were\nsearched. :issue:\u003ccode\u003e1661\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ePackageLoader\u003c/code\u003e shows a clearer error message when the package does not\ncontain the templates directory. :issue:\u003ccode\u003e1705\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eImprove annotations for methods returning copies. :pr:\u003ccode\u003e1880\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eurlize\u003c/code\u003e does not add \u003ccode\u003emailto:\u003c/code\u003e to values like \u003ccode\u003e@a@b\u003c/code\u003e. :pr:\u003ccode\u003e1870\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/15206881c006c79667fe5154fe80c01c65410679\"\u003e\u003ccode\u003e1520688\u003c/code\u003e\u003c/a\u003e release version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403\"\u003e\u003ccode\u003e90457bb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/065334d1ee5b7210e1a0a93c37238c86858f2af7\"\u003e\u003ccode\u003e065334d\u003c/code\u003e\u003c/a\u003e attr filter uses env.getattr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/033c20015c7ca899ab52eb921bb0f08e6d3dd145\"\u003e\u003ccode\u003e033c200\u003c/code\u003e\u003c/a\u003e start version 3.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/bc68d4efa99c5f77334f0e519628558059ae8c35\"\u003e\u003ccode\u003ebc68d4e\u003c/code\u003e\u003c/a\u003e use global contributing guide (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2070\"\u003e#2070\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/247de5e0c5062a792eb378e50e13e692885ee486\"\u003e\u003ccode\u003e247de5e\u003c/code\u003e\u003c/a\u003e use global contributing guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/ab8218c7a1b66b62e0ad6b941bd514e3a64a358f\"\u003e\u003ccode\u003eab8218c\u003c/code\u003e\u003c/a\u003e use project advisory link instead of global\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/b4ffc8ff299dfd360064bea4cd2f862364601ad2\"\u003e\u003ccode\u003eb4ffc8f\u003c/code\u003e\u003c/a\u003e release version 3.1.5 (\u003ca href=\"https://redirect.github.com/pallets/jinja/issues/2066\"\u003e#2066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/877f6e51be8e1765b06d911cfaa9033775f051d1\"\u003e\u003ccode\u003e877f6e5\u003c/code\u003e\u003c/a\u003e release version 3.1.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/jinja/commit/8d588592653b052f957b720e1fc93196e06f207f\"\u003e\u003ccode\u003e8d58859\u003c/code\u003e\u003c/a\u003e remove test pypi\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/jinja/compare/3.1.2...3.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `python-dotenv` from 0.21.0 to 1.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/theskumar/python-dotenv/releases\"\u003epython-dotenv's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.2.2\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.14, including the free-threaded (3.14t) build. (#)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003edotenv run\u003c/code\u003e command now forwards flags directly to the specified command by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/607\"\u003etheskumar/python-dotenv#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation clarity regarding override behavior and the reference page.\u003c/li\u003e\n\u003cli\u003eUpdated PyPy support to version 3.11.\u003c/li\u003e\n\u003cli\u003eDocumentation for FIFO file support.\u003c/li\u003e\n\u003cli\u003eSupport for Python 3.9.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved \u003ccode\u003eset_key\u003c/code\u003e and \u003ccode\u003eunset_key\u003c/code\u003e behavior when interacting with symlinks by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311\"\u003e#790c5\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrected the license specifier and added missing Python 3.14 classifiers in package metadata by \u003ca href=\"https://github.com/JYOuyang\"\u003e\u003ccode\u003e@​JYOuyang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/590\"\u003etheskumar/python-dotenv#590\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e and \u003ccode\u003edotenv.unset_key\u003c/code\u003e used to follow symlinks in some\nsituations. This is no longer the case. For that behavior to be restored in\nall cases, \u003ccode\u003efollow_symlinks=True\u003c/code\u003e should be used.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIn the CLI, \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e used to follow symlinks in some situations. This\nis no longer the case.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e, \u003ccode\u003edotenv.unset_key\u003c/code\u003e and the CLI commands \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e\nused to reset the file mode of the modified .env file to \u003ccode\u003e0o600\u003c/code\u003e in some\nsituations. This is no longer the case: The original mode of the file is now\npreserved. Is the file needed to be created or wasn't a regular file, mode\n\u003ccode\u003e0o600\u003c/code\u003e is used.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eskip 000 permission tests for root user by \u003ca href=\"https://github.com/burnout-projects\"\u003e\u003ccode\u003e@​burnout-projects\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/561\"\u003etheskumar/python-dotenv#561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 in the github-actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/593\"\u003etheskumar/python-dotenv#593\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Windows testing to CI by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/604\"\u003etheskumar/python-dotenv#604\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove workflow efficiency with best practices by \u003ca href=\"https://github.com/theskumar\"\u003e\u003ccode\u003e@​theskumar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/609\"\u003etheskumar/python-dotenv#609\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove the use of \u003ccode\u003esh\u003c/code\u003e in tests by \u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/612\"\u003etheskumar/python-dotenv#612\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/JYOuyang\"\u003e\u003ccode\u003e@​JYOuyang\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/590\"\u003etheskumar/python-dotenv#590\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/burnout-projects\"\u003e\u003ccode\u003e@​burnout-projects\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/561\"\u003etheskumar/python-dotenv#561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cpackham-atlnz\"\u003e\u003ccode\u003e@​cpackham-atlnz\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/pull/597\"\u003etheskumar/python-dotenv#597\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2\"\u003ehttps://github.com/theskumar/python-dotenv/compare/v1.2.1...v1.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md\"\u003epython-dotenv's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[1.2.2] - 2026-03-01\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.14, including the free-threaded (3.14t) build. (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003edotenv run\u003c/code\u003e command now forwards flags directly to the specified command by [\u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/607\"\u003e#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved documentation clarity regarding override behavior and the reference page.\u003c/li\u003e\n\u003cli\u003eUpdated PyPy support to version 3.11.\u003c/li\u003e\n\u003cli\u003eDocumentation for FIFO file support.\u003c/li\u003e\n\u003cli\u003eDropped Support for Python 3.9.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved \u003ccode\u003eset_key\u003c/code\u003e and \u003ccode\u003eunset_key\u003c/code\u003e behavior when interacting with symlinks by [\u003ca href=\"https://github.com/bbc2\"\u003e\u003ccode\u003e@​bbc2\u003c/code\u003e\u003c/a\u003e] in [790c5c0]\u003c/li\u003e\n\u003cli\u003eCorrected the license specifier and added missing Python 3.14 classifiers in package metadata by [\u003ca href=\"https://github.com/JYOuyang\"\u003e\u003ccode\u003e@​JYOuyang\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/590\"\u003e#590\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e and \u003ccode\u003edotenv.unset_key\u003c/code\u003e used to follow symlinks in some\nsituations. This is no longer the case. For that behavior to be restored in\nall cases, \u003ccode\u003efollow_symlinks=True\u003c/code\u003e should be used.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eIn the CLI, \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e used to follow symlinks in some situations. This\nis no longer the case.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003edotenv.set_key\u003c/code\u003e, \u003ccode\u003edotenv.unset_key\u003c/code\u003e and the CLI commands \u003ccode\u003eset\u003c/code\u003e and \u003ccode\u003eunset\u003c/code\u003e\nused to reset the file mode of the modified .env file to \u003ccode\u003e0o600\u003c/code\u003e in some\nsituations. This is no longer the case: The original mode of the file is now\npreserved. Is the file needed to be created or wasn't a regular file, mode\n\u003ccode\u003e0o600\u003c/code\u003e is used.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.2.1] - 2025-10-26\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMove more config to \u003ccode\u003epyproject.toml\u003c/code\u003e, removed \u003ccode\u003esetup.cfg\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for reading \u003ccode\u003e.env\u003c/code\u003e from FIFOs (Unix) by [\u003ca href=\"https://github.com/sidharth-sudhir\"\u003e\u003ccode\u003e@​sidharth-sudhir\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/586\"\u003e#586\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.2.0] - 2025-10-26\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade build system to use PEP 517 \u0026amp; PEP 518 to use \u003ccode\u003ebuild\u003c/code\u003e and \u003ccode\u003epyproject.toml\u003c/code\u003e by [\u003ca href=\"https://github.com/EpicWink\"\u003e\u003ccode\u003e@​EpicWink\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/583\"\u003e#583\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for Python 3.14 by [\u003ca href=\"https://github.com/23f3001135\"\u003e\u003ccode\u003e@​23f3001135\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/579\"\u003e#579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for disabling of \u003ccode\u003eload_dotenv()\u003c/code\u003e using \u003ccode\u003ePYTHON_DOTENV_DISABLED\u003c/code\u003e env var. by [\u003ca href=\"https://github.com/matthewfranglen\"\u003e\u003ccode\u003e@​matthewfranglen\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/569\"\u003e#569\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.1.1] - 2025-06-24\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCLI: Ensure \u003ccode\u003efind_dotenv\u003c/code\u003e work reliably on python 3.13 by [\u003ca href=\"https://github.com/theskumar\"\u003e\u003ccode\u003e@​theskumar\u003c/code\u003e\u003c/a\u003e] in \u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/563\"\u003e#563\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/36004e0e34be7665ff2b11a8a4005144f76f176d\"\u003e\u003ccode\u003e36004e0\u003c/code\u003e\u003c/a\u003e Bump version: 1.2.1 → 1.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/eb202520e5933c9daf42501e1e42fdb0144002c8\"\u003e\u003ccode\u003eeb20252\u003c/code\u003e\u003c/a\u003e docs: update changelog for v1.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/790c5c02991100aa1bf41ee5330aca75edc51311\"\u003e\u003ccode\u003e790c5c0\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/43340da220fb4ca4f95357bbe21a3c7f8f1278b1\"\u003e\u003ccode\u003e43340da\u003c/code\u003e\u003c/a\u003e Remove the use of \u003ccode\u003esh\u003c/code\u003e in tests (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/612\"\u003e#612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/09d7cee32459e7abdcb5c9d8122a552589c06a9c\"\u003e\u003ccode\u003e09d7cee\u003c/code\u003e\u003c/a\u003e docs: clarify override behavior and document FIFO support (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/610\"\u003e#610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/c8de2887c00198c22842c5ae5e92d1747467363c\"\u003e\u003ccode\u003ec8de288\u003c/code\u003e\u003c/a\u003e ci: improve workflow efficiency with best practices (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/609\"\u003e#609\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/7bd9e3dbfedc0983ad7d56d5570013035242bdf4\"\u003e\u003ccode\u003e7bd9e3d\u003c/code\u003e\u003c/a\u003e Add Windows testing to CI (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/604\"\u003e#604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/1baaf04f336072e0ee324d5df9563ec767f14f81\"\u003e\u003ccode\u003e1baaf04\u003c/code\u003e\u003c/a\u003e Drop Python 3.9 support and update to PyPy 3.11 (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/608\"\u003e#608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/4a22cf8993804aeede0c20b75bb1a29d3a99e9dc\"\u003e\u003ccode\u003e4a22cf8\u003c/code\u003e\u003c/a\u003e ci: enable testing on Python 3.14t (free-threaded) (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/588\"\u003e#588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/theskumar/python-dotenv/commit/e2e8e776b42e382ae38b44d3982dd649e7507dd4\"\u003e\u003ccode\u003ee2e8e77\u003c/code\u003e\u003c/a\u003e Fix license specifier (\u003ca href=\"https://redirect.github.com/theskumar/python-dotenv/issues/597\"\u003e#597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/theskumar/python-dotenv/compare/v0.21.0...v1.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `requests` from 2.28.1 to 2.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/releases\"\u003erequests's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.33.0\u003c/h2\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that uses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report any gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts contents to a non-deterministic location to prevent malicious file replacement. This does not affect default usage of Requests, only applications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause malformed authentication to be applied to Requests on Python 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/M0d3v1\"\u003e\u003ccode\u003e@​M0d3v1\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6865\"\u003epsf/requests#6865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aminvakil\"\u003e\u003ccode\u003e@​aminvakil\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7220\"\u003epsf/requests#7220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/E8Price\"\u003e\u003ccode\u003e@​E8Price\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6960\"\u003epsf/requests#6960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mitre88\"\u003e\u003ccode\u003e@​mitre88\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7244\"\u003epsf/requests#7244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/magsen\"\u003e\u003ccode\u003e@​magsen\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/6553\"\u003epsf/requests#6553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Rohan5commit\"\u003e\u003ccode\u003e@​Rohan5commit\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/psf/requests/pull/7227\"\u003epsf/requests#7227\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\"\u003ehttps://github.com/psf/requests/blob/main/HISTORY.md#2330-2026-03-25\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.32.5\u003c/h2\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.32.4\u003c/h2\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/psf/requests/blob/main/HISTORY.md\"\u003erequests's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.33.0 (2026-03-25)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAnnouncements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e📣 Requests is adding inline types. If you have a typed code base that\nuses Requests, please take a look at \u003ca href=\"https://redirect.github.com/psf/requests/issues/7271\"\u003e#7271\u003c/a\u003e. Give it a try, and report\nany gaps or feedback you may have in the issue. 📣\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-25645 \u003ccode\u003erequests.utils.extract_zipped_paths\u003c/code\u003e now extracts\ncontents to a non-deterministic location to prevent malicious file\nreplacement. This does not affect default usage of Requests, only\napplications calling the utility function directly.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated to a PEP 517 build system using setuptools. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7012\"\u003e#7012\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where an empty netrc entry could cause\nmalformed authentication to be applied to Requests on\nPython 3.11+. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7205\"\u003e#7205\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9 following its end of support. (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7196\"\u003e#7196\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVarious typo fixes and doc improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.5 (2025-08-18)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBugfixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe SSLContext caching feature originally introduced in 2.32.0 has created\na new class of issues in Requests that have had negative impact across a number\nof use cases. The Requests team has decided to revert this feature as long term\nmaintenance of it is proving to be unsustainable in its current iteration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeprecations\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14.\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.8 following its end of support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.32.4 (2025-06-10)\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted\nenvironment will retrieve credentials for the wrong hostname/machine from a\nnetrc file.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/bc04dfd6dad4cb02cd92f5daa81eb562d280a761\"\u003e\u003ccode\u003ebc04dfd\u003c/code\u003e\u003c/a\u003e v2.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/66d21cb07bd6255b1280291c4fafb71803cdb3b7\"\u003e\u003ccode\u003e66d21cb\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/8b9bc8fc0f63be84602387913c4b689f19efd028\"\u003e\u003ccode\u003e8b9bc8f\u003c/code\u003e\u003c/a\u003e Move badges to top of README (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7293\"\u003e#7293\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/e331a288f369973f5de0ec8901c94cae4fa87286\"\u003e\u003ccode\u003ee331a28\u003c/code\u003e\u003c/a\u003e Remove unused extraction call (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7292\"\u003e#7292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/753fd08c5eacce0aa0df73fe47e49525c67e0a29\"\u003e\u003ccode\u003e753fd08\u003c/code\u003e\u003c/a\u003e docs: fix FAQ grammar in httplib2 example\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/774a0b837a194ee885d4fdd9ca947900cc3daf71\"\u003e\u003ccode\u003e774a0b8\u003c/code\u003e\u003c/a\u003e docs(socks): same block as other sections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/9c72a41bec8597f948c9d8caa5dc3f12273b3303\"\u003e\u003ccode\u003e9c72a41\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.33.0 to 4.34.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/ebf71906798ec82f34e07d3168f8b8aecaf8a3be\"\u003e\u003ccode\u003eebf7190\u003c/code\u003e\u003c/a\u003e Bump github/codeql-action from 4.32.0 to 4.33.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/0e4ae38f0c93d4f92a96c774bd52c069d12a4798\"\u003e\u003ccode\u003e0e4ae38\u003c/code\u003e\u003c/a\u003e docs: exclude Response.is_permanent_redirect from API docs (\u003ca href=\"https://redirect.github.com/psf/requests/issues/7244\"\u003e#7244\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/psf/requests/commit/d568f47278492e630cc990a259047c67991d007a\"\u003e\u003ccode\u003ed568f47\u003c/code\u003e\u003c/a\u003e docs: clarify Quickstart POST example (\u003ca href=\"https://redirect.github.com/psf/requests/issues/6960\"\u003e#6960\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/psf/requests/compare/v2.28.1...v2.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tqdm` from 4.64.1 to 4.66.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tqdm/tqdm/releases\"\u003etqdm's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003etqdm v4.66.3 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003ecli\u003c/code\u003e: \u003ccode\u003eeval\u003c/code\u003e safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003epandas\u003c/code\u003e: add \u003ccode\u003eDataFrame.progress_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003enotebook\u003c/code\u003e: fix HTML padding (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1506\"\u003e#1506\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ekeras\u003c/code\u003e: fix resuming training when \u003ccode\u003everbose\u0026gt;=2\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1508\"\u003e#1508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003eformat_num\u003c/code\u003e negative fractions missing leading zero (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1548\"\u003e#1548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix Python 3.12 \u003ccode\u003eDeprecationWarning\u003c/code\u003e on \u003ccode\u003eimport\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003elinting: use f-strings (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003epandas\u003c/code\u003e warnings\u003c/li\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/airspeed-velocity/asv/issues/1323\"\u003eairspeed-velocity/asv#1323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix macos \u003ccode\u003enotebook\u003c/code\u003e docstring indentation\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eCI: bump actions (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003eutils.envwrap\u003c/code\u003e types (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1493\"\u003e#1493\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1320\"\u003e#1320\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/966\"\u003e#966\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1319\"\u003e#1319\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. cloudwatch \u0026amp; kubernetes workaround: \u003ccode\u003eexport TQDM_POSITION=-1\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003edrop mentions of unsupported Python versions\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.66.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eenvironment variables to override defaults (\u003ccode\u003eTQDM_*\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1491\"\u003e#1491\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1061\"\u003e#1061\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/950\"\u003e#950\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/614\"\u003e#614\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1318\"\u003e#1318\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/619\"\u003e#619\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/612\"\u003e#612\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/370\"\u003e#370\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003ee.g. in CI jobs, \u003ccode\u003eexport TQDM_MININTERVAL=5\u003c/code\u003e to avoid log spam\u003c/li\u003e\n\u003cli\u003eadd tests \u0026amp; docs for \u003ccode\u003etqdm.utils.envwrap\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CLI completion\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update API docs\u003c/li\u003e\n\u003cli\u003eminor code tidy: replace \u003ccode\u003eos.path\u003c/code\u003e =\u0026gt; \u003ccode\u003epathlib.Path\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003efix docs image hosting\u003c/li\u003e\n\u003cli\u003erelease with CI bot account again (\u003ca href=\"https://redirect.github.com/cli/cli/issues/6680\"\u003ecli/cli#6680\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.2 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eexclude \u003ccode\u003eexamples\u003c/code\u003e from distributed wheel (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1492\"\u003e#1492\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.1 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003emigrate \u003ccode\u003esetup.{cfg,py}\u003c/code\u003e =\u0026gt; \u003ccode\u003epyproject.toml\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix \u003ccode\u003easv\u003c/code\u003e benchmarks\u003c/li\u003e\n\u003cli\u003eupdate docs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003efix snap build (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update tests (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1490\"\u003e#1490\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003efix flaky notebook tests\u003c/li\u003e\n\u003cli\u003ebump \u003ccode\u003epre-commit\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ebump workflow actions\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003etqdm v4.65.0 stable\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eadd Python 3.11 and drop Python 3.6 support (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1439\"\u003e#1439\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1419\"\u003e#1419\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/502\"\u003e#502\u003c/a\u003e \u0026lt;- \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/720\"\u003e#720\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/620\"\u003e#620\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emisc code \u0026amp; docs tidy\u003c/li\u003e\n\u003cli\u003efix \u0026amp; update CI workflows \u0026amp; tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316\"\u003e\u003ccode\u003e4e613f8\u003c/code\u003e\u003c/a\u003e Merge pull request from GHSA-g7vv-2v7x-gj9p\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721\"\u003e\u003ccode\u003eb53348c\u003c/code\u003e\u003c/a\u003e cli: eval safety\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/cc372d09dcd5a5eabdc6ed4cf365bdb0be004d44\"\u003e\u003ccode\u003ecc372d0\u003c/code\u003e\u003c/a\u003e bump version, merge pull request \u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1549\"\u003e#1549\u003c/a\u003e from tqdm/devel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/e9f0c05097dc167031575391d83240d37556f098\"\u003e\u003ccode\u003ee9f0c05\u003c/code\u003e\u003c/a\u003e use PyPI trusted publishing\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/7323d5bcc9b032d525f9d6468a9713f5be9c4174\"\u003e\u003ccode\u003e7323d5b\u003c/code\u003e\u003c/a\u003e slight makefile clean\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/5306125133d76e0f9326d747d29781fefe273c77\"\u003e\u003ccode\u003e5306125\u003c/code\u003e\u003c/a\u003e tests: bump pre-commit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/4a6fd4f690a4add231f4bef601521ed9bee513fb\"\u003e\u003ccode\u003e4a6fd4f\u003c/code\u003e\u003c/a\u003e fix datetime.utcfromtimestamp py3.12 warning (\u003ca href=\"https://redirect.github.com/tqdm/tqdm/issues/1519\"\u003e#1519\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/6f13759f4a0e1047a09732e72f6d07e44d3e6855\"\u003e\u003ccode\u003e6f13759\u003c/code\u003e\u003c/a\u003e tests: fix macos notebook indentation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/3abcd2ac90ecb01ac7f64071af600f803eab6a21\"\u003e\u003ccode\u003e3abcd2a\u003c/code\u003e\u003c/a\u003e tests: fix asv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tqdm/tqdm/commit/a4d15c8e2f6c7322c1a1cd1d845927f037281da1\"\u003e\u003ccode\u003ea4d15c8\u003c/code\u003e\u003c/a\u003e tests: fix pandas warnings\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tqdm/tqdm/compare/v4.64.1...v4.66.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.26.13 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been read and decompressed partially. (Reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or \u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed using the official \u003ca href=\"https://pypi.org/project/brotli/\"\u003eBrotli\u003c/a\u003e library. (Reported by \u003ca href=\"https://github.com/kimkou2024\"\u003e\u003ccode\u003e@​kimkou2024\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee GHSA-mf9v-mfxr-j63j for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip sensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by \u003ca href=\"https://github.com/christos-spearbit\"\u003e\u003ccode\u003e@​christos-spearbit\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3763\"\u003eurllib3/urllib3#3763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3720\"\u003eurllib3/urllib3#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003eurllib3/urllib3#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3777\"\u003eurllib3/urllib3#3777\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed data buffered from previous partial reads. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3636\"\u003eurllib3/urllib3#3636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the response after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4967\"\u003eurllib3/urllib3#4967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.stream()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to handle \u003ccode\u003eamt=0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3793\"\u003eurllib3/urllib3#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003e_TYPE_BODY\u003c/code\u003e type alias to include missing \u003ccode\u003eIterable[str]\u003c/code\u003e, matching the documented and runtime behavior of chunked request bodies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3798\"\u003eurllib3/urllib3#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eLocationParseError\u003c/code\u003e when paths resembling schemeless URIs were passed to \u003ccode\u003eHTTPConnectionPool.urlopen()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3352\"\u003eurllib3/urllib3#3352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eBaseHTTPResponse.readinto()\u003c/code\u003e type annotation to accept \u003ccode\u003ememoryview\u003c/code\u003e in addition to \u003ccode\u003ebytearray\u003c/code\u003e, matching the \u003ccode\u003eio.RawIOBase.readinto\u003c/code\u003e contract and enabling use with \u003ccode\u003eio.BufferedReader\u003c/code\u003e without type errors. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3764\"\u003eurllib3/urllib3#3764\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.7.0 (2026-05-07)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues.\nImpact was limited to specific use cases detailed in the accompanying\nadvisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been\nread and decompressed partially.\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or\n\u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed\nusing the official \u003ccode\u003eBrotli \u0026lt;https://pypi.org/project/brotli/\u0026gt;\u003c/code\u003e__ library.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee \u003ccode\u003eGHSA-mf9v-mfxr-j63j \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j\u0026gt;\u003c/code\u003e__\nfor details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip\nsensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when\nredirecting to a different host.\n(\u003ccode\u003eGHSA-qccp-gfcp-xxvc \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\u0026gt;\u003c/code\u003e__)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better\nvisibility of existing deprecation notices. Rescheduled the removal of\ndeprecated features to version 3.0.\n(\u003ccode\u003e[#3763](https://github.com/urllib3/urllib3/issues/3763) \u0026lt;https://github.com/urllib3/urllib3/issues/3763\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9.\n(\u003ccode\u003e[#3720](https://github.com/urllib3/urllib3/issues/3720) \u0026lt;https://github.com/urllib3/urllib3/issues/3720\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10.\n(\u003ccode\u003e[#4979](https://github.com/urllib3/urllib3/issues/4979) \u0026lt;https://github.com/urllib3/urllib3/issues/4979\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0.\n(\u003ccode\u003e[#3777](https://github.com/urllib3/urllib3/issues/3777) \u0026lt;https://github.com/urllib3/urllib3/issues/3777\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed\ndata buffered from previous partial reads.\n(\u003ccode\u003e[#3636](https://github.com/urllib3/urllib3/issues/3636) \u0026lt;https://github.com/urllib3/urllib3/issues/3636\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the\nresponse after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9a950b92d999f906b6020bb2d1076ee56cddd5d2\"\u003e\u003ccode\u003e9a950b9\u003c/code\u003e\u003c/a\u003e Release 2.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc\"\u003e\u003ccode\u003e5ec0de4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2bdcc44d1e163fb5cc48a8662425e35e15adfe6a\"\u003e\u003ccode\u003e2bdcc44\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f45b0df09d8620ac6ed0491eb9362c8c87b7bc2c\"\u003e\u003ccode\u003ef45b0df\u003c/code\u003e\u003c/a\u003e Fix a misleading example for \u003ccode\u003eProxyManager\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/577193ca029872384f82c133449e0935f6d8a64b\"\u003e\u003ccode\u003e577193c\u003c/code\u003e\u003c/a\u003e Switch to nightly PyPy3.11 in CI for now (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4984\"\u003e#4984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/e90af45bb006c3a452a3a21644a2681523f5c7fc\"\u003e\u003ccode\u003ee90af45\u003c/code\u003e\u003c/a\u003e Avoid infinite loop in \u003ccode\u003eHTTPResponse.read_chunked\u003c/code\u003e when \u003ccode\u003eamt=0\u003c/code\u003e (\u003ca href=\"https...\n\n_Description has been truncated_","html_url":"https://github.com/adrianwedd/Openai-Dialogflow-CX-ES-Python/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/adrianwedd%2FOpenai-Dialogflow-CX-ES-Python/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"3.23.0","new_version":"3.23.1","update_type":"patch","path":null,"pr_created_at":"2026-05-15T05:52:17.000Z","version_change":"3.23.0 → 3.23.1","issue":{"uuid":"4451620456","node_id":"PR_kwDOSV9uT87bzHgX","number":79,"state":"open","title":"build(deps): bump the simple group across 1 directory with 21 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T05:52:17.000Z","updated_at":"2026-05-15T05:52:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"simple","update_count":21,"packages":[{"name":"agate","old_version":"1.9.1","new_version":"1.14.2","repository_url":"https://github.com/wireservice/agate"},{"name":"certifi","old_version":"2026.2.25","new_version":"2026.4.22","repository_url":"https://github.com/certifi/python-certifi"},{"name":"click","old_version":"8.3.2","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"dbt-adapters","old_version":"1.22.10","new_version":"1.23.0","repository_url":"https://github.com/dbt-labs/dbt-adapters"},{"name":"dbt-common","old_version":"1.37.3","new_version":"1.38.0","repository_url":"https://github.com/dbt-labs/dbt-common"},{"name":"dbt-core","old_version":"1.11.7","new_version":"1.11.9","repository_url":"https://github.com/dbt-labs/dbt-core"},{"name":"dbt-protos","old_version":"1.0.443","new_version":"1.0.491","repository_url":"https://github.com/dbt-labs/proto-python-public"},{"name":"dbt-semantic-interfaces","old_version":"0.9.0","new_version":"0.10.5"},{"name":"idna","old_version":"3.11","new_version":"3.14","repository_url":"https://github.com/kjd/idna"},{"name":"isodate","old_version":"0.6.1","new_version":"0.7.2","repository_url":"https://github.com/gweis/isodate"},{"name":"mashumaro","old_version":"3.9","new_version":"3.21","repository_url":"https://github.com/Fatal1ty/mashumaro"},{"name":"networkx","old_version":"3.4.2","new_version":"3.6.1","repository_url":"https://github.com/networkx/networkx"},{"name":"packaging","old_version":"26.0","new_version":"26.2","repository_url":"https://github.com/pypa/packaging"},{"name":"psycopg2-binary","old_version":"2.9.11","new_version":"2.9.12","repository_url":"https://github.com/psycopg/psycopg2"},{"name":"pydantic","old_version":"2.12.5","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-core","old_version":"2.41.5","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pytz","old_version":"2026.1.post1","new_version":"2026.2","repository_url":"https://github.com/stub42/pytz"},{"name":"requests","old_version":"2.33.1","new_version":"2.34.0","repository_url":"https://github.com/psf/requests"},{"name":"sqlparse","old_version":"0.5.4","new_version":"0.5.5","repository_url":"https://github.com/andialbrecht/sqlparse"},{"name":"urllib3","old_version":"2.6.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the simple group with 21 updates in the /misc/dbt-materialize directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [agate](https://github.com/wireservice/agate) | `1.9.1` | `1.14.2` |\n| [certifi](https://github.com/certifi/python-certifi) | `2026.2.25` | `2026.4.22` |\n| [click](https://github.com/pallets/click) | `8.3.2` | `8.3.3` |\n| [dbt-adapters](https://github.com/dbt-labs/dbt-adapters) | `1.22.10` | `1.23.0` |\n| [dbt-common](https://github.com/dbt-labs/dbt-common) | `1.37.3` | `1.38.0` |\n| [dbt-core](https://github.com/dbt-labs/dbt-core) | `1.11.7` | `1.11.9` |\n| [dbt-protos](https://github.com/dbt-labs/proto-python-public) | `1.0.443` | `1.0.491` |\n| dbt-semantic-interfaces | `0.9.0` | `0.10.5` |\n| [idna](https://github.com/kjd/idna) | `3.11` | `3.14` |\n| [isodate](https://github.com/gweis/isodate) | `0.6.1` | `0.7.2` |\n| [mashumaro](https://github.com/Fatal1ty/mashumaro) | `3.9` | `3.21` |\n| [networkx](https://github.com/networkx/networkx) | `3.4.2` | `3.6.1` |\n| [packaging](https://github.com/pypa/packaging) | `26.0` | `26.2` |\n| [psycopg2-binary](https://github.com/psycopg/psycopg2) | `2.9.11` | `2.9.12` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.5` | `2.46.4` |\n| [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` |\n| [requests](https://github.com/psf/requests) | `2.33.1` | `2.34.0` |\n| [sqlparse](https://github.com/andialbrecht/sqlparse) | `0.5.4` | `0.5.5` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `3.23.1` |\n\n\nUpdates `agate` from 1.9.1 to 1.14.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wireservice/agate/blob/master/CHANGELOG.rst\"\u003eagate's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.14.2 - February 27, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.from_csv\u003c/code\u003e on empty CSV.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.1 - January 15, 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.join\u003c/code\u003e was joining incorrectly when \u003ccode\u003efull_outer=True\u003c/code\u003e and \u003ccode\u003eleft_key\u003c/code\u003e and \u003ccode\u003eright_key\u003c/code\u003e were sequences.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.14.0 - December 15, 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.print_table\u003c/code\u003e replaces newlines with \u003ccode\u003e↵\u003c/code\u003e to avoid broken output.\u003c/li\u003e\n\u003cli\u003eAdd Python 3.13 and 3.14 support. Drop support for end-of-life versions 3.8 and 3.9.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.13.0 - January 29, 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Table.order_by\u003c/code\u003e sorts None as equal to None.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.12.0 - July 29, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: :class:\u003ccode\u003e.Number\u003c/code\u003e accepts a \u003ccode\u003eno_leading_zeroes\u003c/code\u003e keyword argument, to indicate whether to disallow numbers with leading zeroes (not including a single zero, or a single zero before a decimal).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.11.0 - May 27, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: The \u003ccode\u003ekey\u003c/code\u003e argument to :meth:\u003ccode\u003e.Table.to_json\u003c/code\u003e errors if two values are equal, even if their CSV representation is different: for example, \u0026quot;1/1/2020\u0026quot; and \u0026quot;01/01/2020\u0026quot;. However, until now, this was not the case for numbers: for example, \u0026quot;3.0\u0026quot; was treated as unequal to \u0026quot;3.00\u0026quot;.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 - April 28, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Version 1.10.0 errors on piped data.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 - April 28, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: Version 1.10.0 errors on empty tables and seeks to the file's beginning, instead of to the original offset.\u003c/li\u003e\n\u003cli\u003efix: :meth:\u003ccode\u003e.Number.csvify\u003c/code\u003e returns a \u003ccode\u003eDecimal\u003c/code\u003e (or \u003ccode\u003eNone\u003c/code\u003e), instead of \u003ccode\u003estr\u003c/code\u003e. :meth:\u003ccode\u003e.Table.to_csv\u003c/code\u003e with \u003ccode\u003equoting=csv.QUOTE_NONNUMERIC\u003c/code\u003e now works.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 - April 27, 2024\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003efeat: :meth:\u003ccode\u003e.Table.from_csv\u003c/code\u003e reads the file line by line. If \u003ccode\u003ecolumn_types\u003c/code\u003e is a :class:\u003ccode\u003e.TypeTester\u003c/code\u003e, it reads the file into memory. (\u003ca href=\"https://redirect.github.com/wireservice/agate/issues/778\"\u003e#778\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efix: Fix :meth:\u003ccode\u003e.TableSet.print_structure\u003c/code\u003e for nested tablesets. (\u003ca href=\"https://redirect.github.com/wireservice/agate/issues/765\"\u003e#765\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e.. code-block:: python\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/eab4f62e6cf1c9a0d68c4c3c9faace91355f49da\"\u003e\u003ccode\u003eeab4f62\u003c/code\u003e\u003c/a\u003e build: Iterate the version number. Add \u003ca href=\"https://github.com/karthiksai109\"\u003e\u003ccode\u003e@​karthiksai109\u003c/code\u003e\u003c/a\u003e to authors.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/2897c4162d7d9f9a7e37be9a2a0585a27d469b88\"\u003e\u003ccode\u003e2897c41\u003c/code\u003e\u003c/a\u003e Handle empty CSV input in Table.from_csv\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/479a18d6bf896f332406f211d4cea6702bf719e3\"\u003e\u003ccode\u003e479a18d\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/download-artifact from 7 to 8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/f8cc6c908c96ca5c1442b5077d722ec1329df8ca\"\u003e\u003ccode\u003ef8cc6c9\u003c/code\u003e\u003c/a\u003e ci: Migrate from Coveralls to Codecov\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/2934ae7a8c61cf7f628abdb5e19831bc622888d8\"\u003e\u003ccode\u003e2934ae7\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/wireservice/agate/issues/799\"\u003e#799\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/553e30ac3a856deffb64178e77a7024bec93028a\"\u003e\u003ccode\u003e553e30a\u003c/code\u003e\u003c/a\u003e build: Use automatic package discovery to fix stray files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/c36a7afcafd1516e3c0f6c535e7a0bffa06b11b0\"\u003e\u003ccode\u003ec36a7af\u003c/code\u003e\u003c/a\u003e docs: Update references to setup.py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/cc2062fdc9c4fa65ac826836e0aeeef1a42f6b22\"\u003e\u003ccode\u003ecc2062f\u003c/code\u003e\u003c/a\u003e ci: Use pyproject.toml for cache-dependency-path\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/e8b5961c4750f425328408ea633d99a193069b11\"\u003e\u003ccode\u003ee8b5961\u003c/code\u003e\u003c/a\u003e ci: Run apt update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wireservice/agate/commit/f69a0389f728750ac605ac70916877ebc0b2cef1\"\u003e\u003ccode\u003ef69a038\u003c/code\u003e\u003c/a\u003e fix: Fix full_outer when left_key and right_key are sequences, closes \u003ca href=\"https://redirect.github.com/wireservice/agate/issues/795\"\u003e#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/wireservice/agate/compare/1.9.1...1.14.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `certifi` from 2026.2.25 to 2026.4.22\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/5dddfb072243da27adde885b73ba9b809c3224ca\"\u003e\u003ccode\u003e5dddfb0\u003c/code\u003e\u003c/a\u003e 2026.04.22 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/410\"\u003e#410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/f99eccdaf87f7c10e521a58a700ca3eb94a0787e\"\u003e\u003ccode\u003ef99eccd\u003c/code\u003e\u003c/a\u003e Bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/918bed055f7291719512af186c1c24710f845660\"\u003e\u003ccode\u003e918bed0\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 7.0.0 to 7.0.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/405\"\u003e#405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/0a49067eb434e53e1f8df5f7707d5dc05ef9def4\"\u003e\u003ccode\u003e0a49067\u003c/code\u003e\u003c/a\u003e Bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/403\"\u003e#403\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/acf6ce8e39e3b125f4349e11904295e4fe4c1bed\"\u003e\u003ccode\u003eacf6ce8\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 8.0.0 to 8.0.1 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/398\"\u003e#398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/feb0ed26163a9417ea0fb8eb52d47e79fcf202ab\"\u003e\u003ccode\u003efeb0ed2\u003c/code\u003e\u003c/a\u003e Bump actions/download-artifact from 7.0.0 to 8.0.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/397\"\u003e#397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/certifi/python-certifi/commit/d9c11a50369cc377abb40f7909ded3d6da4d98a3\"\u003e\u003ccode\u003ed9c11a5\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6.0.0 to 7.0.0 (\u003ca href=\"https://redirect.github.com/certifi/python-certifi/issues/396\"\u003e#396\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/certifi/python-certifi/compare/2026.02.25...2026.04.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.2 to 8.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.3.3\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.3/\"\u003ehttps://pypi.org/project/click/8.3.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-3\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/1026\"\u003e#1026\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/1477\"\u003e#1477\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2775\"\u003e#2775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3298\"\u003e#3298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3299\"\u003e#3299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3238\"\u003e#3238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3224\"\u003e#3224\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/654\"\u003e#654\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/824\"\u003e#824\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/843\"\u003e#843\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/951\"\u003e#951\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3235\"\u003e#3235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3177\"\u003e#3177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2836\"\u003e#2836\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2837\"\u003e#2837\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3165\"\u003e#3165\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3262\"\u003e#3262\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3280\"\u003e#3280\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3111\"\u003e#3111\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3189\"\u003e#3189\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3250\"\u003e#3250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2865\"\u003e#2865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2879\"\u003e#2879\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.3.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-20\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n:issue:\u003ccode\u003e1026\u003c/code\u003e :pr:\u003ccode\u003e1477\u003c/code\u003e :pr:\u003ccode\u003e2775\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. :issue:\u003ccode\u003e3298\u003c/code\u003e :pr:\u003ccode\u003e3299\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. :pr:\u003ccode\u003e3238\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n:issue:\u003ccode\u003e3224\u003c/code\u003e :pr:\u003ccode\u003e3240\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n:issue:\u003ccode\u003e654\u003c/code\u003e :issue:\u003ccode\u003e824\u003c/code\u003e :issue:\u003ccode\u003e843\u003c/code\u003e :pr:\u003ccode\u003e951\u003c/code\u003e :pr:\u003ccode\u003e3235\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. :pr:\u003ccode\u003e3151\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. :pr:\u003ccode\u003e3151\u003c/code\u003e :pr:\u003ccode\u003e3177\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. :issue:\u003ccode\u003e2836\u003c/code\u003e :pr:\u003ccode\u003e2837\u003c/code\u003e :pr:\u003ccode\u003e3165\u003c/code\u003e :pr:\u003ccode\u003e3262\u003c/code\u003e :pr:\u003ccode\u003e3280\u003c/code\u003e\n:pr:\u003ccode\u003e3328\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. :issue:\u003ccode\u003e3111\u003c/code\u003e :pr:\u003ccode\u003e3239\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. :issue:\u003ccode\u003e3189\u003c/code\u003e :pr:\u003ccode\u003e3250\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n:issue:\u003ccode\u003e2865\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. :issue:\u003ccode\u003e2879\u003c/code\u003e :pr:\u003ccode\u003e3248\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c06d2d0a6aee6bcc50bd8257be2a4a592f4e75d0\"\u003e\u003ccode\u003ec06d2d0\u003c/code\u003e\u003c/a\u003e Release 8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/f1f191ecd2c790b161187c78e7c88440e9524e5c\"\u003e\u003ccode\u003ef1f191e\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3343\"\u003e#3343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/bb59ba0fd279ca085d1113f0499b6a602ca31081\"\u003e\u003ccode\u003ebb59ba0\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4a352253c9ff013e36d11e4a6820d36d00ff2cd4\"\u003e\u003ccode\u003e4a35225\u003c/code\u003e\u003c/a\u003e Reduce blast-radius of \u003ccode\u003eUNSET\u003c/code\u003e in \u003ccode\u003edefault_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c07bb936de43fd303f9cfbefe248ab23fd2199c8\"\u003e\u003ccode\u003ec07bb93\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into unset-in-default-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c7e1ba8448cbcb2cdd9c1c7f4a592e863dcc3995\"\u003e\u003ccode\u003ec7e1ba8\u003c/code\u003e\u003c/a\u003e Reorder \u003ccode\u003eParameterSource\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/76552ff1e8c85837f911fc34037e702ae4327eda\"\u003e\u003ccode\u003e76552ff\u003c/code\u003e\u003c/a\u003e Show default string in prompt (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/ac5cec5fe54e5a691e7bac17f441ce9498e0744c\"\u003e\u003ccode\u003eac5cec5\u003c/code\u003e\u003c/a\u003e Reorder ParameterSource from most to least explicit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c452e00e6772931b7071d9316b82b77e5b8f280\"\u003e\u003ccode\u003e8c452e0\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into show-default-string-in-prompt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c95c73bd5ef89eac638f85f1904a104ba4b1a32\"\u003e\u003ccode\u003e8c95c73\u003c/code\u003e\u003c/a\u003e Reconcile default value passing and default activation (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.2...8.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-adapters` from 1.22.10 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-adapters/blob/main/dbt-adapters/CHANGELOG.md\"\u003edbt-adapters's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-adapters 1.23.0 - May 07, 2026\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd scaffolding for resolving function relations from data warehouses (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1488\"\u003e#1488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded --empty support for dbt seed (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1865\"\u003e#1865\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for python 3.14 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/12098\"\u003e#12098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix snapshot UNION ALL type mismatch when adding new source columns with hard_deletes=new_record by casting NULL placeholders to the correct data type (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/852\"\u003e#852\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSkip empty catalog tables before merge to prevent agate type conflicts during \u003ccode\u003edbt docs generate\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1833\"\u003e#1833\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tauhidanjum\"\u003e\u003ccode\u003e@​tauhidanjum\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-adapters/issues/1833\"\u003e#1833\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dbt-labs/dbt-adapters/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-common` from 1.37.3 to 1.38.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-common/blob/main/CHANGELOG.md\"\u003edbt-common's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-common 1.38.0 - May 04, 2026\u003c/h2\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExplicitly keep bool serde as a passthrough for mashumaro 3.15+ compat with versions before 3.15 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-common/issues/12098\"\u003e#12098\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-common 1.37.5 - April 23, 2026\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds public helper functions for event deferral functionality (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-common/issues/12339\"\u003e#12339\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-common 1.37.4 - April 23, 2026\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd event deferral capability to EventManager (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-common/issues/12339\"\u003e#12339\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/dbt-labs/dbt-common/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-core` from 1.11.7 to 1.11.9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-core/releases\"\u003edbt-core's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-core v1.11.9\u003c/h2\u003e\n\u003ch2\u003edbt-core 1.11.9 - May 06, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003estatic_analysis: off\u003c/code\u003e being interpreted as boolean \u003ccode\u003efalse\u003c/code\u003e instead of string \u003ccode\u003e\u0026quot;off\u0026quot;\u003c/code\u003e in manifest.json (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix state:modified not detecting .yml property changes for resource_type:function (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate jsonschemas for more accurate deprecation warnings: macro.config should not warn (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u1 to 13.23-0+deb11u2 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u2 to 13.23-0+deb11u3 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Thrasi\"\u003e\u003ccode\u003e@​Thrasi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/b-per\"\u003e\u003ccode\u003e@​b-per\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michelleark\"\u003e\u003ccode\u003e@​michelleark\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tauhid621\"\u003e\u003ccode\u003e@​tauhid621\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e, \u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-core v1.11.8\u003c/h2\u003e\n\u003ch2\u003edbt-core 1.11.8 - April 08, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to compile command to fix REST Catalog-Linked database compilation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12353\"\u003e#12353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove logic for detecting config with missing plus prefix in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12371\"\u003e#12371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd config and allow meta and docs to exist under it for macros (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12383\"\u003e#12383\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/9447\"\u003e#9447\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDBT_ENGINE\u003c/code\u003e prefixed env vars picked up by CLI (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12583\"\u003e#12583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow deferral for UDFs (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12080\"\u003e#12080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve full node description while running udfs for better logging (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12600\"\u003e#12600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise PropertyMovedToConfigDeprecation instead of MissingArgumentsPropertyInGenericTestDeprecation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12572\"\u003e#12572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to test command to fix custom catalog integration support (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise custom key in config deprecation warning for invalid config keys in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12542\"\u003e#12542\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure MAX_GROUPING_TOKENS and MAX_GROUPING_DEPTH default to None independently (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure property depr checks check for aliases with plus prefix (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12327\"\u003e#12327\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnable display of unit tests ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/501\"\u003e#501\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/501\"\u003edbt-labs/dbt-docs#501\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eUnit tests not rendering ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/506\"\u003e#506\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/506\"\u003edbt-labs/dbt-docs#506\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for Saved Query node ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/486\"\u003e#486\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/486\"\u003edbt-labs/dbt-docs#486\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eFix npm security vulnerabilities as of June 2024 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/513\"\u003e#513\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/513\"\u003edbt-labs/dbt-docs#513\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eBump form-data from 3.0.1 to 3.0.4 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/554\"\u003e#554\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/554\"\u003edbt-labs/dbt-docs#554\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for UDF (function) resource type in lineage graph ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/574\"\u003e#574\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/574\"\u003edbt-labs/dbt-docs#574\u003c/a\u003e))\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dbt-labs/dbt-core/blob/v1.11.9/CHANGELOG.md\"\u003edbt-core's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003edbt-core 1.11.9 - May 06, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003estatic_analysis: off\u003c/code\u003e being interpreted as boolean \u003ccode\u003efalse\u003c/code\u003e instead of string \u003ccode\u003e\u0026quot;off\u0026quot;\u003c/code\u003e in manifest.json (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix state:modified not detecting .yml property changes for resource_type:function (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate jsonschemas for more accurate deprecation warnings: macro.config should not warn (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u1 to 13.23-0+deb11u2 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump libpq-dev in Docker image from 13.23-0+deb11u2 to 13.23-0+deb11u3 to fix build failure due to superseded package version (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eContributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Thrasi\"\u003e\u003ccode\u003e@​Thrasi\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12547\"\u003e#12547\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/b-per\"\u003e\u003ccode\u003e@​b-per\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michelleark\"\u003e\u003ccode\u003e@​michelleark\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12670\"\u003e#12670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tauhid621\"\u003e\u003ccode\u003e@​tauhid621\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e, \u003ca href=\"https://github.com/dbt-labs/dbt-core/issues/NA\"\u003e#NA\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003edbt-core 1.11.8 - April 08, 2026\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to compile command to fix REST Catalog-Linked database compilation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12353\"\u003e#12353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove logic for detecting config with missing plus prefix in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12371\"\u003e#12371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd config and allow meta and docs to exist under it for macros (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12383\"\u003e#12383\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/9447\"\u003e#9447\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eDBT_ENGINE\u003c/code\u003e prefixed env vars picked up by CLI (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12583\"\u003e#12583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow deferral for UDFs (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12080\"\u003e#12080\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eResolve full node description while running udfs for better logging (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12600\"\u003e#12600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise PropertyMovedToConfigDeprecation instead of MissingArgumentsPropertyInGenericTestDeprecation (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12572\"\u003e#12572\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/requires\"\u003e\u003ccode\u003e@​requires\u003c/code\u003e\u003c/a\u003e.catalogs decorator to test command to fix custom catalog integration support (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12662\"\u003e#12662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRaise custom key in config deprecation warning for invalid config keys in dbt_project.yml (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12542\"\u003e#12542\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure MAX_GROUPING_TOKENS and MAX_GROUPING_DEPTH default to None independently (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12694\"\u003e#12694\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnsure property depr checks check for aliases with plus prefix (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12327\"\u003e#12327\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnable display of unit tests ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/501\"\u003e#501\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/501\"\u003edbt-labs/dbt-docs#501\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eUnit tests not rendering ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/506\"\u003e#506\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/506\"\u003edbt-labs/dbt-docs#506\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for Saved Query node ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/486\"\u003e#486\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/486\"\u003edbt-labs/dbt-docs#486\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eFix npm security vulnerabilities as of June 2024 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/513\"\u003e#513\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/513\"\u003edbt-labs/dbt-docs#513\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eBump form-data from 3.0.1 to 3.0.4 ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/554\"\u003e#554\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/554\"\u003edbt-labs/dbt-docs#554\u003c/a\u003e))\u003c/li\u003e\n\u003cli\u003eAdd support for UDF (function) resource type in lineage graph ([dbt-docs/\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/574\"\u003e#574\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-docs/issues/574\"\u003edbt-labs/dbt-docs#574\u003c/a\u003e))\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eUnder the Hood\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/c8cafcd97850d5cf8e159ac16b0f05cf342affaa\"\u003e\u003ccode\u003ec8cafcd\u003c/code\u003e\u003c/a\u003e Bumping version to 1.11.9 and generate changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/9b39f55060936ab520961298d07ff04fd0b8eb35\"\u003e\u003ccode\u003e9b39f55\u003c/code\u003e\u003c/a\u003e Bump libpq-dev to 13.23-0+deb11u3 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12906\"\u003e#12906\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12907\"\u003e#12907\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/610abeee7bc42e5dbb4ba2f8527677b9b1e4e816\"\u003e\u003ccode\u003e610abee\u003c/code\u003e\u003c/a\u003e bring in latest jsonschema updates, add macros config test to happy path proj...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/53c8c121f2b919a5db29bbccecdb7a6b16394975\"\u003e\u003ccode\u003e53c8c12\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003estatic_analysis: off\u003c/code\u003e interpreted as boolean false (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12015\"\u003e#12015\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12515\"\u003e#12515\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/184eb45c3f4c574d90162e428412f2542357d422\"\u003e\u003ccode\u003e184eb45\u003c/code\u003e\u003c/a\u003e fix: state:modified does not detect .yml property changes for resource_type:f...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/ecea2e764188951178284a24b58d5578f83dfe03\"\u003e\u003ccode\u003eecea2e7\u003c/code\u003e\u003c/a\u003e Bump libpq-dev from 13.23-0+deb11u1 to 13.23-0+deb11u2 (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12806\"\u003e#12806\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12807\"\u003e#12807\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/154c77f34380b27ea237e7bb99cf44400df7f366\"\u003e\u003ccode\u003e154c77f\u003c/code\u003e\u003c/a\u003e Update version for libpq-dev in Dockerfile (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12373\"\u003e#12373\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/dbt-labs/dbt-core/issues/12801\"\u003e#12801\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/6d86efdc9a84aa8d9f8432a263bd0d956437959d\"\u003e\u003ccode\u003e6d86efd\u003c/code\u003e\u003c/a\u003e [Automated] Merged prep-release/1.11.8_24147166240 into target 1.11.latest du...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/725ec855bcc0238afc16818494dd6c74b10fab25\"\u003e\u003ccode\u003e725ec85\u003c/code\u003e\u003c/a\u003e Bumping version to 1.11.8 and generate changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/dbt-core/commit/5bbdb593c7b559aa815329f67a8f3320332064c5\"\u003e\u003ccode\u003e5bbdb59\u003c/code\u003e\u003c/a\u003e improve independent default settings of sqlparse.MAX_GROUPING_TOKENS and MAX_...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dbt-labs/dbt-core/compare/v1.11.7...v1.11.9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-protos` from 1.0.443 to 1.0.491\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/97db584a8e659a0019ce8cf5cf038379863a7756\"\u003e\u003ccode\u003e97db584\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.491\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/09710535d04d2f8a2b4535136dfbc2f6ce5c46f1\"\u003e\u003ccode\u003e0971053\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.490\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/8d573a619bfd288d470768ff9df2937a1efb3c36\"\u003e\u003ccode\u003e8d573a6\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.489\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/34143857acdeebeab8d8cdad559b9f299054abd7\"\u003e\u003ccode\u003e3414385\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.488\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/ed8a6851db625dcf5c3fe9fc2ae2cb6f37201e0c\"\u003e\u003ccode\u003eed8a685\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.487\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/83eb2484aa266075170453cc4d4695ec5634c578\"\u003e\u003ccode\u003e83eb248\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.486\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/8e0648a0efea3a19c498c5ba3af37c49fd98d160\"\u003e\u003ccode\u003e8e0648a\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.485\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/c1970d51eb9a669fde6fa9948100c101d434d4f3\"\u003e\u003ccode\u003ec1970d5\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.484\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/5fcfdf0b65ebb0da0ad22282b5c27d11fb17f479\"\u003e\u003ccode\u003e5fcfdf0\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.483\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dbt-labs/proto-python-public/commit/ed0b440ac573a0f956a477b8518bd12a74c3dc92\"\u003e\u003ccode\u003eed0b440\u003c/code\u003e\u003c/a\u003e Auto-generated from proto v1.0.482\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dbt-labs/proto-python-public/compare/v1.0.443...v1.0.491\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dbt-semantic-interfaces` from 0.9.0 to 0.10.5\n\nUpdates `idna` from 3.11 to 3.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.md\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.14 (2026-05-10)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [CVE-2026-45409]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003ch2\u003e3.13 (2026-04-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.12 (2026-04-21)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/37b6b7497aee4805f7a74a7d86206ac05be9669a\"\u003e\u003ccode\u003e37b6b74\u003c/code\u003e\u003c/a\u003e Release v3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead\"\u003e\u003ccode\u003e628fef8\u003c/code\u003e\u003c/a\u003e Use valid_string_length() for early oversized-input check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1e26c7fd93c67995422af9d1f071f45ee6433fd0\"\u003e\u003ccode\u003e1e26c7f\u003c/code\u003e\u003c/a\u003e Tweak release wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ab5668fb6eaf4254d91d6993c0b23e98e21202fb\"\u003e\u003ccode\u003eab5668f\u003c/code\u003e\u003c/a\u003e Pre-release 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c0dda4501df5d91c3181ce6f962dc5de74e82cc1\"\u003e\u003ccode\u003ec0dda45\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b7391f4c240bf2eae80eaed0a2ef7c2e0496af96\"\u003e\u003ccode\u003eb7391f4\u003c/code\u003e\u003c/a\u003e Add docstrings to package (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0f4a28d88f8cce54269f0b6a42edf5e6a5424319\"\u003e\u003ccode\u003e0f4a28d\u003c/code\u003e\u003c/a\u003e Raise IDNAError on non-string input to encode/decode (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/224\"\u003e#224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7e6df7196e6396b5b84b9530eab8272b5ad51898\"\u003e\u003ccode\u003e7e6df71\u003c/code\u003e\u003c/a\u003e Address type issues found by \u003ccode\u003ety\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6ebfaab9ea718dce38a7c17ddafd7fb28b0468d4\"\u003e\u003ccode\u003e6ebfaab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/221\"\u003e#221\u003c/a\u003e from kjd/release-3.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/89cdfd27338896cee6b1ee18e64c96ac28684ce0\"\u003e\u003ccode\u003e89cdfd2\u003c/code\u003e\u003c/a\u003e Release v3.13\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.11...v3.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `isodate` from 0.6.1 to 0.7.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gweis/isodate/blob/master/CHANGES.txt\"\u003eisodate's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.7.2 (2024-10-08)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edrop end of life python versions\u003c/li\u003e\n\u003cli\u003eDon't match garbage characters at the end of parsed strings \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/16\"\u003e#16\u003c/a\u003e (Gabriel de Perthuis)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ePotentially breaking changes:\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFractional seconds are cut off to microseconds (always round down)\u003c/li\u003e\n\u003cli\u003eAllow control over return type of parse_duration \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/64\"\u003e#64\u003c/a\u003e (Felix Claessen)\u003c/li\u003e\n\u003cli\u003ePython \u0026gt;= 3.7 required\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/4408b60fecfc682a021047b3e5d9095a8face012\"\u003e\u003ccode\u003e4408b60\u003c/code\u003e\u003c/a\u003e update changelog, release 0.7.2 (0.7.x so missed python version requirements ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/31ff7675fb64bf9d67a6de7f0cf6761b067a4cd5\"\u003e\u003ccode\u003e31ff767\u003c/code\u003e\u003c/a\u003e restrict to python\u0026gt;=3.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/9443e63119579217699dce88b86753a81a9bec52\"\u003e\u003ccode\u003e9443e63\u003c/code\u003e\u003c/a\u003e some packaging updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/2ace19f248305e0063f4350b77aad91f00a801f6\"\u003e\u003ccode\u003e2ace19f\u003c/code\u003e\u003c/a\u003e modernise packaging\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/8856fdf0e46c7bca00229faa1aae6b7e8ad6e76c\"\u003e\u003ccode\u003e8856fdf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/70\"\u003e#70\u003c/a\u003e from kianmeng/fix-typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/14aefddd4952a29958f3110bd884bf90b9d5fa9a\"\u003e\u003ccode\u003e14aefdd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gweis/isodate/issues/66\"\u003e#66\u003c/a\u003e from isodate/test-gha\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/68a4bbe0a460dc7a8f038fe0f3714851558c379d\"\u003e\u003ccode\u003e68a4bbe\u003c/code\u003e\u003c/a\u003e Join classifier string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/cc57560c10b7128840f133b6fc296dbf4d44d352\"\u003e\u003ccode\u003ecc57560\u003c/code\u003e\u003c/a\u003e Fix typos\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/c19e4c3ab2cb3adf10e278f4abce14d15ee66745\"\u003e\u003ccode\u003ec19e4c3\u003c/code\u003e\u003c/a\u003e Fix CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gweis/isodate/commit/4a74ce214ba23ab6c0404a2ec31ab7429e8f42c6\"\u003e\u003ccode\u003e4a74ce2\u003c/code\u003e\u003c/a\u003e Update pre-commit\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gweis/isodate/compare/0.6.1...0.7.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mashumaro` from 3.9 to 3.21\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Fatal1ty/mashumaro/releases\"\u003emashumaro's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.21\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for recursive dataclasses in JSON Schema (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/308\"\u003e#308\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed building JSON Schema for dataclasses with slots (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/307\"\u003e#307\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed issue with deferred evaluation of annotations for serialization strategies and serializable types that include PEP 695 generic type parameters (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/310\"\u003e#310\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed errors for PEP 695 type aliases with generic arguments or cyclic references (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/311\"\u003e#311\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCode coverage report tool coveralls.io was replaced by codecov.io (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/309\"\u003e#309\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed propagation of \u003ccode\u003elazy_compilation\u003c/code\u003e config value in generic dataclasses with inheritance (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/319\"\u003e#319\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded ability for serialization strategies to match subclasses (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/298\"\u003e#298\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/317\"\u003e#317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDropped support for Python 3.9 (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/314\"\u003e#314\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.20\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed type name for for PEP 695 types created with \u003ccode\u003etype\u003c/code\u003e keyword (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/305\"\u003e#305\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.19\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for recursive types in JSON Schema (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/303\"\u003e#303\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded \u0026quot;Trusted Publishing\u0026quot; workflow (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/304\"\u003e#304\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.18\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed support for PEP 695 types created with \u003ccode\u003etype\u003c/code\u003e keyword in JSON Schema (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/301\"\u003e#301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed serialization problem when collections with passing through items were used with \u003ccode\u003eno_copy_collections\u003c/code\u003e in unions (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/302\"\u003e#302\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.17\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for Python 3.14 (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/285\"\u003e#285\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved generating JSON Schema references and titles for generic dataclasses (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/291\"\u003e#291\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed JSON Schema for a generic dataclass with a field type \u003ccode\u003eT\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/290\"\u003e#290\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed ignoring \u003ccode\u003eNotRequired\u003c/code\u003e when using \u003ccode\u003efrom __future__ import annotations\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for user extra args in \u003ccode\u003efield_options\u003c/code\u003e function (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/286\"\u003e#286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImproved packaging by switching from setup.py to pyproject.toml (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/284\"\u003e#284\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.16\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for custom JSON Schema instance formats defined by users (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/267\"\u003e#267\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdded support for \u003ccode\u003etyping.ReadOnly\u003c/code\u003e and \u003ccode\u003etyping_extensions.ReadOnly\u003c/code\u003e from PEP 705 (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eAttributeError\u003c/code\u003e when using generic \u003ccode\u003eSerializableType\u003c/code\u003e subclass (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/275\"\u003e#275\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.15\u003c/h2\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved \u003ccode\u003eUnion\u003c/code\u003e and basic types deserialization (\u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/256\"\u003e#256\u003c/a\u003e), highlighted changes:\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/69143a268e90c99b1e399fd5b79c1b8629255592\"\u003e\u003ccode\u003e69143a2\u003c/code\u003e\u003c/a\u003e Bump version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/5b74f3f5a7bc3e93d543be2db891815310b828cd\"\u003e\u003ccode\u003e5b74f3f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Fatal1ty/mashumaro/issues/325\"\u003e#325\u003c/a\u003e from Fatal1ty/py39-eol\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/01ae942e2beb488b2ab994e2c301e21af14f4588\"\u003e\u003ccode\u003e01ae942\u003c/code\u003e\u003c/a\u003e Remove KW_ONLY fallback import\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/bb37ef408ca9d34f51177d490485966bb061bbfd\"\u003e\u003ccode\u003ebb37ef4\u003c/code\u003e\u003c/a\u003e Update black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/a895a7810aab7fe15103a3ff6489230eb30479e3\"\u003e\u003ccode\u003ea895a78\u003c/code\u003e\u003c/a\u003e Deprecate py39\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/447beeebaf7ca43bb79629d6bf428032efebbf94\"\u003e\u003ccode\u003e447beee\u003c/code\u003e\u003c/a\u003e Merge branch 'kdkavanagh-kdkavanagh/298'\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/1a5b4c2b5165d4fcab2966123bd8dce46e7b0882\"\u003e\u003ccode\u003e1a5b4c2\u003c/code\u003e\u003c/a\u003e Improve test coverage\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/e167f927a8115fc1b529532b7f63f967b50e7513\"\u003e\u003ccode\u003ee167f92\u003c/code\u003e\u003c/a\u003e Improve typing in _get_strategy_for_type\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/35a894e652f31251434bf28332f2c8fbcd506606\"\u003e\u003ccode\u003e35a894e\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'kdkavanagh/kdkavanagh/298' into kdkavanagh-kdka...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Fatal1ty/mashumaro/commit/23c56adaa3569ba6b625ccee70f75e566d1c5141\"\u003e\u003ccode\u003e23c56ad\u003c/code\u003e\u003c/a\u003e Bad import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Fatal1ty/mashumaro/compare/v3.9...v3.21\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `networkx` from 3.4.2 to 3.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/networkx/networkx/releases\"\u003enetworkx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eNetworkX 3.6.1\u003c/h2\u003e\n\u003ch1\u003enetworkx 3.6.1\u003c/h1\u003e\n\u003cp\u003eWe're happy to announce the release of networkx 3.6.1!\u003c/p\u003e\n\u003ch2\u003eAPI Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd spectral bipartition community finding and greedy bipartition using node swaps (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8347\"\u003e#8347\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNodelists for \u003ccode\u003efrom_biadjacency_matrix\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/7993\"\u003e#7993\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdd spectral bipartition community finding and greedy bipartition using node swaps (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8347\"\u003e#8347\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFix draw_networkx_nodes with list node_shape and add regression test (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8363\"\u003e#8363\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix: allow graph subclasses to have additional arguments (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8369\"\u003e#8369\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDOC: Improve benchmarking readme (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8358\"\u003e#8358\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: More details re: RC releases in the release process devdocs (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8346\"\u003e#8346\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: clarify difference between G.nodes/G.nodes() and G.edges/G.edges() in tutorial (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8300\"\u003e#8300\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: Add blurb to contributor guide about drawing tests (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8370\"\u003e#8370\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDOC: Fix underline lens in docstrings (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8371\"\u003e#8371\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eRolling back shortest paths links (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8373\"\u003e#8373\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMAINT: Replace string literal with comment (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8359\"\u003e#8359\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 in the actions group (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8360\"\u003e#8360\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003epin python 3.14 to be version 3.14.0 until dataclasses are fixed (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8365\"\u003e#8365\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eBlocklist Python 3.14.1 (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8372\"\u003e#8372\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eTST: add tests for unsupported graph types in MST algorithms (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8353\"\u003e#8353\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eTST: clean up isomorphism tests (\u003ca href=\"https://redirect.github.com/networkx/networkx/pull/8364\"\u003e#8364\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eContributors\u003c/h2\u003e\n\u003cp\u003e10 authors added to this release (alphabetically):\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Aka2210\"\u003e\u003ccode\u003e@​Aka2210\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jfinkels\"\u003e\u003ccode\u003e@​jfinkels\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/NaorTIRAM\"\u003e\u003ccode\u003e@​NaorTIRAM\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAditi Juneja (\u003ca href=\"https://github.com/Schefflera-Arboricola\"\u003e\u003ccode\u003e@​Schefflera-Arboricola\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAlejandro Candioti (\u003ca href=\"https://github.com/amcandio\"\u003e\u003ccode\u003e@​amcandio\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eColman Bouton (\u003ca href=\"https://github.com/LorentzFactor\"\u003e\u003ccode\u003e@​LorentzFactor\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/7530809bfa1ea7ed6fdf918a4d1431488953cb1f\"\u003e\u003ccode\u003e7530809\u003c/code\u003e\u003c/a\u003e Designate 3.6.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/4788eb08f2492dd6bf6f97ce8ee07cd52aa6cf89\"\u003e\u003ccode\u003e4788eb0\u003c/code\u003e\u003c/a\u003e Rolling back shortest paths links (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8373\"\u003e#8373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/696edb6efbbbb622959e96f1276fc0db68dc0954\"\u003e\u003ccode\u003e696edb6\u003c/code\u003e\u003c/a\u003e Fix draw_networkx_nodes with list node_shape and add regression test  (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8363\"\u003e#8363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/c38830c61a6fee3ee10f216071bb63cb9b92bfb9\"\u003e\u003ccode\u003ec38830c\u003c/code\u003e\u003c/a\u003e Blocklist Python 3.14.1 (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8372\"\u003e#8372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/81d231141b08600ebfd1c781e28ecbf791e94016\"\u003e\u003ccode\u003e81d2311\u003c/code\u003e\u003c/a\u003e DOC: Fix underline lens in docstrings. (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8371\"\u003e#8371\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/a6e2bfadef51dda47df6466b32642e0d428c5801\"\u003e\u003ccode\u003ea6e2bfa\u003c/code\u003e\u003c/a\u003e DOC: Add blurb to contributor guide about drawing tests. (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8370\"\u003e#8370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/96b628295eff29d266e1c75355556fc9fe58cc16\"\u003e\u003ccode\u003e96b6282\u003c/code\u003e\u003c/a\u003e DOC: clarify difference between G.nodes/G.nodes() and G.edges/G.edges() in tu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/75bdd737ca8382d06eb76ff9018a81870c9f3443\"\u003e\u003ccode\u003e75bdd73\u003c/code\u003e\u003c/a\u003e Fix: allow graph subclasses to have additional arguments (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8369\"\u003e#8369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/7663fa5e5fd73d6921410a18c7ac4116ffa04f4d\"\u003e\u003ccode\u003e7663fa5\u003c/code\u003e\u003c/a\u003e TST: clean up isomorphism tests (\u003ca href=\"https://redirect.github.com/networkx/networkx/issues/8364\"\u003e#8364\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/networkx/networkx/commit/3dacd1bdcbd976b9e148a60ddebafd868c0a52f3\"\u003e\u003ccode\u003e3dacd1b\u003c/code\u003e\u003c/a\u003e Add spectral bipartition community finding and greedy bipartition using node ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/networkx/networkx/compare/networkx-3.4.2...networkx-3.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `packaging` from 26.0 to 26.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/packaging/releases\"\u003epackaging's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e26.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eFixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect sysconfig var name for pyemscripten by \u003ca href=\"https://github.com/ryanking13\"\u003e\u003ccode\u003e@​ryanking13\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1160\"\u003epypa/packaging#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eVersion\u003c/code\u003e, \u003ccode\u003eSpecifier\u003c/code\u003e, \u003ccode\u003eSpecifierSet\u003c/code\u003e, \u003ccode\u003eTag\u003c/code\u003e, \u003ccode\u003eMarker\u003c/code\u003e, and \u003ccode\u003eRequirement\u003c/code\u003e pickle-safe\nand backward-compatible with pickles created in 25.0-26.1 (including references to the removed\n\u003ccode\u003epackaging._structures\u003c/code\u003e module) by \u003ca href=\"https://github.com/eachimei\"\u003e\u003ccode\u003e@​eachimei\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1163\"\u003epypa/packaging#1163\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1168\"\u003epypa/packaging#1168\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1170\"\u003epypa/packaging#1170\u003c/a\u003e, and \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1171\"\u003epypa/packaging#1171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: re-export ExceptionGroup for now by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1164\"\u003epypa/packaging#1164\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDocumentation:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs: add errors section and fix missing details by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1159\"\u003epypa/packaging#1159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(dev): document property-based test suite by \u003ca href=\"https://github.com/r266-tech\"\u003e\u003ccode\u003e@​r266-tech\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1167\"\u003epypa/packaging#1167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typo in DirectUrl documentation by \u003ca href=\"https://github.com/sbidoul\"\u003e\u003ccode\u003e@​sbidoul\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1169\"\u003epypa/packaging#1169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(specifiers): add is_unsatisfiable() usage example by \u003ca href=\"https://github.com/r266-tech\"\u003e\u003ccode\u003e@​r266-tech\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1166\"\u003epypa/packaging#1166\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eInternal:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnable the auditor persona on zizmor by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1158\"\u003epypa/packaging#1158\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest new pickle guarantees by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1174\"\u003epypa/packaging#1174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse native uv integration in rtd by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1175\"\u003epypa/packaging#1175\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ryanking13\"\u003e\u003ccode\u003e@​ryanking13\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1160\"\u003epypa/packaging#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/eachimei\"\u003e\u003ccode\u003e@​eachimei\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1163\"\u003epypa/packaging#1163\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pypa/packaging/compare/26.1...26.2\"\u003ehttps://github.com/pypa/packaging/compare/26.1...26.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e26.1\u003c/h2\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cdel\u003ePEP 783: add handling for Emscripten wheel tags by \u003ca href=\"https://github.com/hoodmane\"\u003e\u003ccode\u003e@​hoodmane\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/804\"\u003epypa/packaging#804\u003c/a\u003e\u003c/del\u003e (old name used in implementation, will be fixed in next release)\u003c/li\u003e\n\u003cli\u003ePEP 803: add handling for the \u003ccode\u003eabi3.abi3t\u003c/code\u003e free-threading tag by \u003ca href=\"https://github.com/ngoldbaum\"\u003e\u003ccode\u003e@​ngoldbaum\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1099\"\u003epypa/packaging#1099\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePEP 723: add \u003ccode\u003epackaging.dependency_groups\u003c/code\u003e module, based on the \u003ccode\u003edependency-groups\u003c/code\u003e package by \u003ca href=\"https://github.com/sirosen\"\u003e\u003ccode\u003e@​sirosen\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1065\"\u003epypa/packaging#1065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.direct_url\u003c/code\u003e module by \u003ca href=\"https://github.com/sbidoul\"\u003e\u003ccode\u003e@​sbidoul\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/944\"\u003epypa/packaging#944\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.errors\u003c/code\u003e module by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1071\"\u003epypa/packaging#1071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSpecifierSet.is_unsatisfiable\u003c/code\u003e using ranges (new internals that will be expanded in future versions) by \u003ca href=\"https://github.com/notatallshaw\"\u003e\u003ccode\u003e@​notatallshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1119\"\u003epypa/packaging#1119\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecreate_compatible_tags_selector\u003c/code\u003e to select compatible tags by \u003ca href=\"https://github.com/sbidoul\"\u003e\u003ccode\u003e@​sbidoul\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1110\"\u003epypa/packaging#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a \u003ccode\u003ekey\u003c/code\u003e argument to \u003ccode\u003eSpecifierSet.filter()\u003c/code\u003e by \u003ca href=\"https://github.com/frostming\"\u003e\u003ccode\u003e@​frostming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1068\"\u003epypa/packaging#1068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport \u003ccode\u003e\u0026amp;\u003c/code\u003e and \u003ccode\u003e|\u003c/code\u003e for \u003ccode\u003eMarker\u003c/code\u003e's by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1146\"\u003epypa/packaging#1146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNormalize \u003ccode\u003eVersion.__replace__\u003c/code\u003e and add \u003ccode\u003eVersion.from_parts\u003c/code\u003e by \u003ca href=\"https://github.com/henryiii\"\u003e\u003ccode\u003e@​henryiii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1078\"\u003epypa/packaging#1078\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd an option to validate compressed tag set sort order in \u003ccode\u003eparse_wheel_filename\u003c/code\u003e by \u003ca href=\"https://github.com/r266-tech\"\u003e\u003ccode\u003e@​r266-tech\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1150\"\u003epypa/packaging#1150\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBehavior adaptations:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eNarrow exclusion of pre-releases for \u003ccode\u003e\u0026lt;V.postN\u003c/code\u003e to match spec by \u003ca href=\"https://github.com/notatallshaw\"\u003e\u003ccode\u003e@​notatallshaw\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pypa/packaging/pull/1140\"\u003epypa/packaging#1140\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pypa/packaging/blob/main/CHANGELOG.rst\"\u003epackaging's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e26.2 - 2026-04-24\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\nFixes:\n\u003cul\u003e\n\u003cli\u003eFix incorrect sysconfig var name for pyemscripten in (:pull:\u003ccode\u003e1160\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eMake \u003ccode\u003eVersion\u003c/code\u003e, \u003ccode\u003eSpecifier\u003c/code\u003e, \u003ccode\u003eSpecifierSet\u003c/code\u003e, \u003ccode\u003eTag\u003c/code\u003e, \u003ccode\u003eMarker\u003c/code\u003e, and \u003ccode\u003eRequirement\u003c/code\u003e pickle-safe\u003cbr /\u003e\nand backward-compatible with pickles created in 25.0-26.1 (including references to the removed\u003cbr /\u003e\n\u003ccode\u003epackaging._structures\u003c/code\u003e module) (:pull:\u003ccode\u003e1163\u003c/code\u003e, :pull:\u003ccode\u003e1168\u003c/code\u003e, :pull:\u003ccode\u003e1170\u003c/code\u003e, :pull:\u003ccode\u003e1171\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eRe-export \u003ccode\u003eExceptionGroup\u003c/code\u003e in metadata for now in (:pull:\u003ccode\u003e1164\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDocumentation:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd errors section and fix missing details in (:pull:\u003ccode\u003e1159\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eDocument our property-based test suite in (:pull:\u003ccode\u003e1167\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eFix a \u003ccode\u003eDirectUrl\u003c/code\u003e typo in (:pull:\u003ccode\u003e1169\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd example of \u003ccode\u003eis_unsatisfiable\u003c/code\u003e in (:pull:\u003ccode\u003e1166\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eInternal:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnable the auditor persona on zizmor in (:pull:\u003ccode\u003e1158\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eTest new pickle guarantees in (:pull:\u003ccode\u003e1174\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eUse new native ReadTheDocs uv integration in (:pull:\u003ccode\u003e1175\u003c/code\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e26.1 - 2026-04-14\u003cbr /\u003e\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eFeatures:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePEP 783: add handling for Emscripten wheel tags in (:pull:\u003ccode\u003e804\u003c/code\u003e) (old name used in implementation, fixed in next release)\u003c/li\u003e\n\u003cli\u003ePEP 803: add handling for the \u003ccode\u003eabi3.abi3t\u003c/code\u003e free-threading tag in (:pull:\u003ccode\u003e1099\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003ePEP 723: add \u003ccode\u003epackaging.dependency_groups\u003c/code\u003e module, based on the \u003ccode\u003edependency-groups\u003c/code\u003e package in (:pull:\u003ccode\u003e1065\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.direct_url\u003c/code\u003e module in (:pull:\u003ccode\u003e944\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd the \u003ccode\u003epackaging.errors\u003c/code\u003e module in (:pull:\u003ccode\u003e1071\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eSpecifierSet.is_unsatisfiable\u003c/code\u003e using rang...\n\n_Description has been truncated_","html_url":"https://github.com/antithesishq/materialize-poc/pull/79","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/antithesishq%2Fmaterialize-poc/issues/79","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/79/packages"}},{"old_version":"3.23.0","new_version":"3.23.1","update_type":"patch","path":null,"pr_created_at":"2026-05-12T02:55:59.000Z","version_change":"3.23.0 → 3.23.1","issue":{"uuid":"4425816311","node_id":"PR_kwDOSEHuZs7agIbu","number":14,"state":"closed","title":"deps(py): bump the python-minor group across 1 directory with 39 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T05:19:28.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-12T02:55:59.000Z","updated_at":"2026-05-19T05:19:30.000Z","time_to_close":613409,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(py): bump","group_name":"python-minor","update_count":39,"packages":[{"name":"anyio","old_version":"4.12.1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"cachetools","old_version":"7.0.4","new_version":"7.1.1","repository_url":"https://github.com/tkem/cachetools"},{"name":"charset-normalizer","old_version":"3.4.6","new_version":"3.4.7","repository_url":"https://github.com/jawah/charset_normalizer"},{"name":"choreographer","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/plotly/choreographer"},{"name":"click","old_version":"8.3.1","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"duckdb","old_version":"1.5.0","new_version":"1.5.2","repository_url":"https://github.com/duckdb/duckdb-python"},{"name":"flask-wtf","old_version":"1.2.2","new_version":"1.3.0","repository_url":"https://github.com/pallets-eco/flask-wtf"},{"name":"greenlet","old_version":"3.3.2","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"idna","old_version":"3.11","new_version":"3.14","repository_url":"https://github.com/kjd/idna"},{"name":"ipython","old_version":"9.11.0","new_version":"9.13.0","repository_url":"https://github.com/ipython/ipython"},{"name":"jedi","old_version":"0.19.2","new_version":"0.20.0","repository_url":"https://github.com/davidhalter/jedi"},{"name":"kaleido","old_version":"1.2.0","new_version":"1.3.0","repository_url":"https://github.com/plotly/kaleido"},{"name":"markdown-it-py","old_version":"4.0.0","new_version":"4.2.0","repository_url":"https://github.com/executablebooks/markdown-it-py"},{"name":"matplotlib-inline","old_version":"0.2.1","new_version":"0.2.2","repository_url":"https://github.com/ipython/matplotlib-inline"},{"name":"mcp","old_version":"1.26.0","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/python-sdk"},{"name":"py-vollib","old_version":"1.0.1","new_version":"1.0.7","repository_url":"https://github.com/vollib/py_vollib"},{"name":"narwhals","old_version":"2.18.0","new_version":"2.21.0","repository_url":"https://github.com/narwhals-dev/narwhals"},{"name":"numpy","old_version":"2.4.3","new_version":"2.4.4","repository_url":"https://github.com/numpy/numpy"},{"name":"openalgo","old_version":"1.0.47","new_version":"1.0.49","repository_url":"https://github.com/openalgo/openalgo-python"},{"name":"orjson","old_version":"3.11.7","new_version":"3.11.9","repository_url":"https://github.com/ijl/orjson"},{"name":"parso","old_version":"0.8.6","new_version":"0.8.7","repository_url":"https://github.com/davidhalter/parso"},{"name":"platformdirs","old_version":"4.9.4","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"plotly","old_version":"6.6.0","new_version":"6.7.0","repository_url":"https://github.com/plotly/plotly.py"},{"name":"pydantic","old_version":"2.12.5","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-core","old_version":"2.41.5","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-settings","old_version":"2.13.1","new_version":"2.14.1","repository_url":"https://github.com/pydantic/pydantic-settings"},{"name":"python-multipart","old_version":"0.0.22","new_version":"0.0.28","repository_url":"https://github.com/Kludex/python-multipart"},{"name":"python-telegram-bot","old_version":"22.6","new_version":"22.7","repository_url":"https://github.com/python-telegram-bot/python-telegram-bot"},{"name":"pytz","old_version":"2026.1.post1","new_version":"2026.2","repository_url":"https://github.com/stub42/pytz"},{"name":"requests","old_version":"2.33.0","new_version":"2.34.0","repository_url":"https://github.com/psf/requests"},{"name":"sqlalchemy","old_version":"2.0.48","new_version":"2.0.49","repository_url":"https://github.com/sqlalchemy/sqlalchemy"},{"name":"traitlets","old_version":"5.14.3","new_version":"5.15.0","repository_url":"https://github.com/ipython/traitlets"},{"name":"urllib3","old_version":"2.6.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.42.0","new_version":"0.46.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"wcwidth","old_version":"0.6.0","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"werkzeug","old_version":"3.1.6","new_version":"3.1.8","repository_url":"https://github.com/pallets/werkzeug"},{"name":"wheel","old_version":"0.46.3","new_version":"0.47.0","repository_url":"https://github.com/pypa/wheel"},{"name":"wtforms","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/pallets-eco/wtforms"},{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the python-minor group with 39 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [anyio](https://github.com/agronholm/anyio) | `4.12.1` | `4.13.0` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.0.4` | `7.1.1` |\n| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.6` | `3.4.7` |\n| [choreographer](https://github.com/plotly/choreographer) | `1.2.1` | `1.3.0` |\n| [click](https://github.com/pallets/click) | `8.3.1` | `8.3.3` |\n| [duckdb](https://github.com/duckdb/duckdb-python) | `1.5.0` | `1.5.2` |\n| [flask-wtf](https://github.com/pallets-eco/flask-wtf) | `1.2.2` | `1.3.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.3.2` | `3.5.0` |\n| [idna](https://github.com/kjd/idna) | `3.11` | `3.14` |\n| [ipython](https://github.com/ipython/ipython) | `9.11.0` | `9.13.0` |\n| [jedi](https://github.com/davidhalter/jedi) | `0.19.2` | `0.20.0` |\n| [kaleido](https://github.com/plotly/kaleido) | `1.2.0` | `1.3.0` |\n| [markdown-it-py](https://github.com/executablebooks/markdown-it-py) | `4.0.0` | `4.2.0` |\n| [matplotlib-inline](https://github.com/ipython/matplotlib-inline) | `0.2.1` | `0.2.2` |\n| [mcp](https://github.com/modelcontextprotocol/python-sdk) | `1.26.0` | `1.27.1` |\n| [py-vollib](https://github.com/vollib/py_vollib) | `1.0.1` | `1.0.7` |\n| [narwhals](https://github.com/narwhals-dev/narwhals) | `2.18.0` | `2.21.0` |\n| [numpy](https://github.com/numpy/numpy) | `2.4.3` | `2.4.4` |\n| [openalgo](https://github.com/openalgo/openalgo-python) | `1.0.47` | `1.0.49` |\n| [orjson](https://github.com/ijl/orjson) | `3.11.7` | `3.11.9` |\n| [parso](https://github.com/davidhalter/parso) | `0.8.6` | `0.8.7` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.4` | `4.9.6` |\n| [plotly](https://github.com/plotly/plotly.py) | `6.6.0` | `6.7.0` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.5` | `2.46.4` |\n| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.13.1` | `2.14.1` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.22` | `0.0.28` |\n| [python-telegram-bot](https://github.com/python-telegram-bot/python-telegram-bot) | `22.6` | `22.7` |\n| [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` |\n| [requests](https://github.com/psf/requests) | `2.33.0` | `2.34.0` |\n| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.48` | `2.0.49` |\n| [traitlets](https://github.com/ipython/traitlets) | `5.14.3` | `5.15.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.42.0` | `0.46.0` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.6.0` | `0.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `3.1.6` | `3.1.8` |\n| [wheel](https://github.com/pypa/wheel) | `0.46.3` | `0.47.0` |\n| [wtforms](https://github.com/pallets-eco/wtforms) | `3.2.1` | `3.2.2` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `3.23.1` |\n\n\nUpdates `anyio` from 4.12.1 to 4.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/agronholm/anyio/releases\"\u003eanyio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9\u003c/li\u003e\n\u003cli\u003eAdded a \u003ccode\u003ettl\u003c/code\u003e parameter to the \u003ccode\u003eanyio.functools.lru_cache\u003c/code\u003e wrapper (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1073\"\u003e#1073\u003c/a\u003e; PR by \u003ca href=\"https://github.com/Graeme22\"\u003e\u003ccode\u003e@​Graeme22\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWidened the type annotations of file I/O streams to accept \u003ccode\u003eIO[bytes]\u003c/code\u003e instead of just \u003ccode\u003eBinaryIO\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1078\"\u003e#1078\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eanyio.Path\u003c/code\u003e not being compatible with Python 3.15 due to the removal of \u003ccode\u003epathlib.Path.is_reserved()\u003c/code\u003e and the addition of \u003ccode\u003epathlib.Path.__vfspath__()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1061\"\u003e#1061\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eBrokenResourceError\u003c/code\u003e raised by the asyncio \u003ccode\u003eSocketStream\u003c/code\u003e not having the original exception as its cause (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1055\"\u003e#1055\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eTypeError\u003c/code\u003e raised when using \u0026quot;func\u0026quot; as a parameter name in \u003ccode\u003epytest.mark.parametrize\u003c/code\u003e when using the pytest plugin (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1068\"\u003e#1068\u003c/a\u003e; PR by \u003ca href=\"https://github.com/JohnnyDeuss\"\u003e\u003ccode\u003e@​JohnnyDeuss\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the pytest plugin not running tests that had the \u003ccode\u003eanyio\u003c/code\u003e marker added programmatically via \u003ccode\u003epytest_collection_modifyitems\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/422\"\u003e#422\u003c/a\u003e; PR by \u003ca href=\"https://github.com/chbndrhnns\"\u003e\u003ccode\u003e@​chbndrhnns\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when they are contained in an exception group alongside non-cancellation exceptions (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1091\"\u003e#1091\u003c/a\u003e; PR by \u003ca href=\"https://github.com/gschaffner\"\u003e\u003ccode\u003e@​gschaffner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCondition.wait()\u003c/code\u003e not passing on a notification when the task is cancelled but already received a notification\u003c/li\u003e\n\u003cli\u003eFixed inverted condition in the process pool shutdown phase which would cause still-running pooled processes not to be terminated (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1074\"\u003e#1074\u003c/a\u003e; PR by \u003ca href=\"https://github.com/bysiber\"\u003e\u003ccode\u003e@​bysiber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/afbe93ca9d0c447adf26e9c1715ac20870622bf2\"\u003e\u003ccode\u003eafbe93c\u003c/code\u003e\u003c/a\u003e Bumped up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/33bdf2e4b4f40c2df178123746147a6d2471808d\"\u003e\u003ccode\u003e33bdf2e\u003c/code\u003e\u003c/a\u003e Rearranged the changelog entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/19e09e25bc5a23dd78a577d8c3909dd377057c78\"\u003e\u003ccode\u003e19e09e2\u003c/code\u003e\u003c/a\u003e Fixed inverted condition in _forcibly_shutdown_process_pool_on_exit (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1074\"\u003e#1074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/9369d80b9e8292f2a892a9d5c73923c6a28aa08c\"\u003e\u003ccode\u003e9369d80\u003c/code\u003e\u003c/a\u003e Fixed Condition.wait() not handing over notification when cancelled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/6f122abdc6f6b166c6b6ac27d36d55cdf8fa08e8\"\u003e\u003ccode\u003e6f122ab\u003c/code\u003e\u003c/a\u003e Fixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/beaa45aff568a4020f2faf317321dd92f0e1f4a0\"\u003e\u003ccode\u003ebeaa45a\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/602f6606dcf3f37702686a4f3e161328c537b07f\"\u003e\u003ccode\u003e602f660\u003c/code\u003e\u003c/a\u003e Widened type annotations to accept IO[bytes] in file streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/b5dcd45170701a756ba634197398f05d4710cab3\"\u003e\u003ccode\u003eb5dcd45\u003c/code\u003e\u003c/a\u003e Added note about erasing the template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/d68670b3b4e0917d4caff2de082e03220f3e05a1\"\u003e\u003ccode\u003ed68670b\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1090\"\u003e#1090\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/fc17a22dd948e6a3d90d99908813f0010dfc3d2c\"\u003e\u003ccode\u003efc17a22\u003c/code\u003e\u003c/a\u003e tweak to_thread docs about abandon_on_cancel (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1088\"\u003e#1088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/agronholm/anyio/compare/4.12.1...4.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.0.4 to 7.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.1 (2026-05-03)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eVarious type stub improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.0 (2026-05-01)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type stubs based on the work of the good people at \u003ccode\u003etypeshed \u0026lt;https://github.com/python/typeshed/tree/main/stubs/cachetools/\u0026gt;\u003c/code\u003e__.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate unit tests.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.6 (2026-04-20)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor code improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate project URLs.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate CI environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.5 (2026-03-09)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor \u003ccode\u003e@cachedmethod\u003c/code\u003e performance improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/2e6a2d21c44e83b56c06cc9dd738e5b7a097ce6a\"\u003e\u003ccode\u003e2e6a2d2\u003c/code\u003e\u003c/a\u003e Release v7.1.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/cc065582849e3658d2c92aac0f5c2b6271ed077f\"\u003e\u003ccode\u003ecc06558\u003c/code\u003e\u003c/a\u003e Minor typing improvements.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/193dd62d9be4e1099039e8fba59a1fe50e8f4d08\"\u003e\u003ccode\u003e193dd62\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/tkem/cachetools/issues/393\"\u003e#393\u003c/a\u003e: Improve ambiguous overloads for decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/1ea3422e058ef8b6b7dc15beb9d44d8f7c195a62\"\u003e\u003ccode\u003e1ea3422\u003c/code\u003e\u003c/a\u003e Bump release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/d9874465a6ab6f9d1d56cef91370f9c237a7eca6\"\u003e\u003ccode\u003ed987446\u003c/code\u003e\u003c/a\u003e Release v7.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/3d79e80a4a54892d1552cd17da8e27920c1918d8\"\u003e\u003ccode\u003e3d79e80\u003c/code\u003e\u003c/a\u003e Update Copilot Instructions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/83fe6bc78d0155a0036dda8a8eb1a2ddb8f26c60\"\u003e\u003ccode\u003e83fe6bc\u003c/code\u003e\u003c/a\u003e Add tox pyright check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/bd3fbc49212eb948e08e9c478e5901f1293fd1f4\"\u003e\u003ccode\u003ebd3fbc4\u003c/code\u003e\u003c/a\u003e Improve typing support.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/09dd6fec4b1b2339451ab26d1ca3c7a049b8c38c\"\u003e\u003ccode\u003e09dd6fe\u003c/code\u003e\u003c/a\u003e Improve original type stubs from typeshed.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/873c7013ea92b16f2f24a6001e625fabfdf951a5\"\u003e\u003ccode\u003e873c701\u003c/code\u003e\u003c/a\u003e Add typeshed typings.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.0.4...v7.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `charset-normalizer` from 3.4.6 to 3.4.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/releases\"\u003echarset-normalizer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.4.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md\"\u003echarset-normalizer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/0f07891bf516b5d5231f1bd4dd2d8da7d4d09a9a\"\u003e\u003ccode\u003e0f07891\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/729\"\u003e#729\u003c/a\u003e from jawah/release-3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/fdbeb299479e8f4d737e4d227cd0b2bd5d273dc0\"\u003e\u003ccode\u003efdbeb29\u003c/code\u003e\u003c/a\u003e chore: update dev, and ci requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b66f922bfbdbdd9dd46af18a8964d4fb888756d4\"\u003e\u003ccode\u003eb66f922\u003c/code\u003e\u003c/a\u003e chore: add ft classifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/f94249d0a2c712f2d03124f4de6b77f5e03aaa96\"\u003e\u003ccode\u003ef94249d\u003c/code\u003e\u003c/a\u003e chore: add test cases for utf_7 recent fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/95c866f6c984bbd043e7e3ed0628aa4f3f8d5a26\"\u003e\u003ccode\u003e95c866f\u003c/code\u003e\u003c/a\u003e chore: bump version to 3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/4f429bb764c7e893f99bb4bceb60856da1baacfb\"\u003e\u003ccode\u003e4f429bb\u003c/code\u003e\u003c/a\u003e chore: bump mypy pre-commit to v1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b579cd6cab9bd83aa3fc0ca169d4df022bf4888c\"\u003e\u003ccode\u003eb579cd6\u003c/code\u003e\u003c/a\u003e fix: correctly remove SIG remnant in utf-7 decoded string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/58bf944a77cc0883fc46a6ee8edac3549fea5d59\"\u003e\u003ccode\u003e58bf944\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump github/codeql-action from 4.32.4 to 4.35.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/44cf8a1b676a2532a8f1694e62e4f4f98f9132e1\"\u003e\u003ccode\u003e44cf8a1\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump actions/download-artifact from 8.0.0 to 8.0.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/362bc20073f737b1ba4ca2f68cffb0c4cc024d20\"\u003e\u003ccode\u003e362bc20\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/725\"\u003e#725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jawah/charset_normalizer/compare/3.4.6...3.4.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `choreographer` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/choreographer/blob/main/CHANGELOG.txt\"\u003echoreographer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.3.0\nv1.3.0rc2\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCheck path validity for browser with is_file()\u003c/li\u003e\n\u003cli\u003eAdd option --verify_local in choreo_diagnose and fix local reporting logic\nv1.3.0rc1\u003c/li\u003e\n\u003cli\u003eWe now look for old download path as well as new download path\nv1.3.0rc0\u003c/li\u003e\n\u003cli\u003eChange to process group for better killing of multi-process chrome\u003c/li\u003e\n\u003cli\u003eAdd argument to Session/Target \u003ccode\u003esend_command(..., *, with_perf: bool)\u003c/code\u003e to\nreturn timing information about browser write/read.\u003c/li\u003e\n\u003cli\u003eUpdate default chrome from 135.0.7011.0/1418433 to 144.0.7527.0/1544685\u003c/li\u003e\n\u003cli\u003eFix: New chrome takes longer/doesn't populate targets right away, so add a\nretry loop to populate targets\u003c/li\u003e\n\u003cli\u003eAlter \u003ccode\u003eget_chrome\u003c/code\u003e verbose to print whole JSON\u003c/li\u003e\n\u003cli\u003eChange chrome download path to use XDG cache dir\u003c/li\u003e\n\u003cli\u003eDon't download chrome if we already have that version: add force argument\u003c/li\u003e\n\u003cli\u003eRemove unused system inspection code\u003c/li\u003e\n\u003cli\u003eAdd a set of helper functions to await for tab loading and send javascript\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/92147b1ccf024ae647f29ebf43057564011e06c9\"\u003e\u003ccode\u003e92147b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/296\"\u003e#296\u003c/a\u003e from plotly/cam/update-changelog-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/8851fc919bc7dfb27a48541543f1ff195c48eda3\"\u003e\u003ccode\u003e8851fc9\u003c/code\u003e\u003c/a\u003e Updates to release version v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/3128bddf909381a2b4205f0e28c0c3cb8b13498c\"\u003e\u003ccode\u003e3128bdd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/288\"\u003e#288\u003c/a\u003e from plotly/andrew/more_local_logic\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/a6f478e00fb81ad22db7c7c1d31028fb4ab20311\"\u003e\u003ccode\u003ea6f478e\u003c/code\u003e\u003c/a\u003e Add to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/953e19ad5dc395a3554cfbaf25599a8a3db6d933\"\u003e\u003ccode\u003e953e19a\u003c/code\u003e\u003c/a\u003e Check browser is file whwen checking path validity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/d062e355b819b84e57060d4e48fbe2aa6f063259\"\u003e\u003ccode\u003ed062e35\u003c/code\u003e\u003c/a\u003e Change default setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c0c97fc64a55c773dd7484674996cf55d74249a1\"\u003e\u003ccode\u003ec0c97fc\u003c/code\u003e\u003c/a\u003e Add option to verify local with choreo_diagnose\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/7ade1922269a6999c06f2ff92b34a1770bba6d3e\"\u003e\u003ccode\u003e7ade192\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/286\"\u003e#286\u003c/a\u003e from plotly/andrew/roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/edf284c8973dd9dc7f7b2f77a53481fe6f0d2671\"\u003e\u003ccode\u003eedf284c\u003c/code\u003e\u003c/a\u003e Update Roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c1b7abce535feb79748c888ba1130b985c13eb3f\"\u003e\u003ccode\u003ec1b7abc\u003c/code\u003e\u003c/a\u003e Changelog\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/choreographer/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.1 to 8.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.3.3\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.3/\"\u003ehttps://pypi.org/project/click/8.3.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-3\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/1026\"\u003e#1026\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/1477\"\u003e#1477\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2775\"\u003e#2775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3298\"\u003e#3298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3299\"\u003e#3299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3238\"\u003e#3238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3224\"\u003e#3224\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/654\"\u003e#654\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/824\"\u003e#824\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/843\"\u003e#843\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/951\"\u003e#951\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3235\"\u003e#3235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3177\"\u003e#3177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2836\"\u003e#2836\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2837\"\u003e#2837\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3165\"\u003e#3165\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3262\"\u003e#3262\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3280\"\u003e#3280\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3111\"\u003e#3111\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3189\"\u003e#3189\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3250\"\u003e#3250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2865\"\u003e#2865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2879\"\u003e#2879\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.2\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.2/\"\u003ehttps://pypi.org/project/click/8.3.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-2\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/29\"\u003ehttps://github.com/pallets/click/milestone/29\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.3.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-20\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n:issue:\u003ccode\u003e1026\u003c/code\u003e :pr:\u003ccode\u003e1477\u003c/code\u003e :pr:\u003ccode\u003e2775\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. :issue:\u003ccode\u003e3298\u003c/code\u003e :pr:\u003ccode\u003e3299\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. :pr:\u003ccode\u003e3238\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n:issue:\u003ccode\u003e3224\u003c/code\u003e :pr:\u003ccode\u003e3240\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n:issue:\u003ccode\u003e654\u003c/code\u003e :issue:\u003ccode\u003e824\u003c/code\u003e :issue:\u003ccode\u003e843\u003c/code\u003e :pr:\u003ccode\u003e951\u003c/code\u003e :pr:\u003ccode\u003e3235\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. :pr:\u003ccode\u003e3151\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. :pr:\u003ccode\u003e3151\u003c/code\u003e :pr:\u003ccode\u003e3177\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. :issue:\u003ccode\u003e2836\u003c/code\u003e :pr:\u003ccode\u003e2837\u003c/code\u003e :pr:\u003ccode\u003e3165\u003c/code\u003e :pr:\u003ccode\u003e3262\u003c/code\u003e :pr:\u003ccode\u003e3280\u003c/code\u003e\n:pr:\u003ccode\u003e3328\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. :issue:\u003ccode\u003e3111\u003c/code\u003e :pr:\u003ccode\u003e3239\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. :issue:\u003ccode\u003e3189\u003c/code\u003e :pr:\u003ccode\u003e3250\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n:issue:\u003ccode\u003e2865\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. :issue:\u003ccode\u003e2879\u003c/code\u003e :pr:\u003ccode\u003e3248\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 8.3.2\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eflag_value\u003c/code\u003e when \u003ccode\u003eis_flag=False\u003c/code\u003e to allow such options to be\nused without an explicit value. :issue:\u003ccode\u003e3084\u003c/code\u003e :pr:\u003ccode\u003e3152\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eHide \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values as \u003ccode\u003eNone\u003c/code\u003e when using \u003ccode\u003elookup_default()\u003c/code\u003e.\n:issue:\u003ccode\u003e3136\u003c/code\u003e :pr:\u003ccode\u003e3199\u003c/code\u003e :pr:\u003ccode\u003e3202\u003c/code\u003e :pr:\u003ccode\u003e3209\u003c/code\u003e :pr:\u003ccode\u003e3212\u003c/code\u003e :pr:\u003ccode\u003e3224\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c06d2d0a6aee6bcc50bd8257be2a4a592f4e75d0\"\u003e\u003ccode\u003ec06d2d0\u003c/code\u003e\u003c/a\u003e Release 8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/f1f191ecd2c790b161187c78e7c88440e9524e5c\"\u003e\u003ccode\u003ef1f191e\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3343\"\u003e#3343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/bb59ba0fd279ca085d1113f0499b6a602ca31081\"\u003e\u003ccode\u003ebb59ba0\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4a352253c9ff013e36d11e4a6820d36d00ff2cd4\"\u003e\u003ccode\u003e4a35225\u003c/code\u003e\u003c/a\u003e Reduce blast-radius of \u003ccode\u003eUNSET\u003c/code\u003e in \u003ccode\u003edefault_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c07bb936de43fd303f9cfbefe248ab23fd2199c8\"\u003e\u003ccode\u003ec07bb93\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into unset-in-default-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c7e1ba8448cbcb2cdd9c1c7f4a592e863dcc3995\"\u003e\u003ccode\u003ec7e1ba8\u003c/code\u003e\u003c/a\u003e Reorder \u003ccode\u003eParameterSource\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/76552ff1e8c85837f911fc34037e702ae4327eda\"\u003e\u003ccode\u003e76552ff\u003c/code\u003e\u003c/a\u003e Show default string in prompt (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/ac5cec5fe54e5a691e7bac17f441ce9498e0744c\"\u003e\u003ccode\u003eac5cec5\u003c/code\u003e\u003c/a\u003e Reorder ParameterSource from most to least explicit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c452e00e6772931b7071d9316b82b77e5b8f280\"\u003e\u003ccode\u003e8c452e0\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into show-default-string-in-prompt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c95c73bd5ef89eac638f85f1904a104ba4b1a32\"\u003e\u003ccode\u003e8c95c73\u003c/code\u003e\u003c/a\u003e Reconcile default value passing and default activation (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.1...8.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `duckdb` from 1.5.0 to 1.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/duckdb/duckdb-python/releases\"\u003educkdb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.5.2 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eSee the DuckDB core release notes here: \u003ca href=\"https://github.com/duckdb/duckdb/releases/tag/v1.5.2\"\u003ehttps://github.com/duckdb/duckdb/releases/tag/v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed in duckdb-python\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hints overhaul by \u003ca href=\"https://github.com/OutSquareCapital\"\u003e\u003ccode\u003e@​OutSquareCapital\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/352\"\u003educkdb/duckdb-python#352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache arrow schema for streaming types by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/423\"\u003educkdb/duckdb-python#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix segfault on join with None by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/422\"\u003educkdb/duckdb-python#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stubs for path_or_buffer param by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/425\"\u003educkdb/duckdb-python#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.5.1 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eDuckDB core v1.5.1 Changelog: \u003ca href=\"https://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-added basic support for the GEOMETRY type\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/2aea44eeae35b9c77dc2ff672634034a75c9bb16\"\u003e\u003ccode\u003e2aea44e\u003c/code\u003e\u003c/a\u003e pin submodule at release hash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/3aa2bf2022b91dc9a96c3f91c8bb1fb0296586ef\"\u003e\u003ccode\u003e3aa2bf2\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/018fe057d5a003355deb4213a894af559a947aa7\"\u003e\u003ccode\u003e018fe05\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/0ef05d69fc8a123cf532f3ffb3e088212bbbfaf7\"\u003e\u003ccode\u003e0ef05d6\u003c/code\u003e\u003c/a\u003e Fix segfault on join with None (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/4acb9f71e00c5002d3ab3aba78a172df8f7ebbc4\"\u003e\u003ccode\u003e4acb9f7\u003c/code\u003e\u003c/a\u003e Fix segfault on join\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/6f161de62403c209633fcbd52c6c0403dadef7da\"\u003e\u003ccode\u003e6f161de\u003c/code\u003e\u003c/a\u003e Cache arrow schema for streaming types (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/87d6a319674c5e2fb855e140bf539e997e978a2e\"\u003e\u003ccode\u003e87d6a31\u003c/code\u003e\u003c/a\u003e Add CLAUDE.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/ae356cb03926372b9cd3736f39662efd25bb4915\"\u003e\u003ccode\u003eae356cb\u003c/code\u003e\u003c/a\u003e Cache the arrow schema for streams so we don't need an active client context\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/b71639f215d29c4f8b1c53cb3d7cf45603f4c5d2\"\u003e\u003ccode\u003eb71639f\u003c/code\u003e\u003c/a\u003e Test that client context stays open on arrow streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/305d11457efd4ca0767cad0868b16310b04160a7\"\u003e\u003ccode\u003e305d114\u003c/code\u003e\u003c/a\u003e fix spark test (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/duckdb/duckdb-python/compare/v1.5.0...v1.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask-wtf` from 1.2.2 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/releases\"\u003eflask-wtf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epre-commit autoupdate by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/607\"\u003epallets-eco/flask-wtf#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove slsa provenance by \u003ca href=\"https://github.com/davidism\"\u003e\u003ccode\u003e@​davidism\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/638\"\u003epallets-eco/flask-wtf#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport for Python 3.14 by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/648\"\u003epallets-eco/flask-wtf#648\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry not to read uploaded files into memory by \u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/649\"\u003epallets-eco/flask-wtf#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReCaptcha field testing mode documentation by \u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow nonce in reCaptcha by \u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCSRF meta tag helper by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/674\"\u003epallets-eco/flask-wtf#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewidget support the kwargs to add custom html attributes by \u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect exempts in CSRFProtect.protect() by \u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding RECAPTCHA_ENABLE to disable recaptcha by \u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CSRF Documentation by \u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ehttps://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/blob/main/docs/changes.rst\"\u003eflask-wtf's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.3.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-23\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't read the whole uploaded files to know their size. :pr:\u003ccode\u003e635\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eStop support for Python 3.9. Start support for Python 3.14. :pr:\u003ccode\u003e648\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv. :pr:\u003ccode\u003e649\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAllow setting a \u003ccode\u003enonce\u003c/code\u003e on :class:\u003ccode\u003e~flask_wtf.recaptcha.RecaptchaField\u003c/code\u003e\n(string or zero-argument callable) for nonce-based Content Security\nPolicies. :pr:\u003ccode\u003e312\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecsrf_meta_tag()\u003c/code\u003e helper and \u003ccode\u003eWTF_CSRF_META_NAME\u003c/code\u003e setting to render\nthe CSRF token as an HTML \u003ccode\u003e\u0026lt;meta\u0026gt;\u003c/code\u003e tag.\u003c/li\u003e\n\u003cli\u003eForward keyword arguments passed to the reCAPTCHA widget as HTML attributes\non the captcha \u003ccode\u003e\u0026lt;div\u0026gt;\u003c/code\u003e, with the field id used as a default \u003ccode\u003eid\u003c/code\u003e.\n:pr:\u003ccode\u003e353\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eapply_exemptions\u003c/code\u003e parameter to\n:meth:\u003ccode\u003e~flask_wtf.csrf.CSRFProtect.protect\u003c/code\u003e so \u003ccode\u003e@csrf.exempt\u003c/code\u003e keeps working\nwhen validation is triggered manually. :pr:\u003ccode\u003e419\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRECAPTCHA_ENABLED\u003c/code\u003e setting. :pr:\u003ccode\u003e509\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/63eb4d3bd55735fc136bdc6f23a90ca2b220b602\"\u003e\u003ccode\u003e63eb4d3\u003c/code\u003e\u003c/a\u003e chore: bump to v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/192ece3da0d98682c13e12574d7b1fc938bdd8e8\"\u003e\u003ccode\u003e192ece3\u003c/code\u003e\u003c/a\u003e Improve CSRF Documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/1f8522d4a362ee66ab12a1ebf55379501dfcef0d\"\u003e\u003ccode\u003e1f8522d\u003c/code\u003e\u003c/a\u003e Adding RECAPTCHA_ENABLE to disable recaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/64b9215be16dc123f7eb187494dbba6bd0e5c2cd\"\u003e\u003ccode\u003e64b9215\u003c/code\u003e\u003c/a\u003e Respect exempts in CSRFProtect.protect() (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/419\"\u003e#419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/adf674f80c5c5e55c050729e3ec086b4d6cb0f26\"\u003e\u003ccode\u003eadf674f\u003c/code\u003e\u003c/a\u003e widget support the kwargs to add custom html attributes (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/353\"\u003e#353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ea1f797112f857c783dcd2c6e3954357df8e1bb7\"\u003e\u003ccode\u003eea1f797\u003c/code\u003e\u003c/a\u003e feat: CSRF meta tag helper (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/412e3efda3703b141ca75afbcbf0538a7797b713\"\u003e\u003ccode\u003e412e3ef\u003c/code\u003e\u003c/a\u003e Allow nonce in reCaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/a7b764a1fa8f4ea960d81104c364a2d29429e1b8\"\u003e\u003ccode\u003ea7b764a\u003c/code\u003e\u003c/a\u003e ReCaptcha field testing mode documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/650\"\u003e#650\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/c053c0ec11560e68e558636962bbec1115a7ae2a\"\u003e\u003ccode\u003ec053c0e\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump pytest from 9.0.1 to 9.0.3 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ca2216cdf72717aa3c2355ba5f454080c78d9273\"\u003e\u003ccode\u003eca2216c\u003c/code\u003e\u003c/a\u003e chore(deps): bump uv from 0.9.11 to 0.11.6 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `greenlet` from 3.3.2 to 3.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst\"\u003egreenlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.5.0 (2026-04-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove the \u003ccode\u003eatexit\u003c/code\u003e callback. This callback caused greenlet APIs\nto become unavailable far too soon during interpreter shutdown. Now\nthey remain available while all \u003ccode\u003eatexit\u003c/code\u003e callbacks run. Sometime\nafter \u003ccode\u003ePy_IsFinalizing\u003c/code\u003e becomes true, they may begin misbehaving.\nBecause the order in which C extensions are finalized is undefined,\nC extensions that are sensitive to this need to check the results of\nthat function before invoking greenlet APIs. As a convenience,\n\u003ccode\u003ePyGreenlet_GetCurrent\u003c/code\u003e sets an exception and returns \u003ccode\u003eNULL\u003c/code\u003e\nwhen this happens (and \u003ccode\u003egreenlet.getcurrent\u003c/code\u003e begins returning\n\u003ccode\u003eNone\u003c/code\u003e); other greenlet C API functions have undefined behaviour.\nMethods invoked directly on pre-existing \u003ccode\u003egreenlet.greenlet\u003c/code\u003e\nobjects will continue to function at least until the greenlet C\nextension has been garbage collected and finalized.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 508 \u0026lt;https://github.com/python-greenlet/greenlet/pull/508\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.4.0 (2026-04-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePublish binary wheels for RiscV 64.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix multiple rare crash paths during interpreter shutdown.\u003c/p\u003e\n\u003cp\u003eNote that this now relies on the \u003ccode\u003eatexit\u003c/code\u003e module, and introduces\nsubtle API changes during interpreter shutdown (for example,\n\u003ccode\u003egetcurrent\u003c/code\u003e is no longer available once the \u003ccode\u003eatexit\u003c/code\u003e callback fires).\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR [#499](https://github.com/python-greenlet/greenlet/issues/499) \u0026lt;https://github.com/python-greenlet/greenlet/pull/499\u0026gt;\u003c/code\u003e_ by Nicolas\nBouvrette.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress the results of an automated code audit performed by\nDaniel Diniz. This includes several minor correctness changes that\ntheoretically could have been crashing bugs, but typically only in\nvery rare circumstances.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 502 \u0026lt;https://github.com/python-greenlet/greenlet/pull/502\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix several race conditions that could arise in free-threaded\nbuilds when using greenlet objects from multiple threads, some of\nwhich could lead to assertion failures or interpreter crashes.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003eissue 503 \u0026lt;https://github.com/python-greenlet/greenlet/issues/503\u0026gt;\u003c/code\u003e_, with\nthanks to Nitay Dariel and Daniel Diniz.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/c7acc72000572811d6462ebe01733a974f194990\"\u003e\u003ccode\u003ec7acc72\u003c/code\u003e\u003c/a\u003e Preparing release 3.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/d08f99bf40801c5d57af6e13631c0ba68300ecf7\"\u003e\u003ccode\u003ed08f99b\u003c/code\u003e\u003c/a\u003e CHANGES: Update link from \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/507\"\u003e#507\u003c/a\u003e to more full description in \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/fd3391e33cedc7a17a86059f18dfbec2b3a320bd\"\u003e\u003ccode\u003efd3391e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e from python-greenlet/issue507-remove-atexit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/004e1e9bd5c0fa49c66b733c28ec92a3cd41fe09\"\u003e\u003ccode\u003e004e1e9\u003c/code\u003e\u003c/a\u003e Remove the atexit callback.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/b784a69a0da6abd6e66b15a2c1415d272fdd1292\"\u003e\u003ccode\u003eb784a69\u003c/code\u003e\u003c/a\u003e Back to development: 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/df6734edbef6a0e54ecc4ba4735d93ae6d721095\"\u003e\u003ccode\u003edf6734e\u003c/code\u003e\u003c/a\u003e Preparing release 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/0f860756608b767b2ed70f935053b319d1a1b828\"\u003e\u003ccode\u003e0f86075\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/504\"\u003e#504\u003c/a\u003e from python-greenlet/freethreading-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/459657482f3efaee294edff672bde45ac3fac208\"\u003e\u003ccode\u003e4596574\u003c/code\u003e\u003c/a\u003e TLBC: crash appears to still happen on CI 3.14t ubuntu. Re-enable workaround.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/2f4a1cf53fa282ab28ea4815164a9cb09b9320ce\"\u003e\u003ccode\u003e2f4a1cf\u003c/code\u003e\u003c/a\u003e Make green_switch (python level greenlet.switch) and green_throw check for (p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/a0c2a2a7519985d5fe2c034a54f1a0fed82a5905\"\u003e\u003ccode\u003ea0c2a2a\u003c/code\u003e\u003c/a\u003e Fix unused variable warning when asserts are disabled.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-greenlet/greenlet/compare/3.3.2...3.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.11 to 3.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.14 (2026-05-10)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [GHSA-65pc-fj4g-8rjx]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.13 (2026-04-22)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.12 (2026-04-21)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/37b6b7497aee4805f7a74a7d86206ac05be9669a\"\u003e\u003ccode\u003e37b6b74\u003c/code\u003e\u003c/a\u003e Release v3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead\"\u003e\u003ccode\u003e628fef8\u003c/code\u003e\u003c/a\u003e Use valid_string_length() for early oversized-input check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1e26c7fd93c67995422af9d1f071f45ee6433fd0\"\u003e\u003ccode\u003e1e26c7f\u003c/code\u003e\u003c/a\u003e Tweak release wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ab5668fb6eaf4254d91d6993c0b23e98e21202fb\"\u003e\u003ccode\u003eab5668f\u003c/code\u003e\u003c/a\u003e Pre-release 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c0dda4501df5d91c3181ce6f962dc5de74e82cc1\"\u003e\u003ccode\u003ec0dda45\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b7391f4c240bf2eae80eaed0a2ef7c2e0496af96\"\u003e\u003ccode\u003eb7391f4\u003c/code\u003e\u003c/a\u003e Add docstrings to package (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0f4a28d88f8cce54269f0b6a42edf5e6a5424319\"\u003e\u003ccode\u003e0f4a28d\u003c/code\u003e\u003c/a\u003e Raise IDNAError on non-string input to encode/decode (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/224\"\u003e#224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7e6df7196e6396b5b84b9530eab8272b5ad51898\"\u003e\u003ccode\u003e7e6df71\u003c/code\u003e\u003c/a\u003e Address type issues found by \u003ccode\u003ety\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6ebfaab9ea718dce38a7c17ddafd7fb28b0468d4\"\u003e\u003ccode\u003e6ebfaab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/221\"\u003e#221\u003c/a\u003e from kjd/release-3.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/89cdfd27338896cee6b1ee18e64c96ac28684ce0\"\u003e\u003ccode\u003e89cdfd2\u003c/code\u003e\u003c/a\u003e Release v3.13\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.11...v3.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ipython` from 9.11.0 to 9.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/7c1654dcb4bc0d4c841fbee1f5abf7c6c6007111\"\u003e\u003ccode\u003e7c1654d\u003c/code\u003e\u003c/a\u003e release 9.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/d7cd8a44234ddbdba782a42fce7893a4ff4529f4\"\u003e\u003ccode\u003ed7cd8a4\u003c/code\u003e\u003c/a\u003e Fix reStructuredText heading underline consistency in whatsnew (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15189\"\u003e#15189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/6542c95bef054c7ed4c1725047726b7140fe0e4d\"\u003e\u003ccode\u003e6542c95\u003c/code\u003e\u003c/a\u003e Fix RST header levels in whatsnew/version9.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/0ca3e92249fb0af429b40e4827000955d5ceeeb3\"\u003e\u003ccode\u003e0ca3e92\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13 (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15188\"\u003e#15188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/9c8ce1184eceb865d392b39030d6c670caea89c5\"\u003e\u003ccode\u003e9c8ce11\u003c/code\u003e\u003c/a\u003e Revert release.py change, keep as dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1fb2f7dc221e9b889d857b79c38704eab594d4c0\"\u003e\u003ccode\u003e1fb2f7d\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/be4179d1ba8b5c4e0f0d35a7d2f1654fd15c96e3\"\u003e\u003ccode\u003ebe4179d\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15184\"\u003e#15184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1ec6bc9ca9558877b5bfccf66c22e8e61ceba83d\"\u003e\u003ccode\u003e1ec6bc9\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/c6f48bceeec68b6ad9b9e6270eee9a7f4277b245\"\u003e\u003ccode\u003ec6f48bc\u003c/code\u003e\u003c/a\u003e solves \u003ca href=\"https://redirect.github.com/ipython/ipython/issues/14901\"\u003e#14901\u003c/a\u003e illegible yellow string on yellow background issue (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15156\"\u003e#15156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/8635f71fc551d76f017ad47c826bb7c7bfcb6b24\"\u003e\u003ccode\u003e8635f71\u003c/code\u003e\u003c/a\u003e fix: CapturedIO.\u003cstrong\u003einit\u003c/strong\u003e type annotations to accept Optional[StringIO] (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15172\"\u003e#15172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ipython/ipython/compare/9.11.0...9.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jedi` from 0.19.2 to 0.20.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidhalter/jedi/blob/master/CHANGELOG.rst\"\u003ejedi's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e0.20.0 (2026-05-02)\n+++++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3.14 support\u003c/li\u003e\n\u003cli\u003eRemoved support for Python 3.8 and 3.9\u003c/li\u003e\n\u003cli\u003eUpgraded Typeshed\u003c/li\u003e\n\u003cli\u003eBetter support for Final/ClassVar\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e__new__\u003c/code\u003e is now also recognized as a signature and TypeVar inference\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eSelf\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eTypeAlias\u003c/code\u003e, generics for \u003ccode\u003etype[...]\u003c/code\u003e and \u003ccode\u003etuple[...]\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/3102215478fe07b965dcd8221c17436d1dd7e8ac\"\u003e\u003ccode\u003e3102215\u003c/code\u003e\u003c/a\u003e Move the type parameter syntax tests so that it works for all versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/1b37f2eb946e825cbc2887c6dd34ee046f0ae68c\"\u003e\u003ccode\u003e1b37f2e\u003c/code\u003e\u003c/a\u003e Prepare for the 0.20.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8e4df5cc0ec511db1af6d358182b1fb7c1e0cbff\"\u003e\u003ccode\u003e8e4df5c\u003c/code\u003e\u003c/a\u003e Make sure the new generic syntax does not fail with latest parso\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/4c9dbcca0329454b638bfa32e2825bedcfdf0eac\"\u003e\u003ccode\u003e4c9dbcc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/davidhalter/jedi/issues/2098\"\u003e#2098\u003c/a\u003e from davidhalter/updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/fedb1a5eb0d74446f6d431db2920ab5f1e1d5b18\"\u003e\u003ccode\u003efedb1a5\u003c/code\u003e\u003c/a\u003e Fix 3.10 tests in one more case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/87e782f9c82de7297e243a770ac8888570bffa8e\"\u003e\u003ccode\u003e87e782f\u003c/code\u003e\u003c/a\u003e Fix flake8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/cd52d982e10ac54f0ebef06e0bd414f79589998a\"\u003e\u003ccode\u003ecd52d98\u003c/code\u003e\u003c/a\u003e Fixes to get the tests passing for 3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/d0b11806d4d1def377234bc2dc512992c997a977\"\u003e\u003ccode\u003ed0b1180\u003c/code\u003e\u003c/a\u003e Finally make tests work for 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8520a9958b489bd8d30cf20b4d2798f7289aab45\"\u003e\u003ccode\u003e8520a99\u003c/code\u003e\u003c/a\u003e Implement support for TypeVar inference for \u003cstrong\u003enew\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/55e5f0cb92dd92d5bdc80ecfc38664a1afd921d1\"\u003e\u003ccode\u003e55e5f0c\u003c/code\u003e\u003c/a\u003e Implement new-style unions with TypeVars\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidhalter/jedi/compare/v0.19.2...v0.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kaleido` from 1.2.0 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/kaleido/releases\"\u003ekaleido's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/Kaleido/blob/master/CHANGELOG.md\"\u003ekaleido's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.3.0rc0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b7a00c41895ab71b67e5b89b40f186c3f1cecbed\"\u003e\u003ccode\u003eb7a00c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/451\"\u003e#451\u003c/a\u003e from plotly/release-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/423a4f1cc6cbc701f9238281d63324508f12a272\"\u003e\u003ccode\u003e423a4f1\u003c/code\u003e\u003c/a\u003e Update setuptools config to find required subpackages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/28131a743143cc5d134c6e962b603ff3a5ed6253\"\u003e\u003ccode\u003e28131a7\u003c/code\u003e\u003c/a\u003e Updates for release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f72dc86fa75afbca8756fcd9c9b5af550f038d75\"\u003e\u003ccode\u003ef72dc86\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/366\"\u003e#366\u003c/a\u003e from tschm/patch-3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0c5e89030709bc873806c08542ae66afea304f71\"\u003e\u003ccode\u003e0c5e890\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/450\"\u003e#450\u003c/a\u003e from plotly/cam/js-dependency-updates-may-2026\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/4e95de54ad7874e254665444070cf613104749f5\"\u003e\u003ccode\u003e4e95de5\u003c/code\u003e\u003c/a\u003e Bump pygments from 2.19.2 to 2.20.0 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/90ddc9d7e83d4b27cc11a44a9ca15c5d2c6c5688\"\u003e\u003ccode\u003e90ddc9d\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.2.3 to 2.6.3 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f9b850eb38d7d9bb3f24258012d776f03ad355a0\"\u003e\u003ccode\u003ef9b850e\u003c/code\u003e\u003c/a\u003e chore: Update JS dependencies for security fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0978e65f23fbba486d005df1508e008a080d20e4\"\u003e\u003ccode\u003e0978e65\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/432\"\u003e#432\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/minimatch-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b639582c0416f48a682ad01d157af22881d94f75\"\u003e\u003ccode\u003eb639582\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/429\"\u003e#429\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/qs-6.14.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/kaleido/compare/v1.2.0...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it-py` from 4.0.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/executablebooks/markdown-it-py/releases\"\u003emarkdown-it-py's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003emake_fence_rule()\u003c/code\u003e factory for configurable fence markers by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/394\"\u003eexecutablebooks/markdown-it-py#394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🚀 RELEASE v4.2.0 by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/395\"\u003eexecutablebooks/markdown-it-py#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003e--stdin\u003c/code\u003e option to CLI by \u003ca href=\"https://github.com/mcepl\"\u003e\u003ccode\u003e@​mcepl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/379\"\u003eexecutablebooks/markdown-it-py#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd AGENTS.md and copilot-setup-steps workflow by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/380\"\u003eexecutablebooks/markdown-it-py#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔧 Add typing to Scanner by \u003ca href=\"https://github.com/Alunderin\"\u003e\u003ccode\u003e@​Alunderin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/382\"\u003eexecutablebooks/markdown-it-py#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e👌 Fix quadratic complexity in \u003ccode\u003efragments_join\u003c/code\u003e / \u003ccode\u003etext_join\u003c/code\u003e by \u003ca href=\"https://github.com/petricevich\"\u003e\u003ccode\u003e@​petricevich\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/389\"\u003eexecutablebooks/markdown-it-py#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨Allow plugins to register inline terminator characters by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/391\"\u003eexecutablebooks/markdown-it-py#391\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e✨ Add \u003ccode\u003egfm-like2\u003c/code\u003e preset with task lists, alerts, and single-tilde strikethrough by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/388\"\u003eexecutablebooks/markdown-it-py#388\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔧 Update pre-commit hooks by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/392\"\u003eexecutablebooks/markdown-it-py#392\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🚀 RELEASE v4.1.0 by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/393\"\u003eexecutablebooks/markdown-it-py#393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mcepl\"\u003e\u003ccode\u003e@​mcepl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/379\"\u003eexecutablebooks/markdown-it-py#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/380\"\u003eexecutablebooks/markdown-it-py#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Alunderin\"\u003e\u003ccode\u003e@​Alunderin\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/382\"\u003eexecutablebooks/markdown-it-py#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/petricevich\"\u003e\u003ccode\u003e@​petricevich\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/389\"\u003eexecutablebooks/markdown-it-py#389\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/executablebooks/markdown-it-py/compare/v4.0.0...v4.1.0\"\u003ehttps://github.com/executablebooks/markdown-it-py/compare/v4.0.0...v4.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/executablebooks/markdown-it-py/blob/master/CHANGELOG.md\"\u003emarkdown-it-py's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.2.0 - 2026-05-07\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003emake_fence_rule()\u003c/code\u003e factory for configurable fence markers in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/394\"\u003e#394\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.1.0 - 2025-05-06\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003egfm-like2\u003c/code\u003e preset with task lists, alerts, and single-tilde striketh...\n\n_Description has been truncated_","html_url":"https://github.com/vijayverma-techy/OPENALGO/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vijayverma-techy%2FOPENALGO/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"3.23.0","new_version":"3.23.1","update_type":"patch","path":null,"pr_created_at":"2026-05-12T02:40:35.000Z","version_change":"3.23.0 → 3.23.1","issue":{"uuid":"4425760124","node_id":"PR_kwDOR5r03M7af9XF","number":15,"state":"closed","title":"deps(py): bump the python-minor group across 1 directory with 44 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-19T04:59:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-12T02:40:35.000Z","updated_at":"2026-05-19T04:59:39.000Z","time_to_close":613143,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(py): bump","group_name":"python-minor","update_count":44,"packages":[{"name":"anyio","old_version":"4.12.1","new_version":"4.13.0","repository_url":"https://github.com/agronholm/anyio"},{"name":"cachetools","old_version":"7.0.4","new_version":"7.1.1","repository_url":"https://github.com/tkem/cachetools"},{"name":"charset-normalizer","old_version":"3.4.6","new_version":"3.4.7","repository_url":"https://github.com/jawah/charset_normalizer"},{"name":"choreographer","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/plotly/choreographer"},{"name":"click","old_version":"8.3.1","new_version":"8.3.3","repository_url":"https://github.com/pallets/click"},{"name":"duckdb","old_version":"1.5.0","new_version":"1.5.2","repository_url":"https://github.com/duckdb/duckdb-python"},{"name":"flask-wtf","old_version":"1.2.2","new_version":"1.3.0","repository_url":"https://github.com/pallets-eco/flask-wtf"},{"name":"greenlet","old_version":"3.3.2","new_version":"3.5.0","repository_url":"https://github.com/python-greenlet/greenlet"},{"name":"idna","old_version":"3.11","new_version":"3.14","repository_url":"https://github.com/kjd/idna"},{"name":"ipython","old_version":"9.11.0","new_version":"9.13.0","repository_url":"https://github.com/ipython/ipython"},{"name":"jedi","old_version":"0.19.2","new_version":"0.20.0","repository_url":"https://github.com/davidhalter/jedi"},{"name":"kaleido","old_version":"1.2.0","new_version":"1.3.0","repository_url":"https://github.com/plotly/kaleido"},{"name":"llvmlite","old_version":"0.46.0b1","new_version":"0.47.0","repository_url":"https://github.com/numba/llvmlite"},{"name":"markdown-it-py","old_version":"4.0.0","new_version":"4.2.0","repository_url":"https://github.com/executablebooks/markdown-it-py"},{"name":"matplotlib-inline","old_version":"0.2.1","new_version":"0.2.2","repository_url":"https://github.com/ipython/matplotlib-inline"},{"name":"mcp","old_version":"1.26.0","new_version":"1.27.1","repository_url":"https://github.com/modelcontextprotocol/python-sdk"},{"name":"py-vollib","old_version":"1.0.1","new_version":"1.0.7","repository_url":"https://github.com/vollib/py_vollib"},{"name":"narwhals","old_version":"2.18.0","new_version":"2.21.0","repository_url":"https://github.com/narwhals-dev/narwhals"},{"name":"numba","old_version":"0.64.0","new_version":"0.65.1","repository_url":"https://github.com/numba/numba"},{"name":"numpy","old_version":"2.4.3","new_version":"2.4.4","repository_url":"https://github.com/numpy/numpy"},{"name":"openalgo","old_version":"1.0.46","new_version":"1.0.49","repository_url":"https://github.com/openalgo/openalgo-python"},{"name":"orjson","old_version":"3.11.7","new_version":"3.11.9","repository_url":"https://github.com/ijl/orjson"},{"name":"parso","old_version":"0.8.6","new_version":"0.8.7","repository_url":"https://github.com/davidhalter/parso"},{"name":"pillow","old_version":"12.1.1","new_version":"12.2.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"platformdirs","old_version":"4.9.4","new_version":"4.9.6","repository_url":"https://github.com/tox-dev/platformdirs"},{"name":"plotly","old_version":"6.6.0","new_version":"6.7.0","repository_url":"https://github.com/plotly/plotly.py"},{"name":"pydantic","old_version":"2.12.5","new_version":"2.13.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-core","old_version":"2.41.5","new_version":"2.46.4","repository_url":"https://github.com/pydantic/pydantic"},{"name":"pydantic-settings","old_version":"2.13.1","new_version":"2.14.1","repository_url":"https://github.com/pydantic/pydantic-settings"},{"name":"pygments","old_version":"2.19.2","new_version":"2.20.0","repository_url":"https://github.com/pygments/pygments"},{"name":"pytest","old_version":"9.0.2","new_version":"9.0.3","repository_url":"https://github.com/pytest-dev/pytest"},{"name":"python-multipart","old_version":"0.0.22","new_version":"0.0.28","repository_url":"https://github.com/Kludex/python-multipart"},{"name":"python-telegram-bot","old_version":"22.6","new_version":"22.7","repository_url":"https://github.com/python-telegram-bot/python-telegram-bot"},{"name":"pytz","old_version":"2026.1.post1","new_version":"2026.2","repository_url":"https://github.com/stub42/pytz"},{"name":"requests","old_version":"2.33.0","new_version":"2.34.0","repository_url":"https://github.com/psf/requests"},{"name":"sqlalchemy","old_version":"2.0.48","new_version":"2.0.49","repository_url":"https://github.com/sqlalchemy/sqlalchemy"},{"name":"traitlets","old_version":"5.14.3","new_version":"5.15.0","repository_url":"https://github.com/ipython/traitlets"},{"name":"urllib3","old_version":"2.6.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"uvicorn","old_version":"0.42.0","new_version":"0.46.0","repository_url":"https://github.com/Kludex/uvicorn"},{"name":"wcwidth","old_version":"0.6.0","new_version":"0.7.0","repository_url":"https://github.com/jquast/wcwidth"},{"name":"werkzeug","old_version":"3.1.6","new_version":"3.1.8","repository_url":"https://github.com/pallets/werkzeug"},{"name":"wheel","old_version":"0.46.3","new_version":"0.47.0","repository_url":"https://github.com/pypa/wheel"},{"name":"wtforms","old_version":"3.2.1","new_version":"3.2.2","repository_url":"https://github.com/pallets-eco/wtforms"},{"name":"zipp","old_version":"3.23.0","new_version":"3.23.1","repository_url":"https://github.com/jaraco/zipp"}],"path":null,"ecosystem":"pip"},"body":"Bumps the python-minor group with 44 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [anyio](https://github.com/agronholm/anyio) | `4.12.1` | `4.13.0` |\n| [cachetools](https://github.com/tkem/cachetools) | `7.0.4` | `7.1.1` |\n| [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.6` | `3.4.7` |\n| [choreographer](https://github.com/plotly/choreographer) | `1.2.1` | `1.3.0` |\n| [click](https://github.com/pallets/click) | `8.3.1` | `8.3.3` |\n| [duckdb](https://github.com/duckdb/duckdb-python) | `1.5.0` | `1.5.2` |\n| [flask-wtf](https://github.com/pallets-eco/flask-wtf) | `1.2.2` | `1.3.0` |\n| [greenlet](https://github.com/python-greenlet/greenlet) | `3.3.2` | `3.5.0` |\n| [idna](https://github.com/kjd/idna) | `3.11` | `3.14` |\n| [ipython](https://github.com/ipython/ipython) | `9.11.0` | `9.13.0` |\n| [jedi](https://github.com/davidhalter/jedi) | `0.19.2` | `0.20.0` |\n| [kaleido](https://github.com/plotly/kaleido) | `1.2.0` | `1.3.0` |\n| [llvmlite](https://github.com/numba/llvmlite) | `0.46.0b1` | `0.47.0` |\n| [markdown-it-py](https://github.com/executablebooks/markdown-it-py) | `4.0.0` | `4.2.0` |\n| [matplotlib-inline](https://github.com/ipython/matplotlib-inline) | `0.2.1` | `0.2.2` |\n| [mcp](https://github.com/modelcontextprotocol/python-sdk) | `1.26.0` | `1.27.1` |\n| [py-vollib](https://github.com/vollib/py_vollib) | `1.0.1` | `1.0.7` |\n| [narwhals](https://github.com/narwhals-dev/narwhals) | `2.18.0` | `2.21.0` |\n| [numba](https://github.com/numba/numba) | `0.64.0` | `0.65.1` |\n| [numpy](https://github.com/numpy/numpy) | `2.4.3` | `2.4.4` |\n| [openalgo](https://github.com/openalgo/openalgo-python) | `1.0.46` | `1.0.49` |\n| [orjson](https://github.com/ijl/orjson) | `3.11.7` | `3.11.9` |\n| [parso](https://github.com/davidhalter/parso) | `0.8.6` | `0.8.7` |\n| [pillow](https://github.com/python-pillow/Pillow) | `12.1.1` | `12.2.0` |\n| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.4` | `4.9.6` |\n| [plotly](https://github.com/plotly/plotly.py) | `6.6.0` | `6.7.0` |\n| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.4` |\n| [pydantic-core](https://github.com/pydantic/pydantic) | `2.41.5` | `2.46.4` |\n| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.13.1` | `2.14.1` |\n| [pygments](https://github.com/pygments/pygments) | `2.19.2` | `2.20.0` |\n| [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` |\n| [python-multipart](https://github.com/Kludex/python-multipart) | `0.0.22` | `0.0.28` |\n| [python-telegram-bot](https://github.com/python-telegram-bot/python-telegram-bot) | `22.6` | `22.7` |\n| [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` |\n| [requests](https://github.com/psf/requests) | `2.33.0` | `2.34.0` |\n| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.48` | `2.0.49` |\n| [traitlets](https://github.com/ipython/traitlets) | `5.14.3` | `5.15.0` |\n| [urllib3](https://github.com/urllib3/urllib3) | `2.6.3` | `2.7.0` |\n| [uvicorn](https://github.com/Kludex/uvicorn) | `0.42.0` | `0.46.0` |\n| [wcwidth](https://github.com/jquast/wcwidth) | `0.6.0` | `0.7.0` |\n| [werkzeug](https://github.com/pallets/werkzeug) | `3.1.6` | `3.1.8` |\n| [wheel](https://github.com/pypa/wheel) | `0.46.3` | `0.47.0` |\n| [wtforms](https://github.com/pallets-eco/wtforms) | `3.2.1` | `3.2.2` |\n| [zipp](https://github.com/jaraco/zipp) | `3.23.0` | `3.23.1` |\n\n\nUpdates `anyio` from 4.12.1 to 4.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/agronholm/anyio/releases\"\u003eanyio's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.13.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDropped support for Python 3.9\u003c/li\u003e\n\u003cli\u003eAdded a \u003ccode\u003ettl\u003c/code\u003e parameter to the \u003ccode\u003eanyio.functools.lru_cache\u003c/code\u003e wrapper (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1073\"\u003e#1073\u003c/a\u003e; PR by \u003ca href=\"https://github.com/Graeme22\"\u003e\u003ccode\u003e@​Graeme22\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWidened the type annotations of file I/O streams to accept \u003ccode\u003eIO[bytes]\u003c/code\u003e instead of just \u003ccode\u003eBinaryIO\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1078\"\u003e#1078\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eanyio.Path\u003c/code\u003e not being compatible with Python 3.15 due to the removal of \u003ccode\u003epathlib.Path.is_reserved()\u003c/code\u003e and the addition of \u003ccode\u003epathlib.Path.__vfspath__()\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1061\"\u003e#1061\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eBrokenResourceError\u003c/code\u003e raised by the asyncio \u003ccode\u003eSocketStream\u003c/code\u003e not having the original exception as its cause (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1055\"\u003e#1055\u003c/a\u003e; PR by \u003ca href=\"https://github.com/veeceey\"\u003e\u003ccode\u003e@​veeceey\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the \u003ccode\u003eTypeError\u003c/code\u003e raised when using \u0026quot;func\u0026quot; as a parameter name in \u003ccode\u003epytest.mark.parametrize\u003c/code\u003e when using the pytest plugin (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1068\"\u003e#1068\u003c/a\u003e; PR by \u003ca href=\"https://github.com/JohnnyDeuss\"\u003e\u003ccode\u003e@​JohnnyDeuss\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed the pytest plugin not running tests that had the \u003ccode\u003eanyio\u003c/code\u003e marker added programmatically via \u003ccode\u003epytest_collection_modifyitems\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/422\"\u003e#422\u003c/a\u003e; PR by \u003ca href=\"https://github.com/chbndrhnns\"\u003e\u003ccode\u003e@​chbndrhnns\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when they are contained in an exception group alongside non-cancellation exceptions (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1091\"\u003e#1091\u003c/a\u003e; PR by \u003ca href=\"https://github.com/gschaffner\"\u003e\u003ccode\u003e@​gschaffner\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eCondition.wait()\u003c/code\u003e not passing on a notification when the task is cancelled but already received a notification\u003c/li\u003e\n\u003cli\u003eFixed inverted condition in the process pool shutdown phase which would cause still-running pooled processes not to be terminated (\u003ca href=\"https://redirect.github.com/agronholm/anyio/pull/1074\"\u003e#1074\u003c/a\u003e; PR by \u003ca href=\"https://github.com/bysiber\"\u003e\u003ccode\u003e@​bysiber\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/afbe93ca9d0c447adf26e9c1715ac20870622bf2\"\u003e\u003ccode\u003eafbe93c\u003c/code\u003e\u003c/a\u003e Bumped up the version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/33bdf2e4b4f40c2df178123746147a6d2471808d\"\u003e\u003ccode\u003e33bdf2e\u003c/code\u003e\u003c/a\u003e Rearranged the changelog entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/19e09e25bc5a23dd78a577d8c3909dd377057c78\"\u003e\u003ccode\u003e19e09e2\u003c/code\u003e\u003c/a\u003e Fixed inverted condition in _forcibly_shutdown_process_pool_on_exit (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1074\"\u003e#1074\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/9369d80b9e8292f2a892a9d5c73923c6a28aa08c\"\u003e\u003ccode\u003e9369d80\u003c/code\u003e\u003c/a\u003e Fixed Condition.wait() not handing over notification when cancelled\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/6f122abdc6f6b166c6b6ac27d36d55cdf8fa08e8\"\u003e\u003ccode\u003e6f122ab\u003c/code\u003e\u003c/a\u003e Fixed cancellation exceptions leaking from a \u003ccode\u003eCancelScope\u003c/code\u003e on asyncio when th...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/beaa45aff568a4020f2faf317321dd92f0e1f4a0\"\u003e\u003ccode\u003ebeaa45a\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/602f6606dcf3f37702686a4f3e161328c537b07f\"\u003e\u003ccode\u003e602f660\u003c/code\u003e\u003c/a\u003e Widened type annotations to accept IO[bytes] in file streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/b5dcd45170701a756ba634197398f05d4710cab3\"\u003e\u003ccode\u003eb5dcd45\u003c/code\u003e\u003c/a\u003e Added note about erasing the template\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/d68670b3b4e0917d4caff2de082e03220f3e05a1\"\u003e\u003ccode\u003ed68670b\u003c/code\u003e\u003c/a\u003e [pre-commit.ci] pre-commit autoupdate (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1090\"\u003e#1090\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/agronholm/anyio/commit/fc17a22dd948e6a3d90d99908813f0010dfc3d2c\"\u003e\u003ccode\u003efc17a22\u003c/code\u003e\u003c/a\u003e tweak to_thread docs about abandon_on_cancel (\u003ca href=\"https://redirect.github.com/agronholm/anyio/issues/1088\"\u003e#1088\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/agronholm/anyio/compare/4.12.1...4.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `cachetools` from 7.0.4 to 7.1.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst\"\u003ecachetools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ev7.1.1 (2026-05-03)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eVarious type stub improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.1.0 (2026-05-01)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd type stubs based on the work of the good people at \u003ccode\u003etypeshed \u0026lt;https://github.com/python/typeshed/tree/main/stubs/cachetools/\u0026gt;\u003c/code\u003e__.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate unit tests.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.6 (2026-04-20)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eMinor code improvements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate project URLs.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate CI environment.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003ev7.0.5 (2026-03-09)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eMinor \u003ccode\u003e@cachedmethod\u003c/code\u003e performance improvements.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/2e6a2d21c44e83b56c06cc9dd738e5b7a097ce6a\"\u003e\u003ccode\u003e2e6a2d2\u003c/code\u003e\u003c/a\u003e Release v7.1.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/cc065582849e3658d2c92aac0f5c2b6271ed077f\"\u003e\u003ccode\u003ecc06558\u003c/code\u003e\u003c/a\u003e Minor typing improvements.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/193dd62d9be4e1099039e8fba59a1fe50e8f4d08\"\u003e\u003ccode\u003e193dd62\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://redirect.github.com/tkem/cachetools/issues/393\"\u003e#393\u003c/a\u003e: Improve ambiguous overloads for decorators.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/1ea3422e058ef8b6b7dc15beb9d44d8f7c195a62\"\u003e\u003ccode\u003e1ea3422\u003c/code\u003e\u003c/a\u003e Bump release date.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/d9874465a6ab6f9d1d56cef91370f9c237a7eca6\"\u003e\u003ccode\u003ed987446\u003c/code\u003e\u003c/a\u003e Release v7.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/3d79e80a4a54892d1552cd17da8e27920c1918d8\"\u003e\u003ccode\u003e3d79e80\u003c/code\u003e\u003c/a\u003e Update Copilot Instructions.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/83fe6bc78d0155a0036dda8a8eb1a2ddb8f26c60\"\u003e\u003ccode\u003e83fe6bc\u003c/code\u003e\u003c/a\u003e Add tox pyright check.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/bd3fbc49212eb948e08e9c478e5901f1293fd1f4\"\u003e\u003ccode\u003ebd3fbc4\u003c/code\u003e\u003c/a\u003e Improve typing support.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/09dd6fec4b1b2339451ab26d1ca3c7a049b8c38c\"\u003e\u003ccode\u003e09dd6fe\u003c/code\u003e\u003c/a\u003e Improve original type stubs from typeshed.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tkem/cachetools/commit/873c7013ea92b16f2f24a6001e625fabfdf951a5\"\u003e\u003ccode\u003e873c701\u003c/code\u003e\u003c/a\u003e Add typeshed typings.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tkem/cachetools/compare/v7.0.4...v7.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `charset-normalizer` from 3.4.6 to 3.4.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/releases\"\u003echarset-normalizer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.4.7\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md\"\u003echarset-normalizer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/Ousret/charset_normalizer/compare/3.4.6...3.4.7\"\u003e3.4.7\u003c/a\u003e (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built optimized version using mypy[c] v1.20.\u003c/li\u003e\n\u003cli\u003eRelax \u003ccode\u003esetuptools\u003c/code\u003e constraint to \u003ccode\u003esetuptools\u0026gt;=68,\u0026lt;82.1\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCorrectly remove SIG remnant in utf-7 decoded string. (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/718\"\u003e#718\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/716\"\u003e#716\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/0f07891bf516b5d5231f1bd4dd2d8da7d4d09a9a\"\u003e\u003ccode\u003e0f07891\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/729\"\u003e#729\u003c/a\u003e from jawah/release-3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/fdbeb299479e8f4d737e4d227cd0b2bd5d273dc0\"\u003e\u003ccode\u003efdbeb29\u003c/code\u003e\u003c/a\u003e chore: update dev, and ci requirements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b66f922bfbdbdd9dd46af18a8964d4fb888756d4\"\u003e\u003ccode\u003eb66f922\u003c/code\u003e\u003c/a\u003e chore: add ft classifier\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/f94249d0a2c712f2d03124f4de6b77f5e03aaa96\"\u003e\u003ccode\u003ef94249d\u003c/code\u003e\u003c/a\u003e chore: add test cases for utf_7 recent fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/95c866f6c984bbd043e7e3ed0628aa4f3f8d5a26\"\u003e\u003ccode\u003e95c866f\u003c/code\u003e\u003c/a\u003e chore: bump version to 3.4.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/4f429bb764c7e893f99bb4bceb60856da1baacfb\"\u003e\u003ccode\u003e4f429bb\u003c/code\u003e\u003c/a\u003e chore: bump mypy pre-commit to v1.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/b579cd6cab9bd83aa3fc0ca169d4df022bf4888c\"\u003e\u003ccode\u003eb579cd6\u003c/code\u003e\u003c/a\u003e fix: correctly remove SIG remnant in utf-7 decoded string\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/58bf944a77cc0883fc46a6ee8edac3549fea5d59\"\u003e\u003ccode\u003e58bf944\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump github/codeql-action from 4.32.4 to 4.35.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/44cf8a1b676a2532a8f1694e62e4f4f98f9132e1\"\u003e\u003ccode\u003e44cf8a1\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump actions/download-artifact from 8.0.0 to 8.0.1 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/726\"\u003e#726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jawah/charset_normalizer/commit/362bc20073f737b1ba4ca2f68cffb0c4cc024d20\"\u003e\u003ccode\u003e362bc20\u003c/code\u003e\u003c/a\u003e :arrow_up: Bump docker/setup-qemu-action from 3.7.0 to 4.0.0 (\u003ca href=\"https://redirect.github.com/jawah/charset_normalizer/issues/725\"\u003e#725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jawah/charset_normalizer/compare/3.4.6...3.4.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `choreographer` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/choreographer/blob/main/CHANGELOG.txt\"\u003echoreographer's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ev1.3.0\nv1.3.0rc2\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCheck path validity for browser with is_file()\u003c/li\u003e\n\u003cli\u003eAdd option --verify_local in choreo_diagnose and fix local reporting logic\nv1.3.0rc1\u003c/li\u003e\n\u003cli\u003eWe now look for old download path as well as new download path\nv1.3.0rc0\u003c/li\u003e\n\u003cli\u003eChange to process group for better killing of multi-process chrome\u003c/li\u003e\n\u003cli\u003eAdd argument to Session/Target \u003ccode\u003esend_command(..., *, with_perf: bool)\u003c/code\u003e to\nreturn timing information about browser write/read.\u003c/li\u003e\n\u003cli\u003eUpdate default chrome from 135.0.7011.0/1418433 to 144.0.7527.0/1544685\u003c/li\u003e\n\u003cli\u003eFix: New chrome takes longer/doesn't populate targets right away, so add a\nretry loop to populate targets\u003c/li\u003e\n\u003cli\u003eAlter \u003ccode\u003eget_chrome\u003c/code\u003e verbose to print whole JSON\u003c/li\u003e\n\u003cli\u003eChange chrome download path to use XDG cache dir\u003c/li\u003e\n\u003cli\u003eDon't download chrome if we already have that version: add force argument\u003c/li\u003e\n\u003cli\u003eRemove unused system inspection code\u003c/li\u003e\n\u003cli\u003eAdd a set of helper functions to await for tab loading and send javascript\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/92147b1ccf024ae647f29ebf43057564011e06c9\"\u003e\u003ccode\u003e92147b1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/296\"\u003e#296\u003c/a\u003e from plotly/cam/update-changelog-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/8851fc919bc7dfb27a48541543f1ff195c48eda3\"\u003e\u003ccode\u003e8851fc9\u003c/code\u003e\u003c/a\u003e Updates to release version v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/3128bddf909381a2b4205f0e28c0c3cb8b13498c\"\u003e\u003ccode\u003e3128bdd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/288\"\u003e#288\u003c/a\u003e from plotly/andrew/more_local_logic\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/a6f478e00fb81ad22db7c7c1d31028fb4ab20311\"\u003e\u003ccode\u003ea6f478e\u003c/code\u003e\u003c/a\u003e Add to changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/953e19ad5dc395a3554cfbaf25599a8a3db6d933\"\u003e\u003ccode\u003e953e19a\u003c/code\u003e\u003c/a\u003e Check browser is file whwen checking path validity\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/d062e355b819b84e57060d4e48fbe2aa6f063259\"\u003e\u003ccode\u003ed062e35\u003c/code\u003e\u003c/a\u003e Change default setting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c0c97fc64a55c773dd7484674996cf55d74249a1\"\u003e\u003ccode\u003ec0c97fc\u003c/code\u003e\u003c/a\u003e Add option to verify local with choreo_diagnose\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/7ade1922269a6999c06f2ff92b34a1770bba6d3e\"\u003e\u003ccode\u003e7ade192\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/choreographer/issues/286\"\u003e#286\u003c/a\u003e from plotly/andrew/roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/edf284c8973dd9dc7f7b2f77a53481fe6f0d2671\"\u003e\u003ccode\u003eedf284c\u003c/code\u003e\u003c/a\u003e Update Roadmap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/choreographer/commit/c1b7abce535feb79748c888ba1130b985c13eb3f\"\u003e\u003ccode\u003ec1b7abc\u003c/code\u003e\u003c/a\u003e Changelog\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/choreographer/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `click` from 8.3.1 to 8.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/releases\"\u003eclick's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e8.3.3\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.3 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.3/\"\u003ehttps://pypi.org/project/click/8.3.3/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-3\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-3\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/30\"\u003ehttps://github.com/pallets/click/milestone/30\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/1026\"\u003e#1026\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/1477\"\u003e#1477\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2775\"\u003e#2775\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3298\"\u003e#3298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3299\"\u003e#3299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3238\"\u003e#3238\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3224\"\u003e#3224\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/654\"\u003e#654\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/824\"\u003e#824\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/843\"\u003e#843\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/951\"\u003e#951\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3235\"\u003e#3235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3151\"\u003e#3151\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3177\"\u003e#3177\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2836\"\u003e#2836\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/2837\"\u003e#2837\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3165\"\u003e#3165\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3262\"\u003e#3262\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3280\"\u003e#3280\u003c/a\u003e\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3111\"\u003e#3111\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. \u003ca href=\"https://redirect.github.com/pallets/click/issues/3189\"\u003e#3189\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3250\"\u003e#3250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n\u003ca href=\"https://redirect.github.com/pallets/click/issues/2865\"\u003e#2865\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. \u003ca href=\"https://redirect.github.com/pallets/click/issues/2879\"\u003e#2879\u003c/a\u003e \u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e8.3.2\u003c/h2\u003e\n\u003cp\u003eThis is the Click 8.3.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.\u003c/p\u003e\n\u003cp\u003ePyPI: \u003ca href=\"https://pypi.org/project/click/8.3.2/\"\u003ehttps://pypi.org/project/click/8.3.2/\u003c/a\u003e\nChanges: \u003ca href=\"https://click.palletsprojects.com/page/changes/#version-8-3-2\"\u003ehttps://click.palletsprojects.com/page/changes/#version-8-3-2\u003c/a\u003e\nMilestone: \u003ca href=\"https://github.com/pallets/click/milestone/29\"\u003ehttps://github.com/pallets/click/milestone/29\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets/click/blob/main/CHANGES.rst\"\u003eclick's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 8.3.3\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-20\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse :func:\u003ccode\u003eshlex.split\u003c/code\u003e to split pager and editor commands into \u003ccode\u003eargv\u003c/code\u003e\nlists for :class:\u003ccode\u003esubprocess.Popen\u003c/code\u003e, removing \u003ccode\u003eshell=True\u003c/code\u003e.\n:issue:\u003ccode\u003e1026\u003c/code\u003e :pr:\u003ccode\u003e1477\u003c/code\u003e :pr:\u003ccode\u003e2775\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eTypeError\u003c/code\u003e when rendering help for an option whose default value is\nan object that doesn't support equality comparison with strings, such as\n\u003ccode\u003esemver.Version\u003c/code\u003e. :issue:\u003ccode\u003e3298\u003c/code\u003e :pr:\u003ccode\u003e3299\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix pager test pollution under parallel execution by using pytest's\n\u003ccode\u003etmp_path\u003c/code\u003e fixture instead of a shared temporary file path. :pr:\u003ccode\u003e3238\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eTreat \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values in a \u003ccode\u003edefault_map\u003c/code\u003e as absent, so they fall\nthrough to the next default source instead of being used as the value.\n:issue:\u003ccode\u003e3224\u003c/code\u003e :pr:\u003ccode\u003e3240\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePatch \u003ccode\u003epdb.Pdb\u003c/code\u003e in \u003ccode\u003eCliRunner\u003c/code\u003e isolation so \u003ccode\u003epdb.set_trace()\u003c/code\u003e,\n\u003ccode\u003ebreakpoint()\u003c/code\u003e, and debuggers subclassing \u003ccode\u003epdb.Pdb\u003c/code\u003e (ipdb, pdbpp) can\ninteract with the real terminal instead of the captured I/O streams.\n:issue:\u003ccode\u003e654\u003c/code\u003e :issue:\u003ccode\u003e824\u003c/code\u003e :issue:\u003ccode\u003e843\u003c/code\u003e :pr:\u003ccode\u003e951\u003c/code\u003e :pr:\u003ccode\u003e3235\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd optional randomized parallel test execution using \u003ccode\u003epytest-randomly\u003c/code\u003e and\n\u003ccode\u003epytest-xdist\u003c/code\u003e to detect test pollution and race conditions. :pr:\u003ccode\u003e3151\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd contributor documentation for running stress tests, randomized\nparallel tests, and Flask smoke tests. :pr:\u003ccode\u003e3151\u003c/code\u003e :pr:\u003ccode\u003e3177\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eShow custom \u003ccode\u003eshow_default\u003c/code\u003e string in prompts, matching the existing\nhelp text behavior. :issue:\u003ccode\u003e2836\u003c/code\u003e :pr:\u003ccode\u003e2837\u003c/code\u003e :pr:\u003ccode\u003e3165\u003c/code\u003e :pr:\u003ccode\u003e3262\u003c/code\u003e :pr:\u003ccode\u003e3280\u003c/code\u003e\n:pr:\u003ccode\u003e3328\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003edefault=True\u003c/code\u003e with boolean \u003ccode\u003eflag_value\u003c/code\u003e always returning the\n\u003ccode\u003eflag_value\u003c/code\u003e instead of \u003ccode\u003eTrue\u003c/code\u003e. The \u003ccode\u003edefault=True\u003c/code\u003e to \u003ccode\u003eflag_value\u003c/code\u003e\nsubstitution now only applies to non-boolean flags, where \u003ccode\u003eTrue\u003c/code\u003e acts as a\nsentinel meaning \u0026quot;activate this flag by default\u0026quot;. For boolean flags,\n\u003ccode\u003edefault=True\u003c/code\u003e is returned as a literal value. :issue:\u003ccode\u003e3111\u003c/code\u003e :pr:\u003ccode\u003e3239\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMark \u003ccode\u003emake_default_short_help\u003c/code\u003e as private API. :issue:\u003ccode\u003e3189\u003c/code\u003e :pr:\u003ccode\u003e3250\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCliRunner\u003c/code\u003e's redirected streams now expose the original file descriptor\nvia \u003ccode\u003efileno()\u003c/code\u003e, so that \u003ccode\u003efaulthandler\u003c/code\u003e, \u003ccode\u003esubprocess\u003c/code\u003e, and other\nC-level consumers no longer crash with \u003ccode\u003eio.UnsupportedOperation\u003c/code\u003e.\n:issue:\u003ccode\u003e2865\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eChange :class:\u003ccode\u003eParameterSource\u003c/code\u003e to an :class:\u003ccode\u003e~enum.IntEnum\u003c/code\u003e and reorder\nits members from most to least explicit, so values can be compared to\ncheck whether a parameter was explicitly provided. :issue:\u003ccode\u003e2879\u003c/code\u003e :pr:\u003ccode\u003e3248\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 8.3.2\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-02\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix handling of \u003ccode\u003eflag_value\u003c/code\u003e when \u003ccode\u003eis_flag=False\u003c/code\u003e to allow such options to be\nused without an explicit value. :issue:\u003ccode\u003e3084\u003c/code\u003e :pr:\u003ccode\u003e3152\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eHide \u003ccode\u003eSentinel.UNSET\u003c/code\u003e values as \u003ccode\u003eNone\u003c/code\u003e when using \u003ccode\u003elookup_default()\u003c/code\u003e.\n:issue:\u003ccode\u003e3136\u003c/code\u003e :pr:\u003ccode\u003e3199\u003c/code\u003e :pr:\u003ccode\u003e3202\u003c/code\u003e :pr:\u003ccode\u003e3209\u003c/code\u003e :pr:\u003ccode\u003e3212\u003c/code\u003e :pr:\u003ccode\u003e3224\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c06d2d0a6aee6bcc50bd8257be2a4a592f4e75d0\"\u003e\u003ccode\u003ec06d2d0\u003c/code\u003e\u003c/a\u003e Release 8.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/f1f191ecd2c790b161187c78e7c88440e9524e5c\"\u003e\u003ccode\u003ef1f191e\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3343\"\u003e#3343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/bb59ba0fd279ca085d1113f0499b6a602ca31081\"\u003e\u003ccode\u003ebb59ba0\u003c/code\u003e\u003c/a\u003e Apply format guidelines to commits since latest 8.3.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/4a352253c9ff013e36d11e4a6820d36d00ff2cd4\"\u003e\u003ccode\u003e4a35225\u003c/code\u003e\u003c/a\u003e Reduce blast-radius of \u003ccode\u003eUNSET\u003c/code\u003e in \u003ccode\u003edefault_map\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3240\"\u003e#3240\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c07bb936de43fd303f9cfbefe248ab23fd2199c8\"\u003e\u003ccode\u003ec07bb93\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into unset-in-default-map\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/c7e1ba8448cbcb2cdd9c1c7f4a592e863dcc3995\"\u003e\u003ccode\u003ec7e1ba8\u003c/code\u003e\u003c/a\u003e Reorder \u003ccode\u003eParameterSource\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3248\"\u003e#3248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/76552ff1e8c85837f911fc34037e702ae4327eda\"\u003e\u003ccode\u003e76552ff\u003c/code\u003e\u003c/a\u003e Show default string in prompt (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3328\"\u003e#3328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/ac5cec5fe54e5a691e7bac17f441ce9498e0744c\"\u003e\u003ccode\u003eac5cec5\u003c/code\u003e\u003c/a\u003e Reorder ParameterSource from most to least explicit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c452e00e6772931b7071d9316b82b77e5b8f280\"\u003e\u003ccode\u003e8c452e0\u003c/code\u003e\u003c/a\u003e Merge branch 'stable' into show-default-string-in-prompt\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets/click/commit/8c95c73bd5ef89eac638f85f1904a104ba4b1a32\"\u003e\u003ccode\u003e8c95c73\u003c/code\u003e\u003c/a\u003e Reconcile default value passing and default activation (\u003ca href=\"https://redirect.github.com/pallets/click/issues/3239\"\u003e#3239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets/click/compare/8.3.1...8.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `duckdb` from 1.5.0 to 1.5.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/duckdb/duckdb-python/releases\"\u003educkdb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.5.2 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eSee the DuckDB core release notes here: \u003ca href=\"https://github.com/duckdb/duckdb/releases/tag/v1.5.2\"\u003ehttps://github.com/duckdb/duckdb/releases/tag/v1.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed in duckdb-python\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eType hints overhaul by \u003ca href=\"https://github.com/OutSquareCapital\"\u003e\u003ccode\u003e@​OutSquareCapital\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/352\"\u003educkdb/duckdb-python#352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCache arrow schema for streaming types by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/423\"\u003educkdb/duckdb-python#423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix segfault on join with None by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/422\"\u003educkdb/duckdb-python#422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix stubs for path_or_buffer param by \u003ca href=\"https://github.com/evertlammerts\"\u003e\u003ccode\u003e@​evertlammerts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/pull/425\"\u003educkdb/duckdb-python#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.5.1 Bugfix Release\u003c/h2\u003e\n\u003cp\u003eDuckDB core v1.5.1 Changelog: \u003ca href=\"https://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\"\u003ehttps://github.com/duckdb/duckdb/compare/v1.5.0...v1.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRe-added basic support for the GEOMETRY type\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/2aea44eeae35b9c77dc2ff672634034a75c9bb16\"\u003e\u003ccode\u003e2aea44e\u003c/code\u003e\u003c/a\u003e pin submodule at release hash\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/3aa2bf2022b91dc9a96c3f91c8bb1fb0296586ef\"\u003e\u003ccode\u003e3aa2bf2\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/425\"\u003e#425\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/018fe057d5a003355deb4213a894af559a947aa7\"\u003e\u003ccode\u003e018fe05\u003c/code\u003e\u003c/a\u003e Fix stubs for path_or_buffer param\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/0ef05d69fc8a123cf532f3ffb3e088212bbbfaf7\"\u003e\u003ccode\u003e0ef05d6\u003c/code\u003e\u003c/a\u003e Fix segfault on join with None (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/422\"\u003e#422\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/4acb9f71e00c5002d3ab3aba78a172df8f7ebbc4\"\u003e\u003ccode\u003e4acb9f7\u003c/code\u003e\u003c/a\u003e Fix segfault on join\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/6f161de62403c209633fcbd52c6c0403dadef7da\"\u003e\u003ccode\u003e6f161de\u003c/code\u003e\u003c/a\u003e Cache arrow schema for streaming types (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/423\"\u003e#423\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/87d6a319674c5e2fb855e140bf539e997e978a2e\"\u003e\u003ccode\u003e87d6a31\u003c/code\u003e\u003c/a\u003e Add CLAUDE.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/ae356cb03926372b9cd3736f39662efd25bb4915\"\u003e\u003ccode\u003eae356cb\u003c/code\u003e\u003c/a\u003e Cache the arrow schema for streams so we don't need an active client context\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/b71639f215d29c4f8b1c53cb3d7cf45603f4c5d2\"\u003e\u003ccode\u003eb71639f\u003c/code\u003e\u003c/a\u003e Test that client context stays open on arrow streams\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duckdb/duckdb-python/commit/305d11457efd4ca0767cad0868b16310b04160a7\"\u003e\u003ccode\u003e305d114\u003c/code\u003e\u003c/a\u003e fix spark test (\u003ca href=\"https://redirect.github.com/duckdb/duckdb-python/issues/421\"\u003e#421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/duckdb/duckdb-python/compare/v1.5.0...v1.5.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `flask-wtf` from 1.2.2 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/releases\"\u003eflask-wtf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epre-commit autoupdate by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/607\"\u003epallets-eco/flask-wtf#607\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove slsa provenance by \u003ca href=\"https://github.com/davidism\"\u003e\u003ccode\u003e@​davidism\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/638\"\u003epallets-eco/flask-wtf#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport for Python 3.14 by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/648\"\u003epallets-eco/flask-wtf#648\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTry not to read uploaded files into memory by \u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/649\"\u003epallets-eco/flask-wtf#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReCaptcha field testing mode documentation by \u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow nonce in reCaptcha by \u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCSRF meta tag helper by \u003ca href=\"https://github.com/azmeuk\"\u003e\u003ccode\u003e@​azmeuk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/674\"\u003epallets-eco/flask-wtf#674\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewidget support the kwargs to add custom html attributes by \u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRespect exempts in CSRFProtect.protect() by \u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdding RECAPTCHA_ENABLE to disable recaptcha by \u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove CSRF Documentation by \u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Zverik\"\u003e\u003ccode\u003e@​Zverik\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/635\"\u003epallets-eco/flask-wtf#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OmeirP\"\u003e\u003ccode\u003e@​OmeirP\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/650\"\u003epallets-eco/flask-wtf#650\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kesara\"\u003e\u003ccode\u003e@​kesara\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/312\"\u003epallets-eco/flask-wtf#312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/thivolle-cazat-cedric\"\u003e\u003ccode\u003e@​thivolle-cazat-cedric\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/353\"\u003epallets-eco/flask-wtf#353\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rauchy\"\u003e\u003ccode\u003e@​rauchy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/419\"\u003epallets-eco/flask-wtf#419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rnt\"\u003e\u003ccode\u003e@​rnt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/509\"\u003epallets-eco/flask-wtf#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/israel-oye\"\u003e\u003ccode\u003e@​israel-oye\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/pull/584\"\u003epallets-eco/flask-wtf#584\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ehttps://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pallets-eco/flask-wtf/blob/main/docs/changes.rst\"\u003eflask-wtf's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 1.3.0\u003c/h2\u003e\n\u003cp\u003eReleased 2026-04-23\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDon't read the whole uploaded files to know their size. :pr:\u003ccode\u003e635\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eStop support for Python 3.9. Start support for Python 3.14. :pr:\u003ccode\u003e648\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eMigrate the project to uv. :pr:\u003ccode\u003e649\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAllow setting a \u003ccode\u003enonce\u003c/code\u003e on :class:\u003ccode\u003e~flask_wtf.recaptcha.RecaptchaField\u003c/code\u003e\n(string or zero-argument callable) for nonce-based Content Security\nPolicies. :pr:\u003ccode\u003e312\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecsrf_meta_tag()\u003c/code\u003e helper and \u003ccode\u003eWTF_CSRF_META_NAME\u003c/code\u003e setting to render\nthe CSRF token as an HTML \u003ccode\u003e\u0026lt;meta\u0026gt;\u003c/code\u003e tag.\u003c/li\u003e\n\u003cli\u003eForward keyword arguments passed to the reCAPTCHA widget as HTML attributes\non the captcha \u003ccode\u003e\u0026lt;div\u0026gt;\u003c/code\u003e, with the field id used as a default \u003ccode\u003eid\u003c/code\u003e.\n:pr:\u003ccode\u003e353\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eapply_exemptions\u003c/code\u003e parameter to\n:meth:\u003ccode\u003e~flask_wtf.csrf.CSRFProtect.protect\u003c/code\u003e so \u003ccode\u003e@csrf.exempt\u003c/code\u003e keeps working\nwhen validation is triggered manually. :pr:\u003ccode\u003e419\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eRECAPTCHA_ENABLED\u003c/code\u003e setting. :pr:\u003ccode\u003e509\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/63eb4d3bd55735fc136bdc6f23a90ca2b220b602\"\u003e\u003ccode\u003e63eb4d3\u003c/code\u003e\u003c/a\u003e chore: bump to v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/192ece3da0d98682c13e12574d7b1fc938bdd8e8\"\u003e\u003ccode\u003e192ece3\u003c/code\u003e\u003c/a\u003e Improve CSRF Documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/1f8522d4a362ee66ab12a1ebf55379501dfcef0d\"\u003e\u003ccode\u003e1f8522d\u003c/code\u003e\u003c/a\u003e Adding RECAPTCHA_ENABLE to disable recaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/64b9215be16dc123f7eb187494dbba6bd0e5c2cd\"\u003e\u003ccode\u003e64b9215\u003c/code\u003e\u003c/a\u003e Respect exempts in CSRFProtect.protect() (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/419\"\u003e#419\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/adf674f80c5c5e55c050729e3ec086b4d6cb0f26\"\u003e\u003ccode\u003eadf674f\u003c/code\u003e\u003c/a\u003e widget support the kwargs to add custom html attributes (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/353\"\u003e#353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ea1f797112f857c783dcd2c6e3954357df8e1bb7\"\u003e\u003ccode\u003eea1f797\u003c/code\u003e\u003c/a\u003e feat: CSRF meta tag helper (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/674\"\u003e#674\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/412e3efda3703b141ca75afbcbf0538a7797b713\"\u003e\u003ccode\u003e412e3ef\u003c/code\u003e\u003c/a\u003e Allow nonce in reCaptcha (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/312\"\u003e#312\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/a7b764a1fa8f4ea960d81104c364a2d29429e1b8\"\u003e\u003ccode\u003ea7b764a\u003c/code\u003e\u003c/a\u003e ReCaptcha field testing mode documentation (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/650\"\u003e#650\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/c053c0ec11560e68e558636962bbec1115a7ae2a\"\u003e\u003ccode\u003ec053c0e\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump pytest from 9.0.1 to 9.0.3 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/673\"\u003e#673\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pallets-eco/flask-wtf/commit/ca2216cdf72717aa3c2355ba5f454080c78d9273\"\u003e\u003ccode\u003eca2216c\u003c/code\u003e\u003c/a\u003e chore(deps): bump uv from 0.9.11 to 0.11.6 (\u003ca href=\"https://redirect.github.com/pallets-eco/flask-wtf/issues/672\"\u003e#672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pallets-eco/flask-wtf/compare/v1.2.2...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `greenlet` from 3.3.2 to 3.5.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst\"\u003egreenlet's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e3.5.0 (2026-04-27)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eRemove the \u003ccode\u003eatexit\u003c/code\u003e callback. This callback caused greenlet APIs\nto become unavailable far too soon during interpreter shutdown. Now\nthey remain available while all \u003ccode\u003eatexit\u003c/code\u003e callbacks run. Sometime\nafter \u003ccode\u003ePy_IsFinalizing\u003c/code\u003e becomes true, they may begin misbehaving.\nBecause the order in which C extensions are finalized is undefined,\nC extensions that are sensitive to this need to check the results of\nthat function before invoking greenlet APIs. As a convenience,\n\u003ccode\u003ePyGreenlet_GetCurrent\u003c/code\u003e sets an exception and returns \u003ccode\u003eNULL\u003c/code\u003e\nwhen this happens (and \u003ccode\u003egreenlet.getcurrent\u003c/code\u003e begins returning\n\u003ccode\u003eNone\u003c/code\u003e); other greenlet C API functions have undefined behaviour.\nMethods invoked directly on pre-existing \u003ccode\u003egreenlet.greenlet\u003c/code\u003e\nobjects will continue to function at least until the greenlet C\nextension has been garbage collected and finalized.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 508 \u0026lt;https://github.com/python-greenlet/greenlet/pull/508\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e3.4.0 (2026-04-08)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ePublish binary wheels for RiscV 64.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix multiple rare crash paths during interpreter shutdown.\u003c/p\u003e\n\u003cp\u003eNote that this now relies on the \u003ccode\u003eatexit\u003c/code\u003e module, and introduces\nsubtle API changes during interpreter shutdown (for example,\n\u003ccode\u003egetcurrent\u003c/code\u003e is no longer available once the \u003ccode\u003eatexit\u003c/code\u003e callback fires).\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR [#499](https://github.com/python-greenlet/greenlet/issues/499) \u0026lt;https://github.com/python-greenlet/greenlet/pull/499\u0026gt;\u003c/code\u003e_ by Nicolas\nBouvrette.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eAddress the results of an automated code audit performed by\nDaniel Diniz. This includes several minor correctness changes that\ntheoretically could have been crashing bugs, but typically only in\nvery rare circumstances.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003ePR 502 \u0026lt;https://github.com/python-greenlet/greenlet/pull/502\u0026gt;\u003c/code\u003e_.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix several race conditions that could arise in free-threaded\nbuilds when using greenlet objects from multiple threads, some of\nwhich could lead to assertion failures or interpreter crashes.\u003c/p\u003e\n\u003cp\u003eSee \u003ccode\u003eissue 503 \u0026lt;https://github.com/python-greenlet/greenlet/issues/503\u0026gt;\u003c/code\u003e_, with\nthanks to Nitay Dariel and Daniel Diniz.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/c7acc72000572811d6462ebe01733a974f194990\"\u003e\u003ccode\u003ec7acc72\u003c/code\u003e\u003c/a\u003e Preparing release 3.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/d08f99bf40801c5d57af6e13631c0ba68300ecf7\"\u003e\u003ccode\u003ed08f99b\u003c/code\u003e\u003c/a\u003e CHANGES: Update link from \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/507\"\u003e#507\u003c/a\u003e to more full description in \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/fd3391e33cedc7a17a86059f18dfbec2b3a320bd\"\u003e\u003ccode\u003efd3391e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/508\"\u003e#508\u003c/a\u003e from python-greenlet/issue507-remove-atexit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/004e1e9bd5c0fa49c66b733c28ec92a3cd41fe09\"\u003e\u003ccode\u003e004e1e9\u003c/code\u003e\u003c/a\u003e Remove the atexit callback.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/b784a69a0da6abd6e66b15a2c1415d272fdd1292\"\u003e\u003ccode\u003eb784a69\u003c/code\u003e\u003c/a\u003e Back to development: 3.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/df6734edbef6a0e54ecc4ba4735d93ae6d721095\"\u003e\u003ccode\u003edf6734e\u003c/code\u003e\u003c/a\u003e Preparing release 3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/0f860756608b767b2ed70f935053b319d1a1b828\"\u003e\u003ccode\u003e0f86075\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/python-greenlet/greenlet/issues/504\"\u003e#504\u003c/a\u003e from python-greenlet/freethreading-fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/459657482f3efaee294edff672bde45ac3fac208\"\u003e\u003ccode\u003e4596574\u003c/code\u003e\u003c/a\u003e TLBC: crash appears to still happen on CI 3.14t ubuntu. Re-enable workaround.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/2f4a1cf53fa282ab28ea4815164a9cb09b9320ce\"\u003e\u003ccode\u003e2f4a1cf\u003c/code\u003e\u003c/a\u003e Make green_switch (python level greenlet.switch) and green_throw check for (p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-greenlet/greenlet/commit/a0c2a2a7519985d5fe2c034a54f1a0fed82a5905\"\u003e\u003ccode\u003ea0c2a2a\u003c/code\u003e\u003c/a\u003e Fix unused variable warning when asserts are disabled.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-greenlet/greenlet/compare/3.3.2...3.5.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `idna` from 3.11 to 3.14\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.14 (2026-05-10)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved opportunity to process long inputs into quadratic\ntime by rejecting oversize inputs up-front. Closes a bypass\nof the CVE-2024-3651 mitigation. [GHSA-65pc-fj4g-8rjx]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Stan Ulbrych for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.13 (2026-04-22)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCorrect classification error for codepoint U+A7F1\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.12 (2026-04-21)\n+++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 17.0.0.\u003c/li\u003e\n\u003cli\u003eIssue a deprecation warning for the transitional argument.\u003c/li\u003e\n\u003cli\u003eAdded lazy-loading to provide some performance improvements.\u003c/li\u003e\n\u003cli\u003eRemoved vestiges of code related to Python 2 support, including\nsegmentation of data structures specific to Jython.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Rodrigo Nogueira for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/37b6b7497aee4805f7a74a7d86206ac05be9669a\"\u003e\u003ccode\u003e37b6b74\u003c/code\u003e\u003c/a\u003e Release v3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/628fef84d3eda59321c21127e73dcd873db23ead\"\u003e\u003ccode\u003e628fef8\u003c/code\u003e\u003c/a\u003e Use valid_string_length() for early oversized-input check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/1e26c7fd93c67995422af9d1f071f45ee6433fd0\"\u003e\u003ccode\u003e1e26c7f\u003c/code\u003e\u003c/a\u003e Tweak release wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/ab5668fb6eaf4254d91d6993c0b23e98e21202fb\"\u003e\u003ccode\u003eab5668f\u003c/code\u003e\u003c/a\u003e Pre-release 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/c0dda4501df5d91c3181ce6f962dc5de74e82cc1\"\u003e\u003ccode\u003ec0dda45\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/b7391f4c240bf2eae80eaed0a2ef7c2e0496af96\"\u003e\u003ccode\u003eb7391f4\u003c/code\u003e\u003c/a\u003e Add docstrings to package (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/0f4a28d88f8cce54269f0b6a42edf5e6a5424319\"\u003e\u003ccode\u003e0f4a28d\u003c/code\u003e\u003c/a\u003e Raise IDNAError on non-string input to encode/decode (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/224\"\u003e#224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/7e6df7196e6396b5b84b9530eab8272b5ad51898\"\u003e\u003ccode\u003e7e6df71\u003c/code\u003e\u003c/a\u003e Address type issues found by \u003ccode\u003ety\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/kjd/idna/issues/225\"\u003e#225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/6ebfaab9ea718dce38a7c17ddafd7fb28b0468d4\"\u003e\u003ccode\u003e6ebfaab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kjd/idna/issues/221\"\u003e#221\u003c/a\u003e from kjd/release-3.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kjd/idna/commit/89cdfd27338896cee6b1ee18e64c96ac28684ce0\"\u003e\u003ccode\u003e89cdfd2\u003c/code\u003e\u003c/a\u003e Release v3.13\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kjd/idna/compare/v3.11...v3.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ipython` from 9.11.0 to 9.13.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/7c1654dcb4bc0d4c841fbee1f5abf7c6c6007111\"\u003e\u003ccode\u003e7c1654d\u003c/code\u003e\u003c/a\u003e release 9.13.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/d7cd8a44234ddbdba782a42fce7893a4ff4529f4\"\u003e\u003ccode\u003ed7cd8a4\u003c/code\u003e\u003c/a\u003e Fix reStructuredText heading underline consistency in whatsnew (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15189\"\u003e#15189\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/6542c95bef054c7ed4c1725047726b7140fe0e4d\"\u003e\u003ccode\u003e6542c95\u003c/code\u003e\u003c/a\u003e Fix RST header levels in whatsnew/version9.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/0ca3e92249fb0af429b40e4827000955d5ceeeb3\"\u003e\u003ccode\u003e0ca3e92\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13 (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15188\"\u003e#15188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/9c8ce1184eceb865d392b39030d6c670caea89c5\"\u003e\u003ccode\u003e9c8ce11\u003c/code\u003e\u003c/a\u003e Revert release.py change, keep as dev\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1fb2f7dc221e9b889d857b79c38704eab594d4c0\"\u003e\u003ccode\u003e1fb2f7d\u003c/code\u003e\u003c/a\u003e Prepare release notes for 9.13\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/be4179d1ba8b5c4e0f0d35a7d2f1654fd15c96e3\"\u003e\u003ccode\u003ebe4179d\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15184\"\u003e#15184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/1ec6bc9ca9558877b5bfccf66c22e8e61ceba83d\"\u003e\u003ccode\u003e1ec6bc9\u003c/code\u003e\u003c/a\u003e Implement support for image/png format in terminal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/c6f48bceeec68b6ad9b9e6270eee9a7f4277b245\"\u003e\u003ccode\u003ec6f48bc\u003c/code\u003e\u003c/a\u003e solves \u003ca href=\"https://redirect.github.com/ipython/ipython/issues/14901\"\u003e#14901\u003c/a\u003e illegible yellow string on yellow background issue (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15156\"\u003e#15156\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ipython/ipython/commit/8635f71fc551d76f017ad47c826bb7c7bfcb6b24\"\u003e\u003ccode\u003e8635f71\u003c/code\u003e\u003c/a\u003e fix: CapturedIO.\u003cstrong\u003einit\u003c/strong\u003e type annotations to accept Optional[StringIO] (\u003ca href=\"https://redirect.github.com/ipython/ipython/issues/15172\"\u003e#15172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ipython/ipython/compare/9.11.0...9.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jedi` from 0.19.2 to 0.20.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidhalter/jedi/blob/master/CHANGELOG.rst\"\u003ejedi's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e0.20.0 (2026-05-02)\n+++++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePython 3.14 support\u003c/li\u003e\n\u003cli\u003eRemoved support for Python 3.8 and 3.9\u003c/li\u003e\n\u003cli\u003eUpgraded Typeshed\u003c/li\u003e\n\u003cli\u003eBetter support for Final/ClassVar\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e__new__\u003c/code\u003e is now also recognized as a signature and TypeVar inference\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eSelf\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSupport for \u003ccode\u003eTypeAlias\u003c/code\u003e, generics for \u003ccode\u003etype[...]\u003c/code\u003e and \u003ccode\u003etuple[...]\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/3102215478fe07b965dcd8221c17436d1dd7e8ac\"\u003e\u003ccode\u003e3102215\u003c/code\u003e\u003c/a\u003e Move the type parameter syntax tests so that it works for all versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/1b37f2eb946e825cbc2887c6dd34ee046f0ae68c\"\u003e\u003ccode\u003e1b37f2e\u003c/code\u003e\u003c/a\u003e Prepare for the 0.20.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8e4df5cc0ec511db1af6d358182b1fb7c1e0cbff\"\u003e\u003ccode\u003e8e4df5c\u003c/code\u003e\u003c/a\u003e Make sure the new generic syntax does not fail with latest parso\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/4c9dbcca0329454b638bfa32e2825bedcfdf0eac\"\u003e\u003ccode\u003e4c9dbcc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/davidhalter/jedi/issues/2098\"\u003e#2098\u003c/a\u003e from davidhalter/updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/fedb1a5eb0d74446f6d431db2920ab5f1e1d5b18\"\u003e\u003ccode\u003efedb1a5\u003c/code\u003e\u003c/a\u003e Fix 3.10 tests in one more case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/87e782f9c82de7297e243a770ac8888570bffa8e\"\u003e\u003ccode\u003e87e782f\u003c/code\u003e\u003c/a\u003e Fix flake8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/cd52d982e10ac54f0ebef06e0bd414f79589998a\"\u003e\u003ccode\u003ecd52d98\u003c/code\u003e\u003c/a\u003e Fixes to get the tests passing for 3.10\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/d0b11806d4d1def377234bc2dc512992c997a977\"\u003e\u003ccode\u003ed0b1180\u003c/code\u003e\u003c/a\u003e Finally make tests work for 3.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/8520a9958b489bd8d30cf20b4d2798f7289aab45\"\u003e\u003ccode\u003e8520a99\u003c/code\u003e\u003c/a\u003e Implement support for TypeVar inference for \u003cstrong\u003enew\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/davidhalter/jedi/commit/55e5f0cb92dd92d5bdc80ecfc38664a1afd921d1\"\u003e\u003ccode\u003e55e5f0c\u003c/code\u003e\u003c/a\u003e Implement new-style unions with TypeVars\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidhalter/jedi/compare/v0.19.2...v0.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `kaleido` from 1.2.0 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/kaleido/releases\"\u003ekaleido's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/plotly/Kaleido/blob/master/CHANGELOG.md\"\u003ekaleido's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow for request headers to be added to Choreographer calls [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/446\"\u003e#446\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUpdate Choreographer to v1.3.0 [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/449\"\u003e#449\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDeprecated\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003cli\u003eFix issue where exporting large figures could cause hang [\u003ca href=\"https://redirect.github.com/plotly/Kaleido/pull/442\"\u003e#442\u003c/a\u003e], with thanks to \u003ca href=\"https://github.com/EliasTalcott\"\u003e\u003ccode\u003e@​EliasTalcott\u003c/code\u003e\u003c/a\u003e for the contribution!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.3.0rc0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSignificant refactor, better organization\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ewrite_fig\u003c/code\u003e and \u003ccode\u003e_from_object\u003c/code\u003e now take an additional argument:\n\u003ccode\u003ecancel_on_error: bool, default False\u003c/code\u003e. See docs.\u003c/li\u003e\n\u003cli\u003eUnused \u003ccode\u003epath\u003c/code\u003e argument for \u003ccode\u003ecalc_fig\u003c/code\u003e was deprecated.\u003c/li\u003e\n\u003cli\u003eFixed race condition where two render tasks would choose the same filename\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b7a00c41895ab71b67e5b89b40f186c3f1cecbed\"\u003e\u003ccode\u003eb7a00c4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/451\"\u003e#451\u003c/a\u003e from plotly/release-v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/423a4f1cc6cbc701f9238281d63324508f12a272\"\u003e\u003ccode\u003e423a4f1\u003c/code\u003e\u003c/a\u003e Update setuptools config to find required subpackages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/28131a743143cc5d134c6e962b603ff3a5ed6253\"\u003e\u003ccode\u003e28131a7\u003c/code\u003e\u003c/a\u003e Updates for release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f72dc86fa75afbca8756fcd9c9b5af550f038d75\"\u003e\u003ccode\u003ef72dc86\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/366\"\u003e#366\u003c/a\u003e from tschm/patch-3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0c5e89030709bc873806c08542ae66afea304f71\"\u003e\u003ccode\u003e0c5e890\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/450\"\u003e#450\u003c/a\u003e from plotly/cam/js-dependency-updates-may-2026\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/4e95de54ad7874e254665444070cf613104749f5\"\u003e\u003ccode\u003e4e95de5\u003c/code\u003e\u003c/a\u003e Bump pygments from 2.19.2 to 2.20.0 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/90ddc9d7e83d4b27cc11a44a9ca15c5d2c6c5688\"\u003e\u003ccode\u003e90ddc9d\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.2.3 to 2.6.3 in /src/py\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/f9b850eb38d7d9bb3f24258012d776f03ad355a0\"\u003e\u003ccode\u003ef9b850e\u003c/code\u003e\u003c/a\u003e chore: Update JS dependencies for security fixes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/0978e65f23fbba486d005df1508e008a080d20e4\"\u003e\u003ccode\u003e0978e65\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/432\"\u003e#432\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/minimatch-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/plotly/Kaleido/commit/b639582c0416f48a682ad01d157af22881d94f75\"\u003e\u003ccode\u003eb639582\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/plotly/kaleido/issues/429\"\u003e#429\u003c/a\u003e from plotly/dependabot/npm_and_yarn/src/js/qs-6.14.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/plotly/kaleido/compare/v1.2.0...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `llvmlite` from 0.46.0b1 to 0.47.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/numba/llvmlite/releases\"\u003ellvmlite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.47.0\u003c/h2\u003e\n\u003cp\u003eFor detailed release notes, see: \u003ca href=\"https://llvmlite.readthedocs.io/en/v0.47.0/\"\u003ehttps://llvmlite.readthedocs.io/en/v0.47.0/\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.46.0\u003c/h2\u003e\n\u003cp\u003eFor detailed release notes, see: \u003ca href=\"https://llvmlite.readthedocs.io/en/v0.46.0\"\u003ehttps://llvmlite.readthedocs.io/en/v0.46.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/a1b33d2c2dac939a6263c544afd46eb66189b740\"\u003e\u003ccode\u003ea1b33d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/1412\"\u003e#1412\u003c/a\u003e from swap357/release0.47\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/908fd0e36e1e8f0be1a36d66394b5bc838853106\"\u003e\u003ccode\u003e908fd0e\u003c/code\u003e\u003c/a\u003e add final changelog entry\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/f4f904208aec1d1516946f5f38a2737a61a8087e\"\u003e\u003ccode\u003ef4f9042\u003c/code\u003e\u003c/a\u003e update CHANGE_LOG for v0.47.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/01d2b0401d1a5e19b185c582c69421e15f166561\"\u003e\u003ccode\u003e01d2b04\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/1406\"\u003e#1406\u003c/a\u003e from swap357/release0.47\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/2b62a94af24c109bfd9213422363f3e42e6b8070\"\u003e\u003ccode\u003e2b62a94\u003c/code\u003e\u003c/a\u003e update changelog for 0.47.0rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/fafaa85470bd70aa31711f075f8fee7f3e5d3dee\"\u003e\u003ccode\u003efafaa85\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/1403\"\u003e#1403\u003c/a\u003e from numba/renovate/major-github-artifact-actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/ec1375e4ba338a7960050260d6599c3549e48891\"\u003e\u003ccode\u003eec1375e\u003c/code\u003e\u003c/a\u003e chore(deps): update github artifact actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/d869142f16105eee20353379e65a4e6805d34c9d\"\u003e\u003ccode\u003ed869142\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/numba/llvmlite/issues/569\"\u003e#569\u003c/a\u003e from ARF1/wip/fix_setup_clean\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/dd23d71d1ec24bb56ba266937a52cabd886774c9\"\u003e\u003ccode\u003edd23d71\u003c/code\u003e\u003c/a\u003e refactor cleanup logic to restrict removal to llvmlite directory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/numba/llvmlite/commit/37586b026abd5df51b730ac26650ba6331371615\"\u003e\u003ccode\u003e37586b0\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'upstream/main' into wip/fix_setup_clean\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/numba/llvmlite/compare/v0.46.0b1...v0.47.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `markdown-it-py` from 4.0.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/executablebooks/markdown-it-py/releases\"\u003emarkdown-it-py's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003emake_fence_rule()\u003c/code\u003e factory for configurable fence markers by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/394\"\u003eexecutablebooks/markdown-it-py#394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🚀 RELEASE v4.2.0 by \u003ca href=\"https://github.com/chrisjsewell\"\u003e\u003ccode\u003e@​chrisjsewell\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/395\"\u003eexecutablebooks/markdown-it-py#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/executablebooks/markdown-it-py/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e✨ Add \u003ccode\u003e--stdin\u003c/code\u003e option to CLI by \u003ca href=\"https://github.com/mcepl\"\u003e\u003ccode\u003e@​mcepl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/379\"\u003eexecutablebooks/markdown-it-py#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd AGENTS.md and copilot-setup-steps workflow by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/executablebooks/markdown-it-py/pull/380\"\u003eexecutablebooks/markdown-it-py#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e🔧 Add typing to Scanner by \u003ca href=\"https://github.com/Alunderin\"\u003e\u003ccode\u003e@​Alunderin\u003c...\n\n_Description has been truncated_","html_url":"https://github.com/Rrudra1995/Openai-new/pull/15","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Rrudra1995%2FOpenai-new/issues/15","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/15/packages"}}]}