Sourced from python-dotenv's releases.

v1.1.0

What's Changed

• Add a security policy by @​bbc2 in theskumar/python-dotenv#512
• Keep GitHub Actions up to date with GitHub's Dependabot by @​cclauss in theskumar/python-dotenv#506
• ci: fix multiline string in test.yml & use fail-fast strategy by @​cclauss in theskumar/python-dotenv#514
• Enhance dotenv run: Switch to execvpe for better resource management and signal handling by @​eekstunt in theskumar/python-dotenv#523
• ci: add py3.13 to test.yml by @​waketzheng in theskumar/python-dotenv#527
• Add Python 3.13 trove classifier by @​edgarrmondragon in theskumar/python-dotenv#535
• Bump the github-actions group with 2 updates by @​dependabot in theskumar/python-dotenv#529
• Add support for python 3.13 and drop 3.8 by @​theskumar in theskumar/python-dotenv#551
• docs: Update README.md by @​chapeupreto in theskumar/python-dotenv#516
• Some more s/Python-dotenv/python-dotenv/ by @​theskumar in theskumar/python-dotenv#552
• add _is_debugger so load_dotenv will work in pdb by @​randomseed42 in theskumar/python-dotenv#553

New Contributors

• @​eekstunt made their first contribution in theskumar/python-dotenv#523
• @​waketzheng made their first contribution in theskumar/python-dotenv#527
• @​edgarrmondragon made their first contribution in theskumar/python-dotenv#535
• @​dependabot made their first contribution in theskumar/python-dotenv#529
• @​chapeupreto made their first contribution in theskumar/python-dotenv#516
• @​randomseed42 made their first contribution in theskumar/python-dotenv#553

Full Changelog: https://github.com/theskumar/python-dotenv/compare/v1.0.1...v1.1.0

Sourced from python-dotenv's changelog.

[1.1.0] - 2025-03-25

Feature

• Add support for python 3.13
• Enhance dotenv run, switch to execvpe for better resource management and signal handling (#523) by [@​eekstunt]

Fixed

• find_dotenv and load_dotenv now correctly looks up at the current directory when running in debugger or pdb (#553 by [@​randomseed42])

Misc

• Drop support for Python 3.8

• 6a02ef5 update mkdocs -> mkdocstrings config
• 36c6270 Update changelog
• 2198b69 Bump version: 1.0.1 → 1.1.0
• c89fb6d Update changelog
• 8dd413e Add _is_debugger so load_dotenv will work in pdb (#553)
• 9acba4a Some more s/Python-dotenv/python-dotenv/ (#552)
• 3c19c03 s/Python-dotenv/python-dotenv/ (#516)
• 4159388 Add support for python 3.13 and drop 3.8 (#551)
• 2b8635b Bump the github-actions group with 2 updates (#529)
• 533f8ac Add Python 3.13 trove classifier (#535)
• Additional commits viewable in compare view

Sourced from pydantic-settings's releases.

v2.9.1

What's Changed

• fix: Expose ConfigFileSourceMixing on top level sources/init.py by @​jbw-vtl in pydantic/pydantic-settings#597
• Fix typo in gcp secret manager error message by @​christian-heusel in pydantic/pydantic-settings#598
• Prepare release 2.9.1 by @​hramezani in pydantic/pydantic-settings#600

New Contributors

• @​jbw-vtl made their first contribution in pydantic/pydantic-settings#597
• @​christian-heusel made their first contribution in pydantic/pydantic-settings#598

Full Changelog: https://github.com/pydantic/pydantic-settings/compare/v2.9.0...v2.9.1

v2.9.0

What's Changed

• Drop support for Python 3.8 by @​Viicos in pydantic/pydantic-settings#560
• Switch to typing-inspection by @​Viicos in pydantic/pydantic-settings#556
• Introduce uv for Project Management by @​KanchiShimono in pydantic/pydantic-settings#547
• Refactor sources.py into a subpackage (#546) by @​ezwiefel in pydantic/pydantic-settings#548
• chore: cleanup by @​CodeWithEmad in pydantic/pydantic-settings#563
• Fix typo in documentation by @​CodeWithEmad in pydantic/pydantic-settings#564
• Add support for AWS Secrets Manager by @​mavwolverine in pydantic/pydantic-settings#532
• Fix minor typo: conotations => connotations by @​svenevs in pydantic/pydantic-settings#577
• Azure Key Vault: Don't load disabled secret by @​AndreuCodina in pydantic/pydantic-settings#578
• Add support for GCP Secret Manager by @​ezwiefel in pydantic/pydantic-settings#567
• CLI JSON Optional Default by @​kschwab in pydantic/pydantic-settings#581
• Fix for env nested enum. by @​kschwab in pydantic/pydantic-settings#589
• CLI submodel suppress. by @​kschwab in pydantic/pydantic-settings#587
• Cli retrieve unknown args by @​kschwab in pydantic/pydantic-settings#588
• Update pydantic by @​hramezani in pydantic/pydantic-settings#593
• Fix check in CI by @​hramezani in pydantic/pydantic-settings#595

New Contributors

• @​ezwiefel made their first contribution in pydantic/pydantic-settings#548
• @​CodeWithEmad made their first contribution in pydantic/pydantic-settings#563
• @​mavwolverine made their first contribution in pydantic/pydantic-settings#532
• @​svenevs made their first contribution in pydantic/pydantic-settings#577

Full Changelog: https://github.com/pydantic/pydantic-settings/compare/v2.8.1...v2.9.0

v2.8.1

What's Changed

• Fix for init source kwarg alias resolution. by @​kschwab in pydantic/pydantic-settings#550
• Revert usage of positional only argument in BaseSettings.__init__ by @​Viicos in pydantic/pydantic-settings#557
• Revert use of object instead of Any by @​Viicos in pydantic/pydantic-settings#559
• Prepare release 2.8.1 by @​hramezani in pydantic/pydantic-settings#558

Full Changelog: https://github.com/pydantic/pydantic-settings/compare/v2.8.0...v2.8.1

v2.8.0

... (truncated)

• 1874740 Prepare release 2.9.1 (#600)
• 88e77bc Fix typo in gcp secret manager error message (#598)
• e973d9a fix: Expose ConfigFileSourceMixing on top level sources/init.py (#597)
• 8c0f5f1 Fix check in CI (#595)
• 0ac2312 Prepare release 2.9.0 (#594)
• f3e5ac3 Update pydantic (#593)
• 20640b0 Cli retrieve unknown args (#588)
• ed7fd42 CLI submodel suppress. (#587)
• e9fb316 Fix for env nested enum. (#589)
• 0e9b329 CLI JSON Optional Default (#581)
• Additional commits viewable in compare view

Sourced from python-jose[cryptography]'s releases.

3.4.0

News

• Remove support for Python 3.6 and 3.7
• Added support for Python 3.10 and 3.11

Bug fixes and Improvements

• Updating CryptographyAESKey::encrypt to generate 96 bit IVs for GCM block cipher mode
• Fix for PEM key comparisons caused by line lengths and new lines
• Fix for CVE-2024-33664 - JWE limited to 250KiB
• Fix for CVE-2024-33663 - signing JWT with public key is now forbidden
• Replace usage of deprecated datetime.utcnow() with datetime.now(UTC)

Housekeeping

• Updated Github Actions Workflows
• Updated to use tox 4.x
• Revise codecov integration
• Fixed DeprecationWarnings

Sourced from python-jose[cryptography]'s changelog.

3.4.0 -- 2025-02-14

News

• Remove support for Python 3.6 and 3.7
• Added support for Python 3.10 and 3.11

Bug fixes and Improvements

• Updating CryptographyAESKey::encrypt to generate 96 bit IVs for GCM block cipher mode
• Fix for PEM key comparisons caused by line lengths and new lines
• Fix for CVE-2024-33664 - JWE limited to 250KiB
• Fix for CVE-2024-33663 - signing JWT with public key is now forbidden
• Replace usage of deprecated datetime.utcnow() with datetime.now(UTC)

Housekeeping

• Updated Github Actions Workflows
• Updated to use tox 4.x
• Revise codecov integration
• Fixed DeprecationWarnings

• 82cd15f Added release date to CHANGELOG.md for 3.4.0 (#371)
• 4e01847 Prepare 3.4.0 release (#370)
• 0360fa3 Replace usage of deprecated datetime.utcnow() with datetime.now(UTC) (#360)
• 12f30c8 Fix for CVE-2024-33663 (forbid public key for HMAC) (#369)
• 638d047 Bump cryptography from 42.0.4 to 43.0.1 (#368)
• 8e1f521 Fix for CVE-2024-33664. JWE limited to 250K (#352)
• c9403b5 Bump cryptography from 41.0.3 to 42.0.4 (#358)
• 58e543e Bump cryptography from 39.0.1 to 41.0.3
• 50d1997 Disabling test build for Python 3.7 on OS X since arm64 is no longer supporte...
• 1967754 Adding get_pem_for_key and normalize_pem methods to normalize PEM formatt...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions