Skip to content

Bump the primary-deps group across 1 directory with 5 updates#144

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/primary-deps-8f8e66b5fc
Open

Bump the primary-deps group across 1 directory with 5 updates#144
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/primary-deps-8f8e66b5fc

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 1, 2024

Bumps the primary-deps group with 5 updates in the / directory:

Package From To
marshmallow 3.21.1 3.21.3
requests 2.31.0 2.32.3
botocore 1.34.74 1.34.136
boto3 1.34.74 1.34.136
slack-sdk 3.27.1 3.30.0

Updates marshmallow from 3.21.1 to 3.21.3

Changelog

Sourced from marshmallow's changelog.

3.21.3 (2024-06-05)

Bug fixes:

  • Fix memory leak that prevented schema instances from getting GC'd (:pr:2277). Thanks :user:mrcljx for the PR.

3.21.2 (2024-05-01)

Bug fixes:

  • Allow timestamp 0 in fields.DateTime (:issue:2133). Thanks :user:flydzen for reporting.
Commits
  • b9646e3 Bump version and update changelog
  • 99103a6 Remove leaky lru_cache (#2277)
  • 47205b5 [pre-commit.ci] pre-commit autoupdate (#2276)
  • aaecd5b [pre-commit.ci] pre-commit autoupdate
  • c592536 [pre-commit.ci] pre-commit autoupdate (#2269)
  • ee0c903 [pre-commit.ci] pre-commit autoupdate
  • d4fd5a4 [pre-commit.ci] pre-commit autoupdate
  • 511b8c5 Bump version and update changelog
  • 03f56a4 Merge pull request #2264 from marshmallow-code/allow_timestamp_0
  • 58fbbcd Encapsulate timestamp boolean check in utils
  • Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.3

Release notes

Sourced from requests's releases.

v2.32.3

2.32.3 (2024-05-29)

Bugfixes

  • Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
  • Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored.

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.3 (2024-05-29)

Bugfixes

  • Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
  • Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

... (truncated)

Commits
  • 0e322af v2.32.3
  • e188799 Don't create default SSLContext if ssl module isn't present (#6724)
  • 145b539 Merge pull request #6716 from sigmavirus24/bug/6715
  • b1d73dd Don't use default SSLContext with custom poolmanager kwargs
  • 6badbac Update HISTORY.md
  • a62a2d3 Allow for overriding of specific pool key params
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • Additional commits viewable in compare view

Updates botocore from 1.34.74 to 1.34.136

Changelog

Sourced from botocore's changelog.

1.34.136

  • api-change:acm-pca: Added CCPC_LEVEL_1_OR_HIGHER KeyStorageSecurityStandard and SM2 KeyAlgorithm and SM3WITHSM2 SigningAlgorithm for China regions.
  • api-change:cloudhsmv2: Added 3 new APIs to support backup sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added BackupArn to the output of the DescribeBackups API. Added support for BackupArn in the CreateCluster API.
  • api-change:connect: This release supports showing PreferredAgentRouting step via DescribeContact API.
  • api-change:emr: This release provides the support for new allocation strategies i.e. CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for On-Demand by taking input of priority value for each instance type for instance fleet clusters.
  • api-change:glue: Added AttributesToGet parameter to Glue GetDatabases, allowing caller to limit output to include only the database name.
  • api-change:kinesisanalyticsv2: Support for Flink 1.19 in Managed Service for Apache Flink
  • api-change:opensearch: This release removes support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains.
  • api-change:pi: Noting that the filter db.sql.db_id isn't available for RDS for SQL Server DB instances.
  • api-change:workspaces: Added support for Red Hat Enterprise Linux 8 on Amazon WorkSpaces Personal.

1.34.135

  • api-change:application-autoscaling: Amazon WorkSpaces customers can now use Application Auto Scaling to automatically scale the number of virtual desktops in a WorkSpaces pool.
  • api-change:chime-sdk-media-pipelines: Added Amazon Transcribe multi language identification to Chime SDK call analytics. Enabling customers sending single stream audio to generate call recordings using Chime SDK call analytics
  • api-change:cloudfront: Doc only update for CloudFront that fixes customer-reported issue
  • api-change:datazone: This release supports the data lineage feature of business data catalog in Amazon DataZone.
  • api-change:elasticache: Add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • api-change:mq: This release makes the EngineVersion field optional for both broker and configuration and uses the latest available version by default. The AutoMinorVersionUpgrade field is also now optional for broker creation and defaults to 'true'.
  • api-change:qconnect: Adds CreateContentAssociation, ListContentAssociations, GetContentAssociation, and DeleteContentAssociation APIs.
  • api-change:quicksight: Adding support for Repeating Sections, Nested Filters
  • api-change:rds: Updates Amazon RDS documentation for TAZ export to S3.
  • api-change:sagemaker: Add capability for Admins to customize Studio experience for the user by showing or hiding Apps and MLTools.
  • api-change:workspaces: Added support for WorkSpaces Pools.

1.34.134

  • api-change:controltower: Added ListLandingZoneOperations API.
  • api-change:eks: Added support for disabling unmanaged addons during cluster creation.
  • api-change:ivs-realtime: IVS Real-Time now offers customers the ability to upload public keys for customer vended participant tokens.
  • api-change:kinesisanalyticsv2: This release adds support for new ListApplicationOperations and DescribeApplicationOperation APIs. It adds a new configuration to enable system rollbacks, adds field ApplicationVersionCreateTimestamp for clarity and improves support for pagination for APIs.
  • api-change:opensearch: This release adds support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the current state of the setup or tear-down.

1.34.133

  • api-change:autoscaling: Doc only update for Auto Scaling's TargetTrackingMetricDataQuery
  • api-change:ec2: This release is for the launch of the new u7ib-12tb.224xlarge, R8g, c7gn.metal and mac2-m1ultra.metal instance types
  • api-change:networkmanager: This is model changes & documentation update for the Asynchronous Error Reporting feature for AWS Cloud WAN. This feature allows customers to view errors that occur while their resources are being provisioned, enabling customers to fix their resources without needing external support.
  • api-change:workspaces-thin-client: This release adds the deviceCreationTags field to CreateEnvironment API input, UpdateEnvironment API input and GetEnvironment API output.

1.34.132

... (truncated)

Commits
  • 446acfb Merge branch 'release-1.34.136'
  • 09a10d8 Bumping version to 1.34.136
  • 9d5bd52 Update endpoints model
  • e3c5915 Update to latest models
  • ce75911 Merge branch 'release-1.34.135'
  • 1c7af15 Merge branch 'release-1.34.135' into develop
  • 31053b7 Bumping version to 1.34.135
  • 5de46c9 Update endpoints model
  • 4d04705 Update to latest models
  • c2c38f8 Merge branch 'release-1.34.134' into develop
  • Additional commits viewable in compare view

Updates boto3 from 1.34.74 to 1.34.136

Commits
  • 04045c4 Merge branch 'release-1.34.136'
  • c04875b Bumping version to 1.34.136
  • 5df3444 Add changelog entries from botocore
  • dcfb592 Merge pull request #4182 from kdaily/kdaily-remove-opsworks-collections-integ...
  • acbe904 Do not test opsworks collections
  • 359f0b2 Merge branch 'release-1.34.135'
  • 54246d5 Merge branch 'release-1.34.135' into develop
  • d9b5ce7 Bumping version to 1.34.135
  • 857c461 Add changelog entries from botocore
  • 6221a41 Merge branch 'release-1.34.134' into develop
  • Additional commits viewable in compare view

Updates slack-sdk from 3.27.1 to 3.30.0

Release notes

Sourced from slack-sdk's releases.

version 3.30.0

Changes

All issues/pull requests: https://github.com/slackapi/python-slack-sdk/milestone/99?closed=1 Full Changelog: slackapi/python-slack-sdk@v3.29.0...v3.30.0

version 3.29.0

Changes

  • #1508 Add canvases APIs and users.discoverableContacts.lookup API - Thanks @​seratch

version 3.28.0

What's Changed

New Contributors

All issues/pull requests: https://github.com/slackapi/python-slack-sdk/milestone/95?closed=1 Full Changelog: slackapi/python-slack-sdk@v3.27.2...v3.28.0

version 3.27.2

Changes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the primary-deps group across 1 directory with 5 updates
b54d283 
Bumps the primary-deps group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [marshmallow](https://github.com/marshmallow-code/marshmallow) | `3.21.1` | `3.21.3` |
| [requests](https://github.com/psf/requests) | `2.31.0` | `2.32.3` |
| [botocore](https://github.com/boto/botocore) | `1.34.74` | `1.34.136` |
| [boto3](https://github.com/boto/boto3) | `1.34.74` | `1.34.136` |
| [slack-sdk](https://github.com/slackapi/python-slack-sdk) | `3.27.1` | `3.30.0` |



Updates `marshmallow` from 3.21.1 to 3.21.3
- [Changelog](https://github.com/marshmallow-code/marshmallow/blob/dev/CHANGELOG.rst)
- [Commits](marshmallow-code/marshmallow@3.21.1...3.21.3)

Updates `requests` from 2.31.0 to 2.32.3
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.31.0...v2.32.3)

Updates `botocore` from 1.34.74 to 1.34.136
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](boto/botocore@1.34.74...1.34.136)

Updates `boto3` from 1.34.74 to 1.34.136
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.34.74...1.34.136)

Updates `slack-sdk` from 3.27.1 to 3.30.0
- [Release notes](https://github.com/slackapi/python-slack-sdk/releases)
- [Changelog](https://github.com/slackapi/python-slack-sdk/blob/main/docs-v2/changelog.html)
- [Commits](slackapi/python-slack-sdk@v3.27.1...v3.30.0)

---
updated-dependencies:
- dependency-name: marshmallow
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: primary-deps
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: primary-deps
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: primary-deps
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: primary-deps
- dependency-name: slack-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: primary-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 1, 2024
@dependabot dependabot bot mentioned this pull request Jul 1, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants