Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the production-dependencies group in /config/requirements with 4 updates #1029

Closed
wants to merge 1 commit into from
Closed

Bump the production-dependencies group in /config/requirements with 4 updates #1029

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 14, 2024
edited
Loading

Bumps the production-dependencies group in /config/requirements with 4 updates: boto3, botocore, python-json-logger and sqlparse.

Updates boto3 from 1.35.76 to 1.35.81

Commits
  • 1297fdd Merge branch 'release-1.35.81'
  • abf1b3b Bumping version to 1.35.81
  • ce04462 Add changelog entries from botocore
  • 8c560a3 Merge branch 'release-1.35.80'
  • aa78fa9 Merge branch 'release-1.35.80' into develop
  • 071b697 Bumping version to 1.35.80
  • d4b4115 Add changelog entries from botocore
  • 0059432 Merge branch 'release-1.35.79'
  • 1df2e1f Merge branch 'release-1.35.79' into develop
  • 7ade1ba Bumping version to 1.35.79
  • Additional commits viewable in compare view

Updates botocore from 1.35.76 to 1.35.81

Commits
  • 83ff617 Merge branch 'release-1.35.81'
  • 53e3998 Bumping version to 1.35.81
  • c4dd25d Update endpoints model
  • 994ac68 Update to latest models
  • fb7fcb4 Merge branch 'release-1.35.80'
  • d6dc188 Merge branch 'release-1.35.80' into develop
  • 696e322 Bumping version to 1.35.80
  • e36e0e9 Update endpoints model
  • 007e93c Update to latest models
  • 6517f09 Merge branch 'release-1.35.79'
  • Additional commits viewable in compare view

Updates python-json-logger from 2.0.7 to 3.2.0

Release notes

Sourced from python-json-logger's releases.

3.2.0

3.2.0 - 2024-12-11

Changed

  • pythonjsonlogger.[ORJSON,MSGSPEC]_AVAILABLE no longer imports the respective package when determining availability.
  • pythonjsonlogger.[orjson,msgspec] now throws a pythonjsonlogger.exception.MissingPackageError when required libraries are not available. These contain more information about what is missing whilst still being an ImportError.
  • defaults parameter is no longer ignored and now conforms to the standard library. Setting a defaults dictionary will add the specified keys if the those keys do not exist in a record or weren't passed by the extra parameter when logging a message.
  • typing_extensions is only installed on Python version < 3.10.
  • Support Python 3.13
    • msgspec has only been tested against pre-release versions.

Thanks @​cjwatson and @​bharel

v3.1.0

3.1.0 - 2023-05-28

This splits common funcitonality out to allow supporting other JSON encoders. Although this is a large refactor, backwards compatibility has been maintained.

Added

  • pythonjsonlogger.core - more details below.
  • pythonjsonlogger.defaults module that provides many functions for handling unsupported types.
  • Orjson encoder support via pythonjsonlogger.orjson.OrjsonFormatter with the following additions:
    • bytes are URL safe base64 encoded.
    • Exceptions are "pretty printed" using the exception name and message e.g. "ValueError: bad value passed"
    • Enum values use their value, Enum classes now return all values as a list.
    • Tracebacks are supported
    • Classes (aka types) are support
    • Will fallback on __str__ if available, else __repr__ if available, else will use __could_not_encode__
  • MsgSpec encoder support via pythonjsonlogger.msgspec.MsgspecFormatter with the following additions:
    • Exceptions are "pretty printed" using the exception name and message e.g. "ValueError: bad value passed"
    • Enum classes now return all values as a list.
    • Tracebacks are supported
    • Classes (aka types) are support
    • Will fallback on __str__ if available, else __repr__ if available, else will use __could_not_encode__
    • Note: msgspec only supprts enum values of type int or str jcrist/msgspec#680

Changed

  • pythonjsonlogger.jsonlogger has been moved to pythonjsonlogger.json with core functionality moved to pythonjsonlogger.core.
  • pythonjsonlogger.core.BaseJsonFormatter properly supports all logging.Formatter arguments:
    • fmt is unchanged.
    • datefmt is unchanged.
    • style can now support non-standard arguments by setting validate to False
    • validate allows non-standard style arguments or prevents calling validate on standard style arguments.
    • default is ignored.
  • pythonjsonlogger.json.JsonFormatter default encodings changed:
    • bytes are URL safe base64 encoded.
    • Exception formatting detected using BaseException instead of Exception. Now "pretty prints" the exception using the exception name and message e.g. "ValueError: bad value passed"
    • Dataclasses are now supported
    • Enum values now use their value, Enum classes now return all values as a list.
    • Will fallback on __str__ if available, else __repr__ if available, else will use __could_not_encode__

... (truncated)

Changelog

Sourced from python-json-logger's changelog.

3.2.0 - 2024-12-11

Changed

  • pythonjsonlogger.[ORJSON,MSGSPEC]_AVAILABLE no longer imports the respective package when determining availability.
  • pythonjsonlogger.[orjson,msgspec] now throws a pythonjsonlogger.exception.MissingPackageError when required libraries are not available. These contain more information about what is missing whilst still being an ImportError.
  • defaults parameter is no longer ignored and now conforms to the standard library. Setting a defaults dictionary will add the specified keys if the those keys do not exist in a record or weren't passed by the extra parameter when logging a message.
  • typing_extensions is only installed on Python version < 3.10.
  • Support Python 3.13
    • msgspec has only been tested against pre-release versions.

Thanks @​cjwatson and @​bharel

3.1.0 - 2023-05-28

This splits common funcitonality out to allow supporting other JSON encoders. Although this is a large refactor, backwards compatibility has been maintained.

Added

  • pythonjsonlogger.core - more details below.
  • pythonjsonlogger.defaults module that provides many functions for handling unsupported types.
  • Orjson encoder support via pythonjsonlogger.orjson.OrjsonFormatter with the following additions:
    • bytes are URL safe base64 encoded.
    • Exceptions are "pretty printed" using the exception name and message e.g. "ValueError: bad value passed"
    • Enum values use their value, Enum classes now return all values as a list.
    • Tracebacks are supported
    • Classes (aka types) are support
    • Will fallback on __str__ if available, else __repr__ if available, else will use __could_not_encode__
  • MsgSpec encoder support via pythonjsonlogger.msgspec.MsgspecFormatter with the following additions:
    • Exceptions are "pretty printed" using the exception name and message e.g. "ValueError: bad value passed"
    • Enum classes now return all values as a list.
    • Tracebacks are supported
    • Classes (aka types) are support
    • Will fallback on __str__ if available, else __repr__ if available, else will use __could_not_encode__
    • Note: msgspec only supprts enum values of type int or str jcrist/msgspec#680

Changed

  • pythonjsonlogger.jsonlogger has been moved to pythonjsonlogger.json with core functionality moved to pythonjsonlogger.core.
  • pythonjsonlogger.core.BaseJsonFormatter properly supports all logging.Formatter arguments:
    • fmt is unchanged.
    • datefmt is unchanged.
    • style can now support non-standard arguments by setting validate to False
    • validate allows non-standard style arguments or prevents calling validate on standard style arguments.
    • default is ignored.
  • pythonjsonlogger.json.JsonFormatter default encodings changed:
    • bytes are URL safe base64 encoded.
    • Exception formatting detected using BaseException instead of Exception. Now "pretty prints" the exception using the exception name and message e.g. "ValueError: bad value passed"
    • Dataclasses are now supported
    • Enum values now use their value, Enum classes now return all values as a list.
    • Will fallback on __str__ if available, else __repr__ if available, else will use __could_not_encode__
  • Renaming fields now preserves order (#7) and ignores missing fields (#6).
  • Documentation

... (truncated)

Commits
  • c6c8041 Release 3.2.0
  • e5d03eb [docs.contributing] Add PSF affiliation clarification
  • 2548e3a [pyproject] Support Python 3.13 (#23)
  • 2ed6762 [docs] Add PR authors to change log
  • f266f86 Use defaults argument (#26)
  • 2f773cb Restrict typing_extensions requirement to < 3.10 (#28)
  • a1daea2 Improve handling of optional packages (#27)
  • bc807f5 [docs] Expand coobook, cleanup references
  • ee2c128 Add CODE_OF_CONDUCT.md symlink
  • e2b40e4 Release 3.1.0
  • Additional commits viewable in compare view

Updates sqlparse from 0.5.2 to 0.5.3

Changelog

Sourced from sqlparse's changelog.

Release 0.5.3 (Dez 10, 2024)

Bug Fixes

  • This version introduces a more generalized handling of potential denial of service attack (DOS) due to recursion errors for deeply nested statements. Brought up and fixed by @​living180. Thanks a lot!
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the production-dependencies group
8fd6a41 
Bumps the production-dependencies group in /config/requirements with 4 updates: [boto3](https://github.com/boto/boto3), [botocore](https://github.com/boto/botocore), [python-json-logger](https://github.com/nhairs/python-json-logger) and [sqlparse](https://github.com/andialbrecht/sqlparse).


Updates `boto3` from 1.35.76 to 1.35.81
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.35.76...1.35.81)

Updates `botocore` from 1.35.76 to 1.35.81
- [Commits](boto/botocore@1.35.76...1.35.81)

Updates `python-json-logger` from 2.0.7 to 3.2.0
- [Release notes](https://github.com/nhairs/python-json-logger/releases)
- [Changelog](https://github.com/nhairs/python-json-logger/blob/main/docs/changelog.md)
- [Commits](nhairs/python-json-logger@v2.0.7...v3.2.0)

Updates `sqlparse` from 0.5.2 to 0.5.3
- [Release notes](https://github.com/andialbrecht/sqlparse/releases)
- [Changelog](https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG)
- [Commits](andialbrecht/sqlparse@0.5.2...0.5.3)

---
updated-dependencies:
- dependency-name: boto3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: botocore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: python-json-logger
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: sqlparse
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 14, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 16, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 16, 2024
@dependabot dependabot bot deleted the dependabot/pip/config/requirements/production-dependencies-1e2cfbf218 branch December 16, 2024 14:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants