Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the pip group across 1 directory with 17 updates #18

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the pip group across 1 directory with 17 updates #18

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 20, 2024

Updates the requirements on flask, jinja2, httplib2, pyyaml, requests, sqlparse, gunicorn, restrictedpython, pysaml2, sentry-sdk, pyjwt, cryptography, gevent, werkzeug, protobuf, snowflake-connector-python and pyarrow to permit the latest version.
Updates flask from 1.1.1 to 2.2.5

Release notes

Sourced from flask's releases.

2.2.5

This is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.

2.2.4

This is a fix release for the 2.2.x release branch.

2.2.3

This is a fix release for the 2.2.x release branch.

2.2.2

This is a fix release for the 2.2.0 feature release.

2.2.1

This is a fix release for the 2.2.0 feature release.

2.2.0

This is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

2.1.3

2.1.2

This is a fix release for the 2.1.0 feature release.

2.1.1

This is a fix release for the 2.1.0 feature release.

... (truncated)

Changelog

Sourced from flask's changelog.

Version 2.2.5

Released 2023-05-02

  • Update for compatibility with Werkzeug 2.3.3.
  • Set Vary: Cookie header when the session is accessed, modified, or refreshed.

Version 2.2.4

Released 2023-04-25

  • Update for compatibility with Werkzeug 2.3.

Version 2.2.3

Released 2023-02-15

  • Autoescape is enabled by default for .svg template files. :issue:4831
  • Fix the type of template_folder to accept pathlib.Path. :issue:4892
  • Add --debug option to the flask run command. :issue:4777

Version 2.2.2

Released 2022-08-08

  • Update Werkzeug dependency to >= 2.2.2. This includes fixes related to the new faster router, header parsing, and the development server. :pr:4754
  • Fix the default value for app.env to be "production". This attribute remains deprecated. :issue:4740

Version 2.2.1

Released 2022-08-03

  • Setting or accessing json_encoder or json_decoder raises a deprecation warning. :issue:4732

Version 2.2.0

... (truncated)

Commits

Updates jinja2 from 2.10.3 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

  • The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

3.1.3

This is a fix release for the 3.1.x feature branch.

3.1.2

This is a fix release for the 3.1.0 feature release.

3.1.1

3.1.0

This is a feature release, which includes new features and removes previously deprecated features. The 3.1.x branch is now the supported bugfix branch, the 3.0.x branch has become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. We also encourage upgrading to MarkupSafe 2.1.1, the latest version at this time.

3.0.3

3.0.2

3.0.1

3.0.0

New major versions of all the core Pallets libraries, including Jinja 3.0, have been released! 🎉

This represents a significant amount of work, and there are quite a few changes. Be sure to carefully read the changelog, and use tools such as pip-compile and Dependabot to pin your dependencies and control your updates.

... (truncated)

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

  • The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Version 3.1.3

Released 2024-01-10

  • Fix compiler error when checking if required blocks in parent templates are empty. :pr:1858
  • xmlattr filter does not allow keys with spaces. :ghsa:h5c8-rqwp-cp95
  • Make error messages stemming from invalid nesting of {% trans %} blocks more helpful. :pr:1918

Version 3.1.2

Released 2022-04-28

  • Add parameters to Environment.overlay to match __init__. :issue:1645
  • Handle race condition in FileSystemBytecodeCache. :issue:1654

Version 3.1.1

Released 2022-03-25

  • The template filename on Windows uses the primary path separator. :issue:1637

Version 3.1.0

Released 2022-03-24

  • Drop support for Python 3.6. :pr:1534
  • Remove previously deprecated code. :pr:1544

... (truncated)

Commits

Updates httplib2 from 0.14.0 to 0.19.0

Changelog

Sourced from httplib2's changelog.

0.19.0

auth: parse headers using pyparsing instead of regexp httplib2/httplib2#182

auth: WSSE token needs to be string not bytes httplib2/httplib2#179

0.18.1

explicit build-backend workaround for pip build isolation bug "AttributeError: 'module' object has no attribute 'legacy'" on pip install httplib2/httplib2#169

0.18.0

IMPORTANT security vulnerability CWE-93 CRLF injection Force %xx quote of space, CR, LF characters in uri. Special thanks to Recar https://github.com/Ciyfly for discrete notification. https://cwe.mitre.org/data/definitions/93.html

0.17.4

Ship test suite in source dist httplib2/httplib2#168

0.17.3

IronPython2.7: relative import iri2uri fixes ImportError httplib2/httplib2#163

0.17.2

python3 + debug + IPv6 disabled: https raised "IndexError: Replacement index 1 out of range for positional args tuple" httplib2/httplib2#161

0.17.1

python3: no_proxy was not checked with https httplib2/httplib2#160

0.17.0

feature: Http().redirect_codes set, works after follow(_all)_redirects check This allows one line workaround for old gcloud library that uses 308 response without redirect semantics. httplib2/httplib2#156

0.16.0

... (truncated)

Commits
  • 81e80d0 v0.19.0 release
  • c3aed1e fix release script, interactive part
  • bd9ee25 parse auth headers using pyparsing instead of regexp
  • 33090ab initial fuzz testing integration with OSS-Fuzz
  • 595e248 auth: WSSE token needs to be string not bytes
  • 9bf300c v0.18.1 release
  • cb2940a explicit build-backend workaround pip build isolation bug 6264
  • 94f48ef check-manifest build tool
  • 828c26d Security Policy
  • 8373177 v0.18.0 release
  • Additional commits viewable in compare view

Updates pyyaml from 5.1.2 to 5.4

Changelog

Sourced from pyyaml's changelog.

5.4 (2021-01-19)

5.3.1 (2020-03-18)

  • yaml/pyyaml#386 -- Prevents arbitrary code execution during python/object/new constructor

5.3 (2020-01-06)

5.2 (2019-12-02)

  • Repair incompatibilities introduced with 5.1. The default Loader was changed, but several methods like add_constructor still used the old default yaml/pyyaml#279 -- A more flexible fix for custom tag constructors yaml/pyyaml#287 -- Change default loader for yaml.add_constructor yaml/pyyaml#305 -- Change default loader for add_implicit_resolver, add_path_resolver
  • Make FullLoader safer by removing python/object/apply from the default FullLoader yaml/pyyaml#347 -- Move constructor for object/apply to UnsafeConstructor
  • Fix bug introduced in 5.1 where quoting went wrong on systems with sys.maxunicode <= 0xffff yaml/pyyaml#276 -- Fix logic for quoting special characters
  • Other PRs: yaml/pyyaml#280 -- Update CHANGES for 5.1
Commits
  • 58d0cb7 5.4 release
  • a60f7a1 Fix compatibility with Jython
  • ee98abd Run CI on PR base branch changes
  • ddf2033 constructor.timezone: _copy & deepcopy
  • fc914d5 Avoid repeatedly appending to yaml_implicit_resolvers
  • a001f27 Fix for CVE-2020-14343
  • fe15062 Add 3.9 to appveyor file for completeness sake
  • 1e1c7fb Add a newline character to end of pyproject.toml
  • 0b6b7d6 Start sentences and phrases for capital letters
  • c976915 Shell code improvements
  • Additional commits viewable in compare view

Updates requests from 2.21.0 to 2.32.0

Release notes

Sourced from requests's releases.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

  • Requests has officially added support for CPython 3.12 (#6503)
  • Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
  • Requests has officially dropped support for CPython 3.7 (#6642)
  • Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)

Documentation

  • Various typo fixes and doc improvements.

Packaging

  • Requests has started adopting some modern packaging practices. The source files for the projects (formerly requests) is now located in src/requests in the Requests sdist. (#6506)
  • Starting in Requests 2.33.0, Requests will migrate to a PEP 517 build system using hatchling. This should not impact the average user, but extremely old versions of packaging utilities may have issues with the new packaging format.

New Contributors

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.0 (2024-05-20)

Security

  • Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

  • verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
  • Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

  • Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
  • Fixed deserialization bug in JSONDecodeError. (#6629)
  • Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

  • Requests has officially added support for CPython 3.12 (#6503)
  • Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
  • Requests has officially dropped support for CPython 3.7 (#6642)
  • Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)

Documentation

  • Various typo fixes and doc improvements.

Packaging

  • Requests has started adopting some modern packaging practices. The source files for the projects (formerly requests) is now located in src/requests in the Requests sdist. (#6506)
  • Starting in Requests 2.33.0, Requests will migrate to a PEP 517 build system using hatchling. This should not impact the average user, but extremely old versions of packaging utilities may have issues with the new packaging format.

2.31.0 (2023-05-22)

Security

... (truncated)

Commits
  • d6ebc4a v2.32.0
  • 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
  • 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
  • 555b870 Allow character detection dependencies to be optional in post-packaging steps
  • d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
  • bf24b7d Use an invalid URI that will not cause httpbin to throw 500
  • 2d5f547 Pin 3.8 and 3.9 runners back to macos-13 (#6688)
  • f1bb07d Merge pull request #6687 from psf/dependabot/github_actions/github/codeql-act...
  • 60047ad Bump github/codeql-action from 3.24.0 to 3.25.0
  • 31ebb81 Merge pull request #6682 from frenzymadness/pytest8
  • Additional commits viewable in compare view

Updates sqlparse from 0.3.0 to 0.5.0

Changelog

Sourced from sqlparse's changelog.

Release 0.5.0 (Apr 13, 2024)

Notable Changes

  • Drop support for Python 3.5, 3.6, and 3.7.
  • Python 3.12 is now supported (pr725, by hugovk).
  • IMPORTANT: Fixes a potential denial of service attack (DOS) due to recursion error for deeply nested statements. Instead of recursion error a generic SQLParseError is raised. See the security advisory for details: GHSA-2m57-hf25-phgg The vulnerability was discovered by @​uriyay-jfrog. Thanks for reporting!

Enhancements:

  • Splitting statements now allows to remove the semicolon at the end. Some database backends love statements without semicolon (issue742).
  • Support TypedLiterals in get_parameters (pr749, by Khrol).
  • Improve splitting of Transact SQL when using GO keyword (issue762).
  • Support for some JSON operators (issue682).
  • Improve formatting of statements containing JSON operators (issue542).
  • Support for BigQuery and Snowflake keywords (pr699, by griffatrasgo).
  • Support parsing of OVER clause (issue701, pr768 by r33s3n6).

Bug Fixes

  • Ignore dunder attributes when creating Tokens (issue672).
  • Allow operators to precede dollar-quoted strings (issue763).
  • Fix parsing of nested order clauses (issue745, pr746 by john-bodley).
  • Thread-safe initialization of Lexer class (issue730).
  • Classify TRUNCATE as DDL and GRANT/REVOKE as DCL keywords (based on pr719 by josuc1, thanks for bringing this up!).
  • Fix parsing of PRIMARY KEY (issue740).

Other

  • Optimize performance of matching function (pr799, by admachainz).

Release 0.4.4 (Apr 18, 2023)

Notable Changes

  • IMPORTANT: This release fixes a security vulnerability in the parser where a regular expression vulnerable to ReDOS (Regular Expression Denial of Service) was used. See the security advisory for details: GHSA-rrm6-wvj7-cwh2 The vulnerability was discovered by @​erik-krogh from GitHub Security Lab (GHSL). Thanks for reporting!

... (truncated)

Commits
  • ddbd0ec Bump version.
  • 29f2e0a Raise recursion limit for tests.
  • b4a39d9 Raise SQLParseError instead of RecursionError.
  • f1bcf2f Update AUHTORS and Changelog.
  • e03b74e Fix Function.get_parameters(), add Funtion.get_window()
  • 617b8f6 Add OVER clause, and group it into Function (fixes #701)
  • d8f8147 Update AUHTORS and Changelog.
  • 012c9f1 Optimize sqlparse.utils.imt().
  • 46971e5 Fix parsing of PRIMARY KEY (fixes #740).
  • fc4b0be Code cleanup.
  • Additional commits viewable in compare view

Updates gunicorn from 20.0.4 to 22.0.0

Release notes

Sourced from gunicorn's releases.

Gunicorn 22.0 has been released

Gunicorn 22.0.0 has been released. This version fix the numerous security vulnerabilities. You're invited to upgrade asap your own installation.

Changes:

22.0.0 - 2024-04-17
===================

    

  • use utime to notify workers liveness
    • 

  • migrate setup to pyproject.toml
    • 

  • fix numerous security vulnerabilities in HTTP parser (closing some request smuggling vectors)
    • 

  • parsing additional requests is no longer attempted past unsupported request framing
    • 

  • on HTTP versions < 1.1 support for chunked transfer is refused (only used in exploits)
    • 

  • requests conflicting configured or passed SCRIPT_NAME now produce a verbose error
    • 

  • Trailer fields are no longer inspected for headers indicating secure scheme
    • 

  • support Python 3.12
    • 



** Breaking changes **


    

  • minimum version is Python 3.7
    • 

  • the limitations on valid characters in the HTTP method have been bounded to Internet Standards
    • 

  • requests specifying unsupported transfer coding (order) are refused by default (rare)
    • 

  • HTTP methods are no longer casefolded by default (IANA method registry contains none affected)
    • 

  • HTTP methods containing the number sign (#) are no longer accepted by default (rare)
    • 

  • HTTP versions < 1.0 or >= 2.0 are no longer accepted by default (rare, only HTTP/1.1 is supported)
    • 

  • HTTP versions consisting of multiple digits or containing a prefix/suffix are no longer accepted
    • 

  • HTTP header field names Gunicorn cannot safely map to variables are silently dropped, as in other software
    • 

  • HTTP headers with empty field name are refused by default (no legitimate use cases, used in exploits)
    • 

  • requests with both Transfer-Encoding and Content-Length are refused by default (such a message might indicate an attempt to perform request smuggling)
    • 

  • empty transfer codings are no longer permitted (reportedly seen with really old & broken proxies)
    • 



** SECURITY **


    

  • fix CVE-2024-1135
  1. Documentation is available there: https://docs.gunicorn.org/en/stable/news.html
  2. Packages: https://pypi.org/project/gunicorn/

Gunicorn 21.2.0 has been released

Gunicorn 21.2.0 has been released. This version fix the issue introduced in the threaded worker.

Changes:

21.2.0 - 2023-07-19
===================
fix thread worker: revert change considering connection as idle .
</tr></table>

... (truncated)

Commits
  • f63d59e bump to 22.0
  • 4ac81e0 Merge pull request #3175 from e-kwsm/typo
  • 401cecf Merge pull request #3179 from dhdaines/exclude-eventlet-0360
  • 0243ec3 fix(deps): exclude eventlet 0.36.0
  • 628a0bc chore: fix typos
  • 88fc4a4 Merge pull request #3131 from pajod/patch-py12-rebased
  • deae2fc CI: back off the agressive timeout
  • f470382 docs: promise 3.12 compat
  • 5e30bfa add changelog to project.urls (updated for PEP621)
  • 481c3f9 remove setup.cfg - overridden by pyproject.toml
  • Additional commits viewable in compare view

Updates restrictedpython from 5.0 to 7.0

Changelog

Sourced from restrictedpython's changelog.

7.0 (2023-11-17)

Backwards incompatible changes ++++++++++++++++++++++++++++++

  • Drop support for Python 3.6.

Features ++++++++

  • Officially support Python 3.12.

Fixes +++++

  • Prevent DeprecationWarnings from ast.Str and ast.Num on Python 3.12

  • Forbid using some attributes providing access to restricted Python internals. (CVE-2023-37271)

  • Fix information disclosure problems through Python's "format" functionality (format and format_map methods on str and its instances, string.Formatter). (CVE-2023-41039)

6.0 (2022-11-03)

Backwards incompatible changes ++++++++++++++++++++++++++++++

  • Drop support for Python 2.7 and 3.5.

Features ++++++++

  • Officially support Python 3.11.

  • Allow to use the Python 3.11 feature of exception groups and except* (PEP 654).

5.2 (2021-11-19)

  • Document that __name__ is needed to define classes.

  • Add support for Python 3.10. Auditing the Python 3.10 change log did not reveal any changes which require actions in RestrictedPython.

... (truncated)

Commits
  • b5d4ba2 Preparing release 7.0
  • b6a0244 Remove preliminary Python 3.13 support for the final 3.12 release.
  • bafb976 Add support for Python 3.12 (#263)
  • b5d8e7f Remove dev release from change log.
  • c744f24 Back to development: 7.0
  • 01459ed Preparing release 7.0a2.dev0
  • 34e31af Allow to use the package with Python 3.13 (#265)
  • c4adc51 Integrate .readthedocs.yaml (#262)
  • 7fd02e2 Back to development: 7.0
  • 251d335 Preparing release 7.0a1.dev1
  • Additional commits viewable in compare view

Updates pysaml2 from 6.1.0 to 6.5.0

Release notes

Sourced from pysaml2's releases.

Version 6.5.0

6.5.0 (2021-01-20) - Security release

  • Fix processing of invalid SAML XML documents - CVE-2021-21238
  • Fix unspecified xmlsec1 key-type preference - CVE-2021-21239
  • Add more tests regarding XSW attacks
  • Add XML Schemas for SAML2 and common extensions
  • Fix the XML parser to not break on ePTID AttributeValues
  • Fix the initialization value of the return_addrs property of the StatusResponse object
  • Fix SWAMID entity-category policy regarding eduPersonTargetedID
  • data: use importlib to load package data (backwards compatibility through the importlib_resources package)
  • docs: improve the documentation for the signing_algorithm and digest_algorithm options
  • examples: fix the logging configuration of the example-IdP
  • tests: allow tests to pass on 32bit systems by properly choosing dates in test XML documents
  • tests: improvements on the generation of response and assertion objects
  • tests: expand tests on python-3.9 and python-3.10-dev

Version 6.4.1

6.4.1 (2020-12-08)

  • Indicate minimum required python version during installation

Version 6.4.0

6.4.0 (2020-12-08)

  • Add preferred signing and digest algorithms configuration options: Use the new configuration options signing_algorithm and digest_algorithm.
  • Fix signed SAML AuthnRequest and Response when HTTP-Redirect binding is used: Previously, the query params Signature and SigAlg were not included.
  • Ignore duplicate RequestedAttribute entries when filtering attributes
  • tests: Avoid reuse of old test data files

Version 6.3.1

6.3.1 (2020-11-11)

  • Fix extraction of RegistrationInfo when no information is available
  • Fix http_info struct to include status-code

Version 6.3.0

6.3.0 (2020-10-30)

  • Allow to specify policy configurations based on the registration authority.
  • Add new configuration option logout_responses_signed to sign logout responses.
  • When available and appropriate return the ResponseLocation along with the Location attribute.
  • Always use base64.encodebytes; base64.encodestring has been dropped.
  • Examples: fix IdP example that was outputing debug statements on stdout that became

... (truncated)

Changelog

Sourced from pysaml2's changelog.

6.5.0 (2021-01-20) - Security release

  • Fix processing of invalid SAML XML documents - [CVE-2021-21238]
  • Fix unspecified xmlsec1 key-type preference - [CVE-2021-21239]
  • Add more tests regarding XSW attacks
  • Add XML Schemas for SAML2 and common extensions
  • Fix the XML parser to not break on ePTID AttributeValues
  • Fix the initialization value of the return_addrs property of the StatusResponse object
  • Fix SWAMID entity-category policy regarding eduPersonTargetedID
  • data: use importlib to load package data (backwards compatibility through the importlib_resources package)
  • docs: improve the documentation for the signing_algorithm and digest_algorithm options
  • examples: fix the logging configuration of the example-IdP
  • tests: allow tests to pass on 32bit systems by properly choosing dates in test XML documents
  • tests: improvements on the generation of response and assertion objects
  • tests: expand tests on python-3.9 and python-3.10-dev

6.4.1 (2020-12-08)

  • Indicate minimum required python version during installation

6.4.0 (2020-12-08)

  • Add preferred signing and digest algorithms configuration options: Use the new configuration options signing_algorithm and digest_algorithm.
  • Fix signed SAML AuthnRequest and Response when HTTP-Redirect binding is used: Previously, the query params Signature and SigAlg were not included.
  • Ignore duplicate RequestedAttribute entries when filtering attributes
  • tests: Avoid reuse of old test data files

6.3.1 (2020-11-11)

  • Fix extraction of RegistrationInfo when no information is available
  • Fix http_info struct to include status-code

6.3.0 (2020-10-30)

  • Allow to specify policy configurations based on the registration authority.
  • Add new configuration option logout_responses_signed to sign logout responses.
  • When available and appropriate return the ResponseLocation along with the Location attribute.
  • Always use base64.encodebytes; base64.encodestring has been dropped.
  • Examples: fix IdP example that was outputing debug statements on stdout that became part of its metadata.
  • CI/CD: Use Ubuntu bionic as the host to run the CI/CD process.
  • CI/CD: Pre-releases are now available on [test.pypi.org][pypi.test.pysaml2]. Each commit/merge on the master branch autotically creates a new pre-release. To install a

... (truncated)

Commits

Updates sentry-sdk to 2.2.0

Release notes

Sourced from sentry-sdk's releases.

2.2.0

New features

  • Celery integration now sends additional data to Sentry to enable new features to guage the health of your queues
  • Added a new integration for Cohere
  • Reintroduced the last_event_id function, which had been removed in 2.0.0

Other fixes & improvements

Changelog

Sourced from sentry-sdk's changelog.

2.2.0

New features

  • Celery integration now sends additional data to Sentry to enable new features to guage the health of your queues
  • Added a new integration for Cohere
  • Reintroduced the last_event_id function, which had been removed in 2.0.0

Other fixes & improvements

2.1.1

2.1.0

  • fix(quart): Fix Quart integration (#3043) by @​szokeasaurusrex

  • New integration: Langchain (#2911) by @​colin-sentry

    Usage: (Langchain is auto enabling, so you do not need to do anything special)

    from langchain_openai import ChatOpenAI
import sentry_sdk
sentry_sdk.init(
dsn="...",
enable_tracing=True,
traces_sample_rate=1.0,
)
llm = ChatOpenAI(model="gpt-3.5-turbo-0125", temperature=0)

    Check out the LangChain docs for details.

  • New integration: Anthropic (#2831) by @​czyber

    Usage: (add the AnthropicIntegration to your sentry_sdk.init() call)

    from anthropic import Anthropic
import sentry_sdk

... (truncated)

Commits
  • 1475b34 meta: Update CHANGELOG.md
  • 573d321 release: 2.2.0
  • 06efff3 Add tags +...

    Description has been truncated

@dependabot
---
5d8ae97 
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: jinja2
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: httplib2
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pyyaml
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: requests
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: sqlparse
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: gunicorn
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: restrictedpython
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pysaml2
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: sentry-sdk
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pyjwt
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: cryptography
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: gevent
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: werkzeug
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: protobuf
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: snowflake-connector-python
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: pyarrow
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 20, 2024
@dependabot dependabot bot mentioned this pull request May 20, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants