dependabot[bot] opened a new pull request, #290: URL: https://github.com/apache/doris-opentelemetry-demo/pull/290
Bumps the pip-production-dependencies group with 48 updates in the /src directory: | Package | From | To | | --- | --- | --- | | [brotli](https://github.com/google/brotli) | `1.1.0` | `1.2.0` | | [certifi](https://github.com/certifi/python-certifi) | `2025.1.31` | `2026.2.25` | | [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.1` | `3.4.6` | | [click](https://github.com/pallets/click) | `8.1.8` | `8.3.1` | | [configargparse](https://github.com/bw2/ConfigArgParse) | `1.7` | `1.7.5` | | [deprecated](https://github.com/laurent-laporte-pro/deprecated) | `1.2.18` | `1.3.1` | | [flask](https://github.com/pallets/flask) | `3.1.0` | `3.1.3` | | [flask-cors](https://github.com/corydolphin/flask-cors) | `5.0.1` | `6.0.2` | | [gevent](https://github.com/gevent/gevent) | `24.11.1` | `25.9.1` | | [geventhttpclient](https://github.com/geventhttpclient/geventhttpclient) | `2.3.3` | `2.3.9` | | [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.69.1` | `1.73.0` | | [greenlet](https://github.com/python-greenlet/greenlet) | `3.1.1` | `3.3.2` | | [idna](https://github.com/kjd/idna) | `3.10` | `3.11` | | [locust](https://github.com/locustio/locust) | `2.33.0` | `2.43.3` | | [locust-plugins](https://github.com/SvenskaSpel/locust-plugins) | `4.6.0` | `5.0.0` | | [markupsafe](https://github.com/pallets/markupsafe) | `3.0.2` | `3.0.3` | | [msgpack](https://github.com/msgpack/msgpack-python) | `1.1.0` | `1.1.2` | | [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-instrumentation](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-jinja2](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-requests](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-system-metrics](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-urllib3](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.51b0` | `0.61b0` | | [opentelemetry-util-http](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [openfeature-sdk](https://github.com/open-feature/python-sdk) | `0.8.0` | `0.8.4` | | [openfeature-provider-ofrep](https://github.com/open-feature/python-sdk-contrib) | `0.1.1` | `0.2.0` | | [openfeature-hooks-opentelemetry](https://github.com/open-feature/python-sdk-contrib) | `0.2.0` | `0.3.1` | | [protobuf](https://github.com/protocolbuffers/protobuf) | `5.29.3` | `7.34.1` | | [psutil](https://github.com/giampaolo/psutil) | `6.1.1` | `7.2.2` | | [pyzmq](https://github.com/zeromq/pyzmq) | `26.2.1` | `27.1.0` | | [requests](https://github.com/psf/requests) | `2.32.3` | `2.32.5` | | [roundrobin](https://github.com/linnik/roundrobin) | `0.0.4` | `0.1.0` | | [typing-extensions](https://github.com/python/typing_extensions) | `4.12.2` | `4.15.0` | | [urllib3](https://github.com/urllib3/urllib3) | `2.3.0` | `2.6.3` | | [werkzeug](https://github.com/pallets/werkzeug) | `3.1.3` | `3.1.7` | | [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.2` | `2.1.2` | | [zope-event](https://github.com/zopefoundation/zope.event) | `5.0` | `6.1` | | [zope-interface](https://github.com/zopefoundation/zope.interface) | `7.2` | `8.2` | | [python-json-logger](https://github.com/nhairs/python-json-logger) | `3.3.0` | `4.0.0` | | [grpcio-health-checking](https://grpc.io) | `1.70.0` | `1.78.0` | | [grpcio](https://github.com/grpc/grpc) | `1.70.0` | `1.78.0` | | [opentelemetry-distro](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.0.1` | `1.2.2` | | [openfeature-provider-flagd](https://github.com/open-feature/python-sdk-contrib) | `0.2.0` | `0.3.0` | Bumps the pip-production-dependencies group with 43 updates in the /src/load-generator directory: | Package | From | To | | --- | --- | --- | | [brotli](https://github.com/google/brotli) | `1.1.0` | `1.2.0` | | [certifi](https://github.com/certifi/python-certifi) | `2025.1.31` | `2026.2.25` | | [charset-normalizer](https://github.com/jawah/charset_normalizer) | `3.4.1` | `3.4.6` | | [click](https://github.com/pallets/click) | `8.1.8` | `8.3.1` | | [configargparse](https://github.com/bw2/ConfigArgParse) | `1.7` | `1.7.5` | | [deprecated](https://github.com/laurent-laporte-pro/deprecated) | `1.2.18` | `1.3.1` | | [flask](https://github.com/pallets/flask) | `3.1.0` | `3.1.3` | | [flask-cors](https://github.com/corydolphin/flask-cors) | `5.0.1` | `6.0.2` | | [gevent](https://github.com/gevent/gevent) | `24.11.1` | `25.9.1` | | [geventhttpclient](https://github.com/geventhttpclient/geventhttpclient) | `2.3.3` | `2.3.9` | | [googleapis-common-protos](https://github.com/googleapis/google-cloud-python) | `1.69.1` | `1.73.0` | | [greenlet](https://github.com/python-greenlet/greenlet) | `3.1.1` | `3.3.2` | | [idna](https://github.com/kjd/idna) | `3.10` | `3.11` | | [locust](https://github.com/locustio/locust) | `2.33.0` | `2.43.3` | | [locust-plugins](https://github.com/SvenskaSpel/locust-plugins) | `4.6.0` | `5.0.0` | | [markupsafe](https://github.com/pallets/markupsafe) | `3.0.2` | `3.0.3` | | [msgpack](https://github.com/msgpack/msgpack-python) | `1.1.0` | `1.1.2` | | [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-instrumentation](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-jinja2](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-requests](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-system-metrics](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-instrumentation-urllib3](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [opentelemetry-proto](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-sdk](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [opentelemetry-semantic-conventions](https://github.com/open-telemetry/opentelemetry-python) | `0.51b0` | `0.61b0` | | [opentelemetry-util-http](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [openfeature-sdk](https://github.com/open-feature/python-sdk) | `0.8.0` | `0.8.4` | | [openfeature-provider-ofrep](https://github.com/open-feature/python-sdk-contrib) | `0.1.1` | `0.2.0` | | [openfeature-hooks-opentelemetry](https://github.com/open-feature/python-sdk-contrib) | `0.2.0` | `0.3.1` | | [protobuf](https://github.com/protocolbuffers/protobuf) | `5.29.3` | `7.34.1` | | [psutil](https://github.com/giampaolo/psutil) | `6.1.1` | `7.2.2` | | [pyzmq](https://github.com/zeromq/pyzmq) | `26.2.1` | `27.1.0` | | [requests](https://github.com/psf/requests) | `2.32.3` | `2.32.5` | | [roundrobin](https://github.com/linnik/roundrobin) | `0.0.4` | `0.1.0` | | [typing-extensions](https://github.com/python/typing_extensions) | `4.12.2` | `4.15.0` | | [urllib3](https://github.com/urllib3/urllib3) | `2.3.0` | `2.6.3` | | [werkzeug](https://github.com/pallets/werkzeug) | `3.1.3` | `3.1.7` | | [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.2` | `2.1.2` | | [zope-event](https://github.com/zopefoundation/zope.event) | `5.0` | `6.1` | | [zope-interface](https://github.com/zopefoundation/zope.interface) | `7.2` | `8.2` | | [python-json-logger](https://github.com/nhairs/python-json-logger) | `3.3.0` | `4.0.0` | Bumps the pip-production-dependencies group with 10 updates in the /src/recommendation directory: | Package | From | To | | --- | --- | --- | | [opentelemetry-exporter-otlp-proto-grpc](https://github.com/open-telemetry/opentelemetry-python) | `1.30.0` | `1.40.0` | | [openfeature-sdk](https://github.com/open-feature/python-sdk) | `0.8.0` | `0.8.4` | | [openfeature-hooks-opentelemetry](https://github.com/open-feature/python-sdk-contrib) | `0.2.0` | `0.3.1` | | [psutil](https://github.com/giampaolo/psutil) | `6.1.1` | `7.2.2` | | [python-json-logger](https://github.com/nhairs/python-json-logger) | `3.3.0` | `4.0.0` | | [grpcio-health-checking](https://grpc.io) | `1.70.0` | `1.78.0` | | [grpcio](https://github.com/grpc/grpc) | `1.70.0` | `1.78.0` | | [opentelemetry-distro](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.51b0` | `0.61b0` | | [python-dotenv](https://github.com/theskumar/python-dotenv) | `1.0.1` | `1.2.2` | | [openfeature-provider-flagd](https://github.com/open-feature/python-sdk-contrib) | `0.2.0` | `0.3.0` | Updates `brotli` from 1.1.0 to 1.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/brotli/releases";>brotli's releases</a>.</em></p> <blockquote> <h2>v1.2.0</h2> <h3>SECURITY</h3> <ul> <li>python: added <code>Decompressor::can_accept_more_data</code> method and optional <code>output_buffer_limit</code> argument <code>Decompressor::process</code>; that allows mitigation of unexpectedly large output; reported by Charles Chan (<a href="https://github.com/charleswhchan";>https://github.com/charleswhchan</a>)</li> </ul> <h3>Added</h3> <ul> <li><strong>decoder / encoder: added static initialization to reduce binary size</strong></li> <li>python: allow limiting decoder output (see SECURITY section)</li> <li>CLI: <code>brcat</code> alias; allow decoding concatenated brotli streams</li> <li>kt: pure Kotlin decoder</li> <li>cgo: support "raw" dictionaries</li> <li>build: Bazel modules</li> </ul> <h3>Removed</h3> <ul> <li>java: dropped <code>finalize()</code> for native entities</li> </ul> <h3>Fixed</h3> <ul> <li>java: in <code>compress</code> pass correct length to native encoder</li> </ul> <h3>Improved</h3> <ul> <li>build: install man pages</li> <li>build: updated / fixed / refined Bazel buildfiles</li> <li>encoder: faster encoding</li> <li>cgo: link via pkg-config</li> <li>python: modernize extension / allow multi-phase module initialization</li> </ul> <h3>Changed</h3> <ul> <li>decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)</li> </ul> <h2>v1.2.0 RC2</h2> <h2>What's Changed (compared to RC1)</h2> <ul> <li>pick changes from Debian patch by <a href="https://github.com/copybara-service";><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1349";>google/brotli#1349</a></li> <li>pick changes from Alpine patch by <a href="https://github.com/copybara-service";><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1348";>google/brotli#1348</a></li> <li>pick VCPKG patches by <a href="https://github.com/copybara-service";><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1350";>google/brotli#1350</a></li> <li>fix copy-paste in Java decoder by <a href="https://github.com/copybara-service";><code>@copybara-service</code></a>[bot] in <a href="https://redirect.github.com/google/brotli/pull/1357";>google/brotli#1357</a></li> </ul> <h2>v1.2.0 RC1</h2> <p><strong>IMPORTANT</strong>: though this is a pre-release for v1.2.0, it is expected that some changes will be added before release; most notably concerning build files: patches applied by Alpine, Debian, Conan, VCPKG will be partially/fully integrated.</p> <h3>SECURITY</h3> <ul> <li>python: added <code>Decompressor::can_accept_more_data</code> method and optional <code>output_buffer_limit</code> argument <code>Decompressor::process</code>; that allows mitigation of unexpectedly large output; reported by Charles Chan (<a href="https://github.com/charleswhchan";>https://github.com/charleswhchan</a>)</li> </ul> <h3>Added</h3> <ul> <li><strong>decoder / encoder: added static initialization to reduce binary size</strong></li> <li>python: allow limiting decoder output (see SECURITY section)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/google/brotli/blob/master/CHANGELOG.md";>brotli's changelog</a>.</em></p> <blockquote> <h2>[1.2.0] - 2025-10-27</h2> <h3>SECURITY</h3> <ul> <li>python: added <code>Decompressor::can_accept_more_data</code> method and optional <code>output_buffer_limit</code> argument <code>Decompressor::process</code>; that allows mitigation of unexpectedly large output; reported by Charles Chan (<a href="https://github.com/charleswhchan";>https://github.com/charleswhchan</a>)</li> </ul> <h3>Added</h3> <ul> <li><strong>decoder / encoder: added static initialization to reduce binary size</strong></li> <li>python: allow limiting decoder output (see SECURITY section)</li> <li>CLI: <code>brcat</code> alias; allow decoding concatenated brotli streams</li> <li>kt: pure Kotlin decoder</li> <li>cgo: support "raw" dictionaries</li> <li>build: Bazel modules</li> </ul> <h3>Removed</h3> <ul> <li>java: dropped <code>finalize()</code> for native entities</li> </ul> <h3>Fixed</h3> <ul> <li>java: in <code>compress</code> pass correct length to native encoder</li> </ul> <h3>Improved</h3> <ul> <li>build: install man pages</li> <li>build: updated / fixed / refined Bazel buildfiles</li> <li>encoder: faster encoding</li> <li>cgo: link via pkg-config</li> <li>python: modernize extension / allow multi-phase module initialization</li> </ul> <h3>Changed</h3> <ul> <li>decoder / encoder: static tables use "small" model (allows 2GiB+ binaries)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/brotli/commit/028fb5a23661f123017c060daa546b55cf4bde29";><code>028fb5a</code></a> release v1.2.0</li> <li><a href="https://github.com/google/brotli/commit/390de5b472ec8c40a7b8e5029e47fd6493f7a755";><code>390de5b</code></a> build and test csharp decoder</li> <li><a href="https://github.com/google/brotli/commit/3499acbb7ac7818c1b929a8c9c5c5f8a634751da";><code>3499acb</code></a> regenerate go/kt/js/ts</li> <li><a href="https://github.com/google/brotli/commit/8ca2312c61f1f5853be0708f9b1d6a6ad002d2a4";><code>8ca2312</code></a> fix release workflow</li> <li><a href="https://github.com/google/brotli/commit/ee771daf20bab6533cbc629407c50cff1c87d9f1";><code>ee771da</code></a> fix copy-paste in Java decoder</li> <li><a href="https://github.com/google/brotli/commit/42aee3289154cb3e8db1c7a8ebfa639c857578b9";><code>42aee32</code></a> try to fix release workflow</li> <li><a href="https://github.com/google/brotli/commit/392c06bac05cc1d098ab105cbbda766f19853d92";><code>392c06b</code></a> redesign release resource uploading</li> <li><a href="https://github.com/google/brotli/commit/1964cdb1b9e16a2a0c27fbd3b2a3bccb2c1a8294";><code>1964cdb</code></a> ramp up all GH actions plugins</li> <li><a href="https://github.com/google/brotli/commit/61605b1cb34ba84ae71c13b383d850a59cac85b2";><code>61605b1</code></a> pick VCPKG patches</li> <li><a href="https://github.com/google/brotli/commit/4b0f27b6f985b4301ad5cec4a31b9792ecf252bc";><code>4b0f27b</code></a> pick changes from Alpine patch</li> <li>Additional commits viewable in <a href="https://github.com/google/brotli/compare/go/cbrotli/v1.1.0...v1.2.0";>compare view</a></li> </ul> </details> <br /> Updates `certifi` from 2025.1.31 to 2026.2.25 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/certifi/python-certifi/commit/8571a4ba5205675107f9026d0008ad2d7a2778bf";><code>8571a4b</code></a> 2026.02.25 (<a href="https://redirect.github.com/certifi/python-certifi/issues/395";>#395</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/6f7de00579d292af565bbb8a947643219794eb6d";><code>6f7de00</code></a> Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/390";>#390</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/a1de59b15105cad768afed4f066b36171134f04a";><code>a1de59b</code></a> Bump actions/checkout from 6.0.1 to 6.0.2 (<a href="https://redirect.github.com/certifi/python-certifi/issues/391";>#391</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/7f5ade5d8da615fd366e8de6a668271251c45d34";><code>7f5ade5</code></a> Bump actions/setup-python from 6.1.0 to 6.2.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/392";>#392</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/c64d9f3a8496c0195548697f2080e716af66dd6a";><code>c64d9f3</code></a> 2026.01.04 (<a href="https://redirect.github.com/certifi/python-certifi/issues/389";>#389</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/4ac232f05a547071543d2fb069aa3c62b1dc79f3";><code>4ac232f</code></a> Bump actions/download-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/387";>#387</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/95ae4b20e8abb7fa708e751e346466d16b36211a";><code>95ae4b2</code></a> Update CI workflow to use Ubuntu 24.04 and Python 3.14 stable (<a href="https://redirect.github.com/certifi/python-certifi/issues/386";>#386</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/b72a7b1a40ae20755338d3132d8f880427b3b6fc";><code>b72a7b1</code></a> Bump dessant/lock-threads from 5.0.1 to 6.0.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/385";>#385</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/ecc267216fbdcecb1b2aa2aa175152b773cc5ced";><code>ecc2672</code></a> Bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/384";>#384</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/6a897dbc1124b17f179ef225742fcda481ec96f3";><code>6a897db</code></a> Bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (<a href="https://redirect.github.com/certifi/python-certifi/issues/383";>#383</a>)</li> <li>Additional commits viewable in <a href="https://github.com/certifi/python-certifi/compare/2025.01.31...2026.02.25";>compare view</a></li> </ul> </details> <br /> Updates `charset-normalizer` from 3.4.1 to 3.4.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jawah/charset_normalizer/releases";>charset-normalizer's releases</a>.</em></p> <blockquote> <h2>Version 3.4.6</h2> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.5...3.4.6";>3.4.6</a> (2026-03-15)</h2> <h3>Changed</h3> <ul> <li>Flattened the logic in <code>charset_normalizer.md</code> for higher performance. Removed <code>eligible(..)</code> and <code>feed(...)</code> in favor of <code>feed_info(...)</code>.</li> <li>Raised upper bound for mypy[c] to 1.20, for our optimized version.</li> <li>Updated <code>UNICODE_RANGES_COMBINED</code> using Unicode blocks v17.</li> </ul> <h3>Fixed</h3> <ul> <li>Edge case where noise difference between two candidates can be almost insignificant. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/672";>#672</a>)</li> <li>CLI <code>--normalize</code> writing to wrong path when passing multiple files in. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/702";>#702</a>)</li> </ul> <h3>Misc</h3> <ul> <li>Freethreaded pre-built wheels now shipped in PyPI starting with 3.14t. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/616";>#616</a>)</li> </ul> <h2>Version 3.4.5</h2> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.4...3.4.5";>3.4.5</a> (2026-03-06)</h2> <h3>Changed</h3> <ul> <li>Update <code>setuptools</code> constraint to <code>setuptools>=68,<=82</code>.</li> <li>Raised upper bound of mypyc for the optional pre-built extension to v1.19.1</li> </ul> <h3>Fixed</h3> <ul> <li>Add explicit link to lib math in our optimized build. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/692";>#692</a>)</li> <li>Logger level not restored correctly for empty byte sequences. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/701";>#701</a>)</li> <li>TypeError when passing bytearray to from_bytes. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/703";>#703</a>)</li> </ul> <h3>Misc</h3> <ul> <li>Applied safe micro-optimizations in both our noise detector and language detector.</li> <li>Rewrote the <code>query_yes_no</code> function (inside CLI) to avoid using ambiguous licensed code.</li> <li>Added <code>cd.py</code> submodule into mypyc optional compilation to reduce further the performance impact.</li> </ul> <blockquote> <p>[!WARNING]<br /> mypyc changed the usual binary output for the optimized wheel. Beware, especially if using PyInstaller or alike. See <a href="https://redirect.github.com/jawah/charset_normalizer/issues/714";>jawah/charset_normalizer#714</a></p> </blockquote> <h2>Version 3.4.4</h2> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.3...3.4.4";>3.4.4</a> (2025-10-13)</h2> <h3>Changed</h3> <ul> <li>Bound <code>setuptools</code> to a specific constraint <code>setuptools>=68,<=81</code>.</li> <li>Raised upper bound of mypyc for the optional pre-built extension to v1.18.2</li> </ul> <h3>Removed</h3> <ul> <li><code>setuptools-scm</code> as a build dependency.</li> </ul> <h3>Misc</h3> <ul> <li>Enforced hashes in <code>dev-requirements.txt</code> and created <code>ci-requirements.txt</code> for security purposes.</li> <li>Additional pre-built wheels for riscv64, s390x, and armv7l architectures.</li> <li>Restore <code>multiple.intoto.jsonl</code> in GitHub releases in addition to individual attestation file per wheel.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md";>charset-normalizer's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.5...3.4.6";>3.4.6</a> (2026-03-15)</h2> <h3>Changed</h3> <ul> <li>Flattened the logic in <code>charset_normalizer.md</code> for higher performance. Removed <code>eligible(..)</code> and <code>feed(...)</code> in favor of <code>feed_info(...)</code>.</li> <li>Raised upper bound for mypy[c] to 1.20, for our optimized version.</li> <li>Updated <code>UNICODE_RANGES_COMBINED</code> using Unicode blocks v17.</li> </ul> <h3>Fixed</h3> <ul> <li>Edge case where noise difference between two candidates can be almost insignificant. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/672";>#672</a>)</li> <li>CLI <code>--normalize</code> writing to wrong path when passing multiple files in. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/702";>#702</a>)</li> </ul> <h3>Misc</h3> <ul> <li>Freethreaded pre-built wheels now shipped in PyPI starting with 3.14t. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/616";>#616</a>)</li> </ul> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.4...3.4.5";>3.4.5</a> (2026-03-06)</h2> <h3>Changed</h3> <ul> <li>Update <code>setuptools</code> constraint to <code>setuptools>=68,<=82</code>.</li> <li>Raised upper bound of mypyc for the optional pre-built extension to v1.19.1</li> </ul> <h3>Fixed</h3> <ul> <li>Add explicit link to lib math in our optimized build. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/692";>#692</a>)</li> <li>Logger level not restored correctly for empty byte sequences. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/701";>#701</a>)</li> <li>TypeError when passing bytearray to from_bytes. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/703";>#703</a>)</li> </ul> <h3>Misc</h3> <ul> <li>Applied safe micro-optimizations in both our noise detector and language detector.</li> <li>Rewrote the <code>query_yes_no</code> function (inside CLI) to avoid using ambiguous licensed code.</li> <li>Added <code>cd.py</code> submodule into mypyc optional compilation to reduce further the performance impact.</li> </ul> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.2...3.4.4";>3.4.4</a> (2025-10-13)</h2> <h3>Changed</h3> <ul> <li>Bound <code>setuptools</code> to a specific constraint <code>setuptools>=68,<=81</code>.</li> <li>Raised upper bound of mypyc for the optional pre-built extension to v1.18.2</li> </ul> <h3>Removed</h3> <ul> <li><code>setuptools-scm</code> as a build dependency.</li> </ul> <h3>Misc</h3> <ul> <li>Enforced hashes in <code>dev-requirements.txt</code> and created <code>ci-requirements.txt</code> for security purposes.</li> <li>Additional pre-built wheels for riscv64, s390x, and armv7l architectures.</li> <li>Restore <code> multiple.intoto.jsonl</code> in GitHub releases in addition to individual attestation file per wheel.</li> </ul> <h2><a href="https://github.com/Ousret/charset_normalizer/compare/3.4.2...3.4.3";>3.4.3</a> (2025-08-09)</h2> <h3>Changed</h3> <ul> <li>mypy(c) is no longer a required dependency at build time if <code>CHARSET_NORMALIZER_USE_MYPYC</code> isn't set to <code>1</code>. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/595";>#595</a>) (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/583";>#583</a>)</li> <li>automatically lower confidence on small bytes samples that are not Unicode in <code>detect</code> output legacy function. (<a href="https://redirect.github.com/jawah/charset_normalizer/issues/391";>#391</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jawah/charset_normalizer/commit/5478b84058a2a04e2d67a5dabbe0a273706707aa";><code>5478b84</code></a> Merge pull request <a href="https://redirect.github.com/jawah/charset_normalizer/issues/715";>#715</a> from jawah/release-3.4.6</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/5c0a09e2caf1b3977df691916e949e1de4b8a738";><code>5c0a09e</code></a> :heavy_check_mark: add confidence for threading usage, mostly due to lru_cach...</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/ef826b28d9f21e0059c93acc69a8bf364126c179";><code>ef826b2</code></a> :pencil: update changelog</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/5564f1aebe56584150a988f565ff69ee316dcefe";><code>5564f1a</code></a> :pencil: update docs accordingly</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/0f2cf7d86e7c3ef4b77790a754b048bfada4fd09";><code>0f2cf7d</code></a> :pencil: update changelog</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/54a189446becf4f2b42772f0dce89a5ef79fe8cc";><code>54a1894</code></a> :bug: fix --normalize writing to wrong path with multiple files</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/2177e28828bb7fcc2f1bed2a2d4463161a180812";><code>2177e28</code></a> :pencil: update changelog</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/b2497a54ba545dae84be01649d66fd52a7fcfc2d";><code>b2497a5</code></a> :bug: edge case where noise difference between two candidates can be almost i...</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/13a5d0b471cfb9b60b8cda84c78b7874c0267123";><code>13a5d0b</code></a> :wrench: upgrade ci requirements</li> <li><a href="https://github.com/jawah/charset_normalizer/commit/b9ffbd4e8314b0f733ddb34eef32d80490eb947c";><code>b9ffbd4</code></a> :wrench: enable 3.14t nox mypyc session</li> <li>Additional commits viewable in <a href="https://github.com/jawah/charset_normalizer/compare/3.4.1...3.4.6";>compare view</a></li> </ul> </details> <br /> Updates `click` from 8.1.8 to 8.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/click/releases";>click's releases</a>.</em></p> <blockquote> <h2>8.3.1</h2> <p>This is the Click 8.3.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.</p> <p>PyPI: <a href="https://pypi.org/project/click/8.3.1/";>https://pypi.org/project/click/8.3.1/</a> Changes: <a href="https://click.palletsprojects.com/page/changes/#version-8-3-1";>https://click.palletsprojects.com/page/changes/#version-8-3-1</a> Milestone: <a href="https://github.com/pallets/click/milestone/28";>https://github.com/pallets/click/milestone/28</a></p> <ul> <li>Don't discard pager arguments by correctly using <code>subprocess.Popen</code>. <a href="https://redirect.github.com/pallets/click/issues/3039";>#3039</a> <a href="https://redirect.github.com/pallets/click/issues/3055";>#3055</a></li> <li>Replace <code>Sentinel.UNSET</code> default values by <code>None</code> as they're passed through the <code>Context.invoke()</code> method. <a href="https://redirect.github.com/pallets/click/issues/3066";>#3066</a> <a href="https://redirect.github.com/pallets/click/issues/3065";>#3065</a> <a href="https://redirect.github.com/pallets/click/issues/3068";>#3068</a></li> <li>Fix conversion of <code>Sentinel.UNSET</code> happening too early, which caused incorrect behavior for multiple parameters using the same name. <a href="https://redirect.github.com/pallets/click/issues/3071";>#3071</a> <a href="https://redirect.github.com/pallets/click/issues/3079";>#3079</a></li> <li>Fix rendering when <code>prompt</code> and <code>confirm</code> parameter <code>prompt_suffix</code> is empty. <a href="https://redirect.github.com/pallets/click/issues/3019";>#3019</a> <a href="https://redirect.github.com/pallets/click/issues/3021";>#3021</a></li> <li>When <code>Sentinel.UNSET</code> is found during parsing, it will skip calls to <code>type_cast_value</code>. <a href="https://redirect.github.com/pallets/click/issues/3069";>#3069</a> <a href="https://redirect.github.com/pallets/click/issues/3090";>#3090</a></li> <li>Hide <code>Sentinel.UNSET</code> values as <code>None</code> when looking up for other parameters through the context inside parameter callbacks. <a href="https://redirect.github.com/pallets/click/issues/3136";>#3136</a> <a href="https://redirect.github.com/pallets/click/issues/3137";>#3137</a></li> </ul> <h2>8.3.0</h2> <p>This is the Click 8.3.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecation, or introduce potentially breaking changes.</p> <p>We encourage everyone to upgrade. You can read more about our <a href="https://palletsprojects.com/versions";>Version Support Policy</a> on our website.</p> <p>PyPI: <a href="https://pypi.org/project/click/8.3.0/";>https://pypi.org/project/click/8.3.0/</a> Changes: <a href="https://click.palletsprojects.com/page/changes/#version-8-3-0";>https://click.palletsprojects.com/page/changes/#version-8-3-0</a> Milestone <a href="https://github.com/pallets/click/milestone/27";>https://github.com/pallets/click/milestone/27</a></p> <ul> <li> <p><strong>Improved flag option handling</strong>: Reworked the relationship between <code>flag_value</code> and <code>default</code> parameters for better consistency:</p> <ul> <li>The <code>default</code> parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)</li> <li>Exception: flag options with <code>default=True</code> maintain backward compatibility by defaulting to their <code>flag_value</code></li> <li>The <code>default</code> parameter can now be any type (<code>bool</code>, <code>None</code>, etc.)</li> <li>Fixes inconsistencies reported in: <a href="https://redirect.github.com/pallets/click/issues/1992";>#1992</a> <a href="https://redirect.github.com/pallets/click/issues/2514";>#2514</a> <a href="https://redirect.github.com/pallets/click/issues/2610";>#2610</a> <a href="https://redirect.github.com/pallets/click/issues/3024";>#3024</a> <a href="https://redirect.github.com/pallets/click/issues/3030";>#3030</a></li> </ul> </li> <li> <p>Allow <code>default</code> to be set on <code>Argument</code> for <code>nargs = -1</code>. <a href="https://redirect.github.com/pallets/click/issues/2164";>#2164</a> <a href="https://redirect.github.com/pallets/click/issues/3030";>#3030</a></p> </li> <li> <p>Show correct auto complete value for <code>nargs</code> option in combination with flag option <a href="https://redirect.github.com/pallets/click/issues/2813";>#2813</a></p> </li> <li> <p>Show correct auto complete value for nargs option in combination with flag option <a href="https://redirect.github.com/pallets/click/issues/2813";>#2813</a></p> </li> <li> <p>Fix handling of quoted and escaped parameters in Fish autocompletion. <a href="https://redirect.github.com/pallets/click/issues/2995";>#2995</a> <a href="https://redirect.github.com/pallets/click/issues/3013";>#3013</a></p> </li> <li> <p>Lazily import <code>shutil</code>. <a href="https://redirect.github.com/pallets/click/issues/3023";>#3023</a></p> </li> <li> <p>Properly forward exception information to resources registered with <code>click.core.Context.with_resource()</code>. <a href="https://redirect.github.com/pallets/click/issues/2447";>#2447</a> <a href="https://redirect.github.com/pallets/click/issues/3058";>#3058</a></p> </li> <li> <p>Fix regression related to EOF handling in CliRunner. <a href="https://redirect.github.com/pallets/click/issues/2939";>#2939</a> <a href="https://redirect.github.com/pallets/click/issues/2940";>#2940</a></p> </li> </ul> <h2>8.2.2</h2> <p>This is the Click 8.2.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.</p> <p>PyPI: <a href="https://pypi.org/project/click/8.2.2/";>https://pypi.org/project/click/8.2.2/</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/click/blob/main/CHANGES.rst";>click's changelog</a>.</em></p> <blockquote> <h2>Version 8.3.1</h2> <p>Released 2025-11-15</p> <ul> <li>Don't discard pager arguments by correctly using <code>subprocess.Popen</code>. :issue:<code>3039</code> :pr:<code>3055</code></li> <li>Replace <code>Sentinel.UNSET</code> default values by <code>None</code> as they're passed through the <code>Context.invoke()</code> method. :issue:<code>3066</code> :issue:<code>3065</code> :pr:<code>3068</code></li> <li>Fix conversion of <code>Sentinel.UNSET</code> happening too early, which caused incorrect behavior for multiple parameters using the same name. :issue:<code>3071</code> :pr:<code>3079</code></li> <li>Hide <code>Sentinel.UNSET</code> values as <code>None</code> when looking up for other parameters through the context inside parameter callbacks. :issue:<code>3136</code> :pr:<code>3137</code></li> <li>Fix rendering when <code>prompt</code> and <code>confirm</code> parameter <code>prompt_suffix</code> is empty. :issue:<code>3019</code> :pr:<code>3021</code></li> <li>When <code>Sentinel.UNSET</code> is found during parsing, it will skip calls to <code>type_cast_value</code>. :issue:<code>3069</code> :pr:<code>3090</code></li> </ul> <h2>Version 8.3.0</h2> <p>Released 2025-09-17</p> <ul> <li> <p><strong>Improved flag option handling</strong>: Reworked the relationship between <code>flag_value</code> and <code>default</code> parameters for better consistency:</p> <ul> <li>The <code>default</code> parameter value is now preserved as-is and passed directly to CLI functions (no more unexpected transformations)</li> <li>Exception: flag options with <code>default=True</code> maintain backward compatibility by defaulting to their <code>flag_value</code></li> <li>The <code>default</code> parameter can now be any type (<code>bool</code>, <code>None</code>, etc.)</li> <li>Fixes inconsistencies reported in: :issue:<code>1992</code> :issue:<code>2514</code> :issue:<code>2610</code> :issue:<code>3024</code> :pr:<code>3030</code></li> </ul> </li> <li> <p>Allow <code>default</code> to be set on <code>Argument</code> for <code>nargs = -1</code>. :issue:<code>2164</code> :pr:<code>3030</code></p> </li> <li> <p>Show correct auto complete value for <code>nargs</code> option in combination with flag option :issue:<code>2813</code></p> </li> <li> <p>Fix handling of quoted and escaped parameters in Fish autocompletion. :issue:<code>2995</code> :pr:<code>3013</code></p> </li> <li> <p>Lazily import <code>shutil</code>. :pr:<code>3023</code></p> </li> <li> <p>Properly forward exception information to resources registered with <code>click.core.Context.with_resource()</code>. :issue:<code>2447</code> :pr:<code>3058</code></p> </li> <li> <p>Fix regression related to EOF handling in <code>CliRunner</code>. :issue:<code>2939</code> :pr:<code>2940</code></p> </li> </ul> <h2>Version 8.2.2</h2> <p>Released 2025-07-31</p> <ul> <li>Fix reconciliation of <code>default</code>, <code>flag_value</code> and <code>type</code> parameters for flag options, as well as parsing and normalization of environment variables.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/click/commit/1d038f270701498433cb432f54db89f95f07a845";><code>1d038f2</code></a> release version 8.3.1</li> <li><a href="https://github.com/pallets/click/commit/03f3889f505d0c9ca4f9d6810f9e4ba2799f2a66";><code>03f3889</code></a> Fix Ruff UP038 warning (<a href="https://redirect.github.com/pallets/click/issues/3141";>#3141</a>)</li> <li><a href="https://github.com/pallets/click/commit/3867781222cb63693ca67df94352d29d8e6e2770";><code>3867781</code></a> Fix Ruff UP038 warning</li> <li><a href="https://github.com/pallets/click/commit/b91bb9548a5617b1197add95e084d569f57149c3";><code>b91bb95</code></a> Provide altered context to callbacks to hide <code>UNSET</code> values as <code>None</code> (<a href="https://redirect.github.com/pallets/click/issues/3137";>#3137</a>)</li> <li><a href="https://github.com/pallets/click/commit/437e1e3295c7ec979fc1bf285bb402ca20d847e7";><code>437e1e3</code></a> Temporarily provide a fake context to the callback to hide <code>UNSET</code> values as ...</li> <li><a href="https://github.com/pallets/click/commit/ea70da487b05d6bb758d472a3a9ffab4a5b7fcd5";><code>ea70da4</code></a> Don't test using a file in docs/ (<a href="https://redirect.github.com/pallets/click/issues/3102";>#3102</a>)</li> <li><a href="https://github.com/pallets/click/commit/e27b307462b725722f620c69dd1d5509c032d18a";><code>e27b307</code></a> Make <code>uv run --all-extras pyright --verifytypes click</code> pass (<a href="https://redirect.github.com/pallets/click/issues/3072";>#3072</a>)</li> <li><a href="https://github.com/pallets/click/commit/a92c573f3195c9da3058eadf1735d38af186d22c";><code>a92c573</code></a> Fix test_edit to work with BSD sed (<a href="https://redirect.github.com/pallets/click/issues/3129";>#3129</a>)</li> <li><a href="https://github.com/pallets/click/commit/bd131e1ab63da2281d6dd9b8205ad2eb5a085468";><code>bd131e1</code></a> Fix test_edit to work with BSD sed</li> <li><a href="https://github.com/pallets/click/commit/0b5c6b75f617e6ee2f9f6dcd071b8a4bf183d1ed";><code>0b5c6b7</code></a> Add Best practices section (<a href="https://redirect.github.com/pallets/click/issues/3127";>#3127</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pallets/click/compare/8.1.8...8.3.1";>compare view</a></li> </ul> </details> <br /> Updates `configargparse` from 1.7 to 1.7.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bw2/ConfigArgParse/releases";>configargparse's releases</a>.</em></p> <blockquote> <h2>1.7.5</h2> <p>Slightly simplified PyPI deployment workflow via setuptools-scm</p> <h2>1.7.4</h2> <p>Bug Fixes</p> <ul> <li>Fix environment variables being ignored when using subparsers (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/350";>#350</a>). The _find_insertion_index() method now detects subparser commands and inserts env var / config file args before the subcommand, so the parent parser processes them correctly.</li> </ul> <p>Improvements</p> <ul> <li>Add input validation to ArgumentParser.<strong>init</strong>() with clear error messages (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/349";>#349</a>): <ul> <li>config_file_parser_class must be a ConfigFileParser subclass (or instance); suggests formatter_class if wrong type is passed</li> <li>formatter_class validates it's a HelpFormatter subclass; suggests config_file_parser_class if swapped</li> <li>default_config_files, args_for_setting_config_path, and args_for_writing_out_config_file must be lists/tuples, not strings</li> <li>config_file_open_func must be callable</li> </ul> </li> </ul> <p>Docs</p> <ul> <li>Convert README from reStructuredText to Markdown (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/347";>#347</a>, <a href="https://redirect.github.com/bw2/ConfigArgParse/issues/348";>#348</a>)</li> </ul> <h2>1.7.3</h2> <h3>Bug fixes and Python 3.11+ tomllib support</h3> <h3>Bug Fixes</h3> <ul> <li>Fix TOML parser to read all matching sections instead of only the first (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/346";>#346</a>)</li> <li>Fix SyntaxError leak from ast.literal_eval in INI-style config parsers (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/345";>#345</a>)</li> <li>Fix -- separator, nargs=REMAINDER, and empty value handling (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/344";>#344</a>)</li> <li>Fix critical bugs and add Python 3.11+ tomllib support (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/340";>#340</a>)</li> </ul> <h3>Other</h3> <ul> <li>Remove dead comment-processing code in default config parser</li> <li>Add test status badge to README</li> <li>CI, linting, and test improvements</li> </ul> <h2>1.7.1</h2> <p>The primary purpose of this release is to fix the package metadata on supported python versions.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bw2/ConfigArgParse/commit/9453a69a95bd4f7fbc5ad86d16813ed489336118";><code>9453a69</code></a> Use setuptools-scm to derive version from git tags</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/d798e3ab400114a4090207b4fc76ad0c545feadf";><code>d798e3a</code></a> Fix <a href="https://redirect.github.com/bw2/ConfigArgParse/issues/350";>#350</a>: environment variables ignored in subparsers</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/445dd2ed8f2fb2b1d345dfcdef0166dbcb380a5b";><code>445dd2e</code></a> Better input validation and error messages (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/349";>#349</a>)</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/1f18f5cf73ca9041ed173ae6d6d9f33f8cdaaac9";><code>1f18f5c</code></a> Update README.md (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/348";>#348</a>)</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/172dc1a5b11587de14061937f2751fa65625c113";><code>172dc1a</code></a> Update README.md</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/64e96f56736386634f7a7ecd382b654950f36ca8";><code>64e96f5</code></a> Update README.md (<a href="https://redirect.github.com/bw2/ConfigArgParse/issues/347";>#347</a>)</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/c78d5f9110be9a43908f122720476f00a8657b03";><code>c78d5f9</code></a> convert README.rst to README.md</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/77d9773ff8d8b16f36c4ee4172c6bbbbfbfe1819";><code>77d9773</code></a> Bump version to 1.7.3</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/9666bf1dbfbfba7c1829ae6b97a2c8e4815ef66a";><code>9666bf1</code></a> Add test status badge to README</li> <li><a href="https://github.com/bw2/ConfigArgParse/commit/f6ac71618a408d74a73582d3b89bf7cde23b2659";><code>f6ac716</code></a> Bump version to 1.7.2</li> <li>Additional commits viewable in <a href="https://github.com/bw2/ConfigArgParse/compare/1.7...v1.7.5";>compare view</a></li> </ul> </details> <br /> Updates `deprecated` from 1.2.18 to 1.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/laurent-laporte-pro/deprecated/releases";>deprecated's releases</a>.</em></p> <blockquote> <h2>v1.3.1</h2> <h2>What's Changed</h2> <ul> <li>v1.3.1 by <a href="https://github.com/laurent-laporte-pro";><code>@laurent-laporte-pro</code></a> in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/95";>laurent-laporte-pro/deprecated#95</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/laurent-laporte-pro/deprecated/compare/v1.3.0...v1.3.1";>https://github.com/laurent-laporte-pro/deprecated/compare/v1.3.0...v1.3.1</a></p> <h2>v1.3.0</h2> <h2>What's Changed</h2> <ul> <li>Allow and test wrapt 2.x by <a href="https://github.com/musicinmybrain";><code>@musicinmybrain</code></a> in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/88";>laurent-laporte-pro/deprecated#88</a></li> <li>docs: update the Wrapt compatibility matrix to include Python 3.13 and 3.14 by <a href="https://github.com/laurent-laporte-pro";><code>@laurent-laporte-pro</code></a> in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/91";>laurent-laporte-pro/deprecated#91</a></li> <li>chore(ci): run coverage only in the dedicated coverage env by <a href="https://github.com/laurent-laporte-pro";><code>@laurent-laporte-pro</code></a> in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/92";>laurent-laporte-pro/deprecated#92</a></li> <li>feature: parameter deprecation by <a href="https://github.com/laurent-laporte-pro";><code>@laurent-laporte-pro</code></a> in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/93";>laurent-laporte-pro/deprecated#93</a></li> <li>v1.3.0 by <a href="https://github.com/laurent-laporte-pro";><code>@laurent-laporte-pro</code></a> in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/90";>laurent-laporte-pro/deprecated#90</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/musicinmybrain";><code>@musicinmybrain</code></a> made their first contribution in <a href="https://redirect.github.com/laurent-laporte-pro/deprecated/pull/88";>laurent-laporte-pro/deprecated#88</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/laurent-laporte-pro/deprecated/compare/v1.2.18...v1.3.0";>https://github.com/laurent-laporte-pro/deprecated/compare/v1.2.18...v1.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/laurent-laporte-pro/deprecated/blob/master/CHANGELOG-1.2.rst";>deprecated's changelog</a>.</em></p> <blockquote> <h1>=============== Changelog 1.2.x</h1> <p>All notable changes for the 1.2.x releases.</p> <p>The format is based on <code>Keep a Changelog <https://keepachangelog.com/en/1.0.0/></code>_ and this project adheres to <code>Semantic Versioning <https://semver.org/spec/v2.0.0.html></code>_.</p> <p>.. note::</p> <pre><code>The library **"Python-Deprecated"** was renamed **"Deprecated"**, simply! This project is more consistent because now, the name of the library is the same as the name of the Python package. <ul> <li>In your <code>setup.py</code>, you can replace the "Python-Deprecated" dependency with "Deprecated".</li> <li>In your source code, nothing has changed, you will always use <code>import deprecated</code>, as before.</li> <li>I decided to keep the same version number because there is really no change in the source code<br /> (only in comment or documentation).<br /> </code></pre></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/d135459ef6c1fdd005f28c6e2cf7915e8fb8d0e1";><code>d135459</code></a> v1.3.1 (<a href="https://redirect.github.com/laurent-laporte-pro/deprecated/issues/95";>#95</a>)</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/b29c0dbecc0a9b6558a90759655858153d415e6c";><code>b29c0db</code></a> feat(pyproject): add TestPyPI configuration for package publishing</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/ee5014a643199ce5951ac4f8b3e6ce97838baf37";><code>ee5014a</code></a> docs(changelog): update changelog for v1.3.1 and include previous versions</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/13db9ba38a6722f69ec80c1e6d17183e9696f9e5";><code>13db9ba</code></a> docs(changelog): add v1.3.1 release notes for packaging fix and missing sourc...</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/72fecf84411599df17f4db7726afbd5a78868559";><code>72fecf8</code></a> docs(changelog): update v1.3.0 release notes to indicate yanked status and re...</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/966df9d554ebc5bd531ec3e6cde64f29aeef9fab";><code>966df9d</code></a> Prepare next version 1.3.1 (unreleased)</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/3ad781a9dbf985efc4c4cda487767b259f9bec4c";><code>3ad781a</code></a> v1.3.0 (<a href="https://redirect.github.com/laurent-laporte-pro/deprecated/issues/90";>#90</a>)</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/e9eed1e768ee0844d9e65af32b9b9c3fcfa07029";><code>e9eed1e</code></a> docs(tutorial): add documentation for deprecated parameters decorator</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/969a6cd1190ced6d8ba5542f4b1971d56adb1508";><code>969a6cd</code></a> feat: add experimental <code>@deprecated_params</code> decorator (<a href="https://redirect.github.com/laurent-laporte-pro/deprecated/issues/93";>#93</a>)</li> <li><a href="https://github.com/laurent-laporte-pro/deprecated/commit/3f30cdbbac5f3c450dd137fbb36a9ac6a854885f";><code>3f30cdb</code></a> docs(changelog): add experimental <code>@deprecated_params</code> decorator</li> <li>Additional commits viewable in <a href="https://github.com/laurent-laporte-pro/deprecated/compare/v1.2.18...v1.3.1";>compare view</a></li> </ul> </details> <br /> Updates `flask` from 3.1.0 to 3.1.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/flask/releases";>flask's releases</a>.</em></p> <blockquote> <h2>3.1.3</h2> <p>This is the Flask 3.1.3 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.</p> <p>PyPI: <a href="https://pypi.org/project/Flask/3.1.3/";>https://pypi.org/project/Flask/3.1.3/</a> Changes: <a href="https://flask.palletsprojects.com/page/changes/#version-3-1-3";>https://flask.palletsprojects.com/page/changes/#version-3-1-3</a></p> <ul> <li>The session is marked as accessed for operations that only access the keys but not the values, such as <code>in</code> and <code>len</code>. <a href="https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726";>GHSA-68rp-wp8r-4726</a></li> </ul> <h2>3.1.2</h2> <p>This is the Flask 3.1.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.</p> <p>PyPI: <a href="https://pypi.org/project/Flask/3.1.2/";>https://pypi.org/project/Flask/3.1.2/</a> Changes: <a href="https://flask.palletsprojects.com/page/changes/#version-3-1-2";>https://flask.palletsprojects.com/page/changes/#version-3-1-2</a> Milestone: <a href="https://github.com/pallets/flask/milestone/38?closed=1";>https://github.com/pallets/flask/milestone/38?closed=1</a></p> <ul> <li><code>stream_with_context</code> does not fail inside async views. <a href="https://redirect.github.com/pallets/flask/issues/5774";>#5774</a></li> <li>When using <code>follow_redirects</code> in the test client, the final state of <code>session</code> is correct. <a href="https://redirect.github.com/pallets/flask/issues/5786";>#5786</a></li> <li>Relax type hint for passing bytes IO to <code>send_file</code>. <a href="https://redirect.github.com/pallets/flask/issues/5776";>#5776</a></li> </ul> <h2>3.1.1</h2> <p>This is the Flask 3.1.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.</p> <p>PyPI: <a href="https://pypi.org/project/Flask/3.1.1/";>https://pypi.org/project/Flask/3.1.1/</a> Changes: <a href="https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1";>https://flask.palletsprojects.com/en/stable/changes/#version-3-1-1</a> Milestone <a href="https://github.com/pallets/flask/milestone/36?closed=1";>https://github.com/pallets/flask/milestone/36?closed=1</a></p> <ul> <li>Fix signing key selection order when key rotation is enabled via <code>SECRET_KEY_FALLBACKS</code>. GHSA-4grg-w6v8-c28g</li> <li>Fix type hint for <code>cli_runner.invoke</code>. <a href="https://redirect.github.com/pallets/flask/issues/5645";>#5645</a></li> <li><code>flask --help</code> loads the app and plugins first to make sure all commands are shown. <a href="https://redirect.github.com/pallets/flask/issues/5673";>#5673</a></li> <li>Mark sans-io base class as being able to handle views that return <code>AsyncIterable</code>. This is not accurate for Flask, but makes typing easier for Quart. <a href="https://redirect.github.com/pallets/flask/issues/5659";>#5659</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/flask/blob/main/CHANGES.rst";>flask's changelog</a>.</em></p> <blockquote> <h2>Version 3.1.3</h2> <p>Released 2026-02-18</p> <ul> <li>The session is marked as accessed for operations that only access the keys but not the values, such as <code>in</code> and <code>len</code>. :ghsa:<code>68rp-wp8r-4726</code></li> </ul> <h2>Version 3.1.2</h2> <p>Released 2025-08-19</p> <ul> <li><code>stream_with_context</code> does not fail inside async views. :issue:<code>5774</code></li> <li>When using <code>follow_redirects</code> in the test client, the final state of <code>session</code> is correct. :issue:<code>5786</code></li> <li>Relax type hint for passing bytes IO to <code>send_file</code>. :issue:<code>5776</code></li> </ul> <h2>Version 3.1.1</h2> <p>Released 2025-05-13</p> <ul> <li>Fix signing key selection order when key rotation is enabled via <code>SECRET_KEY_FALLBACKS</code>. :ghsa:<code>4grg-w6v8-c28g</code></li> <li>Fix type hint for <code>cli_runner.invoke</code>. :issue:<code>5645</code></li> <li><code>flask --help</code> loads the app and plugins first to make sure all commands are shown. :issue:<code>5673</code></li> <li>Mark sans-io base class as being able to handle views that return <code>AsyncIterable</code>. This is not accurate for Flask, but makes typing easier for Quart. :pr:<code>5659</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65";><code>22d9247</code></a> release version 3.1.3</li> <li><a href="https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4";><code>089cb86</code></a> Merge commit from fork</li> <li><a href="https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa";><code>c17f379</code></a> request context tracks session access</li> <li><a href="https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602";><code>27be933</code></a> start version 3.1.3</li> <li><a href="https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d";><code>4e652d3</code></a> Abort if the instance folder cannot be created (<a href="https://redirect.github.com/pallets/flask/issues/5903";>#5903</a>)</li> <li><a href="https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a";><code>3d03098</code></a> Abort if the instance folder cannot be created</li> <li><a href="https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4";><code>407eb76</code></a> document using gevent for async (<a href="https://redirect.github.com/pallets/flask/issues/5900";>#5900</a>)</li> <li><a href="https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60";><code>ac5664d</code></a> document using gevent for async</li> <li><a href="https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3";><code>4f79d5b</code></a> Increase required flit_core version to 3.11 (<a href="https://redirect.github.com/pallets/flask/issues/5865";>#5865</a>)</li> <li><a href="https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f";><code>fe3b215</code></a> Increase required flit_core version to 3.11</li> <li>Additional commits viewable in <a href="https://github.com/pallets/flask/compare/3.1.0...3.1.3";>compare view</a></li> </ul> </details> <br /> Updates `flask-cors` from 5.0.1 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/corydolphin/flask-cors/releases";>flask-cors's releases</a>.</em></p> <blockquote> <h2>6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Update license pyproject.toml by <a href="https://github.com/wagenrace";><code>@wagenrace</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/395";>corydolphin/flask-cors#395</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/wagenrace";><code>@wagenrace</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/395";>corydolphin/flask-cors#395</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corydolphin/flask-cors/compare/6.0.1...6.0.2";>https://github.com/corydolphin/flask-cors/compare/6.0.1...6.0.2</a></p> <h2>6.0.1</h2> <h2>What's Changed</h2> <ul> <li>Invert regex sorting to make it correctly match the intent (sorting by specificity descending) <a href="https://redirect.github.com/corydolphin/flask-cors/issues/391";>#391</a> by <a href="https://github.com/joshuamorton";><code>@joshuamorton</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/392";>corydolphin/flask-cors#392</a></li> <li>Fix README file extension in pyproject.toml by <a href="https://github.com/lafrech";><code>@lafrech</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/386";>corydolphin/flask-cors#386</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/joshuamorton";><code>@joshuamorton</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/392";>corydolphin/flask-cors#392</a></li> <li><a href="https://github.com/lafrech";><code>@lafrech</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/386";>corydolphin/flask-cors#386</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corydolphin/flask-cors/compare/6.0.0...6.0.1";>https://github.com/corydolphin/flask-cors/compare/6.0.0...6.0.1</a></p> <h2>6.0.1.dev</h2> <h2>What's Changed</h2> <ul> <li>Fix regex sorting issue from <a href="https://redirect.github.com/corydolphin/flask-cors/issues/391";>#391</a> by <a href="https://github.com/joshuamorton";><code>@joshuamorton</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/392";>corydolphin/flask-cors#392</a></li> <li>Fix README file extension in pyproject.toml by <a href="https://github.com/lafrech";><code>@lafrech</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/386";>corydolphin/flask-cors#386</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/joshuamorton";><code>@joshuamorton</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/392";>corydolphin/flask-cors#392</a></li> <li><a href="https://github.com/lafrech";><code>@lafrech</code></a> made their first contribution in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/386";>corydolphin/flask-cors#386</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corydolphin/flask-cors/compare/6.0.0...6.0.1.dev";>https://github.com/corydolphin/flask-cors/compare/6.0.0...6.0.1.dev</a></p> <h2>6.0.0</h2> <h2>Breaking</h2> <p>Path specificity ordering has changed to improve specificity. This may break users who expected the previous incorrect ordering.</p> <ul> <li>[CVE-2024-6839] Sort Paths by Regex Specificity by <a href="https://github.com/adrianosela";><code>@adrianosela</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/391";>corydolphin/flask-cors#391</a></li> <li>[CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote by <a href="https://github.com/adrianosela";><code>@adrianosela</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/389";>corydolphin/flask-cors#389</a></li> </ul> <h2>What's Changed</h2> <ul> <li>[CVE-2024-6866] Case Sensitive Request Path Matching by <a href="https://github.com/adrianosela";><code>@adrianosela</code></a> in <a href="https://redirect.github.com/corydolphin/flask-cors/pull/390";>corydolphin/flask-cors#390</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0";>https://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/corydolphin/flask-cors/commit/fa55dcbec68b3524a39e5057c35c29c221a27d64";><code>fa55dcb</code></a> Update license pyproject.toml (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/395";>#395</a>)</li> <li><a href="https://github.com/corydolphin/flask-cors/commit/a5003f391e56f74f11a3e509cd180787c75eb6b0";><code>a5003f3</code></a> Fix README file extension in pyproject.toml (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/386";>#386</a>)</li> <li><a href="https://github.com/corydolphin/flask-cors/commit/4ad56d6c20252d36031c74ba8386a81e94286f40";><code>4ad56d6</code></a> Fix regex sorting issue from <a href="https://redirect.github.com/corydolphin/flask-cors/issues/391";>#391</a> (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/392";>#392</a>)</li> <li><a href="https://github.com/corydolphin/flask-cors/commit/35d875319621bd129a38b2b823abf4a2f6cda536";><code>35d8753</code></a> [CVE-2024-6844] Replace use of (urllib) unquote_plus with unquote for paths (...</li> <li><a href="https://github.com/corydolphin/flask-cors/commit/e970988bea563e05e8b8f53fa7bcc134b5bf5c5f";><code>e970988</code></a> [CVE-2024-6839] Sort Paths by Regex Specificity (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/391";>#391</a>)</li> <li><a href="https://github.com/corydolphin/flask-cors/commit/eb39516a3c96b90d0ae5f51293972395ec3ef358";><code>eb39516</code></a> [CVE-2024-6866] Case Sensitive Request Path Matching (<a href="https://redirect.github.com/corydolphin/flask-cors/issues/390";>#390</a>)</li> <li>See full diff in <a href="https://github.com/corydolphin/flask-cors/compare/5.0.1...6.0.2";>compare view</a></li> </ul> </details> <br /> Updates `gevent` from 24.11.1 to 25.9.1 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gevent/gevent/commit/86937db8eadc4e1a4e1ffc374dc67d2fcf4c7196";><code>86937db</code></a> Preparing release 25.9.1</li> <li><a href="https://github.com/gevent/gevent/commit/f3334b9c3e4b653cab69cad17426b12fea6c1466";><code>f3334b9</code></a> Merge pull request <a href="https://redirect.github.com/gevent/gevent/issues/2141";>#2141</a> from gevent/update-pypy</li> <li><a href="https://github.com/gevent/gevent/commit/ebe9f215f7aebf1db2d79fc84d76c33bf1a16010";><code>ebe9f21</code></a> Update PyPy from 3.10v7.3.17 to 3.11v7.3.20</li> <li><a href="https://github.com/gevent/gevent/commit/57ea2bcbd308b31f86d615c4c9bfc4d971a4af6b";><code>57ea2bc</code></a> Merge pull request <a href="https://redirect.github.com/gevent/gevent/issues/2140";>#2140</a> from gevent/issue2139</li> <li><a href="https://github.com/gevent/gevent/commit/afb63b7658f1648b9629cd65d929d553101e459e";><code>afb63b7</code></a> Fix 2139 by typing the ivar c... _Description has been truncated_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
