dependabot[bot] opened a new pull request, #6082: URL: https://github.com/apache/iceberg/pull/6082
Bumps [zstandard](https://github.com/indygreg/python-zstandard) from 0.18.0 to 0.19.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/indygreg/python-zstandard/releases";>zstandard's releases</a>.</em></p> <blockquote> <h2>0.19.0</h2> <h2>Bug Fixes</h2> <ul> <li>The C backend implementation of <code>ZstdDecompressionObj.decompress()</code> could have raised an assertion in cases where the function was called multiple times on an instance. In non-debug builds, calls to this method could have leaked memory.</li> </ul> <h2>Changes</h2> <ul> <li>PyPy 3.6 support dropped; Pypy 3.8 and 3.9 support added.</li> <li>Anaconda 3.6 support dropped.</li> <li>Official support for Python 3.11. This did not require meaningful code changes and previous release(s) likely worked with 3.11 without any changes.</li> <li>CFFI's build system now respects distutils's <code>compiler.preprocessor</code> if it is set. (<a href="https://github-redirect.dependabot.com/indygreg/python-zstandard/issues/179";>#179</a>)</li> <li>The internal logic of <code>ZstdDecompressionObj.decompress()</code> was refactored. This may have fixed unconfirmed issues where <code>unused_data</code> was set prematurely. The new logic will also avoid an extra call to <code>ZSTD_decompressStream()</code> in some scenarios, possibly improving performance.</li> <li><code>ZstdDecompressor.decompress()</code> how has a <code>read_across_frames</code> keyword argument. It defaults to False. True is not yet implemented and will raise an exception if used. The new argument will default to True in a future release and is provided now so callers can start passing <code>read_across_frames=False</code> to preserve the existing functionality during a future upgrade.</li> <li><code>ZstdDecompressor.decompress()</code> now has an <code>allow_extra_data</code> keyword argument to control whether an exception is raised if input contains extra data. It defaults to True, preserving existing behavior of ignoring extra data. It will likely default to False in a future release. Callers desiring the current behavior are encouraged to explicitly pass <code>allow_extra_data=True</code> so behavior won't change during a future upgrade.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indygreg/python-zstandard/blob/main/docs/news.rst";>zstandard's changelog</a>.</em></p> <blockquote> <h1>0.19.0 (released 2022-10-29)</h1> <h2>Bug Fixes</h2> <ul> <li>The C backend implementation of <code>ZstdDecompressionObj.decompress()</code> could have raised an assertion in cases where the function was called multiple times on an instance. In non-debug builds, calls to this method could have leaked memory.</li> </ul> <h2>Changes</h2> <ul> <li>PyPy 3.6 support dropped; Pypy 3.8 and 3.9 support added.</li> <li>Anaconda 3.6 support dropped.</li> <li>Official support for Python 3.11. This did not require meaningful code changes and previous release(s) likely worked with 3.11 without any changes.</li> <li>CFFI's build system now respects distutils's <code>compiler.preprocessor</code> if it is set. (<a href="https://github-redirect.dependabot.com/indygreg/python-zstandard/issues/179";>#179</a>)</li> <li>The internal logic of <code>ZstdDecompressionObj.decompress()</code> was refactored. This may have fixed unconfirmed issues where <code>unused_data</code> was set prematurely. The new logic will also avoid an extra call to <code>ZSTD_decompressStream()</code> in some scenarios, possibly improving performance.</li> <li><code>ZstdDecompressor.decompress()</code> how has a <code>read_across_frames</code> keyword argument. It defaults to False. True is not yet implemented and will raise an exception if used. The new argument will default to True in a future release and is provided now so callers can start passing <code>read_across_frames=False</code> to preserve the existing functionality during a future upgrade.</li> <li><code>ZstdDecompressor.decompress()</code> now has an <code>allow_extra_data</code> keyword argument to control whether an exception is raised if input contains extra data. It defaults to True, preserving existing behavior of ignoring extra data. It will likely default to False in a future release. Callers desiring the current behavior are encouraged to explicitly pass <code>allow_extra_data=True</code> so behavior won't change during a future upgrade.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indygreg/python-zstandard/commit/80c3142f274621d11b1e3c401e17ee4b983ab1a5";><code>80c3142</code></a> global: change release to 0.19.0</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/81f683e64f07f2d8a7989f81dc386b5abb98f66c";><code>81f683e</code></a> decompressor: add read_across_frames and allow_extra_data arguments to decomp...</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/c7a314e20a7e0d55cf431f35defd82738f07dfc9";><code>c7a314e</code></a> tests: add decompress() tests for multiple frames and extra data</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/e86740d5523b1250e15b05cc89aee5df724a493e";><code>e86740d</code></a> docs: accurately document ZstdDecompressor.decompress()</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/cdf9c92f39bd1c7e5c848f4f9ce828410a3d7666";><code>cdf9c92</code></a> docs: better document negative compression levels</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/e84be464fc073d8db43e3005ff9f49ba3ea8ef99";><code>e84be46</code></a> docs: better call out temporally overlapping usage is not allowed</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/f9103dd0204543f36a015731fb2fdc9f3e5ef543";><code>f9103dd</code></a> tests: add test for calling decompress multiple times</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/a1deff51aef8221f9c1e8f2902ca075670ecf0cd";><code>a1deff5</code></a> decompressionobj: refactor decompress()</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/30bf0bfee6e78dbe6c7854b562d05070a01eb6eb";><code>30bf0bf</code></a> black: reformat using black 22.10.0</li> <li><a href="https://github.com/indygreg/python-zstandard/commit/41f7139a7b16fa2207232f96dd527a4b1c91604c";><code>41f7139</code></a> cffi: Use the distutils preprocessor when available</li> <li>Additional commits viewable in <a href="https://github.com/indygreg/python-zstandard/compare/0.18.0...0.19.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
