Skip to content

Commit

Permalink
Bump the pip group across 1 directory with 10 updates (#48)
Browse files Browse the repository at this point in the history 
Bumps the pip group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2023.5.7` |
`2023.7.22` |
| [cryptography](https://github.com/pyca/cryptography) | `40.0.2` |
`42.0.4` |
| [flask](https://github.com/pallets/flask) | `2.2.2` | `2.2.5` |
| [grpcio](https://github.com/grpc/grpc) | `1.54.2` | `1.54.3` |
| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |
| [jinja2](https://github.com/pallets/jinja) | `3.1.2` | `3.1.3` |
| [requests](https://github.com/psf/requests) | `2.26.0` | `2.31.0` |
| [tornado](https://github.com/tornadoweb/tornado) | `6.3.2` | `6.3.3` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.26.16` | `1.26.18`
|
| [werkzeug](https://github.com/pallets/werkzeug) | `2.3.4` | `2.3.8` |


Updates `certifi` from 2023.5.7 to 2023.7.22
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/8fb96ed81f71e7097ed11bc4d9b19afd7ea5c909"><code>8fb96ed</code></a>
2023.07.22</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/afe77220e0eaa722593fc5d294213ff5275d1b40"><code>afe7722</code></a>
Bump actions/setup-python from 4.6.1 to 4.7.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/230">#230</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2038739ad56abec7aaddfa90ad2ce6b3ed7f5c7b"><code>2038739</code></a>
Bump dessant/lock-threads from 3.0.0 to 4.0.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/229">#229</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/44df761f4c09d19f32b3cc09208a739043a5e25b"><code>44df761</code></a>
Hash pin Actions and enable dependabot (<a
href="https://redirect.github.com/certifi/python-certifi/issues/228">#228</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2023.05.07...2023.07.22">compare
view</a></li>
</ul>
</details>
<br />

Updates `cryptography` from 40.0.2 to 42.0.4
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>42.0.4 - 2024-02-20</p>
<pre><code>
* Fixed a null-pointer-dereference and segfault that could occur when
creating
a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
  issue. **CVE-2024-26130**
* Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields
``SMIMECapabilities``
and ``SignatureAlgorithmIdentifier`` should now be correctly encoded
according to the
  definitions in :rfc:`2633` :rfc:`3370`.
<p>.. _v42-0-3:</p>
<p>42.0.3 - 2024-02-15
</code></pre></p>
<ul>
<li>Fixed an initialization issue that caused key loading failures for
some
users.</li>
</ul>
<p>.. _v42-0-2:</p>
<p>42.0.2 - 2024-01-30</p>
<pre><code>
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.2.1.
* Fixed an issue that prevented the use of Python buffer protocol
objects in
  ``sign`` and ``verify`` methods on asymmetric keys.
* Fixed an issue with incorrect keyword-argument naming with
``EllipticCurvePrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange`,
  ``X25519PrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange`,
  ``X448PrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange`,
  and ``DHPrivateKey``

:meth:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange`.
<p>.. _v42-0-1:</p>
<p>42.0.1 - 2024-01-24
</code></pre></p>
<ul>
<li>Fixed an issue with incorrect keyword-argument naming with
<code>EllipticCurvePrivateKey</code>

:meth:<code>~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.sign</code>.</li>
<li>Resolved compatibility issue with loading certain RSA public keys in

:func:<code>~cryptography.hazmat.primitives.serialization.load_pem_public_key</code>.</li>
</ul>
<p>.. _v42-0-0:</p>
<p>42.0.0 - 2024-01-22</p>
<pre><code>
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/fe18470f7d05f963e7267e34fdf985d81ea6ceea"><code>fe18470</code></a>
Bump for 42.0.4 release (<a
href="https://redirect.github.com/pyca/cryptography/issues/10445">#10445</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/aaa2dd06ed470695de818405a982d4c459869803"><code>aaa2dd0</code></a>
Fix ASN.1 issues in PKCS#7 and S/MIME signing (<a
href="https://redirect.github.com/pyca/cryptography/issues/10373">#10373</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10442">#10442</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/7a4d012991061974da5d9cb7614de65eac94f49b"><code>7a4d012</code></a>
Fixes <a
href="https://redirect.github.com/pyca/cryptography/issues/10422">#10422</a>
-- don't crash when a PKCS#12 key and cert don't match (<a
href="https://redirect.github.com/pyca/cryptography/issues/10423">#10423</a>)
...</li>
<li><a
href="https://github.com/pyca/cryptography/commit/df314bb182bdfd661333969a94325e4680d785f6"><code>df314bb</code></a>
backport actions m1 switch to 42.0.x (<a
href="https://redirect.github.com/pyca/cryptography/issues/10415">#10415</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/c49a7a5271178c6e8ef36fa1c499f62c63ec19b9"><code>c49a7a5</code></a>
changelog and version bump for 42.0.3 (<a
href="https://redirect.github.com/pyca/cryptography/issues/10396">#10396</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/396bcf64c5be826ec00e7d7f45838c858c049cbc"><code>396bcf6</code></a>
fix provider loading take two (<a
href="https://redirect.github.com/pyca/cryptography/issues/10390">#10390</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10395">#10395</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/0e0e46f5f73f477b8ee9682738c42129d5d60177"><code>0e0e46f</code></a>
backport: initialize openssl's legacy provider in rust (<a
href="https://redirect.github.com/pyca/cryptography/issues/10323">#10323</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10333">#10333</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/2202123b50de1b8788f909a3e5afe350c56ad81e"><code>2202123</code></a>
changelog and version bump 42.0.2 (<a
href="https://redirect.github.com/pyca/cryptography/issues/10268">#10268</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/f7032bdd409838f67fc2b93343f897fb5f397d80"><code>f7032bd</code></a>
bump openssl in CI (<a
href="https://redirect.github.com/pyca/cryptography/issues/10298">#10298</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10299">#10299</a>)</li>
<li><a
href="https://github.com/pyca/cryptography/commit/002e886f16d8857151c09b11dc86b35f2ac9aec3"><code>002e886</code></a>
Fixes <a
href="https://redirect.github.com/pyca/cryptography/issues/10294">#10294</a>
-- correct accidental change to exchange kwarg (<a
href="https://redirect.github.com/pyca/cryptography/issues/10295">#10295</a>)
(<a
href="https://redirect.github.com/pyca/cryptography/issues/10296">#10296</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/cryptography/compare/40.0.2...42.0.4">compare
view</a></li>
</ul>
</details>
<br />

Updates `flask` from 2.2.2 to 2.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/releases">flask's
releases</a>.</em></p>
<blockquote>
<h2>2.2.5</h2>
<p>This is a security fix release for the 2.2.x release branch. Note
that 2.3.x is the currently supported release branch; please upgrade to
the latest version if possible.</p>
<ul>
<li>Security advisory: <a
href="https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq">https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq</a>,
CVE-2023-30861</li>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5">https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/30?closed=1">https://github.com/pallets/flask/milestone/30?closed=1</a></li>
</ul>
<h2>2.2.4</h2>
<p>This is a fix release for the 2.2.x release branch.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4">https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/27?closed=1">https://github.com/pallets/flask/milestone/27?closed=1</a></li>
</ul>
<h2>2.2.3</h2>
<p>This is a fix release for the 2.2.x release branch.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3">https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-3</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/26?closed=1">https://github.com/pallets/flask/milestone/26?closed=1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/blob/main/CHANGES.rst">flask's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.2.5</h2>
<p>Released 2023-05-02</p>
<ul>
<li>Update for compatibility with Werkzeug 2.3.3.</li>
<li>Set <code>Vary: Cookie</code> header when the session is accessed,
modified, or refreshed.</li>
</ul>
<h2>Version 2.2.4</h2>
<p>Released 2023-04-25</p>
<ul>
<li>Update for compatibility with Werkzeug 2.3.</li>
</ul>
<h2>Version 2.2.3</h2>
<p>Released 2023-02-15</p>
<ul>
<li>Autoescape is enabled by default for <code>.svg</code> template
files. :issue:<code>4831</code></li>
<li>Fix the type of <code>template_folder</code> to accept
<code>pathlib.Path</code>. :issue:<code>4892</code></li>
<li>Add <code>--debug</code> option to the <code>flask run</code>
command. :issue:<code>4777</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee"><code>47af817</code></a>
release version 2.2.5</li>
<li><a
href="https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965"><code>afd63b1</code></a>
Merge pull request <a
href="https://redirect.github.com/pallets/flask/issues/5109">#5109</a>
from pallets/backport-vary-cookie</li>
<li><a
href="https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d"><code>8646edc</code></a>
set <code>Vary: Cookie</code> header consistently for session</li>
<li><a
href="https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e"><code>a6367da</code></a>
Merge pull request <a
href="https://redirect.github.com/pallets/flask/issues/5108">#5108</a>
from pallets/werkzeug-compat</li>
<li><a
href="https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8"><code>3fbfbad</code></a>
werkzeug 2.3.3 compatibility</li>
<li><a
href="https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441"><code>726d3f4</code></a>
start version 2.2.5</li>
<li><a
href="https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a"><code>ddc7acc</code></a>
Merge pull request <a
href="https://redirect.github.com/pallets/flask/issues/5081">#5081</a>
from pallets/release-2.2.4</li>
<li><a
href="https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177"><code>74e0329</code></a>
release version 2.2.4</li>
<li><a
href="https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8"><code>2d46068</code></a>
update dev env</li>
<li><a
href="https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3"><code>64bc458</code></a>
update dev dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/flask/compare/2.2.2...2.2.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `grpcio` from 1.54.2 to 1.54.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc/releases">grpcio's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.54.3</h2>
<p>This is release 1.54.3 (<a
href="https://github.com/grpc/grpc/blob/master/doc/g_stands_for.md">gracious</a>)
of gRPC Core.</p>
<p>For gRPC documentation, see <a href="https://grpc.io/">grpc.io</a>.
For previous releases, see <a
href="https://github.com/grpc/grpc/releases">Releases</a>.</p>
<p>This release contains refinements, improvements, and bug fixes, with
highlights listed below.</p>
<h2>Core</h2>
<ul>
<li>[backport][iomgr][EventEngine] Improve server handling of file
descriptor exhaustion by <a
href="https://github.com/drfloob"><code>@​drfloob</code></a> in <a
href="https://redirect.github.com/grpc/grpc/pull/33670">grpc/grpc#33670</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc/commit/868412b573a0663c8db41558498caf44098f4390"><code>868412b</code></a>
[v1.54.x][Interop] Backport Python image update (<a
href="https://redirect.github.com/grpc/grpc/issues/33865">#33865</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/b80ee02fc9e0ced3721dfad913e4b4023b9641b0"><code>b80ee02</code></a>
[Backport] [dependency] Restrict cython to less than 3.X (<a
href="https://redirect.github.com/grpc/grpc/issues/33771">#33771</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/c3fadd614f9a32ec95d7aed87bf64791b1aae283"><code>c3fadd6</code></a>
[v1.54][Build] Update Phusion baseimage (<a
href="https://redirect.github.com/grpc/grpc/issues/33767">#33767</a>)
(<a
href="https://redirect.github.com/grpc/grpc/issues/33835">#33835</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/057ff9b71ce0af58e776c3c1d0193648763e680b"><code>057ff9b</code></a>
[PSM Interop] Legacy tests: fix xDS test client build (v1.54.x backport)
(<a
href="https://redirect.github.com/grpc/grpc/issues/33">#33</a>...</li>
<li><a
href="https://github.com/grpc/grpc/commit/7a053ebbd0e01c40ec199ab884c0641f708ca492"><code>7a053eb</code></a>
[PSM Interop] Legacy test builds always pull the driver from master
(v1.54.x ...</li>
<li><a
href="https://github.com/grpc/grpc/commit/d084ddce377fa19ed81f32e506d8156bc487c207"><code>d084ddc</code></a>
[release] Bump release version 1.54.3 (<a
href="https://redirect.github.com/grpc/grpc/issues/33708">#33708</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/b8fd152211b7895900127ee6d1a99278d4dd47ca"><code>b8fd152</code></a>
Automated fix for refs/heads/v1.54.x (<a
href="https://redirect.github.com/grpc/grpc/issues/33682">#33682</a>)</li>
<li><a
href="https://github.com/grpc/grpc/commit/f44cddbebae95935fa640aa19ed5d5786de2aafa"><code>f44cddb</code></a>
[backport][iomgr][EventEngine] Improve server handling of file
descriptor exh...</li>
<li><a
href="https://github.com/grpc/grpc/commit/da9ef3403dae11d7be1b1c5c381db1553691378f"><code>da9ef34</code></a>
[PSM interop] Don't fail url_map target if sub-target already failed
(v1.54.x...</li>
<li><a
href="https://github.com/grpc/grpc/commit/6894b4becebe99c7dec1628bbb5ec9b8f873c8f8"><code>6894b4b</code></a>
[PSM interop] Don't fail target if sub-target already failed (<a
href="https://redirect.github.com/grpc/grpc/issues/33222">#33222</a>)
(<a
href="https://redirect.github.com/grpc/grpc/issues/33303">#33303</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc/compare/v1.54.2...v1.54.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `idna` from 3.4 to 3.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/releases">idna's
releases</a>.</em></p>
<blockquote>
<h2>v3.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix issue where specially crafted inputs to encode() could take
exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's
changelog</a>.</em></p>
<blockquote>
<p>3.7 (2024-04-11)
++++++++++++++++</p>
<ul>
<li>Fix issue where specially crafted inputs to encode() could
take exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
<p>3.6 (2023-11-25)
++++++++++++++++</p>
<ul>
<li>Fix regression to include tests in source distribution.</li>
</ul>
<p>3.5 (2023-11-24)
++++++++++++++++</p>
<ul>
<li>Update to Unicode 15.1.0</li>
<li>String codec name is now &quot;idna2008&quot; as overriding the
system codec
&quot;idna&quot; was not working.</li>
<li>Fix typing error for codec encoding</li>
<li>&quot;setup.cfg&quot; has been added for this release due to some
downstream
lack of adherence to PEP 517. Should be removed in a future release
so please prepare accordingly.</li>
<li>Removed reliance on a symlink for the &quot;idna-data&quot; tool to
comport
with PEP 517 and the Python Packaging User Guide for sdist
archives.</li>
<li>Added security reporting protocol for project</li>
</ul>
<p>Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for
contributions
to this release.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d"><code>1d365e1</code></a>
Release v3.7</li>
<li><a
href="https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6"><code>c1b3154</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from
kjd/optimize-contextj</li>
<li><a
href="https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623"><code>0394ec7</code></a>
Merge branch 'master' into optimize-contextj</li>
<li><a
href="https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966"><code>cd58a23</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from
elliotwutingfeng/dev</li>
<li><a
href="https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7"><code>5beb28b</code></a>
More efficient resolution of joiner contexts</li>
<li><a
href="https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b"><code>1b12148</code></a>
Update ossf/scorecard-action to v2.3.1</li>
<li><a
href="https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067"><code>d516b87</code></a>
Update Github actions/checkout to v4</li>
<li><a
href="https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7"><code>c095c75</code></a>
Merge branch 'master' into dev</li>
<li><a
href="https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98"><code>60a0a4c</code></a>
Fix typo in GitHub Actions workflow key</li>
<li><a
href="https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201"><code>5918a0e</code></a>
Merge branch 'master' into dev</li>
<li>Additional commits viewable in <a
href="https://github.com/kjd/idna/compare/v3.4...v3.7">compare
view</a></li>
</ul>
</details>
<br />

Updates `jinja2` from 3.1.2 to 3.1.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/jinja/releases">jinja2's
releases</a>.</em></p>
<blockquote>
<h2>3.1.3</h2>
<p>This is a fix release for the 3.1.x feature branch.</p>
<ul>
<li>Fix for <a
href="https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95">GHSA-h5c8-rqwp-cp95</a>.
You are affected if you are using <code>xmlattr</code> and passing user
input as attribute keys.</li>
<li>Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-3">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-3</a></li>
<li>Milestone: <a
href="https://github.com/pallets/jinja/milestone/15?closed=1">https://github.com/pallets/jinja/milestone/15?closed=1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/jinja/blob/main/CHANGES.rst">jinja2's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.1.3</h2>
<p>Released 2024-01-10</p>
<ul>
<li>Fix compiler error when checking if required blocks in parent
templates are
empty. :pr:<code>1858</code></li>
<li><code>xmlattr</code> filter does not allow keys with spaces.
GHSA-h5c8-rqwp-cp95</li>
<li>Make error messages stemming from invalid nesting of <code>{% trans
%}</code> blocks
more helpful. :pr:<code>1918</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/jinja/commit/d9de4bb215fd1cc8092a410fb834c7c4060b1fc1"><code>d9de4bb</code></a>
release version 3.1.3</li>
<li><a
href="https://github.com/pallets/jinja/commit/50124e16561f17f6c1ec85a692f6551418971cdc"><code>50124e1</code></a>
skip test pypi</li>
<li><a
href="https://github.com/pallets/jinja/commit/9ea7222ef3f184480be0d0884e30ccfb4172b17b"><code>9ea7222</code></a>
use trusted publishing</li>
<li><a
href="https://github.com/pallets/jinja/commit/da703f7aae36b1e88baaa20de334d7ff6378fdde"><code>da703f7</code></a>
use trusted publishing</li>
<li><a
href="https://github.com/pallets/jinja/commit/bce174692547464512383ec40e0f8338b8811983"><code>bce1746</code></a>
use trusted publishing</li>
<li><a
href="https://github.com/pallets/jinja/commit/7277d8068be593deab3555c7c14f974ada373af1"><code>7277d80</code></a>
update pre-commit hooks</li>
<li><a
href="https://github.com/pallets/jinja/commit/5c8a10522421270f66376a24ec8e0d6812bc4b14"><code>5c8a105</code></a>
Make nested-trans-block exceptions nicer (<a
href="https://redirect.github.com/pallets/jinja/issues/1918">#1918</a>)</li>
<li><a
href="https://github.com/pallets/jinja/commit/19a55db3b411343309f2faaffaedbb089e841895"><code>19a55db</code></a>
Make nested-trans-block exceptions nicer</li>
<li><a
href="https://github.com/pallets/jinja/commit/716795349a41d4983a9a4771f7d883c96ea17be7"><code>7167953</code></a>
Merge pull request from GHSA-h5c8-rqwp-cp95</li>
<li><a
href="https://github.com/pallets/jinja/commit/7dd3680e6eea0d77fde024763657aa4d884ddb23"><code>7dd3680</code></a>
xmlattr filter disallows keys with spaces</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/jinja/compare/3.1.2...3.1.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `requests` from 2.26.0 to 2.31.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.31.0</h2>
<h2>2.31.0 (2023-05-22)</h2>
<p><strong>Security</strong></p>
<ul>
<li>
<p>Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to
potential
forwarding of <code>Proxy-Authorization</code> headers to destination
servers when
following HTTPS redirects.</p>
<p>When proxies are defined with user info (<a
href="https://user:pass@proxy:8080">https://user:pass@proxy:8080</a>),
Requests
will construct a <code>Proxy-Authorization</code> header that is
attached to the request to
authenticate with the proxy.</p>
<p>In cases where Requests receives a redirect response, it previously
reattached
the <code>Proxy-Authorization</code> header incorrectly, resulting in
the value being
sent through the tunneled connection to the destination server. Users
who rely on
defining their proxy credentials in the URL are <em>strongly</em>
encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their
proxy
credentials once the change has been fully deployed.</p>
<p>Users who do not use a proxy or do not supply their proxy credentials
through
the user information portion of their proxy URL are not subject to this
vulnerability.</p>
<p>Full details can be read in our <a
href="https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q">Github
Security Advisory</a>
and <a
href="https://nvd.nist.gov/vuln/detail/CVE-2023-32681">CVE-2023-32681</a>.</p>
</li>
</ul>
<h2>v2.30.0</h2>
<h2>2.30.0 (2023-05-03)</h2>
<p><strong>Dependencies</strong></p>
<ul>
<li>
<p>⚠️ Added support for urllib3 2.0. ⚠️</p>
<p>This may contain minor breaking changes so we advise careful testing
and
reviewing <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html</a>
prior to upgrading.</p>
<p>Users who wish to stay on urllib3 1.x can pin to
<code>urllib3&lt;2</code>.</p>
</li>
</ul>
<h2>v2.29.0</h2>
<h2>2.29.0 (2023-04-26)</h2>
<p><strong>Improvements</strong></p>
<ul>
<li>Requests now defers chunked requests to the urllib3 implementation
to improve
standardization. (<a
href="https://redirect.github.com/psf/requests/issues/6226">#6226</a>)</li>
<li>Requests relaxes header component requirements to support bytes/str
subclasses. (<a
href="https://redirect.github.com/psf/requests/issues/6356">#6356</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.31.0 (2023-05-22)</h2>
<p><strong>Security</strong></p>
<ul>
<li>
<p>Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to
potential
forwarding of <code>Proxy-Authorization</code> headers to destination
servers when
following HTTPS redirects.</p>
<p>When proxies are defined with user info
(<code>https://user:pass@proxy:8080</code>), Requests
will construct a <code>Proxy-Authorization</code> header that is
attached to the request to
authenticate with the proxy.</p>
<p>In cases where Requests receives a redirect response, it previously
reattached
the <code>Proxy-Authorization</code> header incorrectly, resulting in
the value being
sent through the tunneled connection to the destination server. Users
who rely on
defining their proxy credentials in the URL are <em>strongly</em>
encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their
proxy
credentials once the change has been fully deployed.</p>
<p>Users who do not use a proxy or do not supply their proxy credentials
through
the user information portion of their proxy URL are not subject to this
vulnerability.</p>
<p>Full details can be read in our <a
href="https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q">Github
Security Advisory</a>
and <a
href="https://nvd.nist.gov/vuln/detail/CVE-2023-32681">CVE-2023-32681</a>.</p>
</li>
</ul>
<h2>2.30.0 (2023-05-03)</h2>
<p><strong>Dependencies</strong></p>
<ul>
<li>
<p>⚠️ Added support for urllib3 2.0. ⚠️</p>
<p>This may contain minor breaking changes so we advise careful testing
and
reviewing <a
href="https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html">https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html</a>
prior to upgrading.</p>
<p>Users who wish to stay on urllib3 1.x can pin to
<code>urllib3&lt;2</code>.</p>
</li>
</ul>
<h2>2.29.0 (2023-04-26)</h2>
<p><strong>Improvements</strong></p>
<ul>
<li>Requests now defers chunked requests to the urllib3 implementation
to improve
standardization. (<a
href="https://redirect.github.com/psf/requests/issues/6226">#6226</a>)</li>
<li>Requests relaxes header component requirements to support bytes/str
subclasses. (<a
href="https://redirect.github.com/psf/requests/issues/6356">#6356</a>)</li>
</ul>
<h2>2.28.2 (2023-01-12)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/requests/commit/147c8511ddbfa5e8f71bbf5c18ede0c4ceb3bba4"><code>147c851</code></a>
v2.31.0</li>
<li><a
href="https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5"><code>74ea7cf</code></a>
Merge pull request from GHSA-j8r2-6x86-q33q</li>
<li><a
href="https://github.com/psf/requests/commit/302225334678490ec66b3614a9dddb8a02c5f4fe"><code>3022253</code></a>
test on pypy 3.8 and pypy 3.9 on windows and macos (<a
href="https://redirect.github.com/psf/requests/issues/6424">#6424</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/b639e66c816514e40604d46f0088fbceec1a5149"><code>b639e66</code></a>
test on py3.12 (<a
href="https://redirect.github.com/psf/requests/issues/6448">#6448</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/d3d504436ef0c2ac7ec8af13738b04dcc8c694be"><code>d3d5044</code></a>
Fixed a small typo (<a
href="https://redirect.github.com/psf/requests/issues/6452">#6452</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/2ad18e0e10e7d7ecd5384c378f25ec8821a10a29"><code>2ad18e0</code></a>
v2.30.0</li>
<li><a
href="https://github.com/psf/requests/commit/f2629e9e3c7ce3c3c8c025bcd8db551101cbc773"><code>f2629e9</code></a>
Remove strict parameter (<a
href="https://redirect.github.com/psf/requests/issues/6434">#6434</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/87d63de8739263bbe17034fba2285c79780da7e8"><code>87d63de</code></a>
v2.29.0</li>
<li><a
href="https://github.com/psf/requests/commit/51716c4ef390136b0d4b800ec7665dd5503e64fc"><code>51716c4</code></a>
enable the warnings plugin (<a
href="https://redirect.github.com/psf/requests/issues/6416">#6416</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/a7da1ab3498b10ec3a3582244c94b2845f8a8e71"><code>a7da1ab</code></a>
try on ubuntu 22.04 (<a
href="https://redirect.github.com/psf/requests/issues/6418">#6418</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.26.0...v2.31.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `tornado` from 6.3.2 to 6.3.3
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst">tornado's
changelog</a>.</em></p>
<blockquote>
<h1>Release notes</h1>
<p>.. toctree::
:maxdepth: 2</p>
<p>releases/v6.4.0
releases/v6.3.3
releases/v6.3.2
releases/v6.3.1
releases/v6.3.0
releases/v6.2.0
releases/v6.1.0
releases/v6.0.4
releases/v6.0.3
releases/v6.0.2
releases/v6.0.1
releases/v6.0.0
releases/v5.1.1
releases/v5.1.0
releases/v5.0.2
releases/v5.0.1
releases/v5.0.0
releases/v4.5.3
releases/v4.5.2
releases/v4.5.1
releases/v4.5.0
releases/v4.4.3
releases/v4.4.2
releases/v4.4.1
releases/v4.4.0
releases/v4.3.0
releases/v4.2.1
releases/v4.2.0
releases/v4.1.0
releases/v4.0.2
releases/v4.0.1
releases/v4.0.0
releases/v3.2.2
releases/v3.2.1
releases/v3.2.0
releases/v3.1.1
releases/v3.1.0
releases/v3.0.2
releases/v3.0.1
releases/v3.0.0
releases/v2.4.1
releases/v2.4.0
releases/v2.3.0
releases/v2.2.1</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tornadoweb/tornado/commit/e4d698433b44f350d4908da9ca2cac475c92dfdc"><code>e4d6984</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3307">#3307</a>
from bdarnell/branch6.3</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/6a9e6fbaf7830b3edae68805211f35f5954292ab"><code>6a9e6fb</code></a>
ci: Don't test py312 in branch6.3</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/5c8a9a4fa792f8b18bd26bc7a8335e3bbe837852"><code>5c8a9a4</code></a>
Set version to 6.3.3</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/7dfe8b597f2d179334d7b528f61e9449ac131273"><code>7dfe8b5</code></a>
httpserver_test: Add ExpectLog to fix CI</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/217295b1dd30f556ea374d62007f6821688f00f0"><code>217295b</code></a>
http1connection: Make content-length parsing more strict</li>
<li><a
href="https://github.com/tornadoweb/tornado/commit/e3aa6c5e2943242d8ab25448c2798365b3cb9945"><code>e3aa6c5</code></a>
Merge pull request <a
href="https://redirect.github.com/tornadoweb/tornado/issues/3267">#3267</a>
from bdarnell/branch6.3</li>
<li>See full diff in <a
href="https://github.com/tornadoweb/tornado/compare/v6.3.2...v6.3.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `urllib3` from 1.26.16 to 1.26.18
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>1.26.18</h2>
<ul>
<li>Made body stripped from HTTP requests changing the request method to
GET after HTTP 303 &quot;See Other&quot; redirect responses.
(GHSA-g4mx-q9vg-27p4)</li>
</ul>
<h2>1.26.17</h2>
<ul>
<li>Added the <code>Cookie</code> header to the list of headers to strip
from requests when redirecting to a different host. As before, different
headers can be set via <code>Retry.remove_headers_on_redirect</code>.
(GHSA-v845-jxx5-vc9f)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>1.26.18 (2023-10-17)</h1>
<ul>
<li>Made body stripped from HTTP requests changing the request method to
GET after HTTP 303 &quot;See Other&quot; redirect responses.</li>
</ul>
<h1>1.26.17 (2023-10-02)</h1>
<ul>
<li>Added the <code>Cookie</code> header to the list of headers to strip
from requests when redirecting to a different host. As before, different
headers can be set via <code>Retry.remove_headers_on_redirect</code>.
(<code>[#3139](urllib3/urllib3#3139)
&lt;https://github.com/urllib3/urllib3/pull/3139&gt;</code>_)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/9c2c2307dd1d6af504e09aac0326d86ee3597a0b"><code>9c2c230</code></a>
Release 1.26.18 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3159">#3159</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36"><code>b594c5c</code></a>
Merge pull request from GHSA-g4mx-q9vg-27p4</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/944f0eb134485f41bc531be52de12ba5a37bca73"><code>944f0eb</code></a>
[1.26] Use vendored six in urllib3.contrib.securetransport</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/c9016bf464751a02b7e46f8b86504f47d4238784"><code>c9016bf</code></a>
Release 1.26.17</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb"><code>0122035</code></a>
Backport GHSA-v845-jxx5-vc9f (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3139">#3139</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/e63989f97d206e839ab9170c8a76e3e097cc60e8"><code>e63989f</code></a>
Fix installing <code>brotli</code> extra on Python 2.7</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/2e7a24d08713a0131f0b3c7197889466d645cc49"><code>2e7a24d</code></a>
[1.26] Configure OS for RTD to fix building docs</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/57181d6ea910ac7cb2ff83345d9e5e0eb816a0d0"><code>57181d6</code></a>
[1.26] Improve error message when calling urllib3.request() (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3058">#3058</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/3c0148048a523325819377b23fc67f8d46afc3aa"><code>3c01480</code></a>
[1.26] Run coverage even with failed jobs</li>
<li>See full diff in <a
href="https://github.com/urllib3/urllib3/compare/1.26.16...1.26.18">compare
view</a></li>
</ul>
</details>
<br />

Updates `werkzeug` from 2.3.4 to 2.3.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/werkzeug/releases">werkzeug's
releases</a>.</em></p>
<blockquote>
<h2>2.3.8</h2>
<p>This is a security release for the 2.3.x feature branch.</p>
<ul>
<li>Changes: <a
href="https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-8">https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-8</a></li>
</ul>
<h2>2.3.7</h2>
<p>This is a fix release for the 2.3.x feature branch.</p>
<ul>
<li>Changes: <a
href="https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-7">https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-7</a></li>
<li>Milestone: <a
href="https://github.com/pallets/werkzeug/milestone/33?closed=1">https://github.com/pallets/werkzeug/milestone/33?closed=1</a></li>
</ul>
<h2>2.3.6</h2>
<p>This is a fix release for the 2.3.x feature branch.</p>
<ul>
<li>Changes: <a
href="https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-6">https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-6</a></li>
<li>Milestone: <a
href="https://github.com/pallets/werkzeug/milestone/32?closed=1">https://github.com/pallets/werkzeug/milestone/32?closed=1</a></li>
</ul>
<h2>2.3.5</h2>
<p>This is a fix release for the 2.3.x feature branch.</p>
<ul>
<li>Changes: <a
href="https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-5">https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-5</a></li>
<li>Milestone: <a
href="https://github.com/pallets/werkzeug/milestone/31?closed=1">https://github.com/pallets/werkzeug/milestone/31?closed=1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/werkzeug/blob/main/CHANGES.rst">werkzeug's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.3.8</h2>
<p>Released 2023-11-08</p>
<ul>
<li>Fix slow multipart parsing for large parts potentially enabling DoS
attacks.</li>
</ul>
<h2>Version 2.3.7</h2>
<p>Released 2023-08-14</p>
<ul>
<li>Use <code>flit_core</code> instead of <code>setuptools</code> as
build backend.</li>
<li>Fix parsing of multipart bodies. :issue:<code>2734</code></li>
<li>Adjust index of last newline in data start.
:issue:<code>2761</code></li>
<li>Parsing ints from header values strips spacing first.
:issue:<code>2734</code></li>
<li>Fix empty file streaming when testing. :issue:<code>2740</code></li>
<li>Clearer error message when URL rule does not start with slash.
:pr:<code>2750</code></li>
<li><code>Accept</code> <code>q</code> value can be a float without a
decimal part. :issue:<code>2751</code></li>
</ul>
<h2>Version 2.3.6</h2>
<p>Released 2023-06-08</p>
<ul>
<li><code>FileStorage.content_length</code> does not fail if the form
data did not provide a
value. :issue:<code>2726</code></li>
</ul>
<h2>Version 2.3.5</h2>
<p>Released 2023-06-07</p>
<ul>
<li>Python 3.12 compatibility. :issue:<code>2704</code></li>
<li>Fix handling of invalid base64 values in
<code>Authorization.from_header</code>. :issue:<code>2717</code></li>
<li>The debugger escapes the exception message in the page title.
:pr:<code>2719</code></li>
<li>When binding <code>routing.Map</code>, a long IDNA
<code>server_name</code> with a port does not fail
encoding. :issue:<code>2700</code></li>
<li><code>iri_to_uri</code> shows a deprecation warning instead of an
error when passing bytes.
:issue:<code>2708</code></li>
<li>When parsing numbers in HTTP request headers such as
<code>Content-Length</code>, only ASCII
digits are accepted rather than any format that Python's
<code>int</code> and <code>float</code>
accept. :issue:<code>2716</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/werkzeug/commit/dc909431a6b399f341364233382aad73fb0ea56a"><code>dc90943</code></a>
Release version 2.3.8</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/f2300208d5e2a5076cbbb4c2aad71096fd040ef9"><code>f230020</code></a>
Fix: slow multipart parsing for huge files with few CR/LF
characters</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/26f3e95168c5019d3dbf656c9042c19d621cb54f"><code>26f3e95</code></a>
reformat lines</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/828bab48b056f59c2884fe52eb5decd21415b4be"><code>828bab4</code></a>
Start version 2.3.8</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/3c2ba3da894c0767dd6dde7b2707cac65bad5422"><code>3c2ba3d</code></a>
Release version 2.3.7</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/ac9974c04fe44bf1a6fde752cad492432cd5c1b7"><code>ac9974c</code></a>
Fix qvalue parsing (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2753">#2753</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/88f4ed649cf340f401c4225a418fb78aeec92e6f"><code>88f4ed6</code></a>
qvalue parsing accepts float without decimal</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/dd1f1371d092086095bc004dfbbdf3a29c4612f0"><code>dd1f137</code></a>
Fix: Improve Error Message (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2750">#2750</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/fdc295a79c5a8a1da381d646b5430ac0e0230a92"><code>fdc295a</code></a>
clearer url rule slash error</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/a0f4bf4bb60a95a959314f3540a42f186f1f8ace"><code>a0f4bf4</code></a>
fix: improve error message</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/werkzeug/compare/2.3.4...2.3.8">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/brucewzj99/tele-tracker-v2/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed May 5, 2024
1 parent 4680ec4 commit 98fab78
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@ APScheduler==3.6.3
asgiref==3.7.1
CacheControl==0.12.11
cachetools==4.2.2
certifi==2023.5.7
certifi==2023.7.22
cffi==1.15.1
charset-normalizer==2.0.12
click==8.1.3
colorama==0.4.6
cryptography==40.0.2
cryptography==42.0.4
exceptiongroup==1.2.1
firebase-admin==6.1.0
Flask==2.2.2
Flask==2.2.5
google-api-core==2.11.0
google-api-python-client==2.86.0
google-auth==2.17.3
Expand All @@ -21,14 +21,14 @@ google-cloud-storage==2.9.0
google-crc32c==1.5.0
google-resumable-media==2.5.0
googleapis-common-protos==1.59.0
grpcio==1.54.2
grpcio==1.54.3
grpcio-status==1.54.2
httplib2==0.22.0
idna==3.4
idna==3.7
importlib-metadata==6.6.0
iniconfig==2.0.0
itsdangerous==2.1.2
Jinja2==3.1.2
Jinja2==3.1.3
MarkupSafe==2.1.2
msgpack==1.0.5
packaging==24.0
Expand All @@ -46,15 +46,15 @@ python-dotenv==1.0.1
python-telegram-bot==13.7
pytz==2023.3
PyYAML==6.0
requests==2.26.0
requests==2.31.0
rsa==4.9
six==1.16.0
tomli==2.0.1
tornado==6.3.2
tornado==6.3.3
typing_extensions==4.6.2
tzdata==2023.3
tzlocal==5.0.1
uritemplate==4.1.1
urllib3==1.26.16
Werkzeug==2.3.4
urllib3==1.26.18
Werkzeug==2.3.8
zipp==3.15.0

0 comments on commit 98fab78

Please sign in to comment.