Update Lock-file Patch Releases for Next (next) #3158
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
3.1.34
->3.1.36
~3.3.7
->~3.4.0
==3.3.7
->==3.4.4
~23.7.0
->~23.9.0
~7.2.7
->~7.3.0
~4.3.0
->~4.5.0
~2.4.0
->~2.5.0
~4.1.0
->~4.2.0
23.1
->23.2
~2.10.2
->~2.11.0
1.13.2
->1.14
0.26.3
->0.26.4
~3.2.1
->~3.3.0
~6.0.0
->~6.1.0
~0.8.0
->~0.10.0
>=4.7.0,<4.19.0
->>=4.19.0,<4.20.0
~1.4.3
->~1.5.0
==1.4.3
->==1.5.2
~9.1.18
->~9.3.0
==9.1.18
->==9.3.1
0.3.5
->0.3.7
==0.3.5
->==0.3.7
~0.22.0
->~0.23.0
==0.22.0
->==0.23.0
~1.3.0
->~1.6.0
==1.3.0
->==1.6.3
1.5.0
->1.6.0
~13.4.2
->~13.5.0
~4.9.1
->~4.12.0
~5.2.0
->~5.3.0
~0.18.1
->~0.19.0
~1.30.0
->~1.32.0
Release Notes
gitpython-developers/GitPython (GitPython)
v3.1.36
Compare Source
v3.1.35
: - a fix for CVE-2023-41040Compare Source
What's Changed
New Contributors
Full Changelog: gitpython-developers/GitPython@3.1.34...3.1.35
Python-Markdown/markdown (Markdown)
v3.4.4
Compare Source
v3.4.3
Compare Source
v3.4.2
Compare Source
v3.4.1
Compare Source
v3.4
Compare Source
psf/black (black)
v23.9.1
Compare Source
Due to various issues, the previous release (23.9.0) did not include compiled mypyc
wheels, which make Black significantly faster. These issues have now been fixed, and
this release should come with compiled wheels once again.
There will be no wheels for Python 3.12 due to a bug in mypyc. We will provide 3.12
wheels in a future release as soon as the mypyc bug is fixed.
Packaging
Performance
decreasing the size of the cache (#3877)
v23.9.0
Compare Source
Preview style
if sys.version_info > (3, x):
) and a function definition on the same level (#3862)Configuration
Performance
IPython
if notebook cells do not contain magics (#3782)Blackd
blackd
with single character input (#3558)Integrations
official pre-commit mirror. Swapping
https://github.com/psf/black
tohttps://github.com/psf/black-pre-commit-mirror
inyour
.pre-commit-config.yaml
will make Black about 2x faster (#3828).black.env
folder specified byENV_PATH
will now be removed on the completionof the GitHub Action (#3759)
nedbat/coveragepy (coverage)
v7.3.1
Compare Source
The semantics of stars in file patterns has been clarified in the docs. A
leading or trailing star matches any number of path components, like a double
star would. This is different than the behavior of a star in the middle of a
pattern. This discrepancy was
identified by Sviatoslav Sydorenko <starbad_>
, whoprovided patient detailed diagnosis <pull 1650_>
andgraciously agreed to a pragmatic resolution.
The API docs were missing from the last version. They are now
restored <apidocs_>
_... _apidocs: https://coverage.readthedocs.io/en/latest/api_coverage.html
.. _starbadhttps://github.com/nedbat/coveragepy/issues/1407#issuecomment-163108520909
.. _pull 165https://github.com/nedbat/coveragepy/pull/1650650
.. _changes_7-3-0:
v7.3.0
Compare Source
Added a :meth:
.Coverage.collect
context manager to start and stop coveragedata collection.
Dropped support for Python 3.7.
Fix: in unusual circumstances, SQLite cannot be set to asynchronous mode.
Coverage.py would fail with the error
Safety level may not be changed inside a transaction.
This is now avoided, closingissue 1646
_. Thanksto Michael Bell for the detailed bug report.
Docs: examples of configuration files now include separate examples for the
different syntaxes: .coveragerc, pyproject.toml, setup.cfg, and tox.ini.
Fix: added
nosemgrep
comments to our JavaScript code so thatsemgrep-based SAST security checks won't raise false alarms about security
problems that aren't problems.
Added a CITATION.cff file, thanks to
Ken Schackart <pull 1641_>
_... _pull 1641:https://github.com/nedbat/coveragepy/pull/16411
.. _issue 1646https://github.com/nedbat/coveragepy/issues/164646
.. _changes_7-2-7:
django-auth-ldap/django-auth-ldap (django-auth-ldap)
v4.5.0
Compare Source
What's Changed
New Contributors
Full Changelog: django-auth-ldap/django-auth-ldap@4.4.0...4.5.0
v4.4.0
Compare Source
What's Changed
Full Changelog: django-auth-ldap/django-auth-ldap@4.3.0...4.4.0
celery/django-celery-results (django-celery-results)
v2.5.1
Compare Source
=====
:release-date: 2023-05-08 8:15 P.M. UTC+6:00
:release-by: Asif Saif Uddin
.. _version-2.5.0:
v2.5.0
Compare Source
=====
:release-date: 2023-03-13 5:45 P.M. UTC+6:00
:release-by: Asif Saif Uddin
.. _version-2.4.0:
jazzband/django-debug-toolbar (django-debug-toolbar)
v4.2.0
Compare Source
carltongibson/django-filter (django-filter)
v23.2
Compare Source
Deprecated the schema generation methods of the DRF related
DjangoFilterBackend
.These will be removed in version 25.1.
You should use
drf-spectacular <https://drf-spectacular.readthedocs.io/en/latest/>
_for generating OpenAPI schemas with DRF.
In addition, stopped testing against the (very old now)
coreapi
schema generation.These methods should continue to work if you're using them until v25.1, but
coreapi
is no longer maintained, and is raising warnings against the currentversions of Python. To workaround this is not worth the effort at this point.
Updated Polish translations.
niwinz/django-jinja (django-jinja)
v2.11.0
Compare Source
Released September 3rd, 2023
Previously, when configuring
TEMPLATES
in Django's settings,NAME
had to be set to avoid the template engine's name becoming"backend"
:jschneier/django-storages (django-storages)
v1.14
Compare Source
tfranzel/drf-spectacular (drf-spectacular)
v0.26.4
Compare Source
#​1029 <https://github.com/tfranzel/drf-spectacular/issues/1029>
_#​542 <https://github.com/tfranzel/drf-spectacular/issues/542>
_#​1025 <https://github.com/tfranzel/drf-spectacular/issues/1025>
_#​1022 <https://github.com/tfranzel/drf-spectacular/issues/1022>
_#​976 <https://github.com/tfranzel/drf-spectacular/issues/976>
_#​1021 <https://github.com/tfranzel/drf-spectacular/issues/1021>
_) [sydney-runkle]#​982 <https://github.com/tfranzel/drf-spectacular/issues/982>
_Breaking changes / important additions:
django-filter
anddjango-polymorphic
.AutoSchema
subclassing.FactoryBoy/factory_boy (factory-boy)
v3.3.0
Compare Source
pycqa/flake8 (flake8)
v6.1.0
Compare Source
tfoxy/graphene-django-optimizer (graphene-django-optimizer)
v0.10.0
: Fix compatibility with graphql-core v3.2Compare Source
See https://github.com/tfoxy/graphene-django-optimizer/pull/83
Creating a new version instead of v0.9.2 because a test was failing so it may break things for some people.
v0.9.1
Compare Source
v0.9.0
: Support for Graphene 3Compare Source
Add support for Graphene 3.
BREAKING CHANGE
Graphene 2 is no longer supported. You can use v0.8, which will be maintained for fixes.
python-jsonschema/jsonschema (jsonschema)
v4.19.0
Compare Source
=======
Validator
protocol directly from the package root is deprecated.Import it from
jsonschema.protocols.Validator
instead.Such resources are assumed to be 2020-12 schemas.
This more closely matches the pre-referencing library behavior.
mkdocs/mkdocs (mkdocs)
v1.5.2
Compare Source
Bugfix (regression in 1.5.0): Restore functionality of
--no-livereload
. (#3320)Bugfix (regression in 1.5.0): The new page title detection would sometimes be unable to drop anchorlinks - fix that. (#3325)
Partly bring back pre-1.5 API:
extra_javascript
items will once again be mostly strings, and only sometimesExtraStringValue
(when the extrascript
functionality is used).Plugins should be free to append strings to
config.extra_javascript
, but when reading the values, they must still make sure to read it asstr(value)
in case it is anExtraScriptValue
item. For querying the attributes such as.type
you need to checkisinstance
first. Static type checking will guide you in that. (#3324)See commit log.
v1.5.1
Compare Source
Bugfix (regression in 1.5.0): Make it possible to treat
ExtraScriptValue
as a path. This lets some plugins still work despite the breaking change.Bugfix (regression in 1.5.0): Prevent errors for special setups that have 3 conflicting files, such as
index.html
,index.md
andREADME.md
(#3314)See commit log.
v1.5.0
Compare Source
New: MkDocs now accepts donations. Please consider supporting the current maintainer at my new GitHub sponsorship page.
MkDocs has been a totally free project since the beginning and wasn't accepting funds. MkDocs will remain free of paywalls, but now you can show your support with donations (one-time and/or recurring).
Donate for MkDocs - @oprypin sponsors page
And please also consider these other individuals who have been contributing to the ecosystem for a long time and check out their donations pages:
@facelessuser
@pawamoy
@Ultrabug
Release 1.5.0
New command
mkdocs get-deps
This command guesses the Python dependencies that a MkDocs site requires in order to build. It simply prints the PyPI packages that need to be installed. In the terminal it can be combined directly with an installation command as follows:
pip install $(mkdocs get-deps)
The idea is that right after running this command, you can directly follow it up with
mkdocs build
and it will almost always "just work", without needing to think which dependencies to install.The way it works is by scanning
mkdocs.yml
forthemes:
,plugins:
,markdown_extensions:
items and doing a reverse lookup based on a large list of known projects (catalog, see below).Of course, you're welcome to use a "virtualenv" with such a command. Also note that for environments that require stability (for example CI) directly installing deps in this way is not a very reliable approach as it precludes dependency pinning.
The command allows overriding which config file is used (instead of
mkdocs.yml
in the current directory) as well as which catalog of projects is used (instead of downloading it from the default location). Seemkdocs get-deps --help
.Context: #3205
MkDocs has an official catalog of plugins
Check out https://github.com/mkdocs/catalog and add all your general-purpose plugins, themes and extensions there, so that they can be looked up through
mkdocs get-deps
.This was renamed from "best-of-mkdocs" and received significant updates. In addition to
pip
installation commands, the page now shows the config boilerplate needed to add a plugin.Expanded validation of links
Validated links in Markdown
However, the checks for links were really loose and had many concessions. For example, links that started with
/
("absolute") and links that ended with/
were left as is and no warning was shown, which allowed such very fragile links to sneak into site sources: links that happen to work right now but get no validation and links that confusingly need an extra level of..
withuse_directory_urls
enabled.Now, in addition to validating relative links, MkDocs will print
INFO
messages for unrecognized types of links (including absolute links). They look like this:If you don't want any changes, not even the
INFO
messages, and wish to revert to the silence from MkDocs 1.4, add the following configs tomkdocs.yml
(not recommended):If, on the opposite end, you want these to print
WARNING
messages and causemkdocs build --strict
to fail, you are recommended to configure these towarn
instead.See documentation for actual recommended settings and more details. Context: #3283
Validated links in the nav
Links to documents in the
nav
configuration now also have configurable validation, though with no changes to the defaults.You are welcomed to turn on validation for files that were forgotten and excluded from the nav. Example:
This can make the following message appear with the
WARNING
level (as opposed toINFO
as the only option previously), thus being caught bymkdocs --strict
:See documentation. Context: #3283, #1755
Mark docs as intentionally "not in nav"
There is a new config
not_in_nav
. With it, you can mark particular patterns of files as exempt from the aboveomitted_files
warning type; no messages will be printed for them anymore. (As a corollary, setting this config to*
is the same as ignoringomitted_files
altogether.)This is useful if you generally like these warnings about files that were forgotten from the nav, but still have some pages that you knowingly excluded from the nav and just want to build and copy them.
The
not_in_nav
config is a set of gitignore-like patterns. See the next section for an explanation of another such config.See documentation. Context: #3224, #1888
Excluded doc files
There is a new config
exclude_docs
that tells MkDocs to ignore certain files underdocs_dir
and not copy them to the builtsite
as part of the build.Historically MkDocs would always ignore file names starting with a dot, and that's all. Now this is all configurable: you can un-ignore these and/or ignore more patterns of files.
The
exclude_docs
config follows the .gitignore pattern format and is specified as a multiline YAML string. For example:Validation of links (described above) is also affected by
exclude_docs
. Duringmkdocs serve
the messages explain the interaction, whereas duringmkdocs build
excluded files are as good as nonexistent.As an additional related change, if you have a need to have both
README.md
andindex.md
files in a directory but publish only one of them, you can now use this feature to explicitly ignore one of them and avoid warnings.See documentation. Context: #3224
Drafts
The
exclude_docs
config has another behavior: all excluded Markdown pages will still be previewable inmkdocs serve
only, just with a "DRAFT" marker on top. Then they will of course be excluded frommkdocs build
orgh-deploy
.If you don't want
mkdocs serve
to have any special behaviors and instead want it to perform completely normal builds, use the new flagmkdocs serve --clean
.See documentation. Context: #3224
mkdocs serve
no longer exits after build errorsIf there was an error (from the config or a plugin) during a site re-build,
mkdocs serve
used to exit after printing a stack trace. Now it will simply freeze the server until the author edits the files to fix the problem, and then will keep reloading.But errors on the first build still cause
mkdocs serve
to exit, as before.Context: #3255
Page titles will be deduced from any style of heading
MkDocs always had the ability to infer the title of a page (if it's not specified in the
nav
) based on the first line of the document, if it had a<h1>
heading that had to written starting with the exact character#
. Now any style of Markdown heading is understood (#1886). Due to the previous simplistic parsing, it was also impossible to useattr_list
attributes in that first heading (#3136). Now that is also fixed.Markdown extensions can use paths relative to the current document
This is aimed at extensions such as
pymdownx.snippets
ormarkdown_include.include
: you can now specify their include paths to be relative to the currently rendered Markdown document, or relative to thedocs_dir
. Any other extension can of course also make use of the new!relative
YAML tag.See documentation. Context: #2154, #3258
<script>
tags can specifytype="module"
and other attributesIn
extra_javascript
, if you use the.mjs
file extension or explicitly specify atype: module
key, the script will be added with thetype="module"
attribute.defer: true
andasync: true
keys are also available.See updated documentation for
extra_javascript
.At first this is only supported in built-in themes, other themes need to follow up, see below.
Context: #3237
Changes for theme developers (action required!)
Using the construct
{% for script in extra_javascript %}
is now fully obsolete because it cannot allow customizing the attributes of the<script>
tag. It will keep working but blocks some of MkDocs' features.Instead, you now need to use
config.extra_javascript
(which was already the case for a while) and couple it with the newscript_tag
filter:See documentation.
Upgrades for plugin developers
Breaking change:
config.extra_javascript
is no longer a plain list of strings, but instead a list ofExtraScriptValue
items. So you can no longer treat the list values as strings. If you want to keep compatibility with old versions, just always reference the items asstr(item)
instead. And you can still append plain strings to the list if you wish. See information about<script>
tags above. Context: #3237File
has a new attributeinclusion
. Its value is calculated from both theexclude_docs
andnot_in_nav
configs, and implements their behavior. Plugins can read this value or write to it. NewFile
instances by default follow whatever the configs say, but plugins can choose to make this decision explicitly, per file.When creating a
File
, one can now set adest_uri
directly, rather than having to update it (and other dependent attributes) after creation. ContextA new config option was added -
DictOfItems
. Similarly toListOfItems
, it validates a mapping of config options that all have the same type. Keys are arbitrary but always strings. Context: #3242A new function
get_plugin_logger
was added. In order to opt into a standardized way for plugins to log messages, please use the idiom:Context: #3245
SubConfig
config option can be conveniently subclassed with a particular type of config specified. For example,class ExtraScript(SubConfig[ExtraScriptValue]):
. To see how this is useful, search for this class in code. ContextBugfix:
SubConfig
had a bug where paths (fromFilesystemObject
options) were not made relative to the main config file as intended, becauseconfig_file_path
was not properly inherited to it. This is now fixed. Context: #3265Config
members now have a way to avoid clashing with Python's reserved words. This is achieved by stripping a trailing underscore from each member's name.Example of adding an
async
boolean option that can be set by the user asasync: true
and read programmatically asconfig.async_
:Previously making a config key with a reserved name was impossible with new-style schemas. Context
Theme
has its attributes properly declared and gained new attributestheme.locale
,theme.custom_dir
.Some type annotations were made more precise. For example:
context
parameter has gained the typeTemplateContext
(TypedDict
). ContextPage
,Section
,Link
now have a common base classStructureItem
. ContextConfig
and only acceptMkDocsConfig
as was originally intended. Contextconfig.mdx_configs
got a proper type. Context: #3229Theme updates
Built-in themes mostly stopped relying on
<script defer>
. This may affect some usages ofextra_javascript
, mainly remove the need for custom handling of "has the page fully loaded yet". Context: #3237"mkdocs" theme now has a styling for
>
blockquotes, previously they were not distinguished at all. Context: #3291"readthedocs" theme was updated to v1.2.0 according to upstream, with improved styles for
<kbd>
and breadcrumb navigation. Context: #3058Both built-in themes had their version of highlight.js updated to 11.8.0, and jQuery updated to 3.6.0.
Bug fixes
Relative paths in the nav can traverse above the root
Regression in 1.2 - relative paths in the nav could no longer traverse above the site's root and were truncated to the root. Although such traversal is discouraged and produces a warning, this was a documented behavior. The behavior is now restored.
Context: #2752, [#
Configuration
📅 Schedule: Branch creation - "before 2am on Friday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.