Scheduled weekly dependency update for week 29 #196
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
bors r+ |
bors-fusion bot
added a commit
that referenced
this pull request
Jul 23, 2018
196: Scheduled weekly dependency update for week 29 r=mithrandi a=pyup-bot ### Update [cryptography](https://pypi.org/project/cryptography) from **2.2.2** to **2.3**. <details> <summary>Changelog</summary> ### 2.3 ``` ~~~~~~~~~~~~~~~~ * **SECURITY ISSUE:** :meth:`~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag` allowed tag truncation by default which can allow tag forgery in some cases. The method now enforces the ``min_tag_length`` provided to the :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` constructor. * Added support for Python 3.7. * Added :meth:`~cryptography.fernet.Fernet.extract_timestamp` to get the authenticated timestamp of a :doc:`Fernet </fernet>` token. * Support for Python 2.7.x without ``hmac.compare_digest`` has been deprecated. We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next ``cryptography`` release. * Fixed multiple issues preventing ``cryptography`` from compiling against LibreSSL 2.7.x. * Added :class:`~cryptography.x509.CertificateRevocationList.get_revoked_certificate_by_serial_number` for quick serial number searches in CRLs. * The :class:`~cryptography.x509.RelativeDistinguishedName` class now preserves the order of attributes. Duplicate attributes now raise an error instead of silently discarding duplicates. * :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap` and :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` now raise :class:`~cryptography.hazmat.primitives.keywrap.InvalidUnwrap` if the wrapped key is an invalid length, instead of ``ValueError``. .. _v2-2-2: ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/cryptography - Changelog: https://pyup.io/changelogs/cryptography/ - Repo: https://github.com/pyca/cryptography </details> ### Update [twisted[tls,conch]](https://pypi.org/project/twisted) from **18.4.0** to **18.7.0**. <details> <summary>Changelog</summary> ### 18.7.0 ``` =========================== Features -------- - Cancelling a Deferred returned by twisted.internet.defer.inlineCallbacks now cancels the Deferred it is waiting on. (4632) - twisted.application.internet.ClientService now accepts a function to initialize or validate a connection before it is returned by the whenConnected method as the prepareConnection argument. (8375) - Traceback generated for twisted.internet.defer.inlineCallbacks now includes the full stack of inlineCallbacks generators between catcher and raiser (before it only contained raiser's stack). (9176) - Add optional cwd argument to twisted.runner.procmon.ProcMon.addProcess (9287) - twisted.python.failure.Failure tracebacks generated by coroutines scheduled with twisted.internet.defer.ensureDeferred - i.e. any Deferred-awaiting coroutine - now contain fewer extraneous frames from the trampoline implementation, and correctly indicate the source of exceptions raised in other call stacks - i.e. the function that raised the exception. In other words: if you 'await' a function that raises an exception, you'll be able to see where the error came from. (9459) Bugfixes -------- - On UNIX-like platforms, Twisted attempts to recover from EMFILE when accepting connections on TCP and UNIX ports by shedding incoming clients. (5368) - The documentation of IReactorTime.getDelayedCalls() has been corrected to indicate that the method returns a list, not a tuple. (9418) - "python -m twisted web --help" now refers to "--listen" instead of the non-existing "--http" (9434) - twisted.python.htmlizer.TokenPrinter now explicitly works on bytestrings. (9442) - twisted.enterprise.adbapi.ConnectionPool.runWithConnection and runInteraction now use the reactor that is passed to ConnectionPool's constructor. (9467) Improved Documentation ---------------------- - The Twisted Coding Standard now contains examples of how to mark up a feature as added in the next Twisted release. (9460) Deprecations and Removals ------------------------- - Deprecate direct introspection of ProcMon's processes: processes should not be directly accessed or pickled. (9287) - twisted.internet.address.IPv4Address._bwHack and twisted.internet.address.UNIXAddress._bwHack, as well as the parameters to the constructors, deprecated since Twisted 11.0, have been removed. (9450) Misc ---- - 7495, 9399, 9406, 9411, 9425, 9439, 9449, 9450, 9452 Conch ----- Features ~~~~~~~~ - twisted.conch.ssh.transport.SSHTransportBase now includes Twisted's version in the software version string it sends to the server, allowing servers to apply compatibility workarounds for bugs in particular client versions. (9424) Bugfixes ~~~~~~~~ - If the command run by twisted.conch.endpoints.SSHCommandClientEndpoint exits because of a delivered signal, the client protocol's connectionLost is now called with a ProcessTerminated exception instead of a ConnectionDone exception. (9412) - twisted.conch.ssh.transport.SSHTransportBase now correctly handles MSG_DEBUG with a false alwaysDisplay field on Python 2 (broken since 8.0.0). (9422) - twisted.conch.manhole.lastColorizedLine now does not throw a UnicodeDecodeError on non-ASCII input. (9442) Web --- Features ~~~~~~~~ - Added support for SameSite cookies in ``http.Request.addCookie``. (9387) Bugfixes ~~~~~~~~ - twisted.web.server.GzipEncoderFactory would sometimes fail to gzip requests if the Accept-Encoding header contained whitespace between the comma-separated acceptable encodings. It now trims whitespace before checking if gzip is an acceptable encoding. (9086) - twisted.web.static.File renders directory listings on Python 2, including those with text paths. (9438) - twisted.python.http.Request now correcly parses multipart bodies on Python 3.7. (9448) - twisted.web.http.combinedLogFormatter (used by t.w.http.Server and t.w.server.Site) no longer produces DeprecationWarning about Request.getClientIP. (9470) Misc ~~~~ - 9432, 9466, 9479, 9480 Mail ---- No significant changes. Words ----- No significant changes. Names ----- Misc ~~~~ - 9398 ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/twisted - Changelog: https://pyup.io/changelogs/twisted/ - Homepage: http://twistedmatrix.com/ - Bugtracker: https://twistedmatrix.com/trac/ </details> Co-authored-by: pyup-bot <[email protected]>
Codecov Report
@@ Coverage Diff @@
## master #196 +/- ##
======================================
Coverage 93.8% 93.8%
======================================
Files 13 13
Lines 1066 1066
Branches 66 66
======================================
Hits 1000 1000
Misses 53 53
Partials 13 13Continue to review full report at Codecov.
|
Build succeeded |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update cryptography from 2.2.2 to 2.3.
Changelog
2.3
Links
Update twisted[tls,conch] from 18.4.0 to 18.7.0.
Changelog
18.7.0
Links
This change is