chore: bump the python group across 2 directories with 17 updates

[dependabot]

Bumps the python group with 16 updates in the / directory:

Package	From	To
python-gitlab	4.5.0	4.12.2
kubernetes	30.1.0	31.0.0
gunicorn	22.0.0	23.0.0
pyyaml	6.0.1	6.0.2
urllib3	2.2.2	2.2.3
sentry-sdk	2.5.1	2.15.0
apispec-webframeworks	1.1.0	1.2.0
webargs	8.4.0	8.6.0
pyjwt	2.8.0	2.9.0
marshmallow	3.21.3	3.22.0
importlib-metadata	7.1.0	8.5.0
dataconf	3.2.0	3.3.0
cryptography	42.0.8	43.0.1
pytest	8.2.2	8.3.3
pre-commit	3.7.1	3.8.0
ruff	0.4.9	0.6.8

Bumps the python group with 8 updates in the /git_services directory:

Package	From	To
gunicorn	22.0.0	23.0.0
pyyaml	6.0.1	6.0.2
urllib3	1.26.19	1.26.20
sentry-sdk	2.5.1	2.15.0
marshmallow	3.21.3	3.22.0
importlib-metadata	7.1.0	8.5.0
ruff	0.4.9	0.6.8
renku	2.9.2	2.9.4

Updates python-gitlab from 4.5.0 to 4.12.2

Release notes

Sourced from python-gitlab's releases.

v4.12.2 (2024-10-01)

Fix

• fix: raise GitlabHeadError in project.files.head() method (#3006)

When an error occurs, raise GitlabHeadError in project.files.head() method.

Closes: #3004 (9bf26df)

v4.12.1 (2024-09-30)

Chore

• chore(deps): update all non-major dependencies (#3000)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@​users.noreply.github.com> (d3da326)

• chore(deps): update gitlab/gitlab-ee docker tag to v17.4.1-ee.0 (64eed5d)

Fix

• fix(ci): do not rely on GitLab.com runner arch variables (#3003) (c848d12)

• fix(files): correctly raise GitlabGetError in get method (190ec89)

v4.12.0 (2024-09-28)

Chore

• chore(deps): update all non-major dependencies (ae132e7)

• chore: update pylint to 3.3.1 and resolve issues (#2997)

pylint 3.3.1 appears to have added &#34;too-many-positional-arguments&#34; check with a value of 5.

I don&#39;t disagree with this, but we have many functions which exceed this value. We might think about converting some of positional arguments over to keyword arguments in the future. But that is for another time.

For now disable the check across the project. (a0729b8)

• chore(deps): update dependency types-setuptools to v75 (a2ab54c)

• chore(deps): update gitlab/gitlab-ee docker tag to v17.4.0-ee.0 (8601808)

• chore(deps): update all non-major dependencies (10ee58a)

... (truncated)

Changelog

Sourced from python-gitlab's changelog.

v4.12.2 (2024-10-01)

Fix

• fix: raise GitlabHeadError in project.files.head() method (#3006)

When an error occurs, raise GitlabHeadError in project.files.head() method.

Closes: #3004 (9bf26df)

v4.12.1 (2024-09-30)

Chore

• chore(deps): update all non-major dependencies (#3000)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@​users.noreply.github.com> (d3da326)

• chore(deps): update gitlab/gitlab-ee docker tag to v17.4.1-ee.0 (64eed5d)

Fix

• fix(ci): do not rely on GitLab.com runner arch variables (#3003) (c848d12)

• fix(files): correctly raise GitlabGetError in get method (190ec89)

v4.12.0 (2024-09-28)

Chore

• chore(deps): update all non-major dependencies (ae132e7)

• chore: update pylint to 3.3.1 and resolve issues (#2997)

pylint 3.3.1 appears to have added &#34;too-many-positional-arguments&#34; check with a value of 5.

I don&#39;t disagree with this, but we have many functions which exceed this value. We might think about converting some of positional arguments over to keyword arguments in the future. But that is for another time.

For now disable the check across the project. (a0729b8)

• chore(deps): update dependency types-setuptools to v75 (a2ab54c)

• chore(deps): update gitlab/gitlab-ee docker tag to v17.4.0-ee.0 (8601808)

• chore(deps): update all non-major dependencies (10ee58a)

... (truncated)

Commits

• 0ceebd0 chore: release v4.12.2
• 9bf26df fix: raise GitlabHeadError in project.files.head() method (#3006)
• 2ab0b9f chore: release v4.12.1
• c848d12 fix(ci): do not rely on GitLab.com runner arch variables (#3003)
• d3da326 chore(deps): update all non-major dependencies (#3000)
• 190ec89 fix(files): correctly raise GitlabGetError in get method
• 64eed5d chore(deps): update gitlab/gitlab-ee docker tag to v17.4.1-ee.0
• 27dbbe7 chore: release v4.12.0
• 29f617d feat(build): build multi-arch images (#2987)
• ae132e7 chore(deps): update all non-major dependencies
• Additional commits viewable in compare view

Updates kubernetes from 30.1.0 to 31.0.0

Release notes

Sourced from kubernetes's releases.

Kubernetes Python Client v31.0.0 Stable Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v31.0.0.zip
cd client-python-v31.0.0
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-31.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-31.0/CHANGELOG.md

Kubernetes Python Client v31.0.0 Beta 1 Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v31.0.0b1.zip
cd client-python-v31.0.0b1
python setup.py install

Then follow examples in https://github.com/kubernetes-client/python/tree/release-31.0/examples

Changelog: https://github.com/kubernetes-client/python/blob/release-31.0/CHANGELOG.md

Kubernetes Python Client v31.0.0 Alpha 1 Release

Getting started:

pip install --pre --upgrade kubernetes

Or from source, download attached zip file, then

unzip client-python-v31.0.0a1.zip
cd client-python-v31.0.0a1
</tr></table> 

... (truncated)

Changelog

Sourced from kubernetes's changelog.

v31.0.0

Kubernetes API Version: v1.31.0

v31.0.0b1

Kubernetes API Version: v1.31.0

v31.0.0a1

Kubernetes API Version: v1.31.0

API Change

• 'ACTION REQUIRED: The Dynamic Resource Allocation (DRA) driver's DaemonSet must be deployed with a service account that enables writing ResourceSlice and reading ResourceClaim objects.' (kubernetes/kubernetes#125163, @​pohly) [SIG Auth, Node and Testing]
• Add UserNamespaces field to NodeRuntimeHandlerFeatures (kubernetes/kubernetes#126034, @​sohankunkerkar) [SIG API Machinery, Apps and Node]
• Added Coordinated Leader Election as Alpha under the CoordinatedLeaderElection feature gate. With the feature enabled, the control plane can use LeaseCandidate objects (coordination.k8s.io/v1alpha1 API group) to participate in a leader election and let the kube-apiserver select the best instance according to some strategy. (kubernetes/kubernetes#124012, @​Jefftree) [SIG API Machinery, Apps, Auth, Cloud Provider, Etcd, Node, Release, Scheduling and Testing]
• Added a .status.features.supplementalGroupsPolicy field to Nodes. The field is true when the feature is implemented in the CRI implementation (KEP-3619). (kubernetes/kubernetes#125470, @​everpeace) [SIG API Machinery, Apps, Node and Testing]
• Added an allocatedResourcesStatus to each container status to indicate the health status of devices exposed by the device plugin. (kubernetes/kubernetes#126243, @​SergeyKanzhelev) [SIG API Machinery, Apps, Node and Testing]
• Added support to the kube-proxy nodePortAddresses / --nodeport-addresses option to accept the value "primary", meaning to only listen for NodePort connections on the node's primary IPv4 and/or IPv6 address (according to the Node object). This is strongly recommended, if you were not previously using --nodeport-addresses, to avoid surprising behavior. (This behavior is enabled by default with the nftables backend; you would need to explicitly request --nodeport-addresses 0.0.0.0/0,::/0 there to get the traditional "listen on all interfaces" behavior.) (kubernetes/kubernetes#123105, @​danwinship) [SIG API Machinery, Network and Windows]
• Added the feature gates StrictCostEnforcementForVAP and StrictCostEnforcementForWebhooks to enforce the strict cost calculation for CEL extended libraries. It is strongly recommended to turn on the feature gates as early as possible. (kubernetes/kubernetes#124675, @​cici37) [SIG API Machinery, Auth, Node and Testing]
• Changed how the API server handles updates to .spec.defaultBackend of Ingress objects. Server-side apply now considers .spec.defaultBackend to be an atomic struct. This means that any field-owner who sets values in that struct (they are mutually exclusive) owns the whole struct. For almost all users this change has no impact; for controllers that want to change the default backend port from number to name (or vice-versa), this makes it easier. (kubernetes/kubernetes#126207, @​thockin) [SIG API Machinery]
• Component-base/logs: when compiled with Go >= 1.21, component-base will automatically configure the slog default logger together with initializing klog. (kubernetes/kubernetes#120696, @​pohly) [SIG API Machinery, Architecture, Auth, CLI, Cloud Provider, Cluster Lifecycle, Instrumentation, Network, Storage and Testing]
• CustomResourceDefinition objects created with non-empty caBundle fields which are invalid or do not contain any certificates will not appear in discovery or serve endpoints until a valid caBundle is provided. Updates to CustomResourceDefinition are no longer allowed to transition a valid caBundle field to an invalid caBundle field, because this breaks serving of the existing CustomResourceDefinition. (kubernetes/kubernetes#124061, @​Jefftree) [SIG API Machinery]
• Dynamic Resource Allocation (DRA): Added a feature so the number of ResourceClaim objects can be limited per namespace and by the number of devices requested through a specific class via the v1.ResourceQuota mechanism. (kubernetes/kubernetes#120611, @​pohly) [SIG API Machinery, Apps, Auth, CLI, Etcd, Node, Release, Scheduling and Testing]
• Dynamic Resource Allocation (DRA): client-side validation of a ResourceHandle would have accepted a missing DriverName, whereas server-side validation then would have raised an error. (kubernetes/kubernetes#124075, @​pohly)
• Dynamic Resource Allocation (DRA): in the pod.spec.recourceClaims array, the source indirection is no longer necessary. Instead of e.g. source: resourceClaimTemplateName: my-template, one can write resourceClaimTemplateName: my-template. (kubernetes/kubernetes#125116, @​pohly) [SIG API Machinery, Apps, Auth, Node, Scheduling and Testing]
• Enhanced the Dynamic Resource Allocation (DRA) with an updated version of the resource.k8s.io API group. The primary user-facing type remains the ResourceClaim, however significant changes have been made, resulting in the new version, v1alpha3, which is not compatible with the previous version. (kubernetes/kubernetes#125488, @​pohly) [SIG API Machinery, Apps, Auth, CLI, Cluster Lifecycle, Etcd, Node, Release, Scheduling, Storage and Testing]
• Fixed a 1.30.0 regression in OpenAPI descriptions of the imagePullSecrets and hostAliases fields to mark the fields used as keys in those lists as either defaulted or required. (kubernetes/kubernetes#124553, @​pmalek)
• Fixed a 1.30.0 regression in openapi descriptions of PodIP.IP and HostIP.IP fields to mark the fields used as keys in those lists as required. (kubernetes/kubernetes#126057, @​thockin)
• Fixed a bug in the API server where empty collections of ValidatingAdmissionPolicies did not have an items field. (kubernetes/kubernetes#124568, @​xyz-li) [SIG API Machinery]
• Fixed a deep copy issue when retrieving the controller reference. (kubernetes/kubernetes#124116, @​HiranmoyChowdhury) [SIG API Machinery and Release]
• Fixed code-generator client-gen to work with api/v1-like package structure. (kubernetes/kubernetes#125162, @​sttts) [SIG API Machinery and Apps]
• Fixed incorrect "v1 Binding is deprecated in v1.6+" warning in kube-scheduler log. (kubernetes/kubernetes#125540, @​pohly) [SIG API Machinery]
• Fixed the comment for the Job's managedBy field. (kubernetes/kubernetes#124793, @​mimowo) [SIG API Machinery and Apps]
• Fixed the documentation for the default value of the procMount entry in securityContext within a Pod. The documentation was previously using the name of the internal variable DefaultProcMount, rather than the actual value, "Default". (kubernetes/kubernetes#125782, @​aborrero) [SIG Apps and Node]
• Graduate PodDisruptionConditions to GA and lock (kubernetes/kubernetes#125461, @​mimowo) [SIG Apps, Node, Scheduling and Testing]

... (truncated)

Commits

• bc8c691 Merge pull request #2281 from yliaog/automated-release-of-31.0.0-upstream-rel...
• dbdba2b Fixed CHANGELOG, the API version should be 1.31.0, the release tooling
• 365dbaf Update the compatibility matrix and maintenance status
• 77a9bd0 generated client change
• a15ecb1 update changelog
• 173931a update version constants for 31.0.0 release
• d8ee677 Merge pull request #2277 from yliaog/automated-release-of-31.0.0b1-upstream-r...
• 7abc423 updated compatibility matrix and maintenance status
• 2be6881 generated client change
• e49c89a update changelog
• Additional commits viewable in compare view

Updates gunicorn from 22.0.0 to 23.0.0

Release notes

Sourced from gunicorn's releases.

23.0.0

Gunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and which improve safety

You're invited to upgrade asap your own installation.

23.0.0 - 2024-08-10

• minor docs fixes (:pr:3217, :pr:3089, :pr:3167)
• worker_class parameter accepts a class (:pr:3079)
• fix deadlock if request terminated during chunked parsing (:pr:2688)
• permit receiving Transfer-Encodings: compress, deflate, gzip (:pr:3261)
• permit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:3261)
• sdist generation now explicitly excludes sphinx build folder (:pr:3257)
• decode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising TypeError (:pr:2336)
• raise correct Exception when encounting invalid chunked requests (:pr:3258)
• the SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:3192)
• include IPv6 loopback address [::1] in default for :ref:forwarded-allow-ips and :ref:proxy-allow-ips (:pr:3192)

** NOTE **

• The SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release
• Review your :ref:forwarded-allow-ips setting if you are still not seeing the SCRIPT_NAME transmitted
• Review your :ref:forwarder-headers setting if you are missing headers after upgrading from a version prior to 22.0.0

** Breaking changes **

• refuse requests where the uri field is empty (:pr:3255)
• refuse requests with invalid CR/LR/NUL in heade field values (:pr:3253)
• remove temporary --tolerate-dangerous-framing switch from 22.0 (:pr:3260)
• If any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies.

Fix CVE-2024-1135

Commits

• 411986d fix doc
• 334392e Merge pull request #2559 from laggardkernel/bugfix/reexec-env
• e75c353 Merge pull request #3189 from pajod/patch-py36
• 9357b28 keep document user in access_log_format setting
• 79fdef0 bump to 23.0.0
• 3acd9fb Merge pull request #2620 from talkerbox/improve-access-log-format-docs
• 3f56d76 Merge pull request #3192 from pajod/patch-allowed-script-name
• 256d474 docs: revert duped directive
• ffa48b5 test: default change was intentional
• 52538ca docs: recommend SCRIPT_NAME=/subfolder
• Additional commits viewable in compare view

Updates pyyaml from 6.0.1 to 6.0.2

Release notes

Sourced from pyyaml's releases.

6.0.2

What's Changed

• Support for Cython 3.x and Python 3.13.

Full Changelog: yaml/pyyaml@6.0.1...6.0.2

6.0.2rc1

• Support for extension build with Cython 3.x
• Support for Python 3.13
• Added PyPI wheels for musllinux on aarch64

Changelog

Sourced from pyyaml's changelog.

6.0.2 (2024-08-06)

• yaml/pyyaml#808 -- Support for Cython 3.x and Python 3.13

Commits

• 41309b0 Release 6.0.2 (#819)
• dd9f0e1 6.0.2rc1 (#809)
• f5527a2 disable CI trigger on PR edits
• b4d80a7 Python 3.12 + musllinux_1_1_x86_64 wheel support
• See full diff in compare view

Updates urllib3 from 2.2.2 to 2.2.3

Release notes

Sourced from urllib3's releases.

2.2.3

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Features

• Added support for Python 3.13. (#3473)

Bugfixes

• Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1. All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. (#3053)
• Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting python/cpython#103472. (`#3252)
• Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI (#3413)
• Fixed a crash where certain standard library hash functions were absent in restricted environments. (#3432)
• Fixed mypy error when adding to HTTPConnection.default_socket_options. (#3448)

HTTP/2 (experimental)

HTTP/2 support is still in early development.

• Excluded Transfer-Encoding: chunked from HTTP/2 request body (#3425)
• Added version checking for h2 (https://pypi.org/project/h2/) usage. Now only accepting supported h2 major version 4.x.x. (#3290)
• Added a probing mechanism for determining whether a given target origin supports HTTP/2 via ALPN. (#3301)
• Add support for sending a request body with HTTP/2 (#3302)

Full Changelog: urllib3/urllib3@2.2.2...2.2.3

Changelog

Sourced from urllib3's changelog.

2.2.3 (2024-09-12)

Features

• Added support for Python 3.13. ([#3473](https://github.com/urllib3/urllib3/issues/3473) <https://github.com/urllib3/urllib3/issues/3473>__)

Bugfixes

• Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1. All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. ([#3053](https://github.com/urllib3/urllib3/issues/3053) <https://github.com/urllib3/urllib3/issues/3053>__)
• Fixed ResourceWarning on CONNECT with Python `__)
• Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI ([#3413](https://github.com/urllib3/urllib3/issues/3413) <https://github.com/urllib3/urllib3/issues/3413>__)
• Fixed a crash where certain standard library hash functions were absent in restricted environments. ([#3432](https://github.com/urllib3/urllib3/issues/3432) <https://github.com/urllib3/urllib3/issues/3432>__)
• Fixed mypy error when adding to HTTPConnection.default_socket_options. ([#3448](https://github.com/urllib3/urllib3/issues/3448) <https://github.com/urllib3/urllib3/issues/3448>__)

HTTP/2 (experimental)

HTTP/2 support is still in early development.

• Excluded Transfer-Encoding: chunked from HTTP/2 request body ([#3425](https://github.com/urllib3/urllib3/issues/3425) <https://github.com/urllib3/urllib3/issues/3425>__)

• Added version checking for h2 (https://pypi.org/project/h2/) usage.

  Now only accepting supported h2 major version 4.x.x. ([#3290](https://github.com/urllib3/urllib3/issues/3290) <https://github.com/urllib3/urllib3/issues/3290>__)

• Added a probing mechanism for determining whether a given target origin supports HTTP/2 via ALPN. ([#3301](https://github.com/urllib3/urllib3/issues/3301) <https://github.com/urllib3/urllib3/issues/3301>__)

• Add support for sending a request body with HTTP/2 ([#3302](https://github.com/urllib3/urllib3/issues/3302) <https://github.com/urllib3/urllib3/issues/3302>__)

Deprecations and Removals

• Note for downstream distributors: the _version.py file has been removed and is now created at build time by hatch-vcs. ([#3412](https://github.com/urllib3/urllib3/issues/3412) <https://github.com/urllib3/urllib3/issues/3412>__)
• Drop support for end-of-life PyPy3.8 and PyPy3.9. ([#3475](https://github.com/urllib3/urllib3/issues/3475) <https://github.com/urllib3/urllib3/issues/3475>__)

Commits

• 2458bfc Release 2.2.3
• 9b25db6 Only attempt to publish for upstream
• b9adeef Drop support for EOL PyPy3.8 and PyPy3.9
• b1d4649 Add explicit support for Python 3.13
• cc42860 Bump cryptography from 42.0.4 to 43.0.1 (#3470)
• 3dae2e9 Bump pypa/gh-action-pypi-publish from 1.9.0 to 1.10.1 (#3469)
• 1e94feb Revert "Add TLS settings for HTTP/2 (#3456)" (#3466)
• aa73abc Bump actions/setup-python from 5.1.0 to 5.2.0 (#3468)
• abbfbcb Add 1.26.20 to changelog and make the publish workflow the same (#3464)
• d480615 Add TLS settings for HTTP/2 (#3456)
• Additional commits viewable in compare view

Updates sentry-sdk from 2.5.1 to 2.15.0

Release notes

Sourced from sentry-sdk's releases.

2.15.0

Integrations

• Configure HTTP methods to capture in ASGI/WSGI middleware and frameworks (#3531) by @​antonpirker

  We've added a new option to the Django, Flask, Starlette and FastAPI integrations called http_methods_to_capture. This is a configurable tuple of HTTP method verbs that should create a transaction in Sentry. The default is ("CONNECT", "DELETE", "GET", "PATCH", "POST", "PUT", "TRACE",). OPTIONS and HEAD are not included by default.

  Here's how to use it (substitute Flask for your framework integration):

  sentry_sdk.init(
      integrations=[
        FlaskIntegration(
            http_methods_to_capture=("GET", "POST"),
        ),
    ],
  )

• Django: Allow ASGI to use drf_request in DjangoRequestExtractor (#3572) by @​PakawiNz

• Django: Don't let RawPostDataException bubble up (#3553) by @​sentrivana

• Django: Add sync_capable to SentryWrappingMiddleware (#3510) by @​szokeasaurusrex

• AIOHTTP: Add failed_request_status_codes (#3551) by @​szokeasaurusrex

  You can now define a set of integers that will determine which status codes should be reported to Sentry.

  sentry_sdk.init(
      integrations=[
          AioHttpIntegration(
              failed_request_status_codes={403, *range(500, 600)},
          )
      ]
  )

  Examples of valid failed_request_status_codes:

  • {500} will only send events on HTTP 500.
  • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
  • {500, 503} will send events on HTTP 500 and 503.
  • set() (the empty set) will not send events for any HTTP status code.

  The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

• AIOHTTP: Delete test which depends on AIOHTTP behavior (#3568) by @​szokeasaurusrex

• AIOHTTP: Handle invalid responses (#3554) by @​szokeasaurusrex

• FastAPI/Starlette: Support new failed_request_status_codes (#3563) by @​szokeasaurusrex

  The format of failed_request_status_codes has changed from a list

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.15.0

Integrations

• Configure HTTP methods to capture in ASGI/WSGI middleware and frameworks (#3531) by @​antonpirker

  We've added a new option to the Django, Flask, Starlette and FastAPI integrations called http_methods_to_capture. This is a configurable tuple of HTTP method verbs that should create a transaction in Sentry. The default is ("CONNECT", "DELETE", "GET", "PATCH", "POST", "PUT", "TRACE",). OPTIONS and HEAD are not included by default.

  Here's how to use it (substitute Flask for your framework integration):

  sentry_sdk.init(
      integrations=[
        FlaskIntegration(
            http_methods_to_capture=("GET", "POST"),
        ),
    ],
  )

• Django: Allow ASGI to use drf_request in DjangoRequestExtractor (#3572) by @​PakawiNz

• Django: Don't let RawPostDataException bubble up (#3553) by @​sentrivana

• Django: Add sync_capable to SentryWrappingMiddleware (#3510) by @​szokeasaurusrex

• AIOHTTP: Add failed_request_status_codes (#3551) by @​szokeasaurusrex

  You can now define a set of integers that will determine which status codes should be reported to Sentry.

  sentry_sdk.init(
      integrations=[
          AioHttpIntegration(
              failed_request_status_codes={403, *range(500, 600)},
          )
      ]
  )

  Examples of valid failed_request_status_codes:

  • {500} will only send events on HTTP 500.
  • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
  • {500, 503} will send events on HTTP 500 and 503.
  • set() (the empty set) will not send events for any HTTP status code.

  The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

• AIOHTTP: Delete test which depends on AIOHTTP behavior (#3568) by @​szokeasaurusrex

• AIOHTTP: Handle invalid responses (#3554) by @​szokeasaurusrex

• FastAPI/Starlette: Support new failed_request_status_codes (#3563) by @​szokeasaurusrex

... (truncated)

Commits

• 65909ed Update CHANGELOG.md
• 97b6d9f Fix changelog
• 5de346c Refactor changelog
• 7bee75f release: 2.15.0
• 1c64ff7 Configure HTTP methods to capture in WSGI middleware and frameworks (#3531)
• a3ab1ea XFail one of the Lambda tests (#3592)
• 05411ff allowing ASGI to use drf_request in DjangoRequestExtractor (#3572)
• 4636afc fix(tracing): Fix add_query_source with modules outside of project root (#3...
• aed18d4 build(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#3585)
• 205591e Test more integrations on 3.13 (#3578)
• Additional commits viewable in compare view

Updates apispec-webframeworks from 1.1.0 to 1.2.0

Changelog

Sourced from apispec-webframeworks's changelog.

1.2.0 (2024-09-16) ++++++++++++++++++

Features:

• TornadoPlugin: Ensure consistent ordering for HTTP path keys (:pr:159). Thanks :user:bhperry for the PR.

Commits

• ebf43f1 Bump version and update changelog
• e26e463 Consistent ordering for HTTP path keys (#159)
• abcb590 [pre-commit.ci] pre-commit autoupdate
• 377fe6b [pre-commit.ci] pre-commit autoupdate (#157)
• bda9880 [pre-commit.ci] pre-commit autoupdate (#156)
• b5940fa [pre-commit.ci] pre-commit autoupdate
• 6c7f164 [pre-commit.ci] pre-commit autoupdate (#154)
• 7326a3f [pre-commit.ci] pre-commit autoupdate (#153)
• 9da3882 [pre-commit.ci] pre-commit autoupdate
• 1db8ed9 [pre-commit.ci] pre-commit autoupdate (#151)
• Additional commits viewable in compare view

Updates webargs from 8.4.0 to 8.6.0

Changelog

Sourced from webargs's changelog.

8.6.0 (2024-09-11)

---

Bug fixes:

• Fix the handling of invalid JSON bodies in the bottle parser to support bottle versions >=0.13.

Other changes:

• MultiDictProxy now inherits from MutableMapping rather than Mapping.

8.5.0 (2024-04-25)

---

Other changes:

• Test against Python 3.12.

• Async location loading now supports loader functions which are not themselves async, but which return an awaitable result. This means that users who are already handling awaitable objects can return them from non-async loaders and expect webargs to await them. This allows some async interactions with supported frameworks, where the webargs-provided parser returns a framework object and the framework can be set to return awaitables, e.g., the Falcon parser. Thanks :user:j0k2r for the PR! (:pr:935)

Commits

• 841100d Bump version and update changelog
• 9e7ec13 Merge pull request #974 from sirosen/update-for-bottle
• 716723b Fix for invalid JSON handling on latest 'bottle'
• 75839eb Bump webtest from 3.0.0 to 3.0.1 (#971)
• 95b41eb [pre-commit.ci] pre-commit autoupdate
• dcab6e4 Consolidate pre-commit.ci settings (#970)
• e967ed4 Reduce pre-commit.ci updates to monthly (#968)
• 13c74bc [pre-commit.ci] pre-commit autoupdate
• 2b7ade2 Merge pull request #966 from marshmallow-code/pre-commit-ci-update-config
• 1db4841 [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates pyjwt from 2.8.0 to 2.9.0

Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#905
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#909
• Add support for Python 3.12 by @​hugovk in jpadilla/pyjwt#910
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#911
• Fix an unnecessary str concat by @​sirosen in jpadilla/pyjwt#904
• Update jwt-api to accept either a string or list of strings for issuer validation by @​mattpollak in jpadilla/pyjwt#913
• Bump actions/checkout from 3 to 4 by @​dependabot in jpadilla/pyjwt#916
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#917
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#922
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#926
• Bump actions/setup-python from 4 to 5 by @​dependabot in jpadilla/pyjwt#931
• Bump hynek/build-and-inspect-python-package from 1 to 2 by @​dependabot in jpadilla/pyjwt#935
• docs/api: document strict_aud on decode_complete by @​woodruffw in jpadilla/pyjwt#923
• chore: fix docs step by @​jpadilla in jpadilla/pyjwt#950
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#953
• Add coverage and improve performance of is_ssh_key by @​bdraco in jpadilla/pyjwt#940
• Decode with PyJWK by @​luhn in jpadilla/pyjwt#886
• Remove an unused variable from an example code block by @​kenkoooo in jpadilla/pyjwt#958
• Handle load_pem_public_key ValueError by @​CollinEMac in jpadilla/pyjwt#952
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#960
• Raise exception when required cryptography dependency is missing by @​tobloef in jpadilla/pyjwt#963
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#965
• Add 2.9.0 changelog. Fixes #949 by @​benvdh in jpadilla/pyjwt#967

New Contributors

• @​mattpollak made their first contribution in jpadilla/pyjwt#913
• @​bdraco made their first contribution in jpadilla/pyjwt#940
• @​luhn made their first contribution in jpadilla/pyjwt#886
• @​kenkoooo made their first contribution in jpadilla/pyjwt#958
• @​CollinEMac made their first contribution in