Skip to content

fireapp-3.119.0-alpha.1870
Compare
Choose a tag to compare
@github-actions github-actions released this 24 Apr 05:33
v3.119.0-alpha.1870
858ac43
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode. 
Bump itsdangerous from 2.1.2 to 2.2.0 (#220)

Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 2.1.2
to 2.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/itsdangerous/releases">itsdangerous's
releases</a>.</em></p>
<blockquote>
<h2>2.2.0</h2>
<p>This is a feature release, which includes new features, removes
previously deprecated code, and adds new deprecations. The 2.2.x branch
is now the supported fix branch, the 2.1.x branch will become a tag
marking the end of support for that branch. We encourage everyone to
upgrade, and to use a tool such as <a
href="https://pypi.org/project/pip-tools/">pip-tools</a> to pin all
dependencies and control upgrades. Test with warnings treated as errors
to be able to adapt to deprecation warnings early.</p>
<p>Changes: <a
href="https://itsdangerous.palletsprojects.com/en/2.2.x/changes/#version-2-2-0">https://itsdangerous.palletsprojects.com/en/2.2.x/changes/#version-2-2-0</a>
Milestone: <a
href="https://github.com/pallets/itsdangerous/milestone/8?closed=1">https://github.com/pallets/itsdangerous/milestone/8?closed=1</a></p>
<ul>
<li>Drop support for Python 3.7.</li>
<li>Use modern packaging metadata with <code>pyproject.toml</code>
instead of <code>setup.cfg</code>.</li>
<li>Use <code>flit_core</code> instead of <code>setuptools</code> as
build backend.</li>
<li>Deprecate the <code>__version__</code> attribute. Use feature
detection, or
<code>importlib.metadata.version(&quot;itsdangerous&quot;)</code>,
instead.</li>
<li><code>Serializer</code> and the return type of <code>dumps</code> is
generic for type checking. By default it is <code>Serializer[str]</code>
and <code>dumps</code> returns a <code>str</code>. If a different
<code>serializer</code> argument is given, it will try to infer the
return type of its <code>dumps</code> method.</li>
<li>The default <code>hashlib.sha1</code> may not be available in FIPS
builds. Don't access it at import time so the developer has time to
change the default.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst">itsdangerous's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.2.0</h2>
<p>Released 2024-04-16</p>
<ul>
<li>Drop support for Python 3.7. :pr:<code>372</code></li>
<li>Use modern packaging metadata with <code>pyproject.toml</code>
instead of <code>setup.cfg</code>.
:pr:<code>326</code></li>
<li>Use <code>flit_core</code> instead of <code>setuptools</code> as
build backend.</li>
<li>Deprecate the <code>__version__</code> attribute. Use feature
detection, or
<code>importlib.metadata.version(&quot;itsdangerous&quot;)</code>,
instead. :issue:<code>371</code></li>
<li><code>Serializer</code> and the return type of <code>dumps</code> is
generic for type checking.
By default it is <code>Serializer[str]</code> and <code>dumps</code>
returns a <code>str</code>. If a
different <code>serializer</code> argument is given, it will try to
infer the return
type of its <code>dumps</code> method. :issue:<code>347</code></li>
<li>The default <code>hashlib.sha1</code> may not be available in FIPS
builds. Don't
access it at import time so the developer has time to change the
default.
:issue:<code>375</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/itsdangerous/commit/096c8d42545d3b68ea21a4f890fb2b2d8979c0bd"><code>096c8d4</code></a>
release version 2.2.0</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/7f4dcf83a07bb3d53f4e0e65ef1b43327b4cca90"><code>7f4dcf8</code></a>
access sha1 lazily</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/93ae366874bbd4f69d90495c45b2cd336387496c"><code>93ae366</code></a>
change entry for generic serializer</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/135eb234ed4a07520779ffb679407b7d27c8ffe6"><code>135eb23</code></a>
Generic serializer (<a
href="https://redirect.github.com/pallets/itsdangerous/issues/377">#377</a>)</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/999ce7af1f0502a224d33338e6ded8bc1e81cb2f"><code>999ce7a</code></a>
Improve generic typing further</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/52890d78bb6d92eac4d8d84f33f61be8bd803da7"><code>52890d7</code></a>
improve generic typing</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/385c0eb7501b121b1fddafe19c547073f5a458a0"><code>385c0eb</code></a>
type <code>Serializer</code> as generic (<a
href="https://redirect.github.com/pallets/itsdangerous/issues/374">#374</a>)</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/01001c63af4a1c58b65328b2aad3df75a6edc843"><code>01001c6</code></a>
type Serializer as generic</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/bc88e945d31c407e16c3f4e1c713c12dd598e58d"><code>bc88e94</code></a>
improve typing (<a
href="https://redirect.github.com/pallets/itsdangerous/issues/373">#373</a>)</li>
<li><a
href="https://github.com/pallets/itsdangerous/commit/69a3bca7582859bc8ce83ccc28b0cf33f7909388"><code>69a3bca</code></a>
improve typing</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/itsdangerous/compare/2.1.2...2.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=itsdangerous&package-manager=pip&previous-version=2.1.2&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Assets 3
Loading