Skip to content
This repository has been archived by the owner on Feb 22, 2023. It is now read-only.

Bump urllib3 from 1.26.4 to 1.26.5 in /ingestion_server #131

Merged
merged 1 commit into from
Jul 27, 2021
Merged

Bump urllib3 from 1.26.4 to 1.26.5 in /ingestion_server #131

merged 1 commit into from
Jul 27, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 6, 2021
edited
Loading

Bumps urllib3 from 1.26.4 to 1.26.5.

Release notes

Sourced from urllib3's releases.

1.26.5

⚠️ IMPORTANT: urllib3 v2.0 will drop support for Python 2: Read more in the v2.0 Roadmap

  • Fixed deprecation warnings emitted in Python 3.10.
  • Updated vendored six library to 1.16.0.
  • Improved performance of URL parser when splitting the authority component.

If you or your organization rely on urllib3 consider supporting us via GitHub Sponsors

Changelog

Sourced from urllib3's changelog.

1.26.5 (2021-05-26)

  • Fixed deprecation warnings emitted in Python 3.10.
  • Updated vendored six library to 1.16.0.
  • Improved performance of URL parser when splitting the authority component.
Commits
  • d161647 Release 1.26.5
  • 2d4a3fe Improve performance of sub-authority splitting in URL
  • 2698537 Update vendored six to 1.16.0
  • 07bed79 Fix deprecation warnings for Python 3.10 ssl module
  • d725a9b Add Python 3.10 to GitHub Actions
  • 339ad34 Use pytest==6.2.4 on Python 3.10+
  • f271c9c Apply latest Black formatting
  • 1884878 [1.26] Properly proxy EOF on the SSLTransport test suite
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot requested a review from a team as a code owner July 6, 2021 18:14
@dependabot dependabot bot requested review from krysal and dhruvkb July 6, 2021 18:14
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python labels Jul 6, 2021
krysal
krysal previously approved these changes Jul 6, 2021
View reviewed changes
@krysal krysal self-requested a review July 6, 2021 21:10
krysal
krysal reviewed Jul 6, 2021
View reviewed changes
Copy link
Member

@krysal krysal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noticed that actually, ingestions_server's tests are not running in gh actions, we have to check these thoughtfully.

@krysal krysal dismissed their stale review July 6, 2021 21:33

Need to check ingestion server tests

@dependabot dependabot bot force-pushed the dependabot/pip/ingestion_server/urllib3-1.26.5 branch from 7ddb0d3 to 8038aac Compare July 7, 2021 06:00
@krysal
Copy link
Member

krysal commented Jul 14, 2021

@dependabot rebase

@dependabot
Bump urllib3 from 1.26.4 to 1.26.5 in /ingestion_server
7e248dd 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.4 to 1.26.5.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.4...1.26.5)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/ingestion_server/urllib3-1.26.5 branch from 8038aac to 7e248dd Compare July 14, 2021 16:56
@krysal
Copy link
Member

krysal commented Jul 15, 2021

After rebasing, the integration tests of the Ingestion server continue to fail but it's not caused by this change. I'm inclined to merge this since it does not break the other tests, compatibility is high, and fixes a security vulnerability. Then handle tests fixing in a separate issue (#143).

@krysal krysal merged commit aa6c798 into main Jul 27, 2021
@krysal krysal deleted the dependabot/pip/ingestion_server/urllib3-1.26.5 branch July 27, 2021 15:43
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@krysal krysal krysal approved these changes

@zackkrida zackkrida zackkrida approved these changes

@dhruvkb dhruvkb Awaiting requested review from dhruvkb

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@krysal @zackkrida