Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the python-packages group across 1 directory with 5 updates #419

Closed
wants to merge 1 commit into from
Closed

Bump the python-packages group across 1 directory with 5 updates #419

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 6, 2025
edited
Loading

Bumps the python-packages group with 5 updates in the / directory:

Package From To
cssselect2 0.7.0 0.8.0
jinja2 3.1.5 3.1.6
selenium 4.28.1 4.29.0
trio-websocket 0.12.1 0.12.2
weasyprint 64.0 64.1

Updates cssselect2 from 0.7.0 to 0.8.0

Release notes

Sourced from cssselect2's releases.

0.8.0

  • Drop support of Python 3.8 and 3.9, support 3.12 and 3.13
  • Handle case-sensitive and case-insensitive attribute selectors
Changelog

Sourced from cssselect2's changelog.

Changelog

Version 0.8.0 .............

Released on 2025-03-05.

  • Drop support of Python 3.8 and 3.9, support 3.12 and 3.13
  • Handle case-sensitive and case-insensitive attribute selectors

Version 0.7.0 .............

Released on 2022-09-19.

  • Support :has selector

Version 0.6.0 .............

Released on 2022-04-15.

This version deprecates the iter_ancestors and iter_previous_siblings methods, that will be removed in 0.7.0. Use the ancestors and previous_siblings properties instead.

  • Improve speed of ancestors and previous siblings

Version 0.5.0 .............

Released on 2022-02-27.

  • Support Python 3.10
  • Drop support of Python 3.6
  • Handle many CSS4 selectors
  • Ignore comments at the beginning of selectors

Version 0.4.1 .............

Released on 2020-10-29.

  • Fix PyPI description and various links.

... (truncated)

Commits
  • 774f276 Version 0.8.0
  • e173743 Add GitHub Action for releases
  • de25d57 Use Furo theme for documentation
  • a6d100e Drop support of Python 3.9, support 3.13
  • cb92103 Allow lines to be a bit longer
  • 9d60aed Remove useless sort key for selectors
  • d65a4e4 Drop support of Python 3.8, support 3.12
  • eec7802 Merge pull request #32 from Kozea/ruff
  • ce9d7c0 Use ruff instead of flake8 and isort
  • 102f50b Fix coding style
  • Additional commits viewable in compare view

Updates jinja2 from 3.1.5 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

  • The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7
Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

  • The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7
Commits

Updates selenium from 4.28.1 to 4.29.0

Release notes

Sourced from selenium's releases.

Selenium 4.29.0

Detailed Changelogs by Component

Java     |     Python     |     DotNet     |     Ruby     |     JavaScript     |     IEDriver

What's Changed

... (truncated)

Commits

Updates trio-websocket from 0.12.1 to 0.12.2

Changelog

Sourced from trio-websocket's changelog.

trio-websocket 0.12.2 (2025-02-24)

Fixed

  • fix incorrect port when using a wss:// URL without supplying an explicit SSL context
Commits

Updates weasyprint from 64.0 to 64.1

Release notes

Sourced from weasyprint's releases.

v64.1

Bug fixes

  • #2368: Fix ascent and descent font values
  • #2370: Avoid endless recursion for variables in nested functions
  • #2275: Use correct containing block to render waiting children
  • #2375: Ensure that we handle text-anchor only on text content elements
  • #2090: Only create font temporary folder when adding fonts
  • #2383: Fix grid-template-areas validation and allow uppercase identifiers for grid lines

Contributors

  • Guillaume Ayoub

Backers and sponsors

  • Spacinov
  • Kobalt
  • Grip Angebotssoftware
  • Syslifters
  • Simon Sapin
  • Manuel Barkhau
  • Simonsoft
  • Menutech
  • KontextWork
  • TrainingSparkle
  • Healthchecks.io
  • Hammerbacher
  • DocRaptor
  • Yanal-Yves Fargialla
  • Method B
  • FieldHub
  • Morntag
  • Xavid
  • Kai DeLorenzo
  • Charlie S.
Changelog

Sourced from weasyprint's changelog.

Version 64.1

Released on 2025-02-20.

Bug fixes:

  • [#2368](https://github.com/Kozea/WeasyPrint/issues/2368) <https://github.com/Kozea/WeasyPrint/issues/2368>_: Fix ascent and descent font values
  • [#2370](https://github.com/Kozea/WeasyPrint/issues/2370) <https://github.com/Kozea/WeasyPrint/issues/2370>_: Avoid endless recursion for variables in nested functions
  • [#2275](https://github.com/Kozea/WeasyPrint/issues/2275) <https://github.com/Kozea/WeasyPrint/issues/2275>_: Use correct containing block to render waiting children
  • [#2375](https://github.com/Kozea/WeasyPrint/issues/2375) <https://github.com/Kozea/WeasyPrint/issues/2375>_: Ensure that we handle text-anchor only on text content elements
  • [#2090](https://github.com/Kozea/WeasyPrint/issues/2090) <https://github.com/Kozea/WeasyPrint/issues/2090>_: Only create font temporary folder when adding fonts
  • [#2383](https://github.com/Kozea/WeasyPrint/issues/2383) <https://github.com/Kozea/WeasyPrint/issues/2383>_: Fix grid-template-areas validation and allow uppercase identifiers for grid lines

Contributors:

  • Guillaume Ayoub

Backers and sponsors:

  • Spacinov
  • Kobalt
  • Grip Angebotssoftware
  • Syslifters
  • Simon Sapin
  • Manuel Barkhau
  • Simonsoft
  • Menutech
  • KontextWork
  • TrainingSparkle
  • Healthchecks.io
  • Hammerbacher
  • DocRaptor
  • Yanal-Yves Fargialla
  • Method B
  • FieldHub
  • Morntag
  • Xavid
  • Kai DeLorenzo
  • Charlie S.
Commits
  • 9dc5ac4 Version 64.1
  • b2c6cba Allow uppercase identifiers for grid lines
  • 73a342e Fix grid-template-areas validation
  • 9d9e2d0 Only create font temporary folder when adding fonts
  • 00dda6a Ensure that we handle text-anchor only on text content elements
  • 9a8a71b Use correct containing block to render waiting children
  • caaa1a4 Avoid endless recursion for variables in nested functions
  • 44c97c1 Round and test ascent and descent
  • a3e676d Fix ascent and descent font values
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the python-packages group across 1 directory with 5 updates
b1daeeb 
Bumps the python-packages group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cssselect2](https://github.com/Kozea/cssselect2) | `0.7.0` | `0.8.0` |
| [jinja2](https://github.com/pallets/jinja) | `3.1.5` | `3.1.6` |
| [selenium](https://github.com/SeleniumHQ/Selenium) | `4.28.1` | `4.29.0` |
| [trio-websocket](https://github.com/python-trio/trio-websocket) | `0.12.1` | `0.12.2` |
| [weasyprint](https://github.com/Kozea/WeasyPrint) | `64.0` | `64.1` |



Updates `cssselect2` from 0.7.0 to 0.8.0
- [Release notes](https://github.com/Kozea/cssselect2/releases)
- [Changelog](https://github.com/Kozea/cssselect2/blob/main/docs/changelog.rst)
- [Commits](Kozea/cssselect2@0.7.0...0.8.0)

Updates `jinja2` from 3.1.5 to 3.1.6
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.5...3.1.6)

Updates `selenium` from 4.28.1 to 4.29.0
- [Release notes](https://github.com/SeleniumHQ/Selenium/releases)
- [Commits](https://github.com/SeleniumHQ/Selenium/commits/selenium-4.29.0)

Updates `trio-websocket` from 0.12.1 to 0.12.2
- [Changelog](https://github.com/python-trio/trio-websocket/blob/master/CHANGELOG.md)
- [Commits](python-trio/trio-websocket@0.12.1...0.12.2)

Updates `weasyprint` from 64.0 to 64.1
- [Release notes](https://github.com/Kozea/WeasyPrint/releases)
- [Changelog](https://github.com/Kozea/WeasyPrint/blob/main/docs/changelog.rst)
- [Commits](Kozea/WeasyPrint@v64.0...v64.1)

---
updated-dependencies:
- dependency-name: cssselect2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: jinja2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: selenium
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: trio-websocket
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: weasyprint
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 6, 2025
@netlify Netlify
Copy link

netlify bot commented Mar 6, 2025
edited
Loading

Deploy Preview for shyparty failed. Why did it fail? →

Name Link
🔨 Latest commit b1daeeb
🔍 Latest deploy log https://app.netlify.com/sites/shyparty/deploys/67c9d8f855307a0008deba3a

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 12, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 12, 2025
@dependabot dependabot bot deleted the dependabot/pip/python-packages-cc6d7ea97a branch March 12, 2025 17:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants