Bump the python-packages group across 1 directory with 7 updates

[dependabot]

Bumps the python-packages group with 7 updates in the / directory:

Package	From	To
attrs	25.1.0	25.2.0
cssselect2	0.7.0	0.8.0
jinja2	3.1.5	3.1.6
selenium	4.28.1	4.29.0
sqlalchemy	2.0.38	2.0.39
trio-websocket	0.12.1	0.12.2
weasyprint	64.0	64.1

Updates attrs from 25.1.0 to 25.2.0

Commits

• See full diff in compare view

Updates cssselect2 from 0.7.0 to 0.8.0

Release notes

Sourced from cssselect2's releases.

0.8.0

• Drop support of Python 3.8 and 3.9, support 3.12 and 3.13
• Handle case-sensitive and case-insensitive attribute selectors

Changelog

Sourced from cssselect2's changelog.

Changelog

Version 0.8.0 .............

Released on 2025-03-05.

• Drop support of Python 3.8 and 3.9, support 3.12 and 3.13
• Handle case-sensitive and case-insensitive attribute selectors

Version 0.7.0 .............

Released on 2022-09-19.

• Support :has selector

Version 0.6.0 .............

Released on 2022-04-15.

This version deprecates the iter_ancestors and iter_previous_siblings methods, that will be removed in 0.7.0. Use the ancestors and previous_siblings properties instead.

• Improve speed of ancestors and previous siblings

Version 0.5.0 .............

Released on 2022-02-27.

• Support Python 3.10
• Drop support of Python 3.6
• Handle many CSS4 selectors
• Ignore comments at the beginning of selectors

Version 0.4.1 .............

Released on 2020-10-29.

• Fix PyPI description and various links.

... (truncated)

Commits

• 774f276 Version 0.8.0
• e173743 Add GitHub Action for releases
• de25d57 Use Furo theme for documentation
• a6d100e Drop support of Python 3.9, support 3.13
• cb92103 Allow lines to be a bit longer
• 9d60aed Remove useless sort key for selectors
• d65a4e4 Drop support of Python 3.8, support 3.12
• eec7802 Merge pull request #32 from Kozea/ruff
• ce9d7c0 Use ruff instead of flake8 and isort
• 102f50b Fix coding style
• Additional commits viewable in compare view

Updates jinja2 from 3.1.5 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Commits

• 1520688 release version 3.1.6
• 90457bb Merge commit from fork
• 065334d attr filter uses env.getattr
• 033c200 start version 3.1.6
• bc68d4e use global contributing guide (#2070)
• 247de5e use global contributing guide
• ab8218c use project advisory link instead of global
• b4ffc8f release version 3.1.5 (#2066)
• See full diff in compare view

Updates selenium from 4.28.1 to 4.29.0

Release notes

Sourced from selenium's releases.

Selenium 4.29.0

Detailed Changelogs by Component

Java     |     Python     |     DotNet     |     Ruby     |     JavaScript     |     IEDriver

What's Changed

• [rb] Remove java date dependency by @​aguspe in SeleniumHQ/selenium#15122
• [Java] Add Locale.ROOT to avoid port formatting issues for all drivers by @​MustafaAgamy in SeleniumHQ/selenium#15121
• [rust] Bumping to 0.4.29-nightly by @​diemol in SeleniumHQ/selenium#15126
• [dotnet] Improve format of generated CDP types by @​RenderMichael in SeleniumHQ/selenium#15129
• [dotnet] [bidi] Add network SetCacheBehavior command by @​nvborisenko in SeleniumHQ/selenium#15133
• [grid] Grid UI could not open session live view by @​VietND96 in SeleniumHQ/selenium#15132
• [java][bidi]: implement bidi setCacheBehavior by @​navin772 in SeleniumHQ/selenium#15130
• [java] Enhance PageSize class to support for predefined and custom Paper Sizes by @​yvsvarma in SeleniumHQ/selenium#15052
• [py] Fix installing most of the data from source distributions by @​mgorny in SeleniumHQ/selenium#15128
• [bazel] Bump deps to avoid warnings when starting the bazel daemon by @​shs96c in SeleniumHQ/selenium#15137
• [bazel] Bump rules_python to 1.1.0 by @​shs96c in SeleniumHQ/selenium#15139
• [dotnet] Annotate nullability on devtools event args by @​RenderMichael in SeleniumHQ/selenium#15134
• [rb] Add Bidi Network Response Handler by @​aguspe in SeleniumHQ/selenium#14900
• [dotnet] Annotate nullability for DriverService and chromium/safari services by @​RenderMichael in SeleniumHQ/selenium#15101
• [dotnet] Add nullability to Command type by @​RenderMichael in SeleniumHQ/selenium#15147
• [dotnet] Annotate nullable reference types on input devices by @​RenderMichael in SeleniumHQ/selenium#14804
• [dotnet] Annotate nullability on SendingRemoteHttpRequestEventArgs by @​RenderMichael in SeleniumHQ/selenium#15148
• [dotnet] Address some build warnings by @​nvborisenko in SeleniumHQ/selenium#15157
• [dotnet] Enhance PrintOptions class to support for predefined and cus… by @​yvsvarma in SeleniumHQ/selenium#15144
• [py] Fix installing most of the data from source distributions by @​VietND96 in SeleniumHQ/selenium#15145
• Simplify user description issue template by @​nvborisenko in SeleniumHQ/selenium#15165
• Beatify readme header by @​nvborisenko in SeleniumHQ/selenium#15109
• Readme header license by @​nvborisenko in SeleniumHQ/selenium#15164
• [dotnet] Improve bidi exception when it is not enabled by @​nvborisenko in SeleniumHQ/selenium#15163
• [dotnet] Annotate nullability on DriverOptions by @​RenderMichael in SeleniumHQ/selenium#15167
• [py] disable strict time stamps in Firefox profile by @​Delta456 in SeleniumHQ/selenium#15141
• [dotnet] Annotate nullability on ChromiumOptions by @​RenderMichael in SeleniumHQ/selenium#15173
• [dotnet] Annotate nullability on interactions by @​RenderMichael in SeleniumHQ/selenium#15152
• [dotnet] [bidi] Use JsonSerializerContext to be AOT friendly by @​nvborisenko in SeleniumHQ/selenium#15162
• [java] Ensure purging dead nodes service interval is configurable by @​pujagani in SeleniumHQ/selenium#15175
• [bazel] Bump JS rulesets by @​shs96c in SeleniumHQ/selenium#15187
• [dotnet] Annotate nullability on chrome-based driver services by @​RenderMichael in SeleniumHQ/selenium#15154
• [java] Ensure Selenium logging options are respected if java logging … by @​pujagani in SeleniumHQ/selenium#15197
• [java] do not enable CDP deprecation warning if BiDi enabled by @​Delta456 in SeleniumHQ/selenium#15170
• [grid] Add feature to go directly to a VNC session by @​emilhem in SeleniumHQ/selenium#15179
• [dotnet] Simplify and modernize DevToolsDomains.InitializeDomains by @​RenderMichael in SeleniumHQ/selenium#15198

... (truncated)

Commits

• See full diff in compare view

Updates sqlalchemy from 2.0.38 to 2.0.39

Release notes

Sourced from sqlalchemy's releases.

2.0.39

Released: March 11, 2025

orm

• [orm] [bug] Fixed bug where using DML returning such as Insert.returning() with an ORM model that has _orm.column_property() constructs that contain subqueries would fail with an internal error.

  References: #12326

• [orm] [bug] Fixed bug in ORM enabled UPDATE (and theoretically DELETE) where using a multi-table DML statement would not allow ORM mapped columns from mappers other than the primary UPDATE mapper to be named in the RETURNING clause; they would be omitted instead and cause a column not found exception.

  References: #12328

• [orm] [bug] Fixed issue where the "is ORM" flag of a select() or other ORM statement would not be propagated to the ORM Session based on a multi-part operator expression alone, e.g. such as Cls.attr + Cls.attr + Cls.attr or similar, leading to ORM behaviors not taking place for such statements.

  References: #12357

• [orm] [bug] Fixed issue where using _orm.aliased() around a CTE construct could cause inappropriate "duplicate CTE" errors in cases where that aliased construct appeared multiple times in a single statement.

  References: #12364

sql

• [sql] [bug] Added new parameters AddConstraint.isolate_from_table and DropConstraint.isolate_from_table, defaulting to True, which both document and allow to be controllable the long-standing behavior of these two constructs blocking the given constraint from being included inline within the "CREATE TABLE" sequence, under the assumption that separate add/drop directives were to be used.

  References: #12382

typing

• [typing] [usecase] Support generic types for compound selects (_sql.union(),

... (truncated)

Commits

• See full diff in compare view

Updates trio-websocket from 0.12.1 to 0.12.2

Changelog

Sourced from trio-websocket's changelog.

trio-websocket 0.12.2 (2025-02-24)

Fixed

• fix incorrect port when using a wss:// URL without supplying an explicit SSL context

Commits

• 70bc8fb version 0.12.2
• 65400cb Use correct port for wss URLs when ssl_context is None (#197)
• ccd2c88 version 0.13.0-dev
• See full diff in compare view

Updates weasyprint from 64.0 to 64.1

Release notes

Sourced from weasyprint's releases.

v64.1

Bug fixes

• #2368: Fix ascent and descent font values
• #2370: Avoid endless recursion for variables in nested functions
• #2275: Use correct containing block to render waiting children
• #2375: Ensure that we handle text-anchor only on text content elements
• #2090: Only create font temporary folder when adding fonts
• #2383: Fix grid-template-areas validation and allow uppercase identifiers for grid lines

Contributors

• Guillaume Ayoub

Backers and sponsors

• Spacinov
• Kobalt
• Grip Angebotssoftware
• Syslifters
• Simon Sapin
• Manuel Barkhau
• Simonsoft
• Menutech
• KontextWork
• TrainingSparkle
• Healthchecks.io
• Hammerbacher
• DocRaptor
• Yanal-Yves Fargialla
• Method B
• FieldHub
• Morntag
• Xavid
• Kai DeLorenzo
• Charlie S.

Changelog

Sourced from weasyprint's changelog.

Version 64.1

Released on 2025-02-20.

Bug fixes:

• [#2368](https://github.com/Kozea/WeasyPrint/issues/2368) <https://github.com/Kozea/WeasyPrint/issues/2368>_: Fix ascent and descent font values
• [#2370](https://github.com/Kozea/WeasyPrint/issues/2370) <https://github.com/Kozea/WeasyPrint/issues/2370>_: Avoid endless recursion for variables in nested functions
• [#2275](https://github.com/Kozea/WeasyPrint/issues/2275) <https://github.com/Kozea/WeasyPrint/issues/2275>_: Use correct containing block to render waiting children
• [#2375](https://github.com/Kozea/WeasyPrint/issues/2375) <https://github.com/Kozea/WeasyPrint/issues/2375>_: Ensure that we handle text-anchor only on text content elements
• [#2090](https://github.com/Kozea/WeasyPrint/issues/2090) <https://github.com/Kozea/WeasyPrint/issues/2090>_: Only create font temporary folder when adding fonts
• [#2383](https://github.com/Kozea/WeasyPrint/issues/2383) <https://github.com/Kozea/WeasyPrint/issues/2383>_: Fix grid-template-areas validation and allow uppercase identifiers for grid lines

Contributors:

• Guillaume Ayoub

Backers and sponsors:

• Spacinov
• Kobalt
• Grip Angebotssoftware
• Syslifters
• Simon Sapin
• Manuel Barkhau
• Simonsoft
• Menutech
• KontextWork
• TrainingSparkle
• Healthchecks.io
• Hammerbacher
• DocRaptor
• Yanal-Yves Fargialla
• Method B
• FieldHub
• Morntag
• Xavid
• Kai DeLorenzo
• Charlie S.

Commits

• 9dc5ac4 Version 64.1
• b2c6cba Allow uppercase identifiers for grid lines
• 73a342e Fix grid-template-areas validation
• 9d9e2d0 Only create font temporary folder when adding fonts
• 00dda6a Ensure that we handle text-anchor only on text content elements
• 9a8a71b Use correct containing block to render waiting children
• caaa1a4 Avoid endless recursion for variables in nested functions
• 44c97c1 Round and test ascent and descent
• a3e676d Fix ascent and descent font values
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for shyparty ready!

Name	Link
🔨 Latest commit	90a4128
🔍 Latest deploy log	https://app.netlify.com/sites/shyparty/deploys/67d1c3a5734f06000813da59
😎 Deploy Preview	https://deploy-preview-420--shyparty.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.