Bump the pip-minor-patch group across 1 directory with 17 updates

[dependabot]

Bumps the pip-minor-patch group with 17 updates in the / directory:

Package	From	To
uvicorn	0.29.0	0.30.5
aiohttp	3.9.5	3.10.1
sentry-sdk	2.0.1	2.12.0
alembic	1.13.1	1.13.2
pyjwt	2.8.0	2.9.0
icalendar	5.0.12	5.0.13
aiosmtplib	3.0.1	3.0.2
email-validator	2.1.1	2.2.0
jinja2	3.1.3	3.1.4
redis	5.0.4	5.0.8
flake8	7.0.0	7.1.1
black	24.4.2	24.8.0
mypy	1.10.0	1.11.1
pytest	8.2.0	8.3.2
coverage	7.5.0	7.6.1
pytest-asyncio	0.23.6	0.23.8
ruff	0.4.2	0.5.6

Updates uvicorn from 0.29.0 to 0.30.5

Release notes

Sourced from uvicorn's releases.

Version 0.30.5

Fixed

• Don't close connection before receiving body on H11 (#2408)

---

Full Changelog: encode/uvicorn@0.30.4...0.30.5

Version 0.30.4

Fixed

• Close connection when h11 sets client state to MUST_CLOSE #2375

---

Full Changelog: encode/uvicorn@0.30.3...0.30.4

Version 0.30.3

Fixed

• Suppress KeyboardInterrupt from CLI and programmatic usage (#2384)
• ClientDisconnect inherits from OSError instead of IOError (#2393)

---

Full Changelog: encode/uvicorn@0.30.2...0.30.3

Version 0.30.2

Added

• Add reason support to websocket.disconnect event (#2324)

Fixed

• Iterate subprocesses in-place on the process manager (#2373)

---

Full Changelog: encode/uvicorn@0.30.1...0.30.2

Version 0.30.1

Fixed

• Allow horizontal tabs \t in response header values (#2345)

---

Full Changelog: encode/uvicorn@0.30.0...0.30.1

... (truncated)

Changelog

Sourced from uvicorn's changelog.

0.30.5 (2024-08-02)

Fixed

• Don't close connection before receiving body on H11 (#2408)

0.30.4 (2024-07-31)

Fixed

• Close connection when h11 sets client state to MUST_CLOSE (#2375)

0.30.3 (2024-07-20)

Fixed

• Suppress KeyboardInterrupt from CLI and programmatic usage (#2384)
• ClientDisconnect inherits from OSError instead of IOError (#2393)

0.30.2 (2024-07-20)

Added

• Add reason support to websocket.disconnect event (#2324)

Fixed

• Iterate subprocesses in-place on the process manager (#2373)

0.30.1 (2024-06-02)

Fixed

• Allow horizontal tabs \t in response header values (#2345)

0.30.0 (2024-05-28)

Added

• New multiprocess manager (#2183)
• Allow ConfigParser or a io.IO[Any] on log_config (#1976)

Fixed

• Suppress side-effects of signal propagation (#2317)
• Send content-length header on 5xx (#2304)

Deprecated

• Deprecate the uvicorn.workers module (#2302)

Commits

• ff54b02 Version 0.30.5 (#2409)
• 2f25107 Fix 0.30.4 issue with connection close header (#2408)
• 8efa41c Version 0.30.4 (#2403)
• b492349 Add pragma: full coverage to Process.is_alive (#2402)
• ce999aa close request connection if h11 sets client state as MUST_CLOSE (#2375)
• d277c25 Add Marcelo Trylesinski as maintainer (#2398)
• 5bf788f Version 0.30.3 (#2395)
• 8f4c8a7 Add 100% clean coverage (#2394)
• 9baded3 Bump the python-packages group with 9 updates (#2376)
• 9279825 ClientDisconnect inherits from OSError instead of IOError (#2393)
• Additional commits viewable in compare view

Updates aiohttp from 3.9.5 to 3.10.1

Release notes

Sourced from aiohttp's releases.

3.10.1

Bug fixes

• Fixed WebSocket server heartbeat timeout logic to terminate :py:meth:~aiohttp.ClientWebSocketResponse.receive and return :py:class:~aiohttp.ServerTimeoutError -- by :user:arcivanov.

  When a WebSocket pong message was not received, the :py:meth:~aiohttp.ClientWebSocketResponse.receive operation did not terminate. This change causes _pong_not_received to feed the reader an error message, causing pending :py:meth:~aiohttp.ClientWebSocketResponse.receive to terminate and return the error message. The error message contains the exception :py:class:~aiohttp.ServerTimeoutError.

  Related issues and pull requests on GitHub: #8540.

• Fixed url dispatcher index not matching when a variable is preceded by a fixed string after a slash -- by :user:bdraco.

  Related issues and pull requests on GitHub: #8566.

Removals and backward incompatible breaking changes

• Creating :py:class:aiohttp.TCPConnector, :py:class:aiohttp.ClientSession, :py:class:~aiohttp.resolver.ThreadedResolver :py:class:aiohttp.web.Server, or :py:class:aiohttp.CookieJar instances without a running event loop now raises a :exc:RuntimeError -- by :user:asvetlov.

  Creating these objects without a running event loop was deprecated in #3372 which was released in version 3.5.0.

  This change first appeared in version 3.10.0 as #6378.

  Related issues and pull requests on GitHub: #8555, #8583.

---

3.10.0

Bug fixes

• Fixed server response headers for Content-Type and Content-Encoding for static compressed files -- by :user:steverep.

  Server will now respond with a Content-Type appropriate for the compressed file (e.g. "application/gzip"), and omit the Content-Encoding header.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.1 (2024-08-03)

Bug fixes

• Fixed WebSocket server heartbeat timeout logic to terminate :py:meth:~aiohttp.ClientWebSocketResponse.receive and return :py:class:~aiohttp.ServerTimeoutError -- by :user:arcivanov.

  When a WebSocket pong message was not received, the :py:meth:~aiohttp.ClientWebSocketResponse.receive operation did not terminate. This change causes _pong_not_received to feed the reader an error message, causing pending :py:meth:~aiohttp.ClientWebSocketResponse.receive to terminate and return the error message. The error message contains the exception :py:class:~aiohttp.ServerTimeoutError.

  Related issues and pull requests on GitHub: :issue:8540.

• Fixed url dispatcher index not matching when a variable is preceded by a fixed string after a slash -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:8566.

Removals and backward incompatible breaking changes

• Creating :py:class:aiohttp.TCPConnector, :py:class:aiohttp.ClientSession, :py:class:~aiohttp.resolver.ThreadedResolver :py:class:aiohttp.web.Server, or :py:class:aiohttp.CookieJar instances without a running event loop now raises a :exc:RuntimeError -- by :user:asvetlov.

  Creating these objects without a running event loop was deprecated in :issue:3372 which was released in version 3.5.0.

  This change first appeared in version 3.10.0 as :issue:6378.

  Related issues and pull requests on GitHub: :issue:8555, :issue:8583.

---

3.10.0 (2024-07-30)

Bug fixes

... (truncated)

Commits

• f1e4213 Release 3.10.1 (attempt 2) (#8598)
• 0810219 Release 3.10.1 (#8587)
• f287ccc [PR #8583/f185dd19 backport][3.10] Add additional clarification for creating ...
• 9ed3841 Bump aiohappyeyeballs from 2.3.2 to 2.3.4 (#8569)
• f19d920 [PR #8566/f3a1afc5 backport][3.10] Fix url dispatcher index when variable is ...
• 6dff116 [PR #8558/e48acaf7 backport][3.10] Add followup changelog message for #5278 (...
• 0e6bbbc [PR #8546/a561fa99 backport][3.10] Fix WebSocket server heartbeat timeout log...
• bf5a66f Bump version number to 3.10.1.dev0 (#8554)
• 7f29851 Release 3.10.0 (attempt 2) (#8552)
• fc201e8 Release 3.10.0 (#8550)
• Additional commits viewable in compare view

Updates sentry-sdk from 2.0.1 to 2.12.0

Release notes

Sourced from sentry-sdk's releases.

2.12.0

Various fixes & improvements

• API: Expose the scope getters to top level API and use them everywhere (#3357) by @​sl0thentr0py
• API: push_scope deprecation warning (#3355) (#3355) by @​szokeasaurusrex
• API: Replace push_scope (#3353, #3354) by @​szokeasaurusrex
• API: Deprecate, avoid, or stop using configure_scope (#3348, #3349, #3350, #3351) by @​szokeasaurusrex
• OTel: Remove experimental autoinstrumentation (#3239) by @​sentrivana
• Graphene: Add span for grapqhl operation (#2788) by @​czyber
• AI: Add async support for ai_track decorator (#3376) by @​czyber
• CI: Workaround bug preventing Django test runs (#3371) by @​szokeasaurusrex
• CI: Remove Django setuptools pin (#3378) by @​szokeasaurusrex
• Tests: Test with Django 5.1 RC (#3370) by @​sentrivana
• Broaden add_attachment type (#3342) by @​szokeasaurusrex
• Add span data to the transactions trace context (#3374) by @​antonpirker
• Gracefully fail attachment path not found case (#3337) by @​sl0thentr0py
• Document attachment parameters (#3342) by @​szokeasaurusrex
• Bump checkouts/data-schemas from 0feb234 to 6d2c435 (#3369) by @​dependabot
• Bump checkouts/data-schemas from 88273a9 to 0feb234 (#3252) by @​dependabot

2.11.0

Various fixes & improvements

• Add disabled_integrations (#3328) by @​sentrivana

  Disabling individual integrations is now much easier. Instead of disabling all automatically enabled integrations and specifying the ones you want to keep, you can now use the new disabled_integrations config option to provide a list of integrations to disable:

  import sentry_sdk
  from sentry_sdk.integrations.flask import FlaskIntegration
  sentry_sdk.init(
  # Do not use the Flask integration even if Flask is installed.
  disabled_integrations=[
  FlaskIntegration(),
  ],
  )

• Use operation name as transaction name in Strawberry (#3294) by @​sentrivana

• WSGI integrations respect SCRIPT_NAME env variable (#2622) by @​sarvaSanjay

• Make Django DB spans have origin auto.db.django (#3319) by @​antonpirker

• Sort breadcrumbs by time before sending (#3307) by @​antonpirker

• Fix KeyError('sentry-monitor-start-timestamp-s') (#3278) by @​Mohsen-Khodabakhshi

• Set MongoDB tags directly on span data (#3290) by @​0Calories

• Lower logger level for some messages (#3305) by @​sentrivana and @​antonpirker

• Emit deprecation warnings from Hub API (#3280) by @​szokeasaurusrex

• Clarify that instrumenter is internal-only (#3299) by @​szokeasaurusrex

• Support Django 5.1 (#3207) by @​sentrivana

• Remove apparently unnecessary if (#3298) by @​szokeasaurusrex

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.12.0

Various fixes & improvements

• API: Expose the scope getters to top level API and use them everywhere (#3357) by @​sl0thentr0py
• API: push_scope deprecation warning (#3355) (#3355) by @​szokeasaurusrex
• API: Replace push_scope (#3353, #3354) by @​szokeasaurusrex
• API: Deprecate, avoid, or stop using configure_scope (#3348, #3349, #3350, #3351) by @​szokeasaurusrex
• OTel: Remove experimental autoinstrumentation (#3239) by @​sentrivana
• Graphene: Add span for grapqhl operation (#2788) by @​czyber
• AI: Add async support for ai_track decorator (#3376) by @​czyber
• CI: Workaround bug preventing Django test runs (#3371) by @​szokeasaurusrex
• CI: Remove Django setuptools pin (#3378) by @​szokeasaurusrex
• Tests: Test with Django 5.1 RC (#3370) by @​sentrivana
• Broaden add_attachment type (#3342) by @​szokeasaurusrex
• Add span data to the transactions trace context (#3374) by @​antonpirker
• Gracefully fail attachment path not found case (#3337) by @​sl0thentr0py
• Document attachment parameters (#3342) by @​szokeasaurusrex
• Bump checkouts/data-schemas from 0feb234 to 6d2c435 (#3369) by @​dependabot
• Bump checkouts/data-schemas from 88273a9 to 0feb234 (#3252) by @​dependabot

2.11.0

Various fixes & improvements

• Add disabled_integrations (#3328) by @​sentrivana

  Disabling individual integrations is now much easier. Instead of disabling all automatically enabled integrations and specifying the ones you want to keep, you can now use the new disabled_integrations config option to provide a list of integrations to disable:

  import sentry_sdk
  from sentry_sdk.integrations.flask import FlaskIntegration
  sentry_sdk.init(
  # Do not use the Flask integration even if Flask is installed.
  disabled_integrations=[
  FlaskIntegration(),
  ],
  )

• Use operation name as transaction name in Strawberry (#3294) by @​sentrivana

• WSGI integrations respect SCRIPT_NAME env variable (#2622) by @​sarvaSanjay

• Make Django DB spans have origin auto.db.django (#3319) by @​antonpirker

• Sort breadcrumbs by time before sending (#3307) by @​antonpirker

• Fix KeyError('sentry-monitor-start-timestamp-s') (#3278) by @​Mohsen-Khodabakhshi

... (truncated)

Commits

• 441c0f7 Updated changelog
• ab3eb1f release: 2.12.0
• f8e5d2f Add span data to the transactions trace context (#3374)
• 0f3e5db ci: Remove Django setuptools pin
• b658e4b feat(integrations): Add async support for ai_track decorator
• fc5db4f ref(otel): Remove experimental autoinstrumentation (#3239)
• 6bb2081 build(deps): bump checkouts/data-schemas from 0feb234 to 6d2c435 (#3369)
• 2ce6677 tests: Test with Django 5.1 RC (#3370)
• bd293e5 Expose the scope getters to top level API and use them everywhere (#3357)
• c9765cd ci: Workaround bug preventing Django test runs (#3371)
• Additional commits viewable in compare view

Updates alembic from 1.13.1 to 1.13.2

Release notes

Sourced from alembic's releases.

1.13.2

Released: June 26, 2024

usecase

• [usecase] [autogenerate] Improve computed column compare function to support multi-line expressions. Pull request courtesy of Georg Wicke-Arndt.

  References: #1391

bug

• [bug] [commands] Fixed bug in alembic command stdout where long messages were not properly wrapping at the terminal width. Pull request courtesy Saif Hakim.

  References: #1384

• [bug] [execution] Fixed internal issue where Alembic would call connection.execute() sending an empty tuple to indicate "no params". In SQLAlchemy 2.1 this case will be deprecated as "empty sequence" is ambiguous as to its intent.

  References: #1394

• [bug] [tests] Fixes to support pytest 8.1 for the test suite.

  References: #1435

• [bug] [autogenerate] [postgresql] Fixed the detection of serial column in autogenerate with tables not under default schema on PostgreSQL

  References: #1479

Commits

• See full diff in compare view

Updates pyjwt from 2.8.0 to 2.9.0

Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#905
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#909
• Add support for Python 3.12 by @​hugovk in jpadilla/pyjwt#910
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#911
• Fix an unnecessary str concat by @​sirosen in jpadilla/pyjwt#904
• Update jwt-api to accept either a string or list of strings for issuer validation by @​mattpollak in jpadilla/pyjwt#913
• Bump actions/checkout from 3 to 4 by @​dependabot in jpadilla/pyjwt#916
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#917
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#922
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#926
• Bump actions/setup-python from 4 to 5 by @​dependabot in jpadilla/pyjwt#931
• Bump hynek/build-and-inspect-python-package from 1 to 2 by @​dependabot in jpadilla/pyjwt#935
• docs/api: document strict_aud on decode_complete by @​woodruffw in jpadilla/pyjwt#923
• chore: fix docs step by @​jpadilla in jpadilla/pyjwt#950
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#953
• Add coverage and improve performance of is_ssh_key by @​bdraco in jpadilla/pyjwt#940
• Decode with PyJWK by @​luhn in jpadilla/pyjwt#886
• Remove an unused variable from an example code block by @​kenkoooo in jpadilla/pyjwt#958
• Handle load_pem_public_key ValueError by @​CollinEMac in jpadilla/pyjwt#952
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#960
• Raise exception when required cryptography dependency is missing by @​tobloef in jpadilla/pyjwt#963
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#965
• Add 2.9.0 changelog. Fixes #949 by @​benvdh in jpadilla/pyjwt#967

New Contributors

• @​mattpollak made their first contribution in jpadilla/pyjwt#913
• @​bdraco made their first contribution in jpadilla/pyjwt#940
• @​luhn made their first contribution in jpadilla/pyjwt#886
• @​kenkoooo made their first contribution in jpadilla/pyjwt#958
• @​CollinEMac made their first contribution in jpadilla/pyjwt#952
• @​tobloef made their first contribution in jpadilla/pyjwt#963
• @​benvdh made their first contribution in jpadilla/pyjwt#967

Full Changelog: jpadilla/pyjwt@2.8.0...2.9.0

Changelog

Sourced from pyjwt's changelog.

v2.9.0 <https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0>__

Changed

- Drop support for Python 3.7 (EOL) by @hugovk in `[#910](https://github.com/jpadilla/pyjwt/issues/910) <https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by @mattpollak in `[#913](https://github.com/jpadilla/pyjwt/issues/913) <https://github.com/jpadilla/pyjwt/pull/913>`__
Fixed

- Fix unnecessary string concatenation by @sirosen in `[#904](https://github.com/jpadilla/pyjwt/issues/904) &lt;https://github.com/jpadilla/pyjwt/pull/904&gt;`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option by @woodruffw in `[#923](https://github.com/jpadilla/pyjwt/issues/923) &lt;https://github.com/jpadilla/pyjwt/pull/923&gt;`__
- Fix docs step by @jpadilla in `[#950](https://github.com/jpadilla/pyjwt/issues/950) &lt;https://github.com/jpadilla/pyjwt/pull/950&gt;`__
- Fix: Remove an unused variable from example code block by @kenkoooo in `[#958](https://github.com/jpadilla/pyjwt/issues/958) &lt;https://github.com/jpadilla/pyjwt/pull/958&gt;`__
Added



Add support for Python 3.12 by @​hugovk in [#910](https://github.com/jpadilla/pyjwt/issues/910) &lt;https://github.com/jpadilla/pyjwt/pull/910&gt;__
Improve performance of is_ssh_key + add unit test by @​bdraco in [#940](https://github.com/jpadilla/pyjwt/issues/940) &lt;https://github.com/jpadilla/pyjwt/pull/940&gt;__
Allow jwt.decode() to accept a PyJWK object by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
Make algorithm_name attribute available on PyJWK by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
Raise InvalidKeyError on invalid PEM keys to be compatible with cryptography 42.x.x by @​CollinEMac in [#952](https://github.com/jpadilla/pyjwt/issues/952) &lt;https://github.com/jpadilla/pyjwt/pull/952&gt;__
Raise an exception when required cryptography dependency is missing by @​tobloef in &lt;https://github.com/jpadilla/pyjwt/pull/963&gt;__

Commits

• 868cf4a Add 2.9.0 changelog. Fixes #949 (#967)
• 304a3df [pre-commit.ci] pre-commit autoupdate (#965)
• 527fec2 Raise exception when required cryptography dependency is missing (#963)
• 18a50be [pre-commit.ci] pre-commit autoupdate (#960)
• 4703f87 Handle load_pem_public_key ValueError (#952)
• 9dc732f Update usage.rst (#958)
• ab8176a Decode with PyJWK (#886)
• c0a071d chore: update actions/download-artifact
• 2afbe32 Add coverage and improve performance of is_ssh_key (#940)
• 97345a7 [pre-commit.ci] pre-commit autoupdate (#953)
• Additional commits viewable in compare view

Updates icalendar from 5.0.12 to 5.0.13

Changelog

Sourced from icalendar's changelog.

5.0.13 (2024-06-20)

Minor changes:

• Guide to delete the build folder before running tests
• Add funding information
• Make documentation build with Python 3.12
• Update windows to olson conversion for Greenland Standard Time
• Extend examples in Usage with alarm and recurrence
• Document how to serve the built documentation to view with the browser
• Improve test coverage

New features:

• Create GitHub releases for each tag.

Bug fixes:

• Parse calendars with X-COMMENT properties at the end the file by ignoring these properites

Commits

• f97722e Merge pull request #632 from niccokunzmann/release
• 39b0494 version 5.0.13
• e7ec88d Merge pull request #622 from niccokunzmann/docs-error
• 4484608 Merge pull request #621 from niccokunzmann/docs-py-12
• 9862fd1 Merge pull request #628 from raffifu/test/unit_prop
• d3e432d add test case for unit prop
• 3a54fe7 Merge pull request #625 from niccokunzmann/docs-http-server
• f9dad10 log changes
• 95ccf64 Document how to access the documentation in the browser
• 4b5cb00 Guide to delete the build folder before testing
• Additional commits viewable in compare view

Updates aiosmtplib from 3.0.1 to 3.0.2

Release notes

Sourced from aiosmtplib's releases.

v3.0.2

• Bugfix: Type of "send" is partially unknown with pyright
• Bugfix: Fix asyncio deadlock trying to reconnect after error (thanks @​Voldemat)
• Change: Switched from Poetry to build/hatch/twine for packaging.

Full Changelog: cole/aiosmtplib@v3.0.1...v3.0.2

Changelog

Sourced from aiosmtplib's changelog.

3.0.2

• Bugfix: Type of "send" is partially unknown with pyright
• Bugfix: Fix asyncio deadlock trying to reconnect after error (thanks @​Voldemat)
• Change: Switched from Poetry to build/hatch/twine for packaging.

Commits

• edc9f99 chore: 3.0.2 release
• b4b3164 ci: add pyright check
• 9d7bb35 fix: unknown socket path type
• 97b35f9 [pre-commit.ci] pre-commit autoupdate
• 1e9bdff Revert "fix: unknown socket path type"
• cfac3de fix: unknown socket path type
• ec371fb docs: fix module linking on sphinx 7.2+
• 80d444f [pre-commit.ci] pre-commit autoupdate
• ae56ef2 [pre-commit.ci] pre-commit autoupdate
• 1bb9556 [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates email-validator from 2.1.1 to 2.2.0

Release notes

Sourced from email-validator's releases.

2.2.0 (June 20, 2024)

• Email addresses with internationalized local parts could, with rare Unicode characters, be returned as valid but actually be invalid in their normalized form (returned in the normalized field). Local parts now re-validated after Unicode NFC normalization to ensure that invalid characters cannot be injected into the normalized address and that characters with length-increasing NFC normalizations cannot cause a local part to exceed the maximum length after normalization.
• The length check for email addresses with internationalized local parts is now also applied to the original address string prior to Unicode NFC normalization, which may be longer and could exceed the maximum email address length, to protect callers who do not use the returned normalized address.
• Improved error message for IDNA domains that are too long or have invalid characters after Unicode normalization.
• A new option to parse My Name <address@domain> strings, i.e. a display name plus an email address in angle brackets, is now available. It is off by default.
• Improvements to Python typing.
• Some additional tests added.

v2.1.2

2.1.2 (June 16, 2024)

• The domain name length limit is corrected from 255 to 253 IDNA ASCII characters. I misread the RFCs.
• When a domain name has no MX record but does have an A or AAAA record, if none of the IP addresses in the response are globally reachable (i.e. not Private-Use, Loopback, etc.), the response is treated as if there was no A/AAAA response and the email address will fail the deliverability check.
• When a domain name has no MX record but does have an A or AAAA record, the mx field in the object returned by validate_email incorrectly held the IP addresses rather than the domain itself.
• Fixes in tests.

Changelog

Sourced from email-validator's changelog.

2.2.0 (June 20, 2024)

• Email addresses with internationalized local parts could, with rare Unicode characters, be returned as valid but actually be invalid in their normalized form (returned in the normalized field). In particular, it is possible to get a normalized address with a ";" character, which is not valid and could change the interpretation of the address. Local parts now re-validated after Unicode NFC normalization to ensure that invalid characters cannot be injected into the normalized address and that characters with length-increasing NFC normalizations cannot cause a local part to exceed the maximum length after normalization. Thanks to khanh@calif.io from https://calif.io for reporting the issue.
• The length check for email addresses with internationalized local parts is now also applied to the original address string prior to Unicode NFC normalization, which may be longer and could exceed the maximum email address length, to protect callers who do not use the returned normalized address.
• Improved error message for IDNA domains that are too long or have invalid characters after Unicode normalization.
• A new option to parse My Name <address@domain> strings, i.e. a display name plus an email address in angle brackets, is now available. It is off by default.
• Improvements to Python typing.
• Some additional tests added.

2.1.2 (June 16, 2024)

• The domain name length limit is corrected from 255 to 253 IDNA ASCII characters. I misread the RFCs.
• When a domain name has no MX record but does have an A or AAAA record, if none of the IP addresses in the response are globally reachable (i.e. not Private-Use, Loopback, etc.), the response is treated as if there was no A/AAAA response and the email address will fail the deliverability check.
• When a domain name has no MX record but does have an A or AAAA record, the mx field in the object returned by validate_email incorrectly held the IP addresses rather than the domain itself.
• Fixes in tests.

Commits

• 6589b1e Version 2.2.0
• 8051347 Improve the error message for invalid characters in domain names after Unicod...
• 7f1f281 Check domain syntax after normalization to internationalized characters as a ...
• c23c0d6 Improve the error message for IDNA domains being too long by handling the len...
• 452e0ca Add tests for domain label length
• f8709e8 Check that email address length is valid on the original email address string...
• 9ef1f82 Check that the local part is valid after Unicode NFC normalization to prevent...
• 1fb55d4 Add a test that shows that the local part is returned with Unicode NFC normal...
• 3426885 Several fixes for parsing display names
• 0b22c13 Merge point release branch for version 2.1.2
• Additional commits viewable in compare view

Updates jinja2 from 3.1.3 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Commits

• dd4a8b5 release version 3.1.4
• 0668239 Merge pull request from GHSA-h75v-3vvj-5mfj
• d655030 disallow invalid characters in keys to xmlattr filter
• a7863ba add ghsa links
• b5c98e7 start version 3.1.4
• da3a9f0 update project files (#1968)
• 0ee5eb4 satisfy formatter, linter, and strict mypy
• 20477c6 update project files (#5457)
• e491223 update pyyaml dev dependency
• 36f9885 fix pr link
• Additional commits viewable in compare view

Updates redis from 5.0.4 to 5.0.8

Release notes

Sourced from redis's releases.

5.0.8

Changes

• Resolve some docs warnings (#3322)
• Add missing type hints for retry.py (#3250)

🔥 Breaking Changes

• Timeseries insertion filters for close samples (#3228)

🚀 New Features

• Hash field expiration commands (Description has been truncated

[dependabot]

Superseded by #196.