chore(deps): bump the dependencies group across 1 directory with 17 updates

[dependabot]

Bumps the dependencies group with 17 updates in the / directory:

Package	From	To
aiohttp	3.9.5	3.10.8
anyio	4.4.0	4.6.0
attrs	23.2.0	24.2.0
certifi	2024.6.2	2024.8.30
cffi	1.16.0	1.17.1
cryptography	42.0.8	43.0.1
exceptiongroup	1.2.1	1.2.2
httpx	0.27.0	0.27.2
idna	3.7	3.10
multidict	6.0.5	6.1.0
pyjwt	2.8.0	2.9.0
pyyaml	6.0.1	6.0.2
regex	2024.5.15	2024.9.11
sentry-sdk	2.7.1	2.14.0
urllib3	2.2.2	2.2.3
wikitextparser	0.56.0	0.56.2
yarl	1.9.4	1.13.1

Updates aiohttp from 3.9.5 to 3.10.8

Release notes

Sourced from aiohttp's releases.

3.10.8

Bug fixes

• Fixed cancellation leaking upwards on timeout -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9326.

---

3.10.7

Bug fixes

• Fixed assembling the :class:~yarl.URL for web requests when the host contains a non-default port or IPv6 address -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9309.

Miscellaneous internal changes

• Improved performance of determining if a URL is absolute -- by :user:bdraco.

  The property :attr:~yarl.URL.absolute is more performant than the method URL.is_absolute() and preferred when newer versions of yarl are used.

  Related issues and pull requests on GitHub: #9171.

• Replaced code that can now be handled by yarl -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9301.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.8 (2024-09-28)

Bug fixes

• Fixed cancellation leaking upwards on timeout -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9326.

---

3.10.7 (2024-09-27)

Bug fixes

• Fixed assembling the :class:~yarl.URL for web requests when the host contains a non-default port or IPv6 address -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9309.

Miscellaneous internal changes

• Improved performance of determining if a URL is absolute -- by :user:bdraco.

  The property :attr:~yarl.URL.absolute is more performant than the method URL.is_absolute() and preferred when newer versions of yarl are used.

  Related issues and pull requests on GitHub: :issue:9171.

• Replaced code that can now be handled by yarl -- by :user:bdraco.

  Related issues and pull requests on GitHub:

... (truncated)

Commits

• 8a7ce94 Release 3.10.8 (#9330)
• a308f74 [PR #9326/fe26ae2 backport][3.10] Fix TimerContext not uncancelling the curre...
• 52e0b91 Fix custom cookies example (#9321) (#9324)
• 609c6e3 Increment version to 3.10.8.dev0
• f9a9e85 Release 3.10.7 (#9320)
• 8220ced [PR #9309/e4028333 backport][3.10] Fix building the URL in BaseRequest when t...
• d32d580 [PR #9301/c240b52 backport][3.10] Replace code that can now be handled by yar...
• fd5ece6 Bump yarl to 1.13.0 (#9302) (#9304)
• d6d2bcc [PR #9294/552dea53 backport][3.10] Backport type fix from #9226 (#9299)
• e6bcfbe [PR #9171/0462ae6b backport][3.10] Switch to using yarl.URL.absolute over `...
• Additional commits viewable in compare view

Updates anyio from 4.4.0 to 4.6.0

Release notes

Sourced from anyio's releases.

4.6.0

• Dropped support for Python 3.8 (as #698 cannot be resolved without cancel message support)
• Fixed 100% CPU use on asyncio while waiting for an exiting task group to finish while said task group is within a cancelled cancel scope (#695)
• Fixed cancel scopes on asyncio not propagating CancelledError on exit when the enclosing cancel scope has been effectively cancelled (#698)
• Fixed asyncio task groups not yielding control to the event loop at exit if there were no child tasks to wait on
• Fixed inconsistent task uncancellation with asyncio cancel scopes belonging to a task group when said task group has child tasks running

4.5.0

• Improved the performance of anyio.Lock and anyio.Semaphore on asyncio (even up to 50 %)
• Added the fast_acquire parameter to anyio.Lock and anyio.Semaphore to further boost performance at the expense of safety (acquire() will not yield control back if there is no contention)
• Added support for the from_uri(), full_match(), parser methods/properties in anyio.Path, newly added in Python 3.13 (#737)
• Added support for more keyword arguments for run_process() and open_process(): startupinfo, creationflags, pass_fds, user, group, extra_groups and umask (#742)
• Improved the type annotations and support for PathLike in run_process() and open_process() to allow for path-like arguments, just like subprocess.Popen
• Changed the ResourceWarning from an unclosed memory object stream to include its address for easier identification
• Changed start_blocking_portal() to always use daemonic threads, to accommodate the "loitering event loop" use case
• Bumped the minimum version of Trio to v0.26.1
• Fixed __repr__() of MemoryObjectItemReceiver, when item is not defined (#767; PR by @​Danipulok)
• Fixed to_process.run_sync() failing to initialize if __main__.__file__ pointed to a file in a nonexistent directory (#696)
• Fixed AssertionError: feed_data after feed_eof on asyncio when a subprocess is closed early, before its output has been read (#490)
• Fixed TaskInfo.has_pending_cancellation() on asyncio not respecting shielded scopes (#771; PR by @​gschaffner)
• Fixed SocketStream.receive() returning bytearray instead of bytes when using asyncio with ProactorEventLoop (Windows) (#776)
• Fixed quitting the debugger in a pytest test session while in an active task group failing the test instead of exiting the test session (because the exit exception arrives in an exception group)
• Fixed support for Linux abstract namespaces in UNIX sockets that was broken in v4.2 (#781 <agronholm/anyio#781>_; PR by @​tapetersen)
• Fixed KeyboardInterrupt (ctrl+c) hanging the asyncio pytest runner

Changelog

Sourced from anyio's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

4.6.0

• Dropped support for Python 3.8 (as [#698](https://github.com/agronholm/anyio/issues/698) <https://github.com/agronholm/anyio/issues/698>_ cannot be resolved without cancel message support)
• Fixed 100% CPU use on asyncio while waiting for an exiting task group to finish while said task group is within a cancelled cancel scope ([#695](https://github.com/agronholm/anyio/issues/695) <https://github.com/agronholm/anyio/issues/695>_)
• Fixed cancel scopes on asyncio not propagating CancelledError on exit when the enclosing cancel scope has been effectively cancelled ([#698](https://github.com/agronholm/anyio/issues/698) <https://github.com/agronholm/anyio/issues/698>_)
• Fixed asyncio task groups not yielding control to the event loop at exit if there were no child tasks to wait on
• Fixed inconsistent task uncancellation with asyncio cancel scopes belonging to a task group when said task group has child tasks running

4.5.0

• Improved the performance of anyio.Lock and anyio.Semaphore on asyncio (even up to 50 %)
• Added the fast_acquire parameter to anyio.Lock and anyio.Semaphore to further boost performance at the expense of safety (acquire() will not yield control back if there is no contention)
• Added support for the from_uri(), full_match(), parser methods/properties in anyio.Path, newly added in Python 3.13 ([#737](https://github.com/agronholm/anyio/issues/737) <https://github.com/agronholm/anyio/issues/737>_)
• Added support for more keyword arguments for run_process() and open_process(): startupinfo, creationflags, pass_fds, user, group, extra_groups and umask ([#742](https://github.com/agronholm/anyio/issues/742) <https://github.com/agronholm/anyio/issues/742>_)
• Improved the type annotations and support for PathLike in run_process() and open_process() to allow for path-like arguments, just like subprocess.Popen
• Changed the ResourceWarning from an unclosed memory object stream to include its address for easier identification
• Changed start_blocking_portal() to always use daemonic threads, to accommodate the "loitering event loop" use case
• Bumped the minimum version of Trio to v0.26.1
• Fixed __repr__() of MemoryObjectItemReceiver, when item is not defined ([#767](https://github.com/agronholm/anyio/issues/767) <https://github.com/agronholm/anyio/pull/767>_; PR by @​Danipulok)
• Fixed to_process.run_sync() failing to initialize if __main__.__file__ pointed to a file in a nonexistent directory ([#696](https://github.com/agronholm/anyio/issues/696) <https://github.com/agronholm/anyio/issues/696>_)
• Fixed AssertionError: feed_data after feed_eof on asyncio when a subprocess is closed early, before its output has been read ([#490](https://github.com/agronholm/anyio/issues/490) <https://github.com/agronholm/anyio/issues/490>_)

... (truncated)

Commits

• 8cce749 Bumped up the version
• 01a37c6 Fixed TaskGroup and CancelScope exit issues on asyncio (#774)
• 7f35ce7 Bumped up the version
• 108cc83 [pre-commit.ci] pre-commit autoupdate (#788)
• d1aea98 Fixed KeyboardInterrupt hanging the asyncio test runner (#779)
• c1aff53 [pre-commit.ci] pre-commit autoupdate (#785)
• 89d8b4c Use sphinx_rtd_theme also as an extension
• 4e9f18d Enabled uvloop to be used in the test suite on Python 3.13
• 7de6441 Pin Sphinx to a compatible version with sphinx-rtd-theme
• 41647f4 Fixed feed_data after feed_eof assertion errors on asyncio (#752)
• Additional commits viewable in compare view

Updates attrs from 23.2.0 to 24.2.0

Commits

• See full diff in compare view

Updates certifi from 2024.6.2 to 2024.8.30

Commits

• 325c2fd 2024.08.30 (#304)
• d66bf5f Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#302)
• 2150f23 Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#301)
• fc9b771 Bump actions/setup-python from 5.1.0 to 5.1.1 (#300)
• 965b239 Bump actions/download-artifact from 4.1.7 to 4.1.8 (#297)
• c1f50cc Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#296)
• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• See full diff in compare view

Updates cffi from 1.16.0 to 1.17.1

Release notes

Sourced from cffi's releases.

v1.17.1

• Fix failing distutils.msvc9compiler imports under Windows (#118).
• ffibuilder.emit_python_code() and ffibuiler.emit_c_code() accept file-like objects (#115).
• ffiplatform calls are bypassed by ffibuilder.emit_python_code() and ffibuilder.emit_c_code() (#81).

Full Changelog: python-cffi/cffi@v1.17.0...v1.17.1

v1.17.0

• Add support for Python 3.13.
  • Free-threaded CPython builds (i.e. python3.13t and the 3.13t ABI) are not currently supported.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a <cdata 'C-function-type'>. Before version 1.17 you could only call such objects. You could write ffi.addressof(lib, "myfunc") in order to get a real <cdata> object, based on the idea that in these cases in C you'd usually write &myfunc instead of myfunc. In version 1.17, the special object lib.myfunc can now be passed in many places where CFFI expects a regular <cdata> object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.

Full Changelog: python-cffi/cffi@v1.16.0...v1.17.0

v1.17.0rc1

• Add support for Python 3.13.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.
• Build wheels for musllinux aarch64.

Commits

• 38bd6be release 1.17.1
• ba10180 update whatsnew.rst for 1.17.1 (#121)
• 61deb5f add yet another flag to recompile() to avoid calling ffiplatform (#81)
• 1c292c1 Handle distutils without distutils.msvc9compiler.MSVCCompiler class (#118)
• 182ffc4 Allow writing generated code to a file-like object. (#115)
• 74731f9 Release 1.17.0 (#108)
• 181fa00 1.17.0rc1 release (#80)
• 772528e Add 3.13 to trove classifiers (#72)
• e36042d 1.17.0b1 prep (#79)
• 39bdab2 avoid null-pointer-subtraction error (#78)
• Additional commits viewable in compare view

Updates cryptography from 42.0.8 to 43.0.1

Changelog

Sourced from cryptography's changelog.

43.0.1 - 2024-09-03

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.2.
.. _v43-0-0:
43.0.0 - 2024-07-20

• BACKWARDS INCOMPATIBLE: Support for OpenSSL less than 1.1.1e has been removed. Users on older version of OpenSSL will need to upgrade.
• BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL < 3.8.
• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
• Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
• :func:~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still considered insecure, users should generally use a key size of 2048-bits.
• :func:~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates now emits ASN.1 that more closely follows the recommendations in :rfc:2315.
• Added new :doc:/hazmat/decrepit/index module which contains outdated and insecure cryptographic primitives. :class:~cryptography.hazmat.primitives.ciphers.algorithms.CAST5, :class:~cryptography.hazmat.primitives.ciphers.algorithms.SEED, :class:~cryptography.hazmat.primitives.ciphers.algorithms.IDEA, and :class:~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish, which were deprecated in 37.0.0, have been added to this module. They will be removed from the cipher module in 45.0.0.
• Moved :class:~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES and :class:~cryptography.hazmat.primitives.ciphers.algorithms.ARC4 into :doc:/hazmat/decrepit/index and deprecated them in the cipher module. They will be removed from the cipher module in 48.0.0.
• Added support for deterministic :class:~cryptography.hazmat.primitives.asymmetric.ec.ECDSA (:rfc:6979)
• Added support for client certificate verification to the :mod:X.509 path validation <cryptography.x509.verification> APIs in the form of :class:~cryptography.x509.verification.ClientVerifier, :class:~cryptography.x509.verification.VerifiedClient, and PolicyBuilder :meth:~cryptography.x509.verification.PolicyBuilder.build_client_verifier.
• Added Certificate :attr:~cryptography.x509.Certificate.public_key_algorithm_oid and Certificate Signing Request :attr:~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid to determine the :class:~cryptography.hazmat._oid.PublicKeyAlgorithmOID Object Identifier of the public key found inside the certificate.
• Added :attr:~cryptography.x509.InvalidityDate.invalidity_date_utc, a timezone-aware alternative to the naïve datetime attribute :attr:~cryptography.x509.InvalidityDate.invalidity_date.
• Added support for parsing empty DN string in

... (truncated)

Commits

• a773387 bump for 43.0.1 (#11533)
• 0393fef Backport setuptools version ban (#11526)
• 6687bab Bump openssl from 0.10.65 to 0.10.66 in /src/rust (#11320) (#11324)
• ebf14f2 bump for 43.0.0 and update changelog (#11311)
• 42788a0 Fix exchange with keys that had Q automatically computed (#11309)
• 2dbdfb8 don't assign unused name (#11310)
• ccc66e6 Bump openssl from 0.10.64 to 0.10.65 in /src/rust (#11308)
• 4310c87 Bump sphinxcontrib-qthelp from 1.0.7 to 1.0.8 (#11307)
• f66a9c4 Bump sphinxcontrib-htmlhelp from 2.0.5 to 2.0.6 (#11306)
• a8fcf18 Bump openssl-sys from 0.9.102 to 0.9.103 in /src/rust (#11305)
• Additional commits viewable in compare view

Updates exceptiongroup from 1.2.1 to 1.2.2

Release notes

Sourced from exceptiongroup's releases.

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry (#123)

Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry ([#123](https://github.com/agronholm/exceptiongroup/issues/123) <https://github.com/agronholm/exceptiongroup/issues/123>_)

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

• Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

1.1.3

• catch() now raises a TypeError if passed an async exception handler instead of just giving a RuntimeWarning about the coroutine never being awaited. (#66, PR by John Litborn)
• Fixed plain raise statement in an exception handler callback to work like a raise in an except* block
• Fixed new exception group not being chained to the original exception when raising an exception group from exceptions raised in handler callbacks
• Fixed type annotations of the derive(), subgroup() and split() methods to match the ones in typeshed

1.1.2

• Changed handling of exceptions in exception group handler callbacks to not wrap a single exception in an exception group, as per CPython issue 103590 <https://github.com/python/cpython/issues/103590>_

1.1.1

• Worked around

... (truncated)

Commits

• 2399d54 Added the release version
• bec9651 Removed problematic assert that caused compatibility issues
• f3f0ff6 Updated Ruff configuration
• bb43ee0 Fixed formatting tests failing on Python 3.13
• eb8fbbc [pre-commit.ci] pre-commit autoupdate (#129)
• 6ff8300 [pre-commit.ci] pre-commit autoupdate (#128)
• 761933f [pre-commit.ci] pre-commit autoupdate (#127)
• 1b43294 [pre-commit.ci] pre-commit autoupdate (#125)
• dd87018 [pre-commit.ci] pre-commit autoupdate (#124)
• 54d8b8d [pre-commit.ci] pre-commit autoupdate (#121)
• Additional commits viewable in compare view

Updates httpx from 0.27.0 to 0.27.2

Release notes

Sourced from httpx's releases.

Version 0.27.2

0.27.2 (27th August, 2024)

Fixed

• Reintroduced supposedly-private URLTypes shortcut. (#2673)

Version 0.27.1

0.27.1 (27th August, 2024)

Added

• Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

• Improved error messaging for InvalidURL exceptions. (#3250)
• Fix app type signature in ASGITransport. (#3109)

Changelog

Sourced from httpx's changelog.

0.27.2 (27th August, 2024)

Fixed

• Reintroduced supposedly-private URLTypes shortcut. (#2673)

0.27.1 (27th August, 2024)

Added

• Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

• Improved error messaging for InvalidURL exceptions. (#3250)
• Fix app type signature in ASGITransport. (#3109)

Commits

• 609df7e Reintroduce URLTypes. (#3288)
• 1d6b663 Update CHANGELOG for 0.27.1 release date. (#3285)
• 1bf1ba5 Version 0.27.1 (#3275)
• 7c0cda1 Improve InvalidURL error message. (#3250)
• beb501f Bump the python-packages group across 1 directory with 8 updates (#3247)
• 359f77d Clean up URL signature. (#3245)
• b351a44 Update requirements.txt (#3246)
• db9072f Add URL parsing tests from WHATWG (#3188)
• 92e9dfb Update asgi.py docstring (#3210)
• e186ecc Bump the python-packages group with 8 updates (#3213)
• Additional commits viewable in compare view

Updates idna from 3.7 to 3.10

Release notes

Sourced from idna's releases.

v3.10

No release notes provided.

v3.9

No release notes provided.

v3.8

What's Changed

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Full Changelog: kjd/idna@v3.7...v3.8

Changelog

Sourced from idna's changelog.

3.10 (2024-09-15) +++++++++++++++++

• Reverted to Unicode 15.1.0 data. Unicode 16 has some significant changes to UTS46 processing that will require more work to properly implement.

3.9 (2024-09-13) ++++++++++++++++

• Update to Unicode 16.0.0
• Deprecate setup.cfg in favour of pyproject.toml
• Use ruff for code formatting

Thanks to Waket Zheng for contributions to this release.

3.8 (2024-08-23) ++++++++++++++++

• Fix regression where IDNAError exception was not being produced for certain inputs.
• Add support for Python 3.13, drop support for Python 3.5 as it is no longer testable.
• Documentation improvements
• Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

Commits

• 729225d Release v3.10
• 3eef168 Merge pull request #194 from kjd/revert-unicode-16
• ceca619 Revert Unicode 16.0.0 data updates
• c43ac75 Merge pull request #191 from kjd/release-3.9
• 1b8800a Release v3.9
• a1fd168 Merge pull request #190 from kjd/unicode-16
• 7732c61 Merge branch 'master' into unicode-16
• 4ed183d Refactor membership test
• 762216b Format with ruff
• 580ece9 Implement changes to UTS46 algorithm
• Additional commits viewable in compare view

Updates multidict from 6.0.5 to 6.1.0

Release notes

Sourced from multidict's releases.

6.1.0

Bug fixes

• Covered the unreachable code path in multidict._multidict_base._abc_itemsview_register() with typing -- by :user:skinnyBat.

  Related issues and pull requests on GitHub: #928.

Features

• Added support for Python 3.13 -- by :user:bdraco.

  Related issues and pull requests on GitHub: #1002.

Removals and backward incompatible breaking changes

• Removed Python 3.7 support -- by :user:bdraco.

  Related issues and pull requests on GitHub: #997.

Contributor-facing changes

• Added tests to have full code coverage of the multidict._multidict_base._viewbaseset_richcmp() function -- by :user:skinnyBat.

  Related issues and pull requests on GitHub: #928.

... (truncated)

Changelog

Sourced from multidict's changelog.

6.1.0 (2024-09-09)

Bug fixes

• Covered the unreachable code path in multidict._multidict_base._abc_itemsview_register() with typing -- by :user:skinnyBat.

  Related issues and pull requests on GitHub: :issue:928.

Features

• Added support for Python 3.13 -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:1002.

Removals and backward incompatible breaking changes

• Removed Python 3.7 support -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:997.

Contributor-facing changes

• Added tests to have full code coverage of the multidict._multidict_base._viewbaseset_richcmp() function -- by :user:skinnyBat.

  Related issues and pull requests on GitHub:

... (truncated)

Commits

• 4140e63 Release 6.1.0
• f3876fd Python 3.13 support (#1002)
• 62ab55e Bump test-summary/action from 2.3 to 2.4 (#983)
• 039c298 [pre-commit.ci] pre-commit autoupdate (#964)
• a27f057 Bump black from 24.4.0 to 24.8.0 (#1001)
• ac10253 Bump pytest-cov from 4.1.0 to 5.0.0 (#963)
• 794c6b2 Bump pre-commit from 3.7.0 to 3.8.0 (#1000)
• 234d448 Bump dependabot/fetch-metadata from 2.0.0 to 2.2.0 (#985)
• 056c7de Bump sigstore/gh-action-sigstore-python from 2.1.1 to 3.0.0 (#986)
• f176071 Bump pypa/cibuildwheel from 2.17.0 to 2.20.0 (#993)
• Additional commits viewable in compare view

Updates pyjwt from 2.8.0 to 2.9.0

Release notes

Sourced from pyjwt's releases.

2.9.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#905
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#909
• Add support for Python 3.12 by @​hugovk in jpadilla/pyjwt#910
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#911
• Fix an unnecessary str concat by @​sirosen in jpadilla/pyjwt#904
• Update jwt-api to accept either a string or list of strings for issuer validation by @​mattpollak in jpadilla/pyjwt#913
• Bump actions/checkout from 3 to 4 by @​dependabot in jpadilla/pyjwt#916
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#917
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#922
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#926
• Bump actions/setup-python from 4 to 5 by @​dependabot in jpadilla/pyjwt#931
• Bump hynek/build-and-inspect-python-package from 1 to 2 by @​dependabot in jpadilla/pyjwt#935
• docs/api: document strict_aud on decode_complete by @​woodruffw in jpadilla/pyjwt#923
• chore: fix docs step by @​jpadilla in jpadilla/pyjwt#950
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#953
• Add coverage and improve performance of is_ssh_key by @​bdraco in jpadilla/pyjwt#940
• Decode with PyJWK by @​luhn in jpadilla/pyjwt#886
• Remove an unused variable from an example code block by @​kenkoooo in jpadilla/pyjwt#958
• Handle load_pem_public_key ValueError by @​CollinEMac in jpadilla/pyjwt#952
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#960
• Raise exception when required cryptography dependency is missing by @​tobloef in jpadilla/pyjwt#963
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in jpadilla/pyjwt#965
• Add 2.9.0 changelog. Fixes #949 by @​benvdh in jpadilla/pyjwt#967

New Contributors

• @​mattpollak made their first contribution in jpadilla/pyjwt#913
• @​bdraco made their first contribution in jpadilla/pyjwt#940
• @​luhn made their first contribution in jpadilla/pyjwt#886
• @​kenkoooo made their first contribution in jpadilla/pyjwt#958
• @​CollinEMac made their first contribution in jpadilla/pyjwt#952
• @​tobloef made their first contribution in jpadilla/pyjwt#963
• @​benvdh made their first contribution in jpadilla/pyjwt#967

Full Changelog: jpadilla/pyjwt@2.8.0...2.9.0

Changelog

Sourced from pyjwt's changelog.

v2.9.0 <https://github.com/jpadilla/pyjwt/compare/2.8.0...2.9.0>__

Changed

- Drop support for Python 3.7 (EOL) by @hugovk in `[#910](https://github.com/jpadilla/pyjwt/issues/910) <https://github.com/jpadilla/pyjwt/pull/910>`__
- Allow JWT issuer claim validation to accept a list of strings too by @mattpollak in `[#913](https://github.com/jpadilla/pyjwt/issues/913) <https://github.com/jpadilla/pyjwt/pull/913>`__
Fixed

- Fix unnecessary string concatenation by @sirosen in `[#904](https://github.com/jpadilla/pyjwt/issues/904) &lt;https://github.com/jpadilla/pyjwt/pull/904&gt;`__
- Fix docs for ``jwt.decode_complete`` to include ``strict_aud`` option by @woodruffw in `[#923](https://github.com/jpadilla/pyjwt/issues/923) &lt;https://github.com/jpadilla/pyjwt/pull/923&gt;`__
- Fix docs step by @jpadilla in `[#950](https://github.com/jpadilla/pyjwt/issues/950) &lt;https://github.com/jpadilla/pyjwt/pull/950&gt;`__
- Fix: Remove an unused variable from example code block by @kenkoooo in `[#958](https://github.com/jpadilla/pyjwt/issues/958) &lt;https://github.com/jpadilla/pyjwt/pull/958&gt;`__
Added



Add support for Python 3.12 by @​hugovk in [#910](https://github.com/jpadilla/pyjwt/issues/910) &lt;https://github.com/jpadilla/pyjwt/pull/910&gt;__
Improve performance of is_ssh_key + add unit test by @​bdraco in [#940](https://github.com/jpadilla/pyjwt/issues/940) &lt;https://github.com/jpadilla/pyjwt/pull/940&gt;__
Allow jwt.decode() to accept a PyJWK object by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
Make algorithm_name attribute available on PyJWK by @​luhn in [#886](https://github.com/jpadilla/pyjwt/issues/886) &lt;https://github.com/jpadilla/pyjwt/pull/886&gt;__
Raise InvalidKeyError on invalid PEM keys to be compatible with cryptography 42.x.x by @​CollinEMac in [#952](https://github.com/jpadilla/pyjwt/issues/952) &lt;https://github.com/jpadilla/pyjwt/pull/952&gt;__
Raise an exception when required cryptography dependency is missing by @​tobloef in &lt;https://github.com/jpadilla/pyjwt/pull/963&gt;__

Commits

• 868cf4a Add 2.9.0 changelog. Fixes #949 (#967)
• 304a3df [pre-commit.ci] pre-commit autoupdate (#965)
• 527fec2 Raise exception when required cryptography dependency is missing (#963)
• 18a50be [pre-commit.ci] pre-commit autoupdate (#960)
• 4703f87 Handle load_pem_public_key ValueError (#952)
• 9dc732f Update usage.rst (#958)
• ab8176a Decode with PyJWK (#886)
• c0a071d chore: update actions/download-artifact
• 2afbe32 Add coverage and improve performance of is_ssh_key (#940)
• 97345a7 [pre-commit.ci] pre-commit autoupdate (#953)
• Additional commits viewable in compare view

Updates pyyaml from 6.0.1 to 6.0.2

Release notes

Sourced from pyyaml's releases.

6.0.2

What's Changed

• Support for Cython 3.x and Python 3.13.

Full Changelog: yaml/pyyaml@6.0.1...6.0.2

6.0.2rc1

• Support for extension build with Cython 3.x
• Support for Python 3.13
• Added PyPI wheels for musllinux on aarch64

Changelog

Sourced from