chore(deps): update dependency attrs to v24 #190
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
🦙 MegaLinter status: ✅ SUCCESS
See detailed report in MegaLinter reports You could have same capabilities but better runtime performances if you request a new MegaLinter flavor. MegaLinter is graciously provided by |
renovate
bot
force-pushed
the
renovate/attrs-24.x
branch
2 times, most recently
from
a134e08
to
5115315
Compare
renovate
bot
force-pushed
the
renovate/attrs-24.x
branch
from
5115315
to
5cda0b4
Compare
Trivy image scan report
|
| Package | ID | Severity | Installed Version | Fixed Version |
|---|---|---|---|---|
libexpat1 |
CVE-2024-45490 | CRITICAL | 2.5.0-1 | 2.5.0-1+deb12u1 |
libexpat1 |
CVE-2024-45491 | CRITICAL | 2.5.0-1 | 2.5.0-1+deb12u1 |
libexpat1 |
CVE-2024-45492 | CRITICAL | 2.5.0-1 | 2.5.0-1+deb12u1 |
libgssapi-krb5-2 |
CVE-2024-37371 | CRITICAL | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libgssapi-krb5-2 |
CVE-2024-37370 | HIGH | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libk5crypto3 |
CVE-2024-37371 | CRITICAL | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libk5crypto3 |
CVE-2024-37370 | HIGH | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libkrb5-3 |
CVE-2024-37371 | CRITICAL | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libkrb5-3 |
CVE-2024-37370 | HIGH | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libkrb5support0 |
CVE-2024-37371 | CRITICAL | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libkrb5support0 |
CVE-2024-37370 | HIGH | 1.20.1-2+deb12u1 | 1.20.1-2+deb12u2 |
libpython3.11-minimal |
CVE-2024-0397 | MEDIUM | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
libpython3.11-minimal |
CVE-2024-8088 | MEDIUM | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
libpython3.11-minimal |
CVE-2024-4032 | LOW | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
libpython3.11-stdlib |
CVE-2024-0397 | MEDIUM | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
libpython3.11-stdlib |
CVE-2024-8088 | MEDIUM | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
libpython3.11-stdlib |
CVE-2024-4032 | LOW | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
libssl3 |
CVE-2024-4603 | MEDIUM | 3.0.13-1~deb12u1 | 3.0.14-1~deb12u1 |
libssl3 |
CVE-2024-4741 | MEDIUM | 3.0.13-1~deb12u1 | 3.0.14-1~deb12u1 |
libssl3 |
CVE-2024-6119 | MEDIUM | 3.0.13-1~deb12u1 | 3.0.14-1~deb12u2 |
libssl3 |
CVE-2024-2511 | LOW | 3.0.13-1~deb12u1 | 3.0.14-1~deb12u1 |
python3.11-minimal |
CVE-2024-0397 | MEDIUM | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
python3.11-minimal |
CVE-2024-8088 | MEDIUM | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
python3.11-minimal |
CVE-2024-4032 | LOW | 3.11.2-6+deb12u2 | 3.11.2-6+deb12u3 |
No Misconfigurations found
Python
1 known vulnerabilities found (LOW: 0 CRITICAL: 0 HIGH: 1 MEDIUM: 0)
Show detailed table of vulnerabilities
| Package | ID | Severity | Installed Version | Fixed Version |
|---|---|---|---|---|
setuptools |
CVE-2024-6345 | HIGH | 65.5.1 | 70.0.0 |
No Misconfigurations found
chgl
approved these changes
Oct 15, 2024
|
🎉 This PR is included in version 4.0.2 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==23.2.0->==24.2.0Release Notes
python-attrs/attrs (attrs)
v24.2.0Compare Source
Deprecations
@define/@attr.s.Please don't use it in new code, but we don't intend to remove it anymore.
#1330
Changes
attrs.converters.pipe()(and its syntactic sugar of passing a list forattrs.field()'s /attr.ib()'s converter argument) works again when passingattrs.setters.convertto on_setattr (which is default forattrs.define).#1328
#1329
v24.1.0Compare Source
Backwards-incompatible Changes
attrs.evolve()doesn't accept the inst argument as a keyword argument anymore.Pass it as the first positional argument instead.
#1264
attrs.validators.provides()has been removed.The removed code is available as a gist for convenient copy and pasting.
#1265
All packaging metadata except from
__version__and__version_info__has been removed from theattrandattrsmodules (for example,attrs.__url__).Please use
importlib.metadataor importlib-metadata instead.#1268
The generated
__eq__methods have been sped up significantly by generating a chain of attribute comparisons instead of constructing and comparing tuples.This change arguably makes the behavior more correct,
but changes it if an attribute compares equal by identity but not value, like
float('nan').#1310
Deprecations
attr.sis now deprecated.It was a workaround for nested classes in Python 2 and is pointless in Python 3.
#1263
@attr.s,@attrs.define, andmake_class()is now deprecated in favor of unsafe_hash, as defined by PEP 681.#1323
Changes
Allow original slotted
functools.cached_propertyclasses to be cleaned by garbage collection.Allow
super()calls in slotted cached properties.#1221
Our type stubs now use modern type notation and are organized such that VS Code's quick-fix prefers the
attrsnamespace.#1234
Preserve
AttributeErrorraised by properties of slotted classes withfunctools.cached_properties.#1253
It is now possible to wrap a converter into an
attrs.Converterand get the current instance and/or the current field definition passed into the converter callable.Note that this is not supported by any type checker, yet.
#1267
attrs.make_class()now populates the__annotations__dict of the generated class, so thatattrs.resolve_types()can resolve them.#1285
Added the
attrs.validators.or_()validator.#1303
The combination of a
__attrs_pre_init__that takes arguments, a kw-only field, and a default on that field does not crash anymore.#1319
attrs.validators.in_()now transforms certain unhashable options to tuples to keep the field hashable.This allows fields that use this validator to be used with, for example,
attrs.filters.include().#1320
If a class has an inherited method called
__attrs_init_subclass__, it is now called once the class is done assembling.This is a replacement for Python's
__init_subclass__and useful for registering classes, and similar.#1321
Configuration
📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.