Skip to content

[update] Scheduled weekly dependency update for week 28

username-removed-56100 requested to merge gh-43206804/194/satnogs/pyup-scheduled-update-07-14-2017 into dev

Created by: pyup-bot

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

Django 1.11.1 » 1.11.3 PyPI | Changelog | Homepage
django-avatar 3.1.0 » 4.0.0 PyPI | Repo
Pillow 4.1.1 » 4.2.1 PyPI | Changelog | Homepage
requests 2.14.2 » 2.18.1 PyPI | Changelog | Homepage
lxml 3.7.3 » 3.8.0 PyPI | Changelog | Homepage | Bugtracker
amqp 2.1.4 » 2.2.1 PyPI | Changelog | Repo

Changelogs

Django 1.11.1 -> 1.11.3

1.11.3

===========================

July 1, 2017

Django 1.11.3 fixes several bugs in 1.11.2.

Bugfixes

  • Removed an incorrect deprecation warning about a missing renderer argument if a Widget.render() method accepts **kwargs (🎫28265).
  • Fixed a regression causing Model.__init__() to crash if a field has an instance only descriptor (🎫28269).
  • Fixed an incorrect DisallowedModelAdminLookup exception when using a nested reverse relation in list_filter (🎫28262).
  • Fixed admin's FieldListFilter.get_queryset() crash on invalid input (🎫28202).
  • Fixed invalid HTML for a required AdminFileWidget (🎫28278).
  • Fixed model initialization to set the name of class-based model indexes for models that only inherit models.Model (🎫28282).
  • Fixed crash in admin's inlines when a model has an inherited non-editable primary key (🎫27967).
  • Fixed QuerySet.union(), intersection(), and difference() when combining with an EmptyQuerySet (🎫28293).
  • Prevented Paginator’s unordered object list warning from evaluating a QuerySet (🎫28284).
  • Fixed the value of redirect_field_name in LoginView’s template context. It's now an empty string (as it is for the original function-based login() view) if the corresponding parameter isn't sent in a request (in particular, when the login page is accessed directly) (🎫28229).
  • Prevented attribute values in the django/forms/widgets/attrs.html template from being localized so that numeric attributes (e.g. max and min) of NumberInput work correctly (🎫28303).
  • Removed casting of the option value to a string in the template context of the CheckboxSelectMultiple, NullBooleanSelect, RadioSelect, SelectMultiple, and Select widgets (🎫28176). In Django 1.11.1, casting was added in Python to avoid localization of numeric values in Django templates, but this made some use cases more difficult. Casting is now done in the template using the |stringformat:'s' filter.
  • Prevented a primary key alteration from adding a foreign key constraint if db_constraint=False (🎫28298).
  • Fixed UnboundLocalError crash in RenameField with nonexistent field (🎫28350).
  • Fixed a regression preventing a model field's limit_choices_to from being evaluated when a ModelForm is instantiated (🎫28345).

===========================

1.11.2

===========================

June 1, 2017

Django 1.11.2 adds a minor feature and fixes several bugs in 1.11.1. Also, the latest string translations from Transifex are incorporated.

Minor feature

The new LiveServerTestCase.port attribute reallows the use case of binding to a specific port following the :ref:bind to port zero <liveservertestcase-port-zero-change> change in Django 1.11.

Bugfixes

  • Added detection for GDAL 2.1 and 2.0, and removed detection for unsupported versions 1.7 and 1.8 (🎫28181).
  • Changed contrib.gis to raise ImproperlyConfigured rather than GDALException if gdal isn't installed, to allow third-party apps to catch that exception (🎫28178).
  • Fixed django.utils.http.is_safe_url() crash on invalid IPv6 URLs (🎫28142).
  • Fixed regression causing pickling of model fields to crash (🎫28188).
  • Fixed django.contrib.auth.authenticate() when multiple authentication backends don't accept a positional request argument (🎫28207).
  • Fixed introspection of index field ordering on PostgreSQL (🎫28197).
  • Fixed a regression where Model._state.adding wasn't set correctly on multi-table inheritance parent models after saving a child model (🎫28210).
  • Allowed DjangoJSONEncoder to serialize django.utils.deprecation.CallableBool (🎫28230).
  • Relaxed the validation added in Django 1.11 of the fields in the defaults argument of QuerySet.get_or_create() and update_or_create() to reallow settable model properties (🎫28222).
  • Fixed MultipleObjectMixin.paginate_queryset() crash on Python 2 if the InvalidPage message contains non-ASCII (🎫28204).
  • Prevented Subquery from adding an unnecessary CAST which resulted in invalid SQL (🎫28199).
  • Corrected detection of GDAL 2.1 on Windows (🎫28181).
  • Made date-based generic views return a 404 rather than crash when given an out of range date (🎫28209).
  • Fixed a regression where file_move_safe() crashed when moving files to a CIFS mount (🎫28170).
  • Moved the ImageField file extension validation added in Django 1.11 from the model field to the form field to reallow the use case of storing images without an extension (🎫28242).

===========================

Pillow 4.1.1 -> 4.2.1

4.2.1

  • CI: Fix version specification and test on CI for PyPy/Windows 2608 [wiredfool]

4.2.0

  • Doc: Clarified Image.save:append_images documentation 2604 [radarhere]

  • CI: Amazon Linux and Centos6 docker images added to TravisCI 2585 [wiredfool]

  • Image.alpha_composite added 2595 [wiredfool]

  • Complex Text Support 2576 [ShamsaHamed, Fahad-Alsaidi, wiredfool]

  • Added threshold parameter to ImageDraw.floodfill 2599 [nediamond]

  • Added dBATCH parameter to ghostscript command 2588 [radarhere]
  • JPEG: Adjust buffer size when icc_profile > MAXBLOCK 2596 [Darou]

  • Specify Pillow Version in one place 2517 [wiredfool]

  • CI: Change the owner of the TRAVIS_BUILD_DIR, fixing broken docker runs 2587 [wiredfool]

  • Fix truncated PNG loading for some images, Fix memory leak on truncated PNG images. 2541, 2598 [homm]

  • Add decompression bomb check to Image.crop 2410 [wiredfool]

  • ImageFile: Ensure that the err_code variable is initialized in case of exception. 2363 [alexkiro]

  • Tiff: Support append_images for saving multipage TIFFs 2406 [blochl]

  • Doc: Clarify that draft is only implemented for JPEG and PCD 2409 [wiredfool]
  • Test: MicImagePlugin 2447 [hugovk]
  • Use round() instead of floor() to eliminate zero coefficients in resample 2558 [homm]

  • Remove deprecated code 2549 [hugovk]

  • Added append_images to PDF saving 2526 [radarhere]

  • Remove unused function core image function new_array 2548 [hugovk]

  • Remove unnecessary calls to dict.keys() 2551 [jdufresne]

  • Add more ImageDraw.py tests and remove unused Draw.c code 2533 [hugovk]

  • Test: More tests for ImageMorph 2554 [hugovk]
  • Test: McIDAS area file 2552 [radarhere]
  • Update Feature Detection 2520 [wiredfool]
  • CI: Update pypy on TravisCI 2573 [hugovk]
  • ImageMorph: Fix wrong expected size of MRLs read from disk 2561 [dov]
  • Docs: Update install docs for FreeBSD 2546 [wiredfool]
  • Build: Ignore OpenJpeg 1.5 on FreeBSD 2544 [melvyn-sopacua]

  • Remove 'not yet implemented' methods from PIL 1.1.4 2538 [hugovk]

  • Dependencies: Update FreeType to 2.8, LibTIFF to 4.0.8 and libimagequant to 2.9.1 2535 2537 2540 [radarhere]

  • Raise TypeError and not also UnboundLocalError in ImageFile.Parser() 2525 [joshblum]
  • Test: Use Codecov for coverage 2528 [hugovk]
  • Use PNG for Image.show() 2527 [HinTak, wiredfool]
  • Remove WITH_DEBUG compilation flag 2522 [wiredfool]
  • Fix return value on parameter parse error in _webp.c 2521 [adw1n]
  • Set executable flag on scripts with shebang line 2295 [radarhere]
  • Flake8 2460 [radarhere]
  • Doc: Release Process Changes 2516 [wiredfool]
  • CI: Added region for s3 deployment on appveyor 2515 [wiredfool]
  • Doc: Updated references to point to existing files 2507 [radarhere]
  • Return copy on Image crop if crop dimensions match the image 2471 [radarhere]
  • Test: Optimize CI speed 2464, 2466 [hugovk]

requests 2.14.2 -> 2.18.1

2.18.1

+++++++++++++++++++

Bugfixes

  • Fix an error in the packaging whereby the *.whl contained incorrect data that regressed the fix in v2.17.3.

2.18.0

+++++++++++++++++++

Improvements

  • Response is now a context manager, so can be used directly in a with statement without first having to be wrapped by contextlib.closing().

Bugfixes

  • Resolve installation failure if multiprocessing is not available
  • Resolve tests crash if multiprocessing is not able to determine the number of CPU cores
  • Resolve error swallowing in utils set_environ generator

2.17.3

+++++++++++++++++++

Improvements

  • Improved packages namespace identity support, for monkeypatching libraries.

2.17.2

+++++++++++++++++++

Improvements

  • Improved packages namespace identity support, for monkeypatching libraries.

2.17.1

+++++++++++++++++++

Improvements

  • Improved packages namespace identity support, for monkeypatching libraries.

2.17.0

+++++++++++++++++++

Improvements

  • Removal of the 301 redirect cache. This improves thread-safety.

2.16.5

+++++++++++++++++++

  • Improvements to $ python -m requests.help.

2.16.4

+++++++++++++++++++

  • Introduction of the $ python -m requests.help command, for debugging with maintainers!

2.16.3

+++++++++++++++++++

  • Further restored the requests.packages namespace for compatibility reasons.

2.16.2

+++++++++++++++++++

  • Further restored the requests.packages namespace for compatibility reasons.

No code modification (noted below) should be neccessary any longer.

2.16.1

+++++++++++++++++++

  • Restored the requests.packages namespace for compatibility reasons.
  • Bugfix for urllib3 version parsing.

Note: code that was written to import against the requests.packages namespace previously will have to import code that rests at this module-level now.

For example::

from requests.packages.urllib3.poolmanager import PoolManager

Will need to be re-written to be::

from requests.packages import urllib3 urllib3.poolmanager.PoolManager

Or, even better::

from urllib3.poolmanager import PoolManager

2.16.0

+++++++++++++++++++

  • Unvendor ALL the things!

2.15.1

+++++++++++++++++++

  • Everyone makes mistakes.

2.15.0

+++++++++++++++++++

Improvements

  • Introduction of the Response.next property, for getting the next PreparedResponse from a redirect chain (when allow_redirects=False).
  • Internal refactoring of __version__ module.

Bugfixes

  • Restored once-optional parameter for requests.utils.get_environ_proxies().

lxml 3.7.3 -> 3.8.0

3.8.0

==================

Features added

  • ElementTree.write() has a new option doctype that writes out a doctype string before the serialisation, in the same way as tostring().
  • GH220: xmlfile allows switching output methods at an element level. Patch by Burak Arslan.
  • LP1595781, GH240: added a PyCapsule Python API and C-level API for passing externally generated libxml2 documents into lxml.
  • GH244: error log entries have a new property path with an XPath expression (if known, None otherwise) that points to the tree element responsible for the error. Patch by Bob Kline.
  • The namespace prefix mapping that can be used in ElementPath now injects a default namespace when passing a None prefix.

Bugs fixed

  • GH238: Character escapes were not hex-encoded in the xmlfile serialiser. Patch by matejcik.
  • GH229: fix for externally created XML documents. Patch by Theodore Dubois.
  • LP1665241, GH228: Form data handling in lxml.html no longer strips the option values specified in form attributes but only the text values. Patch by Ashish Kulkarni.
  • LP1551797: revert previous fix for XSLT error logging as it breaks multi-threaded XSLT processing.
  • LP1673355, GH233: fromstring() html5parser failed to parse byte strings.

Other changes

  • The previously undocumented docstring option in ElementTree.write() produces a deprecation warning and will eventually be removed.

3.7.4

==================

Bugs fixed

  • LP1551797: revert previous fix for XSLT error logging as it breaks multi-threaded XSLT processing.
  • LP1673355, GH233: fromstring() html5parser failed to parse byte strings.

amqp 2.1.4 -> 2.2.1

2.2.1

===== :release-date: 2017-07-14 09:00 A.M UTC+2 :release-by: Omer Katz

  • Fix implicit conversion from bytes to string on the connection object. (Issue 155)

This issue has caused Celery to crash on connection to RabbitMQ.

Fix contributed by Omer Katz

.. _version-2.2.0:

2.2.0

===== :release-date: 2017-07-12 10:00 A.M UTC+2 :release-by: Ask Solem

  • Fix random delays in task execution.

This is a bug that caused performance issues due to polling timeouts that occur when receiving incomplete AMQP frames. (Issues 3978 3737 3814)

Fix contributed by Robert Kopaczewski

  • Calling conn.collect() multiple times will no longer raise an AttributeError when no channels exist.

Fix contributed by Gord Chung

  • Fix compatibility code for Python 2.7.6.

Fix contributed by Jonathan Schuff

  • When running in Windows, py-amqp will no longer use the unsupported TCP option TCP_MAXSEG.

Fix contributed by Tony Breeds

  • Added support for setting the SNI hostname header.

The SSL protocol version is now set to SSLv23

Contributed by Dhananjay Sathe

  • Authentication mechanisms were refactored to be more modular. GSSAPI authentication is now supported.

Contributed by Alexander Dutton

  • Do not reconnect on collect.

Fix contributed by Gord Chung

.. _version-2.1.4:

That's it for now!

Happy merging! 🤖

Merge request reports