Bump the pip-minor-and-patch group across 1 directory with 7 updates

[dependabot]

Bumps the pip-minor-and-patch group with 7 updates in the /src directory:

Package	From	To
django-cors-headers	4.4.0	4.5.0
orjson	3.10.7	3.10.9
sentry-sdk	2.14.0	2.17.0
black	24.8.0	24.10.0
ruff	0.6.8	0.7.0
termcolor	2.4.0	2.5.0
tomli	2.0.1	2.0.2

Updates django-cors-headers from 4.4.0 to 4.5.0

Changelog

Sourced from django-cors-headers's changelog.

4.5.0 (2024-10-12)

• Drop Python 3.8 support.

• Support Python 3.13.

Commits

• 6f5222d Version 4.5.0
• 96ef5d7 Drop Python 3.8 support (#977)
• 6a0d30d Add automated release process (#976)
• e816d10 [pre-commit.ci] pre-commit autoupdate (#975)
• 132f381 Bump astral-sh/setup-uv from 1 to 3 in the github-actions group (#974)
• 3194a6d Support Python 3.13 (#972)
• 1cba108 Upgrade requirements (#971)
• a56c753 Use uv on GitHub Actions (#970)
• 0c34907 Fix GHA upload-artifact config
• 9fdf97c Fix Coverage upload on GHA
• Additional commits viewable in compare view

Updates orjson from 3.10.7 to 3.10.9

Release notes

Sourced from orjson's releases.

3.10.9

Fixed

• Fix int serialization on 32-bit Python 3.8, 3.9, 3.10. This was introduced in 3.10.8.

3.10.8

Changed

• int serialization no longer chains OverflowError to the the __cause__ attribute of orjson.JSONEncodeError when range exceeded.
• Compatibility with CPython 3.14 alpha 1.
• Improve performance.

Changelog

Sourced from orjson's changelog.

3.10.9

Fixed

• Fix int serialization on 32-bit Python 3.8, 3.9, 3.10. This was introduced in 3.10.8.

3.10.8

Changed

• int serialization no longer chains OverflowError to the the __cause__ attribute of orjson.JSONEncodeError when range exceeded.
• Compatibility with CPython 3.14 alpha 1.
• Improve performance.

Commits

• e331c52 3.10.9
• 4ba2c7f inline_int
• 3be7253 3.10.8
• 92f7b8c int uses _PyLong_AsByteArray()
• aec6e70 jiff
• c5af268 cargo update, vendor pyo3-ffi, python3.14
• 3640a30 Fix orjson_manylinux_2_17_amd64_* artifact upload
• See full diff in compare view

Updates sentry-sdk from 2.14.0 to 2.17.0

Release notes

Sourced from sentry-sdk's releases.

2.17.0

Various fixes & improvements

• Add support for async calls in Anthropic and OpenAI integration (#3497) by @​vetyy
• Allow custom transaction names in ASGI (#3664) by @​sl0thentr0py
• Langchain: Handle case when parent span wasn't traced (#3656) by @​rbasoalto
• Fix Anthropic integration when using tool calls (#3615) by @​kwnath
• More defensive Django Spotlight middleware injection (#3665) by @​BYK
• Remove ensure_integration_enabled_async (#3632) by @​sentrivana
• Test with newer Falcon version (#3644, #3653, #3662) by @​sentrivana
• Fix mypy (#3657) by @​sentrivana
• Fix flaky transport test (#3666) by @​sentrivana
• Remove pin on sphinx (#3650) by @​sentrivana
• Bump actions/checkout from 4.2.0 to 4.2.1 (#3651) by @​dependabot

2.16.0

Integrations

• Bottle: Add failed_request_status_codes (#3618) by @​szokeasaurusrex

  You can now define a set of integers that will determine which status codes should be reported to Sentry.

  sentry_sdk.init(
      integrations=[
          BottleIntegration(
              failed_request_status_codes={403, *range(500, 600)},
          )
      ]
  )

  Examples of valid failed_request_status_codes:

  • {500} will only send events on HTTP 500.
  • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
  • {500, 503} will send events on HTTP 500 and 503.
  • set() (the empty set) will not send events for any HTTP status code.

  The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

• Bottle: Delete never-reached code (#3605) by @​szokeasaurusrex

• Redis: Remove flaky test (#3626) by @​sentrivana

• Django: Improve getting psycopg3 connection info (#3580) by @​nijel

• Django: Add SpotlightMiddleware when Spotlight is enabled (#3600) by @​BYK

• Django: Open relevant error when SpotlightMiddleware is on (#3614) by @​BYK

• Django: Support http_methods_to_capture in ASGI Django (#3607) by @​sentrivana

  ASGI Django now also supports the http_methods_to_capture integration option. This is a configurable tuple of HTTP method verbs that should create a transaction in Sentry. The default is ("CONNECT", "DELETE", "GET", "PATCH", "POST", "PUT", "TRACE",). OPTIONS and HEAD are not included by default.

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

2.17.0

Various fixes & improvements

• Add support for async calls in Anthropic and OpenAI integration (#3497) by @​vetyy
• Allow custom transaction names in ASGI (#3664) by @​sl0thentr0py
• Langchain: Handle case when parent span wasn't traced (#3656) by @​rbasoalto
• Fix Anthropic integration when using tool calls (#3615) by @​kwnath
• More defensive Django Spotlight middleware injection (#3665) by @​BYK
• Remove ensure_integration_enabled_async (#3632) by @​sentrivana
• Test with newer Falcon version (#3644, #3653, #3662) by @​sentrivana
• Fix mypy (#3657) by @​sentrivana
• Fix flaky transport test (#3666) by @​sentrivana
• Remove pin on sphinx (#3650) by @​sentrivana
• Bump actions/checkout from 4.2.0 to 4.2.1 (#3651) by @​dependabot

2.16.0

Integrations

• Bottle: Add failed_request_status_codes (#3618) by @​szokeasaurusrex

  You can now define a set of integers that will determine which status codes should be reported to Sentry.

  sentry_sdk.init(
      integrations=[
          BottleIntegration(
              failed_request_status_codes={403, *range(500, 600)},
          )
      ]
  )

  Examples of valid failed_request_status_codes:

  • {500} will only send events on HTTP 500.
  • {400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
  • {500, 503} will send events on HTTP 500 and 503.
  • set() (the empty set) will not send events for any HTTP status code.

  The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.

• Bottle: Delete never-reached code (#3605) by @​szokeasaurusrex

• Redis: Remove flaky test (#3626) by @​sentrivana

• Django: Improve getting psycopg3 connection info (#3580) by @​nijel

• Django: Add SpotlightMiddleware when Spotlight is enabled (#3600) by @​BYK

• Django: Open relevant error when SpotlightMiddleware is on (#3614) by @​BYK

• Django: Support http_methods_to_capture in ASGI Django (#3607) by @​sentrivana

... (truncated)

Commits

• e44c9ee Update CHANGELOG.md
• ee30db3 release: 2.17.0
• 365d9cf Fix flaky transport test (#3666)
• 9ae5820 Add support for async calls in Anthropic and OpenAI integration (#3497)
• 891afee fix(spotlight): More defensive Django spotlight middleware injection (#3665)
• f493057 Allow custom transaction names in asgi (#3664)
• e463034 tests: Falcon RC1 (#3662)
• deca5f2 build(deps): Remove pin on sphinx (#3650)
• 302457d build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (#3651)
• 846b8b2 fix(langchain): handle case when parent span wasn't traced (#3656)
• Additional commits viewable in compare view

Updates black from 24.8.0 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

Changelog

Sourced from black's changelog.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

Commits

• 1b2427a Prepare release 24.10.0 (#4471)
• a22b1eb Add mypyc 3.13 wheel build (#4449)
• b7d0e72 Bump AndreMiras/coveralls-python-action from 65c1672f0b8a201702d86c81b79187df...
• f1a2f92 Include --unstable in cache key (#4466)
• 8d9d18c Fix skipping Jupyter cells with unknown %% magic (#4462)
• bbfdba3 Fix docs CI: use venv for uv to fix 'failed to create directory' (#4460)
• 8fb2add Use builtin generics (#4458)
• 2a45cec Fix crashes with comments in parentheses (#4453)
• b4d6d86 Drop Python 3.8 support (#4452)
• ac018c1 Require newer aiohttp for blackd (#4451)
• Additional commits viewable in compare view

Updates ruff from 0.6.8 to 0.7.0

Release notes

Sourced from ruff's releases.

0.7.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• The pytest rules PT001 and PT023 now default to omitting the decorator parentheses when there are no arguments (#12838, #13292). This was a change that we attempted to make in Ruff v0.6.0, but only partially made due to an error on our part. See the blog post for more details.
• The useless-try-except rule (in our tryceratops category) has been recoded from TRY302 to TRY203 (#13502). This ensures Ruff's code is consistent with the same rule in the tryceratops linter.
• The lint.allow-unused-imports setting has been removed (#13677). Use lint.pyflakes.allow-unused-imports instead.

Formatter preview style

• Normalize implicit concatenated f-string quotes per part (#13539)

Preview linter features

• [refurb] implement hardcoded-string-charset (FURB156) (#13530)
• [refurb] Count codepoints not bytes for slice-to-remove-prefix-or-suffix (FURB188) (#13631)

Rule changes

• [pylint] Mark PLE1141 fix as unsafe (#13629)
• [flake8-async] Consider async generators to be "checkpoints" for cancel-scope-no-checkpoint (ASYNC100) (#13639)
• [flake8-bugbear] Do not suggest setting parameter strict= to False in B905 diagnostic message (#13656)
• [flake8-todos] Only flag the word "TODO", not words starting with "todo" (TD006) (#13640)
• [pycodestyle] Fix whitespace-related false positives and false negatives inside type-parameter lists (E231, E251) (#13704)
• [flake8-simplify] Stabilize preview behavior for SIM115 so that the rule can detect files being opened from a wider range of standard-library functions (#12959).

CLI

• Add explanation of fixable in --statistics command (#13774)

Bug fixes

• [pyflakes] Allow ipytest cell magic (F401) (#13745)
• [flake8-use-pathlib] Fix PTH123 false positive when open is passed a file descriptor (#13616)
• [flake8-bandit] Detect patterns from multi line SQL statements (S608) (#13574)
• [flake8-pyi] - Fix dropped expressions in PYI030 autofix (#13727)

Contributors

• @​AlexWaygood

... (truncated)

Changelog

Sourced from ruff's changelog.

0.7.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

• The pytest rules PT001 and PT023 now default to omitting the decorator parentheses when there are no arguments (#12838, #13292). This was a change that we attempted to make in Ruff v0.6.0, but only partially made due to an error on our part. See the blog post for more details.
• The useless-try-except rule (in our tryceratops category) has been recoded from TRY302 to TRY203 (#13502). This ensures Ruff's code is consistent with the same rule in the tryceratops linter.
• The lint.allow-unused-imports setting has been removed (#13677). Use lint.pyflakes.allow-unused-imports instead.

Formatter preview style

• Normalize implicit concatenated f-string quotes per part (#13539)

Preview linter features

• [refurb] implement hardcoded-string-charset (FURB156) (#13530)
• [refurb] Count codepoints not bytes for slice-to-remove-prefix-or-suffix (FURB188) (#13631)

Rule changes

• [pylint] Mark PLE1141 fix as unsafe (#13629)
• [flake8-async] Consider async generators to be "checkpoints" for cancel-scope-no-checkpoint (ASYNC100) (#13639)
• [flake8-bugbear] Do not suggest setting parameter strict= to False in B905 diagnostic message (#13656)
• [flake8-todos] Only flag the word "TODO", not words starting with "todo" (TD006) (#13640)
• [pycodestyle] Fix whitespace-related false positives and false negatives inside type-parameter lists (E231, E251) (#13704)
• [flake8-simplify] Stabilize preview behavior for SIM115 so that the rule can detect files being opened from a wider range of standard-library functions (#12959).

CLI

• Add explanation of fixable in --statistics command (#13774)

Bug fixes

• [pyflakes] Allow ipytest cell magic (F401) (#13745)
• [flake8-use-pathlib] Fix PTH123 false positive when open is passed a file descriptor (#13616)
• [flake8-bandit] Detect patterns from multi line SQL statements (S608) (#13574)
• [flake8-pyi] - Fix dropped expressions in PYI030 autofix (#13727)

0.6.9

Preview features

... (truncated)

Commits

• 5e6de4e Changelog for Ruff v0.7 (#13794)
• 70e5c4a Recode TRY302 to TRY203 (#13502)
• 9218d6b Remove allow-unused-imports setting from the common lint options (#13677)
• 1b79ae9 [ruff-0.7] Stabilise the expansion of open-file-with-context-handler to wor...
• 2b87587 [flake8-pytest-style] Fix defaults when lint.flake8-pytest-style config s...
• d1e15f6 Remove tab-size setting (#12835)
• 89a8215 Remove error messages for removed CLI aliases (#12833)
• 202c6a6 Remove output-format=text setting (#12836)
• 5c3c0c4 [red-knot] Inference for comparison of union types (#13781)
• 6b7a738 Add explanation of fixable in --statistics command (#13774)
• Additional commits viewable in compare view

Updates termcolor from 2.4.0 to 2.5.0

Release notes

Sourced from termcolor's releases.

Release 2.5.0

Added

• Add strike attribute (#65) @​muzhig
• Generate and upload attestations to PyPI (#83) @​hugovk

Changed

• Drop support for Python 3.8 (#81) @​hugovk

Commits

• 2654f7f Test with uv (#84)
• 143a8b4 Generate and upload attestations to PyPI (#83)
• 09ca9cc Drop support for Python 3.8 (#81)
• 9e35c66 [pre-commit.ci] pre-commit autoupdate (#80)
• 9f38125 Update codecov/codecov-action action to v4 (#78)
• 354cb36 Update codecov/codecov-action action to v4 (#76)
• 0ac4aeb Add Codecov token to work with v4 (#75)
• 3c927b6 [pre-commit.ci] pre-commit autoupdate (#71)
• 7143ed6 Update github-actions (#69)
• 40bd968 [pre-commit.ci] pre-commit autoupdate (#67)
• Additional commits viewable in compare view

Updates tomli from 2.0.1 to 2.0.2

Changelog

Sourced from tomli's changelog.

2.0.2

• Removed
  • Python 3.7 support
• Improved
  • Make loads raise TypeError not AttributeError on bad input types that do not have the replace attribute. Improve error message when bytes is received.
• Type annotations
  • Type annotate load input as typing.IO[bytes] (previously typing.BinaryIO).

Commits

• 3ec6775 Bump version: 2.0.1 → 2.0.2
• 1dcd317 Add v2.0.2 changelog
• c94ee69 Fix GitHub Actions badge
• 4e245a4 tomli.loads: Raise TypeError not AttributeError. Improve message (#229)
• facdab0 Update pre-commit. Remove docformatter
• a613867 Use sys.version_info in compatibility layer (#220)
• 39eff9b Add support for Python 3.12, drop EOL 3.7 (#224)
• 0054e60 [pre-commit.ci] pre-commit autoupdate (#208)
• 1bd3345 Test against Python 3.12-dev
• 5646e69 Type annotate as IO[bytes], not BinaryIO
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.