Bump httpx from 0.13.3 to 0.23.0 in /client/src/resources/contributing #79

dependabot · 2023-05-11T16:38:03Z

Bumps httpx from 0.13.3 to 0.23.0.

Release notes

Version 0.23.0

0.23.0 (23rd May, 2022)

Changed

Drop support for Python 3.6. (#2097)

Use utf-8 as the default character set, instead of falling back to charset-normalizer for auto-detection. To enable automatic character set detection, see the documentation. (#2165)

Fixed

Fix URL.copy_with for some oddly formed URL cases. (#2185)

Digest authentication should use case-insensitive comparison for determining which algorithm is being used. (#2204)

Fix console markup escaping in command line client. (#1866)

When files are used in multipart upload, ensure we always seek to the start of the file. (#2065)

Ensure that iter_bytes never yields zero-length chunks. (#2068)

Preserve Authorization header for redirects that are to the same origin, but are an http-to-https upgrade. (#2074)

When responses have binary output, don't print the output to the console in the command line client. Use output like <16086 bytes of binary data> instead. (#2076)

Fix display of --proxies argument in the command line client help. (#2125)

Close responses when task cancellations occur during stream reading. (#2156)

Fix type error on accessing .request on HTTPError exceptions. (#2158)

Version 0.22.0

0.22.0 (26th January, 2022)

Added

Support for the SOCKS5 proxy protocol via the socksio package. (#2034)

Support for custom headers in multipart/form-data requests (#1936)

Fixed

Don't perform unreliable close/warning on __del__ with unclosed clients. (#2026)

Fix Headers.update(...) to correctly handle repeated headers (#2038)

Version 0.21.3

0.21.3 (6th January, 2022)

Fixed

Fix streaming uploads using SyncByteStream or AsyncByteStream. Regression in 0.21.2. (#2016)

Version 0.21.2

0.21.2 (5th January, 2022)

Fixed

HTTP/2 support for tunnelled proxy cases. (#2009)

Improved the speed of large file uploads. (#1948)

Version 0.21.1

... (truncated)

Changelog

Sourced from httpx's changelog.

0.23.0 (23rd May, 2022)

Changed

Drop support for Python 3.6. (#2097)

Use utf-8 as the default character set, instead of falling back to charset-normalizer for auto-detection. To enable automatic character set detection, see the documentation. (#2165)

Fixed

Fix URL.copy_with for some oddly formed URL cases. (#2185)

Digest authentication should use case-insensitive comparison for determining which algorithm is being used. (#2204)

Fix console markup escaping in command line client. (#1866)

When files are used in multipart upload, ensure we always seek to the start of the file. (#2065)

Ensure that iter_bytes never yields zero-length chunks. (#2068)

Preserve Authorization header for redirects that are to the same origin, but are an http-to-https upgrade. (#2074)

When responses have binary output, don't print the output to the console in the command line client. Use output like <16086 bytes of binary data> instead. (#2076)

Fix display of --proxies argument in the command line client help. (#2125)

Close responses when task cancellations occur during stream reading. (#2156)

Fix type error on accessing .request on HTTPError exceptions. (#2158)

0.22.0 (26th January, 2022)

Added

Support for the SOCKS5 proxy protocol via the socksio package. (#2034)

Support for custom headers in multipart/form-data requests (#1936)

Fixed

Don't perform unreliable close/warning on __del__ with unclosed clients. (#2026)

Fix Headers.update(...) to correctly handle repeated headers (#2038)

0.21.3 (6th January, 2022)

Fixed

Fix streaming uploads using SyncByteStream or AsyncByteStream. Regression in 0.21.2. (#2016)

0.21.2 (5th January, 2022)

Fixed

HTTP/2 support for tunnelled proxy cases. (#2009)

Improved the speed of large file uploads. (#1948)

0.21.1 (16th November, 2021)

Fixed

The response.url property is now correctly annotated as URL, instead of Optional[URL]. (#1940)

... (truncated)

Commits

89cdd90 Version 0.23.0 (#2214)
1c33a28 Make charset auto-detection optional. (#2165)
940d61b Removed curio from async.md (#2240)
14a1704 Switch to explicit typing.Optional throughout (#2096)
9673a35 Drop async_generator requirement (#2228)
5eba32a Remove RequestBodyUnavailable from module docstring (#2226)
6f31bc4 Bump mkdocs-material from 8.1.4 to 8.2.14 (#2218)
c5eb4b8 Bump cryptography from 36.0.2 to 37.0.2 (#2217)
1a526cf Bump actions/checkout from 2 to 3 (#2216)
7a53543 Bump actions/setup-python from 1 to 3 (#2215)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

bridgecrew

Bridgecrew has found errors in this PR ⬇️

bridgecrew · 2023-05-11T16:39:08Z

client/src/resources/contributing/requirements.txt

@@ -25,7 +25,7 @@ h2==3.2.0
 hpack==3.0.0
 hstspreload==2023.1.1
 httpcore==0.9.1
-httpx==0.13.3
+httpx==0.23.0


numpy 1.21.0 / requirements.txt

Total vulnerabilities: 1

Critical: 0 High: 0 Medium: 1 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2021-34141 MEDIUM 5.3 1.22.0 Open

bridgecrew · 2023-05-11T16:39:08Z

client/src/resources/contributing/requirements.txt

@@ -25,7 +25,7 @@
 hpack==3.0.0
 hstspreload==2023.1.1
 httpcore==0.9.1
-httpx==0.13.3
+httpx==0.23.0


pyspark 3.2.0 / requirements.txt

Total vulnerabilities: 6

Critical: 1 High: 3 Medium: 2 Low: 0

Vulnerability ID Severity CVSS Fixed in Status

CVE-2023-22946 CRITICAL 9.9 3.4.0 Open

CVE-2018-11804 HIGH 7.5 - Open

CVE-2022-33891 HIGH 8.8 3.3.0 Open

CVE-2023-32007 HIGH 8.8 3.3.0 Open

CVE-2018-11770 MEDIUM 4.2 - Open

CVE-2022-31777 MEDIUM 5.4 3.2.2 Open

bridgecrew · 2023-05-11T16:39:08Z

client/src/resources/contributing/requirements.txt

@@ -25,7 +25,7 @@
 hpack==3.0.0
 hstspreload==2023.1.1
 httpcore==0.9.1
-httpx==0.13.3
+httpx==0.23.0


streamlit-lottie 0.0.3 / requirements.txt

Unknown License (NOT_FOUND)

This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.

bridgecrew · 2023-05-11T16:39:08Z

client/src/resources/contributing/requirements.txt

@@ -25,7 +25,7 @@
 hpack==3.0.0
 hstspreload==2023.1.1
 httpcore==0.9.1
-httpx==0.13.3
+httpx==0.23.0


googletrans 3.0.0 / requirements.txt

Unknown License (NOT_FOUND)

This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.

bridgecrew · 2023-05-11T16:39:08Z

client/src/resources/contributing/requirements.txt

@@ -25,7 +25,7 @@
 hpack==3.0.0
 hstspreload==2023.1.1
 httpcore==0.9.1
-httpx==0.13.3
+httpx==0.23.0


findspark 1.4.2 / requirements.txt

Unknown License (BSD (3-clause))

This package use a non-SPDX, unrecognized, or private open-source license. Ensure this package is compliant.