Deps: Bump the python-packages group with 15 updates

[dependabot]

Bumps the python-packages group with 15 updates:

Package	From	To
django	2.2.28	4.2.6
djangorestframework	3.11.2	3.14.0
weasyprint	59.0	60.1
rope	1.9.0	1.10.0
sentry-sdk	1.31.0	1.32.0
pylint	2.17.5	2.17.7
cffi	1.15.1	1.16.0
charset-normalizer	3.2.0	3.3.0
coverage	7.3.1	7.3.2
fonttools	4.42.1	4.43.1
packaging	23.1	23.2
pillow	10.0.1	10.1.0
platformdirs	3.10.0	3.11.0
pytoolconfig	1.2.5	1.2.6
rich	13.5.3	13.6.0

Updates django from 2.2.28 to 4.2.6

Commits

• c22017b [4.2.x] Bumped version for 4.2.6 release.
• be9c27c [4.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text....
• 39fc3f4 [4.2.x] Added stub release notes and release date for 4.2.6, 4.1.12, and 3.2.22.
• dd0bf63 [4.2.x] Added warning about flatpages and untrusted users.
• fec4ed0 [4.2.x] Refs #34320 -- Skipped SchemaTests.test_rename_field_with_check_to_tr...
• a148461 [4.2.x] Fixed #34840 -- Avoided casting string base fields on PostgreSQL.
• b08f53f [4.2.x] Refs #34808 -- Doc'd that aggregation functions on empty groups can r...
• c70f08c [4.2.x] Added updating the Django release process on Trac to release steps.
• d485aa2 [4.2.x] Fixed typo in docs/howto/custom-file-storage.txt.
• ff26e6a [4.2.x] Corrected QuerySet.prefetch_related() note about GenericRelation().
• Additional commits viewable in compare view

Updates djangorestframework from 3.11.2 to 3.14.0

Release notes

Sourced from djangorestframework's releases.

Version 3.14.0

• Django 2.2 is no longer supported. #8662
• Django 4.1 compatibility. #8591
• Add --api-version CLI option to generateschema management command. #8663
• Enforce is_valid(raise_exception=False) as a keyword-only argument. #7952
• Stop calling set_context on Validators. #8589
• Return NotImplemented from ErrorDetails.__ne__. #8538
• Don't evaluate DateTimeField.default_timezone when a custom timezone is set. #8531
• Make relative URLs clickable in Browseable API. #8464
• Support ManyRelatedField falling back to the default value when the attribute specified by dot notation doesn't exist. Matches ManyRelatedField.get_attribute to Field.get_attribute. #7574
• Make schemas.openapi.get_reference public. #7515
• Make ReturnDict support dict union operators on Python 3.9 and later. #8302
• Update throttling to check if request.user is set before checking if the user is authenticated. #8370

Version 3.13.1

• Revert schema naming changes with function based @api_view. #8297

Version 3.13.0

• Django 4.0 compatability. #8178
• Add max_length and min_length options to ListSerializer. #8165
• Add get_request_serializer and get_response_serializer hooks to AutoSchema. #7424
• Fix OpenAPI representation of null-able read only fields. #8116
• Respect UNICODE_JSON setting in API schema outputs. #7991
• Fix for RemoteUserAuthentication. #7158
• Make Field constructors keyword-only. #7632

3.12.4

No release notes provided.

Commits

• 2da473c Add 3.14 announcement to the docs
• 58e0a69 Update setup.py to drop Django 2.2 and update release notes (#8666)
• 11bfda9 both statement have dupplicate bodies (#8633)
• 058424c docs: delete duplicate explanation (#8641)
• eb88dfc Add --api-version CLI option to generateschema (#8663)
• f34f156 Remove old deprecation classes for 3.14 release (#8664)
• c6cafc9 Update release-notes.md
• f8b3f38 Update supported versions for 3.14 release (#8662)
• b658915 Version 3.14.0 proposal (#8599)
• 51f1aff Revert 8552 (#8661)
• Additional commits viewable in compare view

Updates weasyprint from 59.0 to 60.1

Release notes

Sourced from weasyprint's releases.

v60.1

Bug fixes

• #1973: Fix crash caused by wrong UTF-8 indices

Contributors

• Guillaume Ayoub

Backers and sponsors

• Spacinov
• Kobalt
• Grip Angebotssoftware
• Manuel Barkhau
• SimonSoft
• Menutech
• KontextWork
• NCC Group
• René Fritz
• Nicola Auchmuty
• Syslifters
• Hammerbacher
• TrainingSparkle
• Daniel Kucharski
• Healthchecks.io
• Yanal-Yvez Fargialla
• WakaTime
• Paheko
• Synapsium
• DocRaptor

v60.0

Read about this release on our blog.

New features

• #1903: Print form fields
• #1922: Add support for textLength and lengthAdjust in SVG text elements
• #1965: Handle <wbr> tag
• #1970: Handle y offset of glyphs
• #1909: Add a --timeout option

Bug fixes

• #1887: Fix footnote-call displayed incorrectly for some fonts
• #1890: Fix page-margin boxes layout algorithm
• #1908: Fix IndexError when rendering PDF version 1.4
• #1906: Apply text transformations to first-letter pseudo elements
• #1915: Avoid footnote appearing before its call

... (truncated)

Changelog

Sourced from weasyprint's changelog.

Version 60.1

Released on 2023-09-29.

Bug fixes:

• [#1973](https://github.com/Kozea/WeasyPrint/issues/1973) <https://github.com/Kozea/WeasyPrint/issues/1973>_: Fix crash caused by wrong UTF-8 indices

Contributors:

• Guillaume Ayoub

Backers and sponsors:

• Spacinov
• Kobalt
• Grip Angebotssoftware
• Manuel Barkhau
• SimonSoft
• Menutech
• KontextWork
• NCC Group
• René Fritz
• Nicola Auchmuty
• Syslifters
• Hammerbacher
• TrainingSparkle
• Daniel Kucharski
• Healthchecks.io
• Yanal-Yvez Fargialla
• WakaTime
• Paheko
• Synapsium
• DocRaptor

Version 60.0

Released on 2023-09-25.

New features:

• [#1903](https://github.com/Kozea/WeasyPrint/issues/1903) <https://github.com/Kozea/WeasyPrint/issues/1903>_: Print form fields
• [#1922](https://github.com/Kozea/WeasyPrint/issues/1922) <https://github.com/Kozea/WeasyPrint/pull/1922>_: Add support for textLength and lengthAdjust in SVG text elements
• [#1965](https://github.com/Kozea/WeasyPrint/issues/1965) <https://github.com/Kozea/WeasyPrint/issues/1965>_:

... (truncated)

Commits

• 01c5e97 Version 60.1
• f5640de Use UTF-8 indices really everywhere
• 563d775 Use "main" as default branch name
• dc6d3fa Version 60.0
• 9596307 Merge pull request #1970 from gauravsamudra/handle-y-offset-of-glyphs
• a8ff8a6 Remove extra line
• cee2a17 Merge pull request #1971 from azhar316/feat-timeout
• d51e211 Fix text rise value
• 29625c6 Fix import order
• 3d91de1 Fix comma removal
• Additional commits viewable in compare view

Updates rope from 1.9.0 to 1.10.0

Changelog

Sourced from rope's changelog.

Release 1.10.0

• #708, #709 Add support for Python 3.12

Commits

• a5fa15b Update CHANGELOG.md
• 0bee51e Bump version
• ef3613b Black
• 00e937c Add build.os key to .readthedocs.yaml
• 3049f35 Update .readthedocs.yaml to use build.tools.python key
• 68630e3 Update readthedocs to use Python 3.11
• cd34ac5 Update current year to 2023
• 11316ec Replace pkg_resources to use importlib
• c4c77d5 Fix deprecation warnings
• 677111a Merge pull request #709 from python-rope/lieryan-py312
• Additional commits viewable in compare view

Updates sentry-sdk from 1.31.0 to 1.32.0

Release notes

Sourced from sentry-sdk's releases.

1.32.0

Various fixes & improvements

• New: Error monitoring for some of the most popular Python GraphQL libraries:

  • Add GQL GraphQL integration (#2368) by @​szokeasaurusrex

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.gql import GQLIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    GQLIntegration(),
    ],
    )

  • Add Graphene GraphQL error integration (#2389) by @​sentrivana

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.graphene import GrapheneIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    GrapheneIntegration(),
    ],
    )

  • Add Strawberry GraphQL error & tracing integration (#2393) by @​sentrivana

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.strawberry import StrawberryIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    # make sure to set async_execution to False if you're executing
    # GraphQL queries synchronously
    StrawberryIntegration(async_execution=True),

... (truncated)

Changelog

Sourced from sentry-sdk's changelog.

1.32.0

Various fixes & improvements

• New: Error monitoring for some of the most popular Python GraphQL libraries:

  • Add GQL GraphQL integration (#2368) by @​szokeasaurusrex

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.gql import GQLIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    GQLIntegration(),
    ],
    )

  • Add Graphene GraphQL error integration (#2389) by @​sentrivana

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.graphene import GrapheneIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    GrapheneIntegration(),
    ],
    )

  • Add Strawberry GraphQL error & tracing integration (#2393) by @​sentrivana

    Usage:

      import sentry_sdk
      from sentry_sdk.integrations.strawberry import StrawberryIntegration
    sentry_sdk.init(
    dsn='PUBLIC_DSN',
    integrations=[
    # make sure to set async_execution to False if you're executing
    # GraphQL queries synchronously

... (truncated)

Commits

• 805fcf1 Tweak changelog
• c515aae release: 1.32.0
• 53a67e0 Fix mypy errors (#2433)
• f067af2 Capture multiple named groups again (#2432)
• b873a31 Add Strawberry GraphQL integration (#2393)
• 1b445c6 feat(metrics): Make a consistent noop flush behavior (#2428)
• 44ae06e lint: fix pre-commit issues (#2424)
• 62dfec9 feat(metrics): Stronger recursion protection (#2426)
• 99aea33 Remove utcnow, utcfromtimestamp deprecated in Python 3.12 (#2415)
• 59a67d3 Update CONTRIBUTING.md (#2411)
• Additional commits viewable in compare view

Updates pylint from 2.17.5 to 2.17.7

Commits

• dade880 Bump pylint to 2.17.7, update changelog (#9084)
• c2907a9 Upgrade astroid to 2.15.8 on 2.17.x branch (#9081)
• aed51a6 Fix crash in refactoring checker from unaryop with variable (#9075) (#9076)
• b8a7cc5 Bump pylint to 2.17.6, update changelog (#9064)
• a88fbd7 Upgrade astroid to 2.15.7
• aea47d1 [unbalanced-tuple-unpacking] Add a regression tests for #7710
• 24786fa Fix Pyreverse duplicate arrows bug (#9029) (#9039)
• 259fbd2 Fix Pyreverse optional annotation bug (#9016) (#9019)
• 094a774 Fix Pyreverse duplicate annotations (#9012) (#9017)
• 79aac5b Fix duplicate fields Pyreverse bug (#9004) (#9011)
• Additional commits viewable in compare view

Updates cffi from 1.15.1 to 1.16.0

Release notes

Sourced from cffi's releases.

v1.16.0

• Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
• Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
• Add support for PEP517 builds; setuptools is now a required build dependency.
• Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
• Move project source under src/; a more standard layout that also enables CI to more easily catch packaging errors.

v1.16.0rc2

• Fix packaging issue in v1.16.0rc1.
• Rearrange project sources (src/ layout) so packaging tests can properly detect similar issues in the future.

Full Changelog: python-cffi/cffi@v1.16.0rc1...v1.16.0rc2

v1.16.0rc1

• Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
• Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
• Move project home to python-cffi/cffi on GitHub.
• Add support for PEP517 builds; setuptools is now a required build dependency.
• Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
• Add missing calls to PyObject_GC_UnTrack to avoid ResourceWarning 15c4b71d5e3f2295c0e4773e99b23ac751e02534

Commits

• ba44abd release 1.16.0 (#17)
• c0ad8d9 Add a tool to update release version numbers (#15)
• e20c65d Release 1.16.0rc2 (#13)
• e98d1bb upgrade setup-qemu-action (#8) (#9)
• 158bc5b add a summary job check for easier automated gating (#6) (#7)
• c062f2c enable weekly 1pm Monday scheduled CI run on release-1.16 (#5)
• e847033 make self-hosted aarch64 mac jobs conditional-ish
• 57ff08e remove obsolete test
• ff11e92 release 1.16.0rc1
• 0dc7805 prepare for 1.16.0rc1
• Additional commits viewable in compare view

Updates charset-normalizer from 3.2.0 to 3.3.0

Release notes

Sourced from charset-normalizer's releases.

Release 3.3.0

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encodings that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

Changelog

Sourced from charset-normalizer's changelog.

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encoding that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.7

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

Commits

• 165211a 🔖 Release 3.3.0 (#353)
• 5aed9a4 🐛 Fix unreachable code in the sorting algorithm of CharsetMatch (#352)
• 061a71b ⬆️ Bump actions/checkout from 4.0.0 to 4.1.0 (#348)
• 88df580 ⬆️ Bump github/codeql-action from 2.21.7 to 2.21.9 (#351)
• aa0234b ⬆️ Bump pypa/cibuildwheel from 2.15.0 to 2.16.0 (#349)
• 58f69f7 ⬆️ Bump github/codeql-action from 2.21.5 to 2.21.7 (#345)
• e7c2d8e ⬆️ Bump docker/setup-qemu-action from 2.2.0 to 3.0.0 (#346)
• 5abf47f ⬆️ Bump pytest from 7.4.1 to 7.4.2 (#342)
• 50a138e ⬆️ Bump actions/checkout from 3.6.0 to 4.0.0 (#343)
• 5da7047 ⬆️ Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#344)
• Additional commits viewable in compare view

Updates coverage from 7.3.1 to 7.3.2

Changelog

Sourced from coverage's changelog.

Version 7.3.2 — 2023-10-02

• The coverage lcov command ignored the [report] exclude_lines and [report] exclude_also settings (issue 1684). This is now fixed, thanks Jacqueline Lee <pull 1685_>.

• Sometimes SQLite will create journal files alongside the coverage.py database files. These are ephemeral, but could be mistakenly included when combining data files. Now they are always ignored, fixing issue 1605_. Thanks to Brad Smith for suggesting fixes and providing detailed debugging.

• On Python 3.12+, we now disable SQLite writing journal files, which should be a little faster.

• The new 3.12 soft keyword type is properly bolded in HTML reports.

• Removed the "fullcoverage" feature used by CPython to measure the coverage of early-imported standard library modules. CPython stopped using it <88054_>_ in 2021, and it stopped working completely in Python 3.13.

.. _issue 1605: nedbat/coveragepy#1605 .. _issue 1684: nedbat/coveragepy#1684 .. _pull 1685: nedbat/coveragepy#1685 .. _88054: python/cpython#88054

.. _changes_7-3-1:

Commits

• a316513 build: fix the pypy wheel arguments
• 7ec2c62 docs: sample HTML for 7.3.2
• ffd954f docs: prep for 7.3.2
• 1ea3907 refactor: don't access frame structs directly
• 7b8dec9 feat!: remove fullcoverage, it doesn't work in 3.13
• 1040bce refactor: remove unused interned strings
• 9ab9e0c fix: 3.12 soft keyword type is bolded in HTML
• 8624ce9 fix: really turn off SQLite journal files on 3.12+
• 604aafa chore: make upgrade
• 7c25ba0 fix: don't combine journal files. #1605
• Additional commits viewable in compare view

Updates fonttools from 4.42.1 to 4.43.1

Release notes

Sourced from fonttools's releases.

4.43.1

• [EBDT] Fixed TypeError exception in _reverseBytes method triggered when dumping some bitmap fonts with ttx -z bitwise option (#3162).
• [v/hhea] Fixed UnboundLocalError exception in recalc method when no vmtx or hmtx tables are present (#3290).
• [bezierTools] Fixed incorrectly typed cython local variable leading to TypeError when calling calcQuadraticArcLength (#3288).
• [feaLib/otlLib] Better error message when building Coverage table with missing glyph (#3286).

4.43.0

• [subset] Set up lxml XMLParser(resolve_entities=False) when parsing OT-SVG documents to prevent XML External Entity (XXE) attacks (9f61271dc): https://codeql.github.com/codeql-query-help/python/py-xxe/
• [varLib.iup] Added workaround for a Cython bug in iup_delta_optimize that was leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas (60126435d, cython/cython#5732).
• [varLib] Added new command-line entry point fonttools varLib.avar to add an avar table to an existing VF from axes mappings in a .designspace file (0a3360e52).
• [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned after VarData optimization (#3268).
• Added support for Python 3.12 (#3283).

Changelog

Sourced from fonttools's changelog.

4.43.1 (released 2023-10-06)

• [EBDT] Fixed TypeError exception in _reverseBytes method triggered when dumping some bitmap fonts with ttx -z bitwise option (#3162).
• [v/hhea] Fixed UnboundLocalError exception in recalc method when no vmtx or hmtx tables are present (#3290).
• [bezierTools] Fixed incorrectly typed cython local variable leading to TypeError when calling calcQuadraticArcLength (#3288).
• [feaLib/otlLib] Better error message when building Coverage table with missing glyph (#3286).

4.43.0 (released 2023-09-29)

• [subset] Set up lxml XMLParser(resolve_entities=False) when parsing OT-SVG documents to prevent XML External Entity (XXE) attacks (9f61271dc): https://codeql.github.com/codeql-query-help/python/py-xxe/
• [varLib.iup] Added workaround for a Cython bug in iup_delta_optimize that was leading to IUP tolerance being incorrectly initialised, resulting in sub-optimal deltas (60126435d, cython/cython#5732).
• [varLib] Added new command-line entry point fonttools varLib.avar to add an avar table to an existing VF from axes mappings in a .designspace file (0a3360e52).
• [instancer] Fixed bug whereby no longer used variation regions were not correctly pruned after VarData optimization (#3268).
• Added support for Python 3.12 (#3283).

Commits

• f8857f6 Release 4.43.1
• bfd5e56 Update changelog [skip ci]
• 5c8bce1 Merge pull request #3162 from robhagemans/bugfix-ebdt-reversebytes
• 6288e9e Merge pull request #3290 from fonttools/vhhea-without-vhmtx
• 442576f Fix UnbouldLocalError and let {h,v}hea be no-op when no {v,h}mtx is present
• 4e2f80c Merge pull request #3288 from fonttools/fix-calc-quadratic-arc-length
• 21dea1e fix incorrectly typed cython local variable
• c5295d2 Better OTL builder errors (#3286)
• 05dc231 Create SECURITY.md
• f95105b Bump version: 4.43.0 → 4.43.1.dev0
• Additional commits viewable in compare view

Updates packaging from 23.1 to 23.2

Release notes

Sourced from packaging's releases.

23.2

What's Changed

• parse_marker should consume the entire source string by @​mwerschy in pypa/packaging#687
• Create a Security Policy file by @​joycebrum in pypa/packaging#695
• Add python 3.12 to CI by @​mayeut in pypa/packaging#689
• Remove URL validation from requirement parsing by @​uranusjr in pypa/packaging#684
• Add types for packaging.version._Version by @​hauntsaninja in pypa/packaging#665
• Add PyPy 3.10 to CI by @​mayeut in pypa/packaging#699
• Remove unused argument in _manylinux._is_compatible by @​mayeut in pypa/packaging#700
• Canonicalize names for requirements comparison by @​astrojuanlu in pypa/packaging#696
• Add platform tag support for LoongArch by @​loongson-zn in pypa/packaging#693
• Ability to install armv7l manylinux/musllinux wheels on armv8l by @​mayeut in pypa/packaging#690
• Include CHANGELOG.rst in sdist by @​astrojuanlu in pypa/packaging#704
• Update pyupgrade to Python 3.7+ by @​fangchenli in pypa/packaging#580
• Fix version pattern pre-releases by @​deathaxe in pypa/packaging#705
• Fix typos found by codespell by @​DimitriPapadopoulos in pypa/packaging#706
• Support enriched metadata by @​brettcannon in pypa/packaging#686
• Correct rST syntax in CHANGELOG.rst by @​atugushev in pypa/packaging#709
• fix: platform tag for GraalPy by @​mayeut in pypa/packaging#711
• Document that this library uses a calendar-based versioning scheme by @​faph in pypa/packaging#717
• fix: Update copyright date for docs by @​garrypolley in pypa/packaging#713
• Bump pip version to avoid known vulnerabilities by @​joycebrum in pypa/packaging#720
• Typing annotations fixed in version.py by @​jolaf in pypa/packaging#723
• parse_{sdist,wheel}_filename: don't raise InvalidVersion by @​SpecLad in pypa/packaging#721
• Fix code blocks in CHANGELOG.md by @​edmorley in pypa/packaging#724

New Contributors

• @​mwerschy made their first contribution in pypa/packaging#687
• @​joycebrum made their first contribution in pypa/packaging#695
• @​astrojuanlu made their first contribution in pypa/packaging#696
• @​loongson-zn made their first contribution in pypa/packaging#693
• @​fangchenli made their first contribution in pypa/packaging#580
• @​deathaxe made their first contribution in pypa/packaging#705
• @​DimitriPapadopoulos made their first contribution in pypa/packaging#706
• @​atugushev made their first contribution in pypa/packaging#709
• @​faph made their first contribution in pypa/packaging#717
• @​garrypolley made their first contribution in pypa/packaging#713
• @​jolaf made their first contribution in pypa/packaging#723
• @​SpecLad made their first contribution in pypa/packaging#721
• @​edmorley made their first contribution in pypa/packaging#724

Full Changelog: pypa/packaging@23.1...23.2

Changelog

Sourced from packaging's changelog.

23.2 - 2023-10-01

* Document calendar-based versioning scheme (:issue:`716`)
* Enforce that the entire marker string is parsed (:issue:`687`)
* Requirement parsing no longer automatically validates the URL (:issue:`120`)
* Canonicalize names for requirements comparison (:issue:`644`)
* Introduce ``metadata.Metadata`` (along with ``metadata.ExceptionGroup`` and ``metadata.InvalidMetadata``; :issue:`570`)
* Introduce the ``validate`` keyword parameter to ``utils.validate_name()`` (:issue:`570`)
* Introduce ``utils.is_normalized_name()`` (:issue:`570`)
* Make ``utils.parse_sdist_filename()`` and ``utils.parse_wheel_filename()``
  raise ``InvalidSdistFilename`` and ``InvalidWheelFilename``, respectively,
  when the version component of the name is invalid

Commits

• b3a5d7d Bump for release
• d7ce40d Fix code blocks in CHANGELOG.md (#724)
• 524b701 parse_{sdist,wheel}_filename: don't raise InvalidVersion (#721)
• b509bef Typing annotations fixed (#723)
• 0206c39 Bump pip version to avoid known vulnerabilities (#720)
• 7023537 fix: Update copyright date for docs (#713)
• 39786bb Document use of calendar-based versioning scheme (#717)
• c1346df fix: Detect when a platform is 32-bit more accurately (#711)
• 7e68d82 Correct rST syntax in CHANGELOG.rst (#709)
• 61e6efb Support enriched metadata in packaging.metadata (#686)
• Additional commits viewable in compare view

Updates pillow from 10.0.1 to 10.1.0

Release notes

Sourced from pillow's releases.

10.1.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.1.0.html

Changes

• Added TrueType default font to allow for different sizes #7354 [@​radarhere]
• Fixed invalid argument warning #7442 [@​radarhere]
• Fixed "may be used uninitialized" warning #7444 [@​radarhere]
• Added ImageOps cover method #7412 [@​radarhere]
• Catch struct.error from truncated EXIF when reading JPEG DPI #7458 [@​radarhere]
• Consider default image when selecting mode for PNG save_all #7437 [@​radarhere]
• Use new() instead of Image()._new() #7460 [@​radarhere]
• Fix libbrotli build for Windows wheels #7453 [@​nulano]
• Allow custom builds to be triggered in Travis CI #7449 [@​radarhere]
• Support BGR;15, BGR;16 and BGR;24 access, unpacking and putdata #7303 [@​radarhere]
• Added CMYK to RGB unpacker #7310 [@​radarhere]
• Improved flexibility of XMP parsing #7274 [@​radarhere]
• Support reading 8-bit YCbCr TIFF images #7415 [@​radarhere]
• Allow saving I;16B images as PNG #7302 [@​radarhere]
• Corrected drawing I;16 points and writing I;16 text #7257 [@​radarhere]
• Set blue channel to 128 for BC5S #7413 [@​radarhere]
• Increase flexibility when reading IPTC fields #7319 [@​radarhere]
• Set C palette to be empty by default #7289 [@​radarhere]
• Moved getmask2 MAX_IMAGE_PIXELS check to Python #7247 [@​radarhere]
• Added gs_binary to co...

  Description has been truncated

[codecov]

Codecov Report

Merging #829 (9dbf98a) into main (f312b04) will increase coverage by 0.07%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #829      +/-   ##
==========================================
+ Coverage   88.58%   88.65%   +0.07%     
==========================================
  Files          35       35              
  Lines        1331     1331              
==========================================
+ Hits         1179     1180       +1     
+ Misses        152      151       -1     

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.