Scheduled weekly dependency update for week 22

[pyup-bot]

Update Sphinx from 7.0.0 to 7.0.1.

Changelog

7.0.1

=====================================

Dependencies
------------

* 11411: Support `Docutils 0.20`_. Patch by Adam Turner.

.. _Docutils 0.20: https://docutils.sourceforge.io/RELEASE-NOTES.html#release-0-20-2023-05-04

Bugs fixed
----------

* 11418: Clean up remaining references to ``sphinx.setup_command``
following the removal of support for setuptools.
Patch by Willem Mulder.

Links

• PyPI: https://pypi.org/project/sphinx
• Changelog: https://pyup.io/changelogs/sphinx/

Update setuptools from 67.7.2 to 67.8.0.

Changelog

67.8.0

-------


Changes
^^^^^^^
* 3128: In deprecated easy_install, reload and merge the pth file before saving.

Misc
^^^^
* 3915: Adequate tests to the latest changes in ``virtualenv`` for Python 3.12.

Links

• PyPI: https://pypi.org/project/setuptools
• Changelog: https://pyup.io/changelogs/setuptools/
• Repo: https://github.com/pypa/setuptools

Update certifi from 2022.12.7 to 2023.5.7.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/certifi
• Repo: https://github.com/certifi/python-certifi

Update hiredis from 2.2.2 to 2.2.3.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/hiredis
• Changelog: https://pyup.io/changelogs/hiredis/
• Repo: https://github.com/redis/hiredis-py

Update mmh3 from 3.1.0 to 4.0.0.

Changelog

4.0.0

* Add experimental support for `hashlib`-compliant hasher classes (<https://github.com/hajimes/mmh3/issues/39>). Note that they are not yet fully tuned for performance.
* Add support for type hints (<https://github.com/hajimes/mmh3/issues/44>).
* Add wheels for more platforms (`musllinux`, `s390x`, `win_arm64`, and `macosx_universal2`).
* Drop support for Python 3.7, as it will reach the end of life on 2023-06-27.
* Switch license from CC0 to MIT (<https://github.com/hajimes/mmh3/issues/43>).
* Add a code of conduct (the ACM Code of Ethics and Professional Conduct).
* Backward incompatible changes:
* A hash function now returns the same value under big-endian platforms as that under little-endian ones (<https://github.com/hajimes/mmh3/issues/47>).
* Remove the `__version__` constant from the module (<https://github.com/hajimes/mmh3/issues/42>). Use `importlib.metadata` instead.

Links

• PyPI: https://pypi.org/project/mmh3
• Changelog: https://pyup.io/changelogs/mmh3/

Update python-datauri from 1.1.0 to 2.0.0.

Changelog

Links

• PyPI: https://pypi.org/project/python-datauri
• Changelog: https://pyup.io/changelogs/python-datauri/
• Repo: https://github.com/fcurella/python-datauri/

Update redis[hiredis] from 4.5.4 to 4.5.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/redis
• Changelog: https://pyup.io/changelogs/redis/
• Repo: https://github.com/redis/redis-py

Update requests[socks] from 2.29.0 to 2.31.0.

Changelog

2.31.0

-------------------

**Security**
- Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of `Proxy-Authorization` headers to destination servers when
following HTTPS redirects.

When proxies are defined with user info (https://user:passproxy:8080), Requests
will construct a `Proxy-Authorization` header that is attached to the request to
authenticate with the proxy.

In cases where Requests receives a redirect response, it previously reattached
the `Proxy-Authorization` header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are *strongly* encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.

Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.

Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q)
and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681).

2.30.0

-------------------

**Dependencies**
- ⚠️ Added support for urllib3 2.0. ⚠️

This may contain minor breaking changes so we advise careful testing and
reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html
prior to upgrading.

Users who wish to stay on urllib3 1.x can pin to `urllib3<2`.

Links

• PyPI: https://pypi.org/project/requests
• Changelog: https://pyup.io/changelogs/requests/
• Docs: https://requests.readthedocs.io

Update selenium from 4.9.0 to 4.9.1.

Changelog

4.9.1

* Add CDP files for v113 and remove v110
* Minor fixes for docstring and dictionary declarations (11975)
* Update logging to match other bindings (11990)
* Support newer versions of urllib3 (11993)

Links

• PyPI: https://pypi.org/project/selenium
• Changelog: https://pyup.io/changelogs/selenium/
• Homepage: https://www.selenium.dev

Update typing-extensions from 4.5.0 to 4.6.2.

Changelog

4.6.2

- Fix use of `deprecated` on classes with `__new__` but no `__init__`.
Patch by Jelle Zijlstra.
- Fix regression in version 4.6.1 where comparing a generic class against a
runtime-checkable protocol using `isinstance()` would cause `AttributeError`
to be raised if using Python 3.7.

4.6.1

- Change deprecated `runtime` to formal API `runtime_checkable` in the error
message. Patch by Xuehai Pan.
- Fix regression in 4.6.0 where attempting to define a `Protocol` that was
generic over a `ParamSpec` or a `TypeVarTuple` would cause `TypeError` to be
raised. Patch by Alex Waygood.

4.6.0

- `typing_extensions` is now documented at
https://typing-extensions.readthedocs.io/en/latest/. Patch by Jelle Zijlstra.
- Add `typing_extensions.Buffer`, a marker class for buffer types, as proposed
by PEP 688. Equivalent to `collections.abc.Buffer` in Python 3.12. Patch by
Jelle Zijlstra.
- Backport two CPython PRs fixing various issues with `typing.Literal`:
https://github.com/python/cpython/pull/23294 and
https://github.com/python/cpython/pull/23383. Both CPython PRs were
originally by Yurii Karabas, and both were backported to Python >=3.9.1, but
no earlier. Patch by Alex Waygood.

A side effect of one of the changes is that equality comparisons of `Literal`
objects will now raise a `TypeError` if one of the `Literal` objects being
compared has a mutable parameter. (Using mutable parameters with `Literal` is
not supported by PEP 586 or by any major static type checkers.)
- `Literal` is now reimplemented on all Python versions <= 3.10.0. The
`typing_extensions` version does not suffer from the bug that was fixed in
https://github.com/python/cpython/pull/29334. (The CPython bugfix was
backported to CPython 3.10.1 and 3.9.8, but no earlier.)
- Backport [CPython PR 26067](https://github.com/python/cpython/pull/26067)
(originally by Yurii Karabas), ensuring that `isinstance()` calls on
protocols raise `TypeError` when the protocol is not decorated with
`runtime_checkable`. Patch by Alex Waygood.
- Backport several significant performance improvements to runtime-checkable
protocols that have been made in Python 3.12 (see
https://github.com/python/cpython/issues/74690 for details). Patch by Alex
Waygood.

A side effect of one of the performance improvements is that the members of
a runtime-checkable protocol are now considered “frozen” at runtime as soon
as the class has been created. Monkey-patching attributes onto a
runtime-checkable protocol will still work, but will have no impact on
`isinstance()` checks comparing objects to the protocol. See
["What's New in Python 3.12"](https://docs.python.org/3.12/whatsnew/3.12.html#typing)
for more details.
- `isinstance()` checks against runtime-checkable protocols now use
`inspect.getattr_static()` rather than `hasattr()` to lookup whether
attributes exist (backporting https://github.com/python/cpython/pull/103034).
This means that descriptors and `__getattr__` methods are no longer
unexpectedly evaluated during `isinstance()` checks against runtime-checkable
protocols. However, it may also mean that some objects which used to be
considered instances of a runtime-checkable protocol on older versions of
`typing_extensions` may no longer be considered instances of that protocol
using the new release, and vice versa. Most users are unlikely to be affected
by this change. Patch by Alex Waygood.
- Backport the ability to define `__init__` methods on Protocol classes, a
change made in Python 3.11 (originally implemented in
https://github.com/python/cpython/pull/31628 by Adrian Garcia Badaracco).
Patch by Alex Waygood.
- Speedup `isinstance(3, typing_extensions.SupportsIndex)` by >10x on Python
<3.12. Patch by Alex Waygood.
- Add `typing_extensions` versions of `SupportsInt`, `SupportsFloat`,
`SupportsComplex`, `SupportsBytes`, `SupportsAbs` and `SupportsRound`. These
have the same semantics as the versions from the `typing` module, but
`isinstance()` checks against the `typing_extensions` versions are >10x faster
at runtime on Python <3.12. Patch by Alex Waygood.
- Add `__orig_bases__` to non-generic TypedDicts, call-based TypedDicts, and
call-based NamedTuples. Other TypedDicts and NamedTuples already had the attribute.
Patch by Adrian Garcia Badaracco.
- Add `typing_extensions.get_original_bases`, a backport of
[`types.get_original_bases`](https://docs.python.org/3.12/library/types.html#types.get_original_bases),
introduced in Python 3.12 (CPython PR
https://github.com/python/cpython/pull/101827, originally by James
Hilton-Balfe). Patch by Alex Waygood.

This function should always produce correct results when called on classes
constructed using features from `typing_extensions`. However, it may
produce incorrect results when called on some `NamedTuple` or `TypedDict`
classes that use `typing.{NamedTuple,TypedDict}` on Python <=3.11.
- Constructing a call-based `TypedDict` using keyword arguments for the fields
now causes a `DeprecationWarning` to be emitted. This matches the behaviour
of `typing.TypedDict` on 3.11 and 3.12.
- Backport the implementation of `NewType` from 3.10 (where it is implemented
as a class rather than a function). This allows user-defined `NewType`s to be
pickled. Patch by Alex Waygood.
- Fix tests and import on Python 3.12, where `typing.TypeVar` can no longer be
subclassed. Patch by Jelle Zijlstra.
- Add `typing_extensions.TypeAliasType`, a backport of `typing.TypeAliasType`
from PEP 695. Patch by Jelle Zijlstra.
- Backport changes to the repr of `typing.Unpack` that were made in order to
implement [PEP 692](https://peps.python.org/pep-0692/) (backport of
https://github.com/python/cpython/pull/104048). Patch by Alex Waygood.

Links

• PyPI: https://pypi.org/project/typing-extensions
• Changelog: https://pyup.io/changelogs/typing-extensions/

Update urllib3[secure] from 2.0.1 to 2.0.2.

Changelog

2.0.2

==================

- Fixed ``HTTPResponse.stream()`` to continue yielding bytes if buffered decompressed data
was still available to be read even if the underlying socket is closed. This prevents
a compressed response from being truncated. (`3009 <https://github.com/urllib3/urllib3/issues/3009>`__)

Links

• PyPI: https://pypi.org/project/urllib3
• Changelog: https://pyup.io/changelogs/urllib3/