Bump the pip group across 2 directories with 11 updates

[dependabot]

Bumps the pip group with 10 updates in the / directory:

Package	From	To
jinja2	3.1.2	3.1.5
lightgbm	3.3.2	4.6.0
certifi	2022.6.15	2024.7.4
grpcio	1.47.0	1.53.2
idna	3.3	3.7
joblib	1.1.0	1.3.2
oauthlib	3.2.0	3.2.2
pydantic	1.9.1	1.10.13
tqdm	4.64.0	4.66.3
urllib3	1.26.10	1.26.19

Bumps the pip group with 2 updates in the /truss/templates/xgboost directory: scikit-learn and joblib.

Updates jinja2 from 3.1.2 to 3.1.5

Release notes

Sourced from jinja2's releases.

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. #2032
• Calling sync render for an async template uses asyncio.run. #1952
• Avoid unclosed auto_aiter warnings. #1960
• Return an aclose-able AsyncGenerator from Template.generate_async. #1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
• Avoid leaving async generators unclosed in blocks, includes and extends. #1960
• The runtime uses the correct concat function for the current environment when calling block references. #1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
• |int filter handles OverflowError from scientific notation. #1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
• Fix copy/pickle support for the internal missing object. #2027
• Environment.overlay(enable_async) is applied correctly. #2061
• The error message from FileSystemLoader includes the paths that were searched. #1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
• Improve annotations for methods returning copies. #1880
• urlize does not add mailto: to values like @a@b. #1870
• Tests decorated with @pass_context can be used with the |select filter. #1624
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

3.1.3

This is a fix release for the 3.1.x feature branch.

• Fix for GHSA-h5c8-rqwp-cp95. You are affected if you are using xmlattr and passing user input as attribute keys.
• Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-3
• Milestone: https://github.com/pallets/jinja/milestone/15?closed=1

Changelog

Sourced from jinja2's changelog.

Version 3.1.5

Released 2024-12-21

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
• Calling sync render for an async template uses asyncio.run. :pr:1952
• Avoid unclosed auto_aiter warnings. :pr:1960
• Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
• Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
• The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
• |int filter handles OverflowError from scientific notation. :issue:1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
• Fix copy/pickle support for the internal missing object. :issue:2027
• Environment.overlay(enable_async) is applied correctly. :pr:2061
• The error message from FileSystemLoader includes the paths that were searched. :issue:1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
• Improve annotations for methods returning copies. :pr:1880
• urlize does not add mailto: to values like @a@b. :pr:1870
• Tests decorated with @pass_context`` can be used with the ``|select`` filter. :issue:1624`
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. :issue:1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. :issue:1253

... (truncated)

Commits

• 877f6e5 release version 3.1.5
• 8d58859 remove test pypi
• eda8fe8 update dev dependencies
• c8fdce1 Fix bug involving calling set on a template parameter within all branches of ...
• 66587ce Fix bug where set would sometimes fail within if
• fbc3a69 Add support for namespaces in tuple parsing (#1664)
• b8f4831 more comments about nsref assignment
• ee83219 Add support for namespaces in tuple assignment
• 1d55cdd Triple quotes in docs (#2064)
• 8a8eafc edit block assignment section
• Additional commits viewable in compare view

Updates lightgbm from 3.3.2 to 4.6.0

Release notes

Sourced from lightgbm's releases.

v4.6.0

Changes

💡 New Features

• [CUDA] fix setting of CUDA architectures and enable support for NVIDIA Blackwell @​StrikerRUS (#6812)
• [python-package] support Python 3.13 @​jameslamb (#6668)
• [GPU] Add support for linear tree with device=gpu @​dragonbra (#6567)
• [c++] Add Bagging by Query for Lambdarank @​shiyu1994 (#6623)

🔨 Breaking

• [R-package] require lgb.Dataset, remove support for passing 'colnames' and 'categorical_feature' for lgb.train() and lgb.cv() @​jameslamb (#6714)
• [python-package] support sub-classing scikit-learn estimators @​jameslamb (#6783)
• [python-package] do not copy column-major numpy arrays when creating Dataset from list of arrays @​jmoralez (#6773)
• [python-package] remove support for passing 'feature_name' and 'categorical_feature' through train() and cv() @​jameslamb (#6706)
• [python-package] require scikit-learn>=0.24.2, make scikit-learn estimators compatible with scikit-learn>=1.6.0dev @​vnherdeiro (#6651)
• [ci] Require CMake 3.28 and replace FetchContent_Populate with FetchContent_MakeAvailable @​StrikerRUS (#6550)

🚀 Efficiency Improvement

• [python-package] do not copy column-major numpy arrays when predicting @​jmoralez (#6751)
• [python-package] do not copy column-major numpy arrays when creating Dataset @​jmoralez (#6721)

🐛 Bug Fixes

• [python-package] Separately check whether pyarrow and cffi are installed @​mlondschien (#6785)
• [c++] Fixed Predictor lifecycle and trees initialization in Contrib mode @​AndreyOrb (#6778)
• [python-package] Infer feature names from pyarrow.Table @​mlondschien (#6781)
• [python-package] Fix inconsistency in predict() output shape for 1-tree models @​RektPunk (#6753)
• [fix] resolve potential attack in linker connection building @​shiyu1994 (#6752)
• [R-package] Avoid bashisms (non-POSIX code) in R-package/configure @​smoser (#6746)
• [c++] fix parallel_tree_learner_split_info @​moming39 (#6738)
• [c++] Fix dump_model() information for root node @​neNasko1 (#6569)
• [cmake] [R-package] include R-for-macOS vendored libs dir in OpenMP search path (fixes #6628) @​jameslamb (#6629)
• [R-package] only warn about early stopping and DART boosting being incompatible if early stopping was requested @​serkor1 (#6619)
• [cmake] fixes static build for macos with OpenMP enabled (fixes #6601) @​Mottl (#6600)

📖 Documentation

• [docs] update installation guide @​StrikerRUS (#6696)
• [docs] add note about pyodide support @​jameslamb (#6715)
• [docs] Remove only cpu note due to gpu support for linear trees @​JAroyan (#6686)
• [docs] fix inaccurate comment for force_col_wise param with CUDA version @​StrikerRUS (#6695)
• [docs] group logically external projects in README and add some new libraries @​StrikerRUS (#6691)
• [docs] use consistent naming for R-package and Python-package across the repo @​StrikerRUS (#6655)
• [docs] add supertree in README @​pplonski (#6625)
• [docs] unify language and make small improvements in some param descriptions @​StrikerRUS (#6618)
• [doc] Updates Rust bindings library link in README.md @​Mottl (#6611)
• [R-package] [docs] update cran-comments for v4.5.0 release @​jameslamb (#6578)

... (truncated)

Commits

• d02a01a release v4.6.0 (#6796)
• d24260f [R-package] require lgb.Dataset, remove support for passing 'colnames' and 'c...
• c6d90bc [python-package] support sub-classing scikit-learn estimators (#6783)
• 768f642 [c++] update to fmt 11.1.2, fast_double_parser 0.8.0 (#6802)
• 1531d87 [ci] fix valgrind workflow (#6816)
• 188f1be [ci] validate pyproject file by json schema (#6813)
• 81922a7 [ci] [python-package] update pre-commit hooks to latest versions (#6817)
• 2db0b25 [python-package] Separately check whether pyarrow and cffi are installed ...
• c9de57b [CUDA] fix setting of CUDA architectures and enable support for NVIDIA Blackw...
• f2b959c [ci]: Bump release-drafter/release-drafter from 6.0.0 to 6.1.0 in the ci-depe...
• Additional commits viewable in compare view

Updates certifi from 2022.6.15 to 2024.7.4

Commits

• bd81538 2024.07.04 (#295)
• 06a2cbf Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (#294)
• 13bba02 Bump actions/checkout from 4.1.6 to 4.1.7 (#293)
• e8abcd0 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#292)
• 124f4ad 2024.06.02 (#291)
• c2196ce --- (#290)
• fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
• 3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
• 4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
• 1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
• Additional commits viewable in compare view

Updates grpcio from 1.47.0 to 1.53.2

Release notes

Sourced from grpcio's releases.

Release v1.53.2

This is release gRPC Core 1.53.2 (glockenspiel).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

Core

• [backport][iomgr][EventEngine] Improve server handling of file descriptor exhaustion by @​drfloob in grpc/grpc#33672

Release v1.53.1

This is release gRPC Core 1.53.1 (glockenspiel).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

• Fixed CVE-2023-32731
• Fixed CVE-2023-32732

Release v1.53.0

This is release 1.53.0 (glockenspiel) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

• xDS: fix crash when removing the last endpoint from the last locality in weighted_target. (#32592)
• filter stack: pass peer name up via recv_initial_metadata batch. (#31933)
• [EventEngine] Add advice against blocking work in callbacks. (#32397)
• [http2] Dont drop connections on metadata limit exceeded. (#32309)
• xDS: reject aggregate cluster with empty cluster list. (#32238)
• Fix Python epoll1 Fork Support. (#32196)
• server: introduce ServerMetricRecorder API and move per-call reporting from a C++ interceptor to a C-core filter. (#32106)
• [EventEngine] Add invalid handle types to the public API. (#32202)
• [EventEngine] Refactoring the EventEngine Test Suite: Part 1. (#32127)
• xDS: fix WeightedClusters total weight handling. (#32134)

C++

• Update minimum MSVC version to 2019. (#32615)
• Use CMake variables for paths in pkg-config files. (#31671)

... (truncated)

Commits

• afb307f [v1.53.x][Interop] Backport Python image update (#33864)
• 7a9373b [Backport] [dependency] Restrict cython to less than 3.X (#33770)
• fdb64a6 [v1.53][Build] Update Phusion baseimage (#33767) (#33836)
• cdf4186 [PSM Interop] Legacy tests: fix xDS test client build (v1.53.x backport) (#33...
• ce5b93a [PSM Interop] Legacy test builds always pull the driver from master (v1.53.x ...
• b24b6ea [release] Bump release version to 1.53.2 (#33709)
• 1e86ca5 [backport][iomgr][EventEngine] Improve server handling of file descriptor exh...
• aff3066 [PSM interop] Don't fail url_map target if sub-target already failed (v1.53.x...
• 539d75c [PSM interop] Don't fail target if sub-target already failed (#33222) (v1.53....
• 3e79c88 [Release] Bump version to 1.53.1 (on v1.53.x branch) (#33047)
• Additional commits viewable in compare view

Updates idna from 3.3 to 3.7

Release notes

Sourced from idna's releases.

v3.7

What's Changed

• Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

Changelog

Sourced from idna's changelog.

3.7 (2024-04-11) ++++++++++++++++

• Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

3.6 (2023-11-25) ++++++++++++++++

• Fix regression to include tests in source distribution.

3.5 (2023-11-24) ++++++++++++++++

• Update to Unicode 15.1.0
• String codec name is now "idna2008" as overriding the system codec "idna" was not working.
• Fix typing error for codec encoding
• "setup.cfg" has been added for this release due to some downstream lack of adherence to PEP 517. Should be removed in a future release so please prepare accordingly.
• Removed reliance on a symlink for the "idna-data" tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives.
• Added security reporting protocol for project

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions to this release.

3.4 (2022-09-14) ++++++++++++++++

• Update to Unicode 15.0.0
• Migrate to pyproject.toml for build information (PEP 621)
• Correct another instance where generic exception was raised instead of IDNAError for malformed input
• Source distribution uses zeroized file ownership for improved reproducibility

Thanks to Seth Michael Larson for contributions to this release.

Commits

• 1d365e1 Release v3.7
• c1b3154 Merge pull request #172 from kjd/optimize-contextj
• 0394ec7 Merge branch 'master' into optimize-contextj
• cd58a23 Merge pull request #152 from elliotwutingfeng/dev
• 5beb28b More efficient resolution of joiner contexts
• 1b12148 Update ossf/scorecard-action to v2.3.1
• d516b87 Update Github actions/checkout to v4
• c095c75 Merge branch 'master' into dev
• 60a0a4c Fix typo in GitHub Actions workflow key
• 5918a0e Merge branch 'master' into dev
• Additional commits viewable in compare view

Updates joblib from 1.1.0 to 1.3.2

Release notes

Sourced from joblib's releases.

Joblib 1.3.2

Bug fix release

What's Changed

• FIX treat n_jobs=None as if left to its default value by @​jeremiedbb in joblib/joblib#1475

• FIX Init logger parent class in Parallel by @​fcharras in joblib/joblib#1494

• MNT remove unnecessary .bck file by @​lesteve in joblib/joblib#1480

• MTN adjust test regex for Python 3.12 improved error message by @​hroncok in joblib/joblib#1476

• DOC add public documentation for parallel_backend by @​glemaitre in joblib/joblib#1481

• FIX flake8 new E721: type comparison by @​tomMoral in joblib/joblib#1492

New Contributors

• @​hroncok made their first contribution in joblib/joblib#1476

Full Changelog: joblib/joblib@1.3.1...1.3.2

Joblib 1.3.1

What's Changed

• RELEASE joblib 1.3.1 - bugfix release - vendoring loky 3.4.1 for compatibility by @​tomMoral in joblib/joblib#1472

Full Changelog: joblib/joblib@1.3.0...1.3.1

1.3.0

What's Changed

• DOC: Document cache hit function by @​larsoner in joblib/joblib#1343
• DOC: Document call better by @​larsoner in joblib/joblib#1348
• Ensure native byte order for memmap. by @​cmarmo in joblib/joblib#1354
• Drop runtime dependency on distutils by @​PeterJCLaw in joblib/joblib#1361
• Add environment variable to change default parallel backend by @​lesteve in joblib/joblib#1356
• Fix memmapping_reducer when 'os' has no attribute 'statvfs' by @​rth in joblib/joblib#1366
• Move the metadata into pyproject.toml by @​KOLANICH in joblib/joblib#1382
• MAINT pin flake8<6 on the CI by @​ogrisel in joblib/joblib#1383
• TST Close client in test_pickle_in_socket by @​lesteve in joblib/joblib#1387
• Do not swallow PicklingError by @​Nielius in joblib/joblib#1359
• FIX Avoid collisions when caching nested functions by @​cache-missing in joblib/joblib#1374
• CI/TST provide more informative traceback in case of a deadlock in tests by @​fcharras in joblib/joblib#1379
• FIX heisenfailure in doc/memory.rst by @​ogrisel in joblib/joblib#1396
• MAINT Explicit support for Python 3.11 by @​jjerphan in joblib/joblib#1389
• MNT Use faulthandler rather than custom autokill logic by @​lesteve in joblib/joblib#1398
• BENCH add benchmark script for n_jobs=1 by @​tomMoral in joblib/joblib#1400
• TST Fix test_nested_parallel_warnings_parent_backend for Python nogil by @​lesteve in joblib/joblib#1394
• TST Fix test_memmapping for Python nogil by @​lesteve in joblib/joblib#1395
• MAINT Clean deprecations by @​jeremiedbb in joblib/joblib#1397
• ENH make temp resource cleanup safer by @​tomMoral in joblib/joblib#1391
• MAINT Simplify warning in _persist_input by @​jjerphan in joblib/joblib#1390
• MNT Use full flake8 rather than flake8_diff.sh by @​lesteve in joblib/joblib#1415
• Update Dask backend by @​scharlottej13 in joblib/joblib#1411

... (truncated)

Changelog

Sourced from joblib's changelog.

Release 1.3.2 -- 2023/08/08

• Fix a regression in joblib.Parallel introduced in 1.3.0 where explicitly setting n_jobs=None was not interpreted as "unset". joblib/joblib#1475

• Fix a regression in joblib.Parallel introduced in 1.3.0 where joblib.Parallel logging methods exposed from inheritance to joblib.Logger didn't work because of missing logger initialization. joblib/joblib#1494

• Various maintenance updates to the doc, the ci and the test. joblib/joblib#1480, joblib/joblib#1481, joblib/joblib#1476, joblib/joblib#1492

Release 1.3.1 -- 2023/06/29

• Fix compatibility with python 3.7 by vendor loky 3.4.1 which is compatible with this version. joblib/joblib#1472

Release 1.3.0 -- 2023/06/28

• Ensure native byte order for memmap arrays in joblib.load. joblib/joblib#1353

• Add ability to change default Parallel backend in tests by setting the JOBLIB_TESTS_DEFAULT_PARALLEL_BACKEND environment variable. joblib/joblib#1356

• Fix temporary folder creation in joblib.Parallel on Linux subsystems on Windows which do have /dev/shm but don't have the os.statvfs function joblib/joblib#1353

• Drop runtime dependency on distutils. distutils is going away in Python 3.12 and is deprecated from Python 3.10 onwards. This import was kept around to avoid breaking scikit-learn, however it's now been long enough since scikit-learn deployed a fixed (version 1.1 was released in May 2022) that it should be safe to remove this. joblib/joblib#1361

• A warning is raised when a pickling error occurs during caching operations. In version 1.5, this warning will be turned into an error. For all other

... (truncated)

Commits

• 942a410 RELEASE 1.3.2 - bugfix release (#1493)
• 85ab836 FIX init logger parent class in Parallel (#1494)
• 3d56c25 MTN fix flake8 new error E721: type comparison (#1492)
• 0c57c18 TST adjust test_regex for Python 3.12 abstract method error (#1476)
• 4ccc02d FIX n_jobs=None behavior in Parallel and config contexts (#1475)
• 8be8d32 DOC add public documentation for parallel_backend (#1481)
• 3c314c1 MNT remove unnecessary file (#1480)
• 476ff8e RELEASE joblib 1.3.1 - bugfix release - vendoring loky 3.4.1 for compatibilit...
• b9be27d MTN back to dev mode
• 22ff2de RELEASE 1.3.0 (#1466)
• Additional commits viewable in compare view

Updates oauthlib from 3.2.0 to 3.2.2

Release notes

Sourced from oauthlib's releases.

3.2.2

OAuth2.0 Provider:

• CVE-2022-36087

3.2.1

In short

OAuth2.0 Provider:

• #803 : Metadata endpoint support of non-HTTPS

OAuth1.0:

• #818 : Allow IPv6 being parsed by signature

General:

• Improved and fixed documentation warnings.
• Cosmetic changes based on isort

What's Changed

• add missing slots to TokenBase by @​ariebovenberg in oauthlib/oauthlib#804
• Add CORS support for Refresh Token Grant. by @​luhn in oauthlib/oauthlib#806
• GitHub Action to lint Python code by @​cclauss in oauthlib/oauthlib#797
• Docs: fix Sphinx warnings for better ReadTheDocs generation by @​JonathanHuot in oauthlib/oauthlib#807
• Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. by @​luhn in oauthlib/oauthlib#803
• chore: fix typo in test by @​tamanobi in oauthlib/oauthlib#816
• Fix typo in server.rst by @​NemanjaT in oauthlib/oauthlib#819
• Fixed isort imports by @​dasm in oauthlib/oauthlib#820
• docs: Fix a few typos by @​timgates42 in oauthlib/oauthlib#822
• docs: fix typos by @​kianmeng in oauthlib/oauthlib#823

New Contributors

• @​ariebovenberg made their first contribution in oauthlib/oauthlib#804
• @​tamanobi made their first contribution in oauthlib/oauthlib#816
• @​NemanjaT made their first contribution in oauthlib/oauthlib#819
• @​kianmeng made their first contribution in oauthlib/oauthlib#823

Full Changelog: oauthlib/oauthlib@v3.2.0...v3.2.1

Changelog

Sourced from oauthlib's changelog.

3.2.2 (2022-10-17)

OAuth2.0 Provider:

• CVE-2022-36087

3.2.1 (2022-09-09)

OAuth2.0 Provider:

• #803: Metadata endpoint support of non-HTTPS

OAuth1.0:

• #818: Allow IPv6 being parsed by signature

General:

• Improved and fixed documentation warnings.
• Cosmetic changes based on isort

Commits

• e6c33e4 Add 3.2.2 version
• 4a4d65f Merge pull request #832 from oauthlib/3.2.1
• 88bb156 Updated date and authors
• 2e40b41 Merge pull request from GHSA-3pgj-pg6c-r5p7
• 1a45d97 Prepare 3.2.1 release
• b4bdd09 Merge pull request #818 from dasm/master
• 5d85c61 Fix IPV6 regex used to check redirect_uri
• e514826 Add check of performance of ipv6 check
• 0adbbe1 docs: fix typos
• 6569ec3 docs: Fix a few typos
• Additional commits viewable in compare view

Updates pydantic from 1.9.1 to 1.10.13

Release notes

Sourced from pydantic's releases.

V1.10.13 2023-09-27

What's Changed

• Update pip commands to install 1.10 by @​chbndrhnns in pydantic/pydantic#6930
• Make the v1 mypy plugin work with both v1 and v2 by @​dmontagu in pydantic/pydantic#6920
• [Backport] Add max length check to validate_email by @​hramezani in pydantic/pydantic#7673

Full Changelog: pydantic/pydantic@v1.10.12...v1.10.13

V1.10.12

What's Changed

• Deque's maxlen property dropped on V1 validation by @​maciekglowka in pydantic/pydantic#6586
• Prepare release 1.10.12 by @​hramezani in pydantic/pydantic#6825

New Contributors

• @​maciekglowka made their first contribution in pydantic/pydantic#6586

Full Changelog: pydantic/pydantic@v1.10.11...v1.10.12

V1.10.11

What's Changed

• Fix import of create_model in tools.py by @​SharathHuddar in pydantic/pydantic#6364
• Prepare for 1.10.11 by @​hramezani in pydantic/pydantic#6420

New Contributors

• @​SharathHuddar made their first contribution in pydantic/pydantic#6364

Full Changelog: pydantic/pydantic@v1.10.10...v1.10.11

V1.10.10

What's Changed

• Fix racy doctests by @​K900 in pydantic/pydantic#6103
• ✅ Update FastAPI test script by @​Kludex in pydantic/pydantic#6117
• add roadmap to annoucement by @​samuelcolvin in pydantic/pydantic#6120
• Fixed literal validator errors for unhashable values by @​markus1978 in pydantic/pydantic#6194
• Bug fix for forward refs in generics by @​mark-todd in pydantic/pydantic#6157
• Add Pydantic Json field support to settings management by @​hramezani in pydantic/pydantic#6250

New Contributors

• @​K900 made their first contribution in pydantic/pydantic#6103
• @​markus1978 made their first contribution in pydantic/pydantic#6194

Full Changelog: pydantic/pydantic@v1.10.9...v1.10.10

V1.10.9

What's Changed

• Add Pydantic classifier by @​hramezani in pydantic/pydantic#5847
• 📌 Use Cython < v3 by @​lig in pydantic/pydantic#5845
• [cherry-pick] Fix mypy plugin for 1.4.0 (#5927) by @​cdce8p in pydantic/pydantic#5928
• Add future and past date hypothesis strategies by @​bschoenmaeckers in pydantic/pydantic#5850

... (truncated)

Changelog

Sourced from pydantic's changelog.

v1.10.13 (2023-09-27)

• Fix: Add max length check to pydantic.validate_email, #7673 by @​hramezani
• Docs: Fix pip commands to install v1, #6930 by @​chbndrhnns

v1.10.12 (2023-07-24)

• Fixes the maxlen property being dropped on deque validation. Happened only if the deque item has been typed. Changes the _validate_sequence_like func, #6581 by @​maciekglowka

v1.10.11 (2023-07-04)

• Importing create_model in tools.py through relative path instead of absolute path - so that it doesn't import V2 code when copied over to V2 branch, #6361 by @​SharathHuddar

v1.10.10 (2023-06-30)

• Add Pydantic Json field support to settings management, #6250 by @​hramezani
• Fixed literal validator errors for unhashable values, #6188 by @​markus1978
• Fixed bug with generics receiving forward refs, #6130 by @​mark-todd
• Update install method of FastAPI for internal tests in CI, #6117 by @​Kludex

v1.10.9 (2023-06-07)

• Fix trailing zeros not ignored in Decimal validation, #5968 by @​hramezani
• Fix mypy plugin for v1.4.0, #5928 by @​cdce8p
• Add future and past date hypothesis strategies, #5850 by @​bschoenmaeckers
• Discourage usage of Cython 3 with Pydantic 1.x, #5845 by @​lig

v1.10.8 (2023-05-23)

• Fix a bug in Literal usage with typing-extension==4.6.0, #5826 by @​hramezani
• This solves the (closed) issue #3849 where aliased fields that use discriminated union fail to validate...

  Description has been truncated