Sourced from pypdf's releases.

Version 4.3.1, 2024-07-21

Bug Fixes (BUG)

• Cope with Matrix entry in field annotations (#2736)

Robustness (ROB)

• Cope with fields with upside down box/rectangle (#2729)

Maintenance (MAINT)

• Add deprecate_with_replacement to StreamObject.initializeFromD… (#2728)
• Deal with cryptography>=43 moving ARC4 (#2765)

Full Changelog

Version 4.3.0, 2024-07-14

What's new

New Features (ENH)

• Accept ETen-B5 and UniCNS-UTF16 encodings (#2721) by @​pubpub-zz
• Add decode_as_image() to ContentStreams (#2615) by @​pubpub-zz
• context manager for PdfReader (#2666) by @​tibor-reiss
• Add capability to set font and size in fields (#2636) by @​pubpub-zz
• Allow to pass input file without named argument (#2576) by @​pubpub-zz

Bug Fixes (BUG)

• Fix deprecation for Ressources when using old constants (#2705) by @​stefan6419846
• Fix images issue 4 bits encoding and LUT starting with UTF16_BOM (#2675) by @​pubpub-zz
• Reading large compressed images takes huge time to process (#2644) by @​snanda85
• Highlighted Text Cannot Be Printed (#2604) by @​Nifury
• Fix UnboundLocalError on malformed pdf (#2619) by @​farjasju

Documentation (DOC)

• Various improvements on docstrings and examples by @​j-t-1

Robustness (ROB)

• Cope with missing Standard 14 fonts in fields (#2677) by @​pubpub-zz
• Improve inline image extraction (#2622) by @​pubpub-zz
• Cope with loops in Fields tree (#2656) by @​pubpub-zz
• Discard /I in choice fields for compatibility with Acrobat (#2614) by @​pubpub-zz
• Cope with some issues in pillow (#2595) by @​pubpub-zz
• Cope with some image extraction issues (#2591) by @​pubpub-zz

Maintenance (MAINT)

• Deprecate interiour_color with replacement interior_color (#2706) by @​j-t-1
• Add deprecate_with_replacement to PdfWriter.find_bookmark (#2674) by @​j-t-1

Code Style (STY)

• Change Link to be a non-markup annotation (#2714) by @​j-t-1

Full Changelog

Sourced from pypdf's changelog.

Version 4.3.1, 2024-07-21

Bug Fixes (BUG)

• Cope with Matrix entry in field annotations (#2736)

Robustness (ROB)

• Cope with fields with upside down box/rectangle (#2729)

Maintenance (MAINT)

• Add deprecate_with_replacement to StreamObject.initializeFromD… (#2728)
• Deal with cryptography>=43 moving ARC4 (#2765)

Full Changelog

Version 4.3.0, 2024-06-23

New Features (ENH)

• Accept ETen-B5 and UniCNS-UTF16 encodings (#2721)
• Add decode_as_image() to ContentStreams (#2615)
• context manager for PdfReader (#2666)
• Add capability to set font and size in fields (#2636)
• Allow to pass input file without named argument (#2576)

Bug Fixes (BUG)

• Fix deprecation for Ressources when using old constants (#2705)
• Fix images issue 4 bits encoding and LUT starting with UTF16_BOM (#2675)
• Reading large compressed images takes huge time to process (#2644)
• Highlighted Text Cannot Be Printed (#2604)
• Fix UnboundLocalError on malformed pdf (#2619)

Robustness (ROB)

• Cope with missing Standard 14 fonts in fields (#2677)
• Improve inline image extraction (#2622)
• Cope with loops in Fields tree (#2656)
• Discard /I in choice fields for compatibility with Acrobat (#2614)
• Cope with some issues in pillow (#2595)
• Cope with some image extraction issues (#2591)

Documentation (DOC)

• Various improvements on docstrings and examples

Maintenance (MAINT)

• Deprecate interiour_color with replacement interior_color (#2706)
• Add deprecate_with_replacement to PdfWriter.find_bookmark (#2674)

Code Style (STY)

• Change Link to be a non-markup annotation (#2714)

Full Changelog

• 8f62120 REL: 4.3.1
• 926fa7f MAINT: Deal with cryptography>=43 moving ARC4 (#2765)
• 4a41c53 FIX: Cope with Matrix entry in field annotations (#2736)
• fe33cf6 DOC: Update Link Documentation Example (#2759)
• 5f57d1f DOC: Make table consistent with pdf-version-support.md (#2758)
• 0da2f5d DOC: Add feature support by pypdf (#2738)
• f6cdd7c DOC: Move JavaScript example (#2746)
• 8e02580 DOC: Added example for downloading a PDF from Google Cloud Storage (#2745)
• 6ef6d7e DOC: Miscellaneous tiny changes (#2744)
• 4fab353 STY: Change argument type (#2741)
• Additional commits viewable in compare view

Sourced from requests's releases.

v2.32.3

2.32.3 (2024-05-29)

Bugfixes

• Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
• Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

v2.32.2

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored.

... (truncated)

Sourced from requests's changelog.

2.32.3 (2024-05-29)

Bugfixes

• Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
• Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

... (truncated)

• 0e322af v2.32.3
• e188799 Don't create default SSLContext if ssl module isn't present (#6724)
• 145b539 Merge pull request #6716 from sigmavirus24/bug/6715
• b1d73dd Don't use default SSLContext with custom poolmanager kwargs
• 6badbac Update HISTORY.md
• a62a2d3 Allow for overriding of specific pool key params
• 88dce9d v2.32.2
• c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
• 92075b3 Add deprecation warning
• aa1461b Move _get_connection to get_connection_with_tls_context
• Additional commits viewable in compare view

Sourced from aws-lambda-powertools's releases.

v2.41.0

Summary

This release enhances the Batch Processing feature, which you can now customize to not throw an error when the entire batch of items fails to process.

We have also added three new Pydantic models to our Parser feature to work with authorizers in Amazon API Gateway.

Thanks to @​adriantomas, customers can bring their own boto3 client when using Feature Flags feature.

🌟 ⭐ A big thank you to everyone who helped make this release.

Working with full batch failures

Docs

You can now set the raise_on_entire_batch_failure option to False to prevent the Batch Processing utility from throwing a BatchProcessingError, when all records in a batch fail to process. This is useful when working with functions that handle batches with a small number of records, or when you use errors as a flow control mechanism.

New Parser models

Docs

You can now use the new Pydantic models to validate payloads originating from authorization events in REST and HTTP APIs.

Here are all the modules we've added:

• ApiGatewayAuthorizerToken - For REST API Authorizer events using Token
• ApiGatewayAuthorizerRequest - For REST API Authorizer events using Request
• ApiGatewayAuthorizerRequestV2 - For HTTP API Authorizer events using Request

Customizing boto3 client configuration for Feature Flags

Docs

You can now bring your own boto3 client instance when using Feature Flags. This is ideal when you want to reuse or customize the appconfigdata client.

Last but not least, thanks to @​Wurstnase for helping us to fix a bug when using CORS in the Event Handler feature.

Changes

🌟New features and non-breaking changes

• feat(feature_flags): allow customers to bring their own boto3 client and session (#4717) by @​adriantomas
• feat(batch): add option to not raise BatchProcessingError exception when the entire batch fails (#4719) by @​leandrodamascena

... (truncated)

Sourced from aws-lambda-powertools's changelog.

[v2.41.0] - 2024-07-11

Bug Fixes

• event_handler: make the max_age attribute comply with RFC specification (#4731)
• event_handler: disable allow-credentials header when origin allow_origin is * (#4638)
• event_handler: convert null body to empty string in ALBResolver to avoid HTTP 502 (#4683)
• event_handler: custom serializer recursive values when using data validation (#4664)

Documentation

• i-made-this: Bedrock agents with Powertools for AWS Lambda (#4705)
• public_reference: add BusPatrol as a public reference (#4713)

Features

• batch: add option to not raise BatchProcessingError exception when the entire batch fails (#4719)
• feature_flags: allow customers to bring their own boto3 client and session (#4717)
• parser: add support for API Gateway Lambda authorizer events (#4718)

Maintenance

• version bump
• Add token to codecov action (#4682)
• ci: new pre-release 2.40.2a5 (#4706)
• ci: new pre-release 2.40.2a0 (#4665)
• ci: new pre-release 2.40.2a8 (#4737)
• ci: new pre-release 2.40.2a7 (#4726)
• ci: new pre-release 2.40.2a1 (#4669)
• ci: new pre-release 2.40.2a2 (#4679)
• ci: new pre-release 2.40.2a3 (#4688)
• ci: new pre-release 2.40.2a6 (#4715)
• ci: new pre-release 2.40.2a4 (#4694)
• deps: bump docker/setup-qemu-action from 3.0.0 to 3.1.0 (#4685)
• deps: bump actions/setup-python from 5.1.0 to 5.1.1 (#4732)
• deps: bump the layer-balancer group in /layer/scripts/layer-balancer with 3 updates (#4733)
• deps: bump actions/upload-artifact from 4.3.3 to 4.3.4 (#4698)
• deps: bump actions/download-artifact from 4.1.7 to 4.1.8 (#4699)
• deps: bump actions/setup-node from 4.0.2 to 4.0.3 (#4725)
• deps: bump zgosalvez/github-actions-ensure-sha-pinned-actions from 3.0.9 to 3.0.10 (#4678)
• deps: bump docker/setup-buildx-action from 3.3.0 to 3.4.0 (#4693)
• deps: bump zipp from 3.17.0 to 3.19.1 in /docs (#4720)
• deps: bump the layer-balancer group in /layer/scripts/layer-balancer with 3 updates (#4659)
• deps: bump certifi from 2024.6.2 to 2024.7.4 (#4700)
• deps: bump github.com/aws/aws-sdk-go-v2/config from 1.27.23 to 1.27.24 in /layer/scripts/layer-balancer in the layer-balancer group (#4684)
• deps-dev: bump mkdocs-material from 9.5.27 to 9.5.28 (#4676)
• deps-dev: bump cfn-lint from 1.4.2 to 1.5.0 (#4675)
• deps-dev: bump aws-cdk-aws-lambda-python-alpha from 2.147.3a0 to 2.148.0a0 (#4722)
• deps-dev: bump cdklabs-generative-ai-cdk-constructs from 0.1.200 to 0.1.201 (#4687)
• deps-dev: bump aws-cdk-lib from 2.147.2 to 2.147.3 (#4674)
• deps-dev: bump zipp from 3.17.0 to 3.19.1 in /layer (#4721)

... (truncated)

• 3556fcd chore: version bump
• 4e9a5fe chore(layers): downgrade aws cdk to 2.145.0 (#4739)
• b5d6384 chore(ci): new pre-release 2.40.2a8 (#4737)
• 3ae2eec fix(event_handler): make the max_age attribute comply with RFC specification ...
• 599f6fe chore(deps-dev): bump sentry-sdk from 2.8.0 to 2.9.0 (#4735)
• 96fd770 chore(deps-dev): bump cfn-lint from 1.5.2 to 1.5.3 (#4734)
• 2f4b976 chore(deps): bump actions/setup-python from 5.1.0 to 5.1.1 (#4732)
• 51de224 chore(deps): bump the layer-balancer group in /layer/scripts/layer-balancer w...
• 10d551c feat(feature_flags): allow customers to bring their own boto3 client and sess...
• 14b44ce feat(batch): add option to not raise BatchProcessingError exception when th...
• Additional commits viewable in compare view

• f6203ba Merge branch 'release-1.34.145'
• de349b5 Bumping version to 1.34.145
• 9668efe Add changelog entries from botocore
• 86c6026 Merge branch 'release-1.34.144'
• b834581 Merge branch 'release-1.34.144' into develop
• b3936b5 Bumping version to 1.34.144
• 074b8fc Add changelog entries from botocore
• 5b7ef37 Merge branch 'release-1.34.143'
• f225e61 Merge branch 'release-1.34.143' into develop
• 5527d5b Bumping version to 1.34.143
• Additional commits viewable in compare view

Sourced from aws-xray-sdk's releases.

2.14.0 Release

See details in CHANGELOG

2.13.1 Release

See details in CHANGELOG

Sourced from aws-xray-sdk's changelog.

2.14.0

• bugfix: Fix warning message condition for subsegment ending https://github.com/aws/aws-xray-sdk-python/pull/434

2.13.1

• improvement: Bump idna from 3.6 to 3.7 in /sample-apps/flask https://github.com/aws/aws-xray-sdk-python/pull/425
• bugfix: Fix end_time param type docstring from int to float https://github.com/aws/aws-xray-sdk-python/pull/426
• improvement: Bump werkzeug from 3.0.1 to 3.0.3 in /sample-apps/flask https://github.com/aws/aws-xray-sdk-python/pull/428
• improvement: [LambdaContext] Create dummy segment when trace header is incomplete https://github.com/aws/aws-xray-sdk-python/pull/429
• bugfix: [LambdaContext] Fix logging to only happen inside lambda function https://github.com/aws/aws-xray-sdk-python/pull/431

• 683fdec Merge pull request #435 from wangzlei/release-2.14.0
• d4d9b4a Release commit for v2.14.0
• 934fa95 Merge pull request #433 from aws/dependabot/pip/sample-apps/flask/requests-2....
• 6a4f7f4 Merge branch 'master' into dependabot/pip/sample-apps/flask/requests-2.32.0
• 1ea7768 Merge pull request #434 from majanjua-amzn/master
• e62f0c5 Fix warning message condition for subsegment ending
• 4f4349b ---
• e65d05b Merge pull request #432 from jj22ee/release-2.13.1
• a3ff59a Release commit for v2.13.1
• 5c38703 Merge pull request #431 from majanjua-amzn/patch-1
• Additional commits viewable in compare view

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.11

We’ve just uploaded mypy 1.11 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support Python 3.12 Syntax for Generics (PEP 695)

Mypy now supports the new type parameter syntax introduced in Python 3.12 (PEP 695). This feature is still experimental and must be enabled with the --enable-incomplete-feature=NewGenericSyntax flag, or with enable_incomplete_feature = NewGenericSyntax in the mypy configuration file. We plan to enable this by default in the next mypy feature release.

This example demonstrates the new syntax:

# Generic function
def f[T](https://github.com/python/mypy/blob/master/x: T) -> T: ...
reveal_type(f(1))  # Revealed type is 'int'
Generic class
class C[T]:
def init(self, x: T) -> None:
self.x = x
c = C('a')
reveal_type(c.x)  # Revealed type is 'str'
Type alias
type A[T] = C[list[T]]

This feature was contributed by Jukka Lehtosalo.

Support for functools.partial

Mypy now type checks uses of functools.partial. Previously mypy would accept arbitrary arguments.

This example will now produce an error:

from functools import partial
</tr></table> 

... (truncated)

• dbd5f5c Remove +dev from version for 1.11 release
• f0a8c69 Update CHANGELOG for mypy 1.11 (#17540)
• 371f780 CHANGELOG.md update for 1.11 (#17539)
• 2563da0 Fix daemon crash on invalid type in TypedDict (#17495)
• d8c67c3 [release 1.11] Ignore some errors in typeshed (#17510)
• 294daff Mention --enable-incomplete-feature=NewGenericSyntax (#17462)
• 5c33abf Further improvements to functools.partial handling (#17425)
• c37d972 Fix type comments crash inside generic definitions (#16849)
• d39f023 Add changelog entry for 1.10.1 (#17436)
• 6c1d867 Fix ParamSpec inference against TypeVarTuple (#17431)
• Additional commits viewable in compare view

• da19566 Bump pylint to 3.2.6, update changelog (#9825)
• 810c59c Update setuptools to >=71.0.4 (#9812) (#9824)
• 5f19cd5 Fix a crash when a subclass extends __slots__ (#9817) (#9822)
• c0b1d22 Bump astroid to 3.2.4 (#9816) (#9821)
• 1d877de Fix consider-using-min-max-builtin (#9802) (#9803)
• 8410f57 Fix a false positive for missing-param-doc (#9740) (#9793)
• bd4c8f1 Handle assert_never() when imported from typing_extensions (#9782) (#9790)
• 8eb2c4d Fix FP for unexpected-keyword-arg with ambiguous constructors (#9785) (#9788)
• 9882537 Bump astroid to 3.2.3 (#9787)
• aea868c Fix invalid-name regression for class attributes in subclasses (#9772) (#9775)
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from pytest's releases.

8.3.1

pytest 8.3.1 (2024-07-20)

The 8.3.0 release failed to include the change notes and docs for the release. This patch release remedies this. There are no other changes.

8.3.0

pytest 8.3.0 (2024-07-20)

New features

• #12231: Added [--xfail-tb]{.title-ref} flag, which turns on traceback output for XFAIL results.

  • If the [--xfail-tb]{.title-ref} flag is not given, tracebacks for XFAIL results are NOT shown.
  • The style of traceback for XFAIL is set with [--tb]{.title-ref}, and can be [auto|long|short|line|native|no]{.title-ref}.
  • Note: Even if you have [--xfail-tb]{.title-ref} set, you won't see them if [--tb=no]{.title-ref}.

  Some history:

  With pytest 8.0, [-rx]{.title-ref} or [-ra]{.title-ref} would not only turn on summary reports for xfail, but also report the tracebacks for xfail results. This caused issues with some projects that utilize xfail, but don't want to see all of the xfail tracebacks.

  This change detaches xfail tracebacks from [-rx]{.title-ref}, and now we turn on xfail tracebacks with [--xfail-tb]{.title-ref}. With this, the default [-rx]{.title-ref}/ [-ra]{.title-ref} behavior is identical to pre-8.0 with respect to xfail tracebacks. While this is a behavior change, it brings default behavior back to pre-8.0.0 behavior, which ultimately was considered the better course of action.

• #12281: Added support for keyword matching in marker expressions.

  Now tests can be selected by marker keyword arguments. Supported values are int{.interpreted-text role="class"}, (unescaped) str{.interpreted-text role="class"}, bool{.interpreted-text role="class"} & None{.interpreted-text role="data"}.

  See marker examples <marker_keyword_expression_example>{.interpreted-text role="ref"} for more information.

  -- by lovetheguitar{.interpreted-text role="user"}

• #12567: Added --no-fold-skipped command line option.

  If this option is set, then skipped tests in short summary are no longer grouped by reason but all tests are printed individually with their nodeid in the same way as other statuses.

  -- by pbrezina{.interpreted-text role="user"}

Improvements in existing functionality

• #12469: The console output now uses the "third-party plugins" terminology, replacing the previously established but confusing and outdated reference to setuptools <setuptools:index>{.interpreted-text role="std:doc"} -- by webknjaz{.interpreted-text role="user"}.

• #12544, #12545: Python virtual environment detection was improved by checking for a pyvenv.cfg{.interpreted-text role="file"} file, ensuring reliable detection on various platforms -- by zachsnickers{.interpreted-text role="user"}.

... (truncated)

• de98446 Prepare release version 8.3.1
• bd0a042 Merge pull request #12636 from pytest-dev/update-release-notes
• 664325b doc/changelog: update 8.3.0 notes
• 19d225d Merge pull request #12635 from pytest-dev/release-8.3.0
• bc33028 Prepare release version 8.3.0
• a7d5a8e Merge pull request #12557 from x612skm/maintainence/11771-pypy-3.9-bump
• ced7072 Add a change note for PR #11771
• d42b76d Adjust test_errors_in_xfail_skip_expressions for PyPy
• 9eee45a Bump PyPy runtime to v3.9 @ GHA
• d489247 Fix caching of parameterized fixtures (#12600)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions