• d43c7c7 release 7.16.3
• 5fa1e40 Merge pull request from GHSA-pq7m-3gw7-gq5x
• 8df8971 back to dev
• 9f477b7 release 7.16.2
• 138f266 bring back release helper from master branch
• 5aa3634 Merge pull request #13341 from meeseeksmachine/auto-backport-of-pr-13335-on-7...
• bcae8e0 Backport PR #13335: What's new 7.16.2
• 8fcdcd3 Pin Jedi to <0.17.2.
• 2486838 release 7.16.1
• 20bdc6f fix conda build
• Additional commits viewable in compare view

• d43c7c7 release 7.16.3
• 5fa1e40 Merge pull request from GHSA-pq7m-3gw7-gq5x
• 8df8971 back to dev
• 9f477b7 release 7.16.2
• 138f266 bring back release helper from master branch
• 5aa3634 Merge pull request #13341 from meeseeksmachine/auto-backport-of-pr-13335-on-7...
• bcae8e0 Backport PR #13335: What's new 7.16.2
• 8fcdcd3 Pin Jedi to <0.17.2.
• 2486838 release 7.16.1
• 20bdc6f fix conda build
• Additional commits viewable in compare view

Sourced from babel's releases.

Version 2.9.1

Bugfixes

• The internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory. Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!

Version 2.9.0

Upcoming version support changes

• This version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.

Improvements

• CLDR: Use CLDR 37 – Aarni Koskela (#734)
• Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (#741)
• Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (#726)

Bugfixes

• Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela
• Import: Simplify iteration code in "import_cldr.py" – Felix Schwarz
• Import: Stop using deprecated ElementTree methods "getchildren()" and "getiterator()" – Felix Schwarz
• Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen
• Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen
• Tests: fix tests when using Python 3.9 – Felix Schwarz
• Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne
• Tests: Support Py.test 6.x – Aarni Koskela
• Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (#724)
• Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok

Documentation

• Update parse_number comments – Brad Martin (#708)
• Add iter to Catalog documentation – @​CyanNani123

Version 2.8.1

This patch version only differs from 2.8.0 in that it backports in #752.

Version 2.8.0

Improvements

• CLDR: Upgrade to CLDR 36.0 - Aarni Koskela (#679)
• Messages: Don't even open files with the "ignore" extraction method - @​sebleblanc (#678)

Bugfixes

• Numbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, @​miluChen (#662)
• Messages: Attempt to sort all messages – Mario Frasca (#651, #606)

Docs

... (truncated)

Sourced from babel's changelog.

Version 2.9.1

Bugfixes

* The internal locale-data loading functions now validate the name of the locale file to be loaded and only
  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!
Version 2.9.0
Upcoming version support changes

• This version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.

Improvements

* CLDR: Use CLDR 37 – Aarni Koskela ([#734](https://github.com/python-babel/babel/issues/734))
* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon ([#741](https://github.com/python-babel/babel/issues/741))
* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar ([#726](https://github.com/python-babel/babel/issues/726))
Bugfixes

* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela
* Import: Simplify iteration code in "import_cldr.py" – Felix Schwarz
* Import: Stop using deprecated ElementTree methods "getchildren()" and "getiterator()" – Felix Schwarz
* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen
* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen
* Tests: fix tests when using Python 3.9 – Felix Schwarz
* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne
* Tests: Support Py.test 6.x – Aarni Koskela
* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin ([#724](https://github.com/python-babel/babel/issues/724))
* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok

Documentation
</code></pre>
<ul>
<li>Update parse_number comments – Brad Martin (<a href="https://github-redirect.dependabot.com/python-babel/babel/issues/708">#708</a>)</li>
<li>Add <strong>iter</strong> to Catalog documentation – <a href="https://github.com/CyanNani123"><code>@​CyanNani123</code></a></li>
</ul>
<h2>Version 2.8.1</h2>
<p>This is solely a patch release to make running tests on Py.test 6+ possible.</p>
<p>Bugfixes</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/python-babel/babel/commit/a99fa2474c808b51ebdabea18db871e389751559"><code>a99fa24</code></a> Use 2.9.0's setup.py for 2.9.1</li>
<li><a href="https://github.com/python-babel/babel/commit/60b33e083801109277cb068105251e76d0b7c14e"><code>60b33e0</code></a> Become 2.9.1</li>
<li><a href="https://github.com/python-babel/babel/commit/412015ef642bfcc0d8ba8f4d05cdbb6aac98d9b3"><code>412015e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/python-babel/babel/issues/782">#782</a> from python-babel/locale-basename</li>
<li><a href="https://github.com/python-babel/babel/commit/5caf717ceca4bd235552362b4fbff88983c75d8c"><code>5caf717</code></a> Disallow special filenames on Windows</li>
<li><a href="https://github.com/python-babel/babel/commit/3a700b5b8b53606fd98ef8294a56f9510f7290f8"><code>3a700b5</code></a> Run locale identifiers through <code>os.path.basename()</code></li>
<li><a href="https://github.com/python-babel/babel/commit/5afe2b2f11dcdd6090c00231d342c2e9cd1bdaab"><code>5afe2b2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/python-babel/babel/issues/754">#754</a> from python-babel/github-ci</li>
<li><a href="https://github.com/python-babel/babel/commit/58de8342f865df88697a4a166191e880e3c84d82"><code>58de834</code></a> Replace Travis + Appveyor with GitHub Actions (WIP)</li>
<li><a href="https://github.com/python-babel/babel/commit/d1bbc08e845d03d8e1f0dfa0e04983d755f39cb5"><code>d1bbc08</code></a> import_cldr: use logging; add -q option</li>
<li><a href="https://github.com/python-babel/babel/commit/156b7fb9f377ccf58c71cf01dc69fb10c7b69314"><code>156b7fb</code></a> Quiesce CLDR download progress bar if requested (or not a TTY)</li>
<li><a href="https://github.com/python-babel/babel/commit/613dc1700f91c3d40b081948c0dd6023d8ece057"><code>613dc17</code></a> Make the import warnings about unsupported number systems less verbose</li>
<li>Additional commits viewable in <a href="https://github.com/python-babel/babel/compare/v2.4.0...v2.9.1">compare view</a></li>
</ul>
</details>

<br />



[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=babel&package-manager=pip&previous-version=2.4.0&new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---


Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inforian/python-notifyAll/network/alerts).



⬆️ Bump django from 1.10.6 to 2.2.24 in /example

opened on 2021-06-10 19:34:01 by dependabot[bot]
Bumps django from 1.10.6 to 2.2.24.

Commits

2da029d [2.2.x] Bumped version for 2.2.24 release.
f27c38a [2.2.x] Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
053cc95 [2.2.x] Fixed CVE-2021-33203 -- Fixed potential path-traversal via admindocs'...
6229d87 [2.2.x] Confirmed release date for Django 2.2.24.
f163ad5 [2.2.x] Added stub release notes and date for Django 2.2.24.
bed1755 [2.2.x] Changed IRC references to Libera.Chat.
63f0d7a [2.2.x] Refs #32718 -- Fixed file_storage.test_generate_filename and model_fi...
5fe4970 [2.2.x] Post-release version bump.
61f814f [2.2.x] Bumped version for 2.2.23 release.
b8ecb06 [2.2.x] Fixed #32718 -- Relaxed file name validation in FileField.
Additional commits viewable in compare view





Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inforian/python-notifyAll/network/alerts).



⬆️ Bump pygments from 2.2.0 to 2.7.4

opened on 2021-03-29 17:29:17 by dependabot[bot]
Bumps pygments from 2.2.0 to 2.7.4.

Release notes
Sourced from pygments's releases.

2.7.4


Updated lexers:


Apache configurations: Improve handling of malformed tags (#1656)


CSS: Add support for variables (#1633, #1666)


Crystal (#1650, #1670)


Coq (#1648)


Fortran: Add missing keywords (#1635, #1665)


Ini (#1624)


JavaScript and variants (#1647 -- missing regex flags, #1651)


Markdown (#1623, #1617)


Shell

Lex trailing whitespace as part of the prompt (#1645)
Add missing in keyword (#1652)



SQL - Fix keywords (#1668)


Typescript: Fix incorrect punctuation handling (#1510, #1511)




Fix infinite loop in SML lexer (#1625)


Fix backtracking string regexes in JavaScript/TypeScript, Modula2
and many other lexers (#1637)


Limit recursion with nesting Ruby heredocs (#1638)


Fix a few inefficient regexes for guessing lexers


Fix the raw token lexer handling of Unicode (#1616)


Revert a private API change in the HTML formatter (#1655) --
please note that private APIs remain subject to change!


Fix several exponential/cubic-complexity regexes found by
Ben Caller/Doyensec (#1675)


Fix incorrect MATLAB example (#1582)


Thanks to Google's OSS-Fuzz project for finding many of these bugs.
2.7.3


Updated lexers:

Ada (#1581)
HTML (#1615, #1614)
Java (#1594, #1586)
JavaScript (#1605, #1589, #1588)
JSON (#1569 -- this is a complete rewrite)
Lean (#1601)
LLVM (#1612)
Mason (#1592)
MySQL (#1555, #1551)
Rust (#1608)
Turtle (#1590, #1553)



Deprecated JsonBareObjectLexer, which is now identical to JsonLexer (#1600)


The ImgFormatter now calculates the exact character width, which fixes some issues with overlapping text (#1213, #1611)




... (truncated)


Changelog
Sourced from pygments's changelog.

Version 2.7.4
(released January 12, 2021)


Updated lexers:


Apache configurations: Improve handling of malformed tags (#1656)


CSS: Add support for variables (#1633, #1666)


Crystal (#1650, #1670)


Coq (#1648)


Fortran: Add missing keywords (#1635, #1665)


Ini (#1624)


JavaScript and variants (#1647 -- missing regex flags, #1651)


Markdown (#1623, #1617)


Shell

Lex trailing whitespace as part of the prompt (#1645)
Add missing in keyword (#1652)



SQL - Fix keywords (#1668)


Typescript: Fix incorrect punctuation handling (#1510, #1511)




Fix infinite loop in SML lexer (#1625)


Fix backtracking string regexes in JavaScript/TypeScript, Modula2
and many other lexers (#1637)


Limit recursion with nesting Ruby heredocs (#1638)


Fix a few inefficient regexes for guessing lexers


Fix the raw token lexer handling of Unicode (#1616)


Revert a private API change in the HTML formatter (#1655) --
please note that private APIs remain subject to change!


Fix several exponential/cubic-complexity regexes found by
Ben Caller/Doyensec (#1675)


Fix incorrect MATLAB example (#1582)


Thanks to Google's OSS-Fuzz project for finding many of these bugs.
Version 2.7.3
(released December 6, 2020)


Updated lexers:

Ada (#1581)
HTML (#1615, #1614)
Java (#1594, #1586)
JavaScript (#1605, #1589, #1588)
JSON (#1569 -- this is a complete rewrite)
Lean (#1601)
LLVM (#1612)
Mason (#1592)





... (truncated)


Commits

4d555d0 Bump version to 2.7.4.
fc3b05d Update CHANGES.
ad21935 Revert "Added dracula theme style (#1636)"
e411506 Prepare for 2.7.4 release.
275e34d doc: remove Perl 6 ref
2e7e8c4 Fix several exponential/cubic complexity regexes found by Ben Caller/Doyensec
eb39c43 xquery: fix pop from empty stack
2738778 fix coding style in test_analyzer_lexer
02e0f09 Added 'ERROR STOP' to fortran.py keywords. (#1665)
c83fe48 support added for css variables (#1633)
Additional commits viewable in compare view





Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inforian/python-notifyAll/network/alerts).



⬆️ Bump pygments from 2.2.0 to 2.7.4 in /example

opened on 2021-03-29 17:17:23 by dependabot[bot]
Bumps pygments from 2.2.0 to 2.7.4.

Release notes
Sourced from pygments's releases.

2.7.4


Updated lexers:


Apache configurations: Improve handling of malformed tags (#1656)


CSS: Add support for variables (#1633, #1666)


Crystal (#1650, #1670)


Coq (#1648)


Fortran: Add missing keywords (#1635, #1665)


Ini (#1624)


JavaScript and variants (#1647 -- missing regex flags, #1651)


Markdown (#1623, #1617)


Shell

Lex trailing whitespace as part of the prompt (#1645)
Add missing in keyword (#1652)



SQL - Fix keywords (#1668)


Typescript: Fix incorrect punctuation handling (#1510, #1511)




Fix infinite loop in SML lexer (#1625)


Fix backtracking string regexes in JavaScript/TypeScript, Modula2
and many other lexers (#1637)


Limit recursion with nesting Ruby heredocs (#1638)


Fix a few inefficient regexes for guessing lexers


Fix the raw token lexer handling of Unicode (#1616)


Revert a private API change in the HTML formatter (#1655) --
please note that private APIs remain subject to change!


Fix several exponential/cubic-complexity regexes found by
Ben Caller/Doyensec (#1675)


Fix incorrect MATLAB example (#1582)


Thanks to Google's OSS-Fuzz project for finding many of these bugs.
2.7.3


Updated lexers:

Ada (#1581)
HTML (#1615, #1614)
Java (#1594, #1586)
JavaScript (#1605, #1589, #1588)
JSON (#1569 -- this is a complete rewrite)
Lean (#1601)
LLVM (#1612)
Mason (#1592)
MySQL (#1555, #1551)
Rust (#1608)
Turtle (#1590, #1553)



Deprecated JsonBareObjectLexer, which is now identical to JsonLexer (#1600)


The ImgFormatter now calculates the exact character width, which fixes some issues with overlapping text (#1213, #1611)




... (truncated)


Changelog
Sourced from pygments's changelog.

Version 2.7.4
(released January 12, 2021)


Updated lexers:


Apache configurations: Improve handling of malformed tags (#1656)


CSS: Add support for variables (#1633, #1666)


Crystal (#1650, #1670)


Coq (#1648)


Fortran: Add missing keywords (#1635, #1665)


Ini (#1624)


JavaScript and variants (#1647 -- missing regex flags, #1651)


Markdown (#1623, #1617)


Shell

Lex trailing whitespace as part of the prompt (#1645)
Add missing in keyword (#1652)



SQL - Fix keywords (#1668)


Typescript: Fix incorrect punctuation handling (#1510, #1511)




Fix infinite loop in SML lexer (#1625)


Fix backtracking string regexes in JavaScript/TypeScript, Modula2
and many other lexers (#1637)


Limit recursion with nesting Ruby heredocs (#1638)


Fix a few inefficient regexes for guessing lexers


Fix the raw token lexer handling of Unicode (#1616)


Revert a private API change in the HTML formatter (#1655) --
please note that private APIs remain subject to change!


Fix several exponential/cubic-complexity regexes found by
Ben Caller/Doyensec (#1675)


Fix incorrect MATLAB example (#1582)


Thanks to Google's OSS-Fuzz project for finding many of these bugs.
Version 2.7.3
(released December 6, 2020)


Updated lexers:

Ada (#1581)
HTML (#1615, #1614)
Java (#1594, #1586)
JavaScript (#1605, #1589, #1588)
JSON (#1569 -- this is a complete rewrite)
Lean (#1601)
LLVM (#1612)
Mason (#1592)





... (truncated)


Commits

4d555d0 Bump version to 2.7.4.
fc3b05d Update CHANGES.
ad21935 Revert "Added dracula theme style (#1636)"
e411506 Prepare for 2.7.4 release.
275e34d doc: remove Perl 6 ref
2e7e8c4 Fix several exponential/cubic complexity regexes found by Ben Caller/Doyensec
eb39c43 xquery: fix pop from empty stack
2738778 fix coding style in test_analyzer_lexer
02e0f09 Added 'ERROR STOP' to fortran.py keywords. (#1665)
c83fe48 support added for css variables (#1633)
Additional commits viewable in compare view





Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inforian/python-notifyAll/network/alerts).