Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the dependencies group with 3 updates #32

Merged
merged 1 commit into from
Nov 26, 2023
Merged

Bump the dependencies group with 3 updates #32

merged 1 commit into from
Nov 26, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 26, 2023

Bumps the dependencies group with 3 updates: celery, django and pillow.

Updates celery from 5.3.4 to 5.3.6

Release notes

Sourced from celery's releases.

v5.3.6

This release is focused mainly to fix AWS SQS new feature compatibility issue and old regressions. The code changes are mostly fix for regressions. More details can be found below.

What's Changed

New Contributors

Full Changelog: celery/celery@v5.3.5...v5.3.6

v5.3.5

Main theme of this release is adding Python 3.12 compatibility support all through the projects dependencies. Also lots of bugs were squashed. Dependencies upgraded and docs improved.

What's Changed

... (truncated)

Changelog

Sourced from celery's changelog.

5.3.6

:release-date: 2023-11-22 9:15 P.M GMT+6 :release-by: Asif Saif Uddin

This release is focused mainly to fix AWS SQS new feature comatibility issue and old regressions. The code changes are mostly fix for regressions. More details can be found below.

What's Changed

New Contributors

.. _version-5.3.5:

5.3.5

:release-date: 2023-11-10 7:15 P.M GMT+6 :release-by: Asif Saif Uddin

What's Changed

... (truncated)

Commits

Updates django from 4.2.6 to 4.2.7

Commits
  • d254a54 [4.2.x] Bumped version for 4.2.7 release.
  • 048a9eb [4.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows.
  • 3fae5d9 [4.2.x] Refs #30601 -- Fixed typos in docs/topics/db/transactions.txt.
  • a8aa940 [4.2.x] Refs #15578 -- Made cosmetic edits to fixtures docs.
  • 109f39a [4.2.x] Fixed #34932 -- Restored varchar_pattern_ops/text_pattern_ops index c...
  • 6161299 [4.2.x] Fixed typos in docs/ref/models/expressions.txt.
  • 696fbc3 [4.2.x] Fixed #30601 -- Doc'd the need to manually revert all app state on tr...
  • ffba631 [4.2.x] Fixed typo in docs/ref/contrib/gis/geos.txt.
  • 43a3646 [4.2.x] Fixed #15578 -- Stated the processing order of fixtures in the fixtur...
  • 0cd8b86 [4.2.x] Added stub release notes and release date for 4.2.7, 4.1.13, and 3.2.23.
  • Additional commits viewable in compare view

Updates pillow from 10.0.1 to 10.1.0

Release notes

Sourced from pillow's releases.

10.1.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.1.0.html

Changes

Dependencies

Documentation

... (truncated)

Changelog

Sourced from pillow's changelog.

10.1.0 (2023-10-15)

  • Added TrueType default font to allow for different sizes #7354 [radarhere]

  • Fixed invalid argument warning #7442 [radarhere]

  • Added ImageOps cover method #7412 [radarhere, hugovk]

  • Catch struct.error from truncated EXIF when reading JPEG DPI #7458 [radarhere]

  • Consider default image when selecting mode for PNG save_all #7437 [radarhere]

  • Support BGR;15, BGR;16 and BGR;24 access, unpacking and putdata #7303 [radarhere]

  • Added CMYK to RGB unpacker #7310 [radarhere]

  • Improved flexibility of XMP parsing #7274 [radarhere]

  • Support reading 8-bit YCbCr TIFF images #7415 [radarhere]

  • Allow saving I;16B images as PNG #7302 [radarhere]

  • Corrected drawing I;16 points and writing I;16 text #7257 [radarhere]

  • Set blue channel to 128 for BC5S #7413 [radarhere]

  • Increase flexibility when reading IPTC fields #7319 [radarhere]

  • Set C palette to be empty by default #7289 [radarhere]

  • Added gs_binary to control Ghostscript use on all platforms #7392 [radarhere]

  • Read bounding box information from the trailer of EPS files if specified #7382 [nopperl, radarhere]

... (truncated)

Commits
  • da59ad0 10.1.0 version bump
  • d10f802 Merge pull request #7465 from radarhere/mode
  • f50c713 Move #7307 from "Backwards Incompatible Changes" to "API Changes"
  • a1ddb4d Describe how to populate mode and size
  • 4ace56d Update CHANGES.rst [ci skip]
  • 7bf1a87 Merge pull request #7354 from radarhere/load_default
  • e154e97 Merge pull request #7463 from radarhere/libimagequant
  • c759ef2 Updated libimagequant to 4.2.2
  • 3a40816 Update CHANGES.rst [ci skip]
  • c2d5088 Added documentation
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group with 3 updates
e5ceb6e 
Bumps the dependencies group with 3 updates: [celery](https://github.com/celery/celery), [django](https://github.com/django/django) and [pillow](https://github.com/python-pillow/Pillow).


Updates `celery` from 5.3.4 to 5.3.6
- [Release notes](https://github.com/celery/celery/releases)
- [Changelog](https://github.com/celery/celery/blob/main/Changelog.rst)
- [Commits](celery/celery@v5.3.4...v5.3.6)

Updates `django` from 4.2.6 to 4.2.7
- [Commits](django/django@4.2.6...4.2.7)

Updates `pillow` from 10.0.1 to 10.1.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@10.0.1...10.1.0)

---
updated-dependencies:
- dependency-name: celery
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: django
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pillow
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 26, 2023
This was referenced Nov 26, 2023
Closed
Closed
@m4tx m4tx merged commit a635657 into master Nov 26, 2023
2 checks passed
@dependabot dependabot bot deleted the dependabot/pip/dependencies-3eae9f5503 branch November 26, 2023 20:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@m4tx