Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
196: Scheduled weekly dependency update for week 29 r=mithrandi a=pyup-bot ### Update [cryptography](https://pypi.org/project/cryptography) from **2.2.2** to **2.3**. <details> <summary>Changelog</summary> ### 2.3 ``` ~~~~~~~~~~~~~~~~ * **SECURITY ISSUE:** :meth:`~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag` allowed tag truncation by default which can allow tag forgery in some cases. The method now enforces the ``min_tag_length`` provided to the :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` constructor. * Added support for Python 3.7. * Added :meth:`~cryptography.fernet.Fernet.extract_timestamp` to get the authenticated timestamp of a :doc:`Fernet </fernet>` token. * Support for Python 2.7.x without ``hmac.compare_digest`` has been deprecated. We will require Python 2.7.7 or higher (or 2.7.6 on Ubuntu) in the next ``cryptography`` release. * Fixed multiple issues preventing ``cryptography`` from compiling against LibreSSL 2.7.x. * Added :class:`~cryptography.x509.CertificateRevocationList.get_revoked_certificate_by_serial_number` for quick serial number searches in CRLs. * The :class:`~cryptography.x509.RelativeDistinguishedName` class now preserves the order of attributes. Duplicate attributes now raise an error instead of silently discarding duplicates. * :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap` and :func:`~cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding` now raise :class:`~cryptography.hazmat.primitives.keywrap.InvalidUnwrap` if the wrapped key is an invalid length, instead of ``ValueError``. .. _v2-2-2: ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/cryptography - Changelog: https://pyup.io/changelogs/cryptography/ - Repo: https://github.com/pyca/cryptography </details> ### Update [twisted[tls,conch]](https://pypi.org/project/twisted) from **18.4.0** to **18.7.0**. <details> <summary>Changelog</summary> ### 18.7.0 ``` =========================== Features -------- - Cancelling a Deferred returned by twisted.internet.defer.inlineCallbacks now cancels the Deferred it is waiting on. (4632) - twisted.application.internet.ClientService now accepts a function to initialize or validate a connection before it is returned by the whenConnected method as the prepareConnection argument. (8375) - Traceback generated for twisted.internet.defer.inlineCallbacks now includes the full stack of inlineCallbacks generators between catcher and raiser (before it only contained raiser's stack). (9176) - Add optional cwd argument to twisted.runner.procmon.ProcMon.addProcess (9287) - twisted.python.failure.Failure tracebacks generated by coroutines scheduled with twisted.internet.defer.ensureDeferred - i.e. any Deferred-awaiting coroutine - now contain fewer extraneous frames from the trampoline implementation, and correctly indicate the source of exceptions raised in other call stacks - i.e. the function that raised the exception. In other words: if you 'await' a function that raises an exception, you'll be able to see where the error came from. (9459) Bugfixes -------- - On UNIX-like platforms, Twisted attempts to recover from EMFILE when accepting connections on TCP and UNIX ports by shedding incoming clients. (5368) - The documentation of IReactorTime.getDelayedCalls() has been corrected to indicate that the method returns a list, not a tuple. (9418) - "python -m twisted web --help" now refers to "--listen" instead of the non-existing "--http" (9434) - twisted.python.htmlizer.TokenPrinter now explicitly works on bytestrings. (9442) - twisted.enterprise.adbapi.ConnectionPool.runWithConnection and runInteraction now use the reactor that is passed to ConnectionPool's constructor. (9467) Improved Documentation ---------------------- - The Twisted Coding Standard now contains examples of how to mark up a feature as added in the next Twisted release. (9460) Deprecations and Removals ------------------------- - Deprecate direct introspection of ProcMon's processes: processes should not be directly accessed or pickled. (9287) - twisted.internet.address.IPv4Address._bwHack and twisted.internet.address.UNIXAddress._bwHack, as well as the parameters to the constructors, deprecated since Twisted 11.0, have been removed. (9450) Misc ---- - 7495, 9399, 9406, 9411, 9425, 9439, 9449, 9450, 9452 Conch ----- Features ~~~~~~~~ - twisted.conch.ssh.transport.SSHTransportBase now includes Twisted's version in the software version string it sends to the server, allowing servers to apply compatibility workarounds for bugs in particular client versions. (9424) Bugfixes ~~~~~~~~ - If the command run by twisted.conch.endpoints.SSHCommandClientEndpoint exits because of a delivered signal, the client protocol's connectionLost is now called with a ProcessTerminated exception instead of a ConnectionDone exception. (9412) - twisted.conch.ssh.transport.SSHTransportBase now correctly handles MSG_DEBUG with a false alwaysDisplay field on Python 2 (broken since 8.0.0). (9422) - twisted.conch.manhole.lastColorizedLine now does not throw a UnicodeDecodeError on non-ASCII input. (9442) Web --- Features ~~~~~~~~ - Added support for SameSite cookies in ``http.Request.addCookie``. (9387) Bugfixes ~~~~~~~~ - twisted.web.server.GzipEncoderFactory would sometimes fail to gzip requests if the Accept-Encoding header contained whitespace between the comma-separated acceptable encodings. It now trims whitespace before checking if gzip is an acceptable encoding. (9086) - twisted.web.static.File renders directory listings on Python 2, including those with text paths. (9438) - twisted.python.http.Request now correcly parses multipart bodies on Python 3.7. (9448) - twisted.web.http.combinedLogFormatter (used by t.w.http.Server and t.w.server.Site) no longer produces DeprecationWarning about Request.getClientIP. (9470) Misc ~~~~ - 9432, 9466, 9479, 9480 Mail ---- No significant changes. Words ----- No significant changes. Names ----- Misc ~~~~ - 9398 ``` </details> <details> <summary>Links</summary> - PyPI: https://pypi.org/project/twisted - Changelog: https://pyup.io/changelogs/twisted/ - Homepage: http://twistedmatrix.com/ - Bugtracker: https://twistedmatrix.com/trac/ </details> Co-authored-by: pyup-bot <[email protected]>
- Loading branch information
