Skip to content

chore(deps): update python packages#191

Open
sassanix wants to merge 1 commit intomainfrom
renovate/python-packages
Open

chore(deps): update python packages#191
sassanix wants to merge 1 commit intomainfrom
renovate/python-packages

Conversation

@sassanix
Copy link
Owner

@sassanix sassanix commented Nov 3, 2025
edited
Loading

This PR contains the following updates:

Package Update Change OpenSSF
APScheduler (changelog) patch ==3.11.0 -> ==3.11.2 OpenSSF Scorecard
Authlib patch ==1.6.5 -> ==1.6.9 OpenSSF Scorecard
Babel (source) minor ==2.17.0 -> ==2.18.0 OpenSSF Scorecard
Flask (changelog) patch ==3.1.2 -> ==3.1.3 OpenSSF Scorecard
PyJWT minor ==2.10.1 -> ==2.11.0 OpenSSF Scorecard
Werkzeug (changelog) patch ==3.1.3 -> ==3.1.6 OpenSSF Scorecard
apprise patch ==1.9.5 -> ==1.9.8 OpenSSF Scorecard
setuptools (changelog) minor ==80.9.0 -> ==80.10.2 OpenSSF Scorecard

Release Notes

agronholm/apscheduler (APScheduler)

v3.11.2

Compare Source

  • Fixed an issue where a job using a CronTrigger scheduled in a repeated time interval during DST transitions could cause the scheduler to get stuck in an infinite loop (#​1021; PR by @​soulofakuma)

v3.11.1

Compare Source

  • Fixed scheduler.shutdown() not raising SchedulerNotRunning (or raising the wrong exception) for asynchronous schedulers when the scheduler is in fact not running
  • Fixed CronTrigger sticking on a folded datetime during the fall-back DST transition (#​1021 <#​1021>_; PR by @​berianjames)`
authlib/authlib (Authlib)

v1.6.9

Compare Source

Full Changelog: authlib/authlib@v1.6.8...v1.6.9

Changes in jose module

  • Not using header's jwk automatically
  • Add ES256K into default jwt algorithms
  • Remove deprecated algorithm from default registry
  • Generate random cek when cek length doesn't match

v1.6.8

Compare Source

Full Changelog: authlib/authlib@v1.6.7...v1.6.8

  • Add EdDSA to default jwt instance.

v1.6.7

Compare Source

Full Changelog: authlib/authlib@v1.6.6...v1.6.7

Set supported algorithms for the default jwt instance.

v1.6.6

Compare Source

What's Changed

New Contributors

Full Changelog: authlib/authlib@v1.6.5...v1.6.6

python-babel/babel (Babel)

v2.18.0

Compare Source

Happy 2026! This release is, coincidentally, also being made from FOSDEM.

We will aspire for a slightly less glacial release cadence in this year;
there are interesting features in the pipeline.

Features


* Core: Add `babel.core.get_cldr_version()` by @&#8203;akx in :gh:`1242`
* Core: Use CLDR 47 by @&#8203;tomasr8 in :gh:`1210`
* Core: Use canonical IANA zone names in zone_territories by @&#8203;akx in :gh:`1220`
* Messages: Improve extract performance via ignoring directories early during os.walk by @&#8203;akx in :gh:`968`
* Messages: Merge in per-format keywords and auto_comments by @&#8203;akx in :gh:`1243`
* Messages: Update keywords for extraction of dpgettext and dnpgettext by @&#8203;mardiros in :gh:`1235`
* Messages: Validate all plurals in Python format checker by @&#8203;tomasr8 in :gh:`1188`
* Time: Use standard library `timezone` instead of `FixedOffsetTimezone` by @&#8203;akx in :gh:`1203`

Bugfixes
  • Core: Fix formatting for "Empty locale identifier" exception added in #​1164 by @​akx in :gh:1184
  • Core: Improve handling of no-inheritance-marker in timezone data by @​akx in :gh:1194
  • Core: Make the number pattern regular expression more efficient by @​akx in :gh:1213
  • Messages: Keep translator comments next to the translation function call by @​akx in :gh:1196
  • Numbers: Fix KeyError that occurred when formatting compact currencies of exactly one thousand in several locales by @​bartbroere in :gh:1246

Other improvements


* Core: Avoid unnecessary uses of `map()` by @&#8203;akx in :gh:`1180`
* Messages: Have init-catalog create directories too by @&#8203;akx in :gh:`1244`
* Messages: Optimizations for read_po by @&#8203;akx in :gh:`1200`
* Messages: Use pathlib.Path() in catalog frontend; improve test coverage by @&#8203;akx in :gh:`1204`

Infrastructure and documentation
  • CI: Renovate CI & lint tools by @​akx in :gh:1228
  • CI: Tighten up CI with Zizmor by @​akx in :gh:1230
  • CI: make job permissions explicit by @​akx in :gh:1227
  • Docs: Add SECURITY.md by @​akx in :gh:1229
  • Docs: Remove u string prefix from docs by @​verhovsky in :gh:1174
  • Docs: Update dates.rst with current unicode.org tr35 link by @​clach04 in :gh:1189
  • General: Add some PyPI classifiers by @​tomasr8 in :gh:1186
  • General: Apply reformatting by hand and with Ruff by @​akx in :gh:1202
  • General: Test on and declare support for Python 3.14 by @​akx in :gh:1233
  • Tests: Convert Unittest testcases with setup/teardown to fixtures by @​akx in :gh:1240
  • Tests: Mark PyPy CI flake as xfail by @​akx in :gh:1197
  • Tests: Move pytest config to pyproject.toml by @​tomasr8 in :gh:1187
  • Tests: Unwrap most unittest test cases to bare functions by @​akx in :gh:1241
pallets/flask (Flask)

v3.1.3

Compare Source

Released 2026-02-18

  • The session is marked as accessed for operations that only access the keys
    but not the values, such as in and len. :ghsa:68rp-wp8r-4726
jpadilla/pyjwt (PyJWT)

v2.11.0

Compare Source

Fixed


- Annotate PyJWKSet.keys for pyright by @&#8203;tamird in `#&#8203;1134 <https://github.com/jpadilla/pyjwt/pull/1134>`__
- Close ``HTTPError`` response to prevent ``ResourceWarning`` on Python 3.14 by @&#8203;veeceey in `#&#8203;1133 <https://github.com/jpadilla/pyjwt/pull/1133>`__
- Do not keep ``algorithms`` dict in PyJWK instances by @&#8203;akx in `#&#8203;1143 <https://github.com/jpadilla/pyjwt/pull/1143>`__

Added
  • Docs: Add PyJWKClient API reference and document the two-tier caching system (JWK Set cache and signing key LRU cache).
pallets/werkzeug (Werkzeug)

v3.1.6

Compare Source

Released 2026-02-19

  • safe_join on Windows does not allow special devices names in
    multi-segment paths. :ghsa:29vq-49wr-vm6x

v3.1.5

Compare Source

Released 2026-01-08

  • safe_join on Windows does not allow more special device names, regardless
    of extension or surrounding spaces. :ghsa:87hc-h4r5-73f7
  • The multipart form parser handles a \r\n sequence at a chunk boundary.
    This fixes the previous attempt, which caused incorrect content lengths.
    :issue:3065 :issue:3077
  • Fix AttributeError when initializing DebuggedApplication with
    pin_security=False. :issue:3075

v3.1.4

Compare Source

Released 2025-11-28

  • safe_join on Windows does not allow special device names. This prevents
    reading from these when using send_from_directory. secure_filename
    already prevented writing to these. :ghsa:hgf8-39gv-g3f2
  • The debugger pin fails after 10 attempts instead of 11. :pr:3020
  • The multipart form parser handles a \r\n sequence at a chunk boundary.
    :issue:3065
  • Improve CPU usage during Watchdog reloader. :issue:3054
  • Request.json annotation is more accurate. :issue:3067
  • Traceback rendering handles when the line number is beyond the available
    source lines. :issue:3044
  • HTTPException.get_response annotation and doc better conveys the
    distinction between WSGI and sans-IO responses. :issue:3056
caronc/apprise (apprise)

v1.9.8

Compare Source

What's Changed

It's been a few months now; Apprise is due for a release containing all of the issues that have been resolved. I feel the big highlights of this release are IRC, Fluxer, and the return of XMPP support!

Continue to refer to https://AppriseIt.com for your documentation needs.

📣 New Notification Services:
🐞 Bugfixes

n/a

💡 Features
❤️ Life-Cycle Support
  • Standardize linting by enabling Ruff preview rules and updating code base in #​1510
  • Remove unnecessary pytest rpm dependencies in #​1515
  • CLI test cases compatible now with Python v3.15 in #​1516
  • Updated copyright notices to reflect 2026 in #​1540

Installation

Apprise is available on PyPI through pip:

# Install Apprise v1.9.8 from PyPI
pip install apprise==1.9.8

New Contributors

Full Changelog: caronc/apprise@v1.9.7...v1.9.8

v1.9.7

Compare Source

What's Changed

Big changes of this release is we're back at 100% test coverage plus a new documentation source: https://AppriseIt.com

🐞 Bugfixes
  • discord:// improvements to ping= handling in #​1470
  • Bugzilla 2424601 resolved - no NotifyType enum leaking in #​1473
  • resolves reoccurring warning for GdkPixbuf in #​1488
  • Improved Matrix room handling in #​1492
💡 Features
❤️ Life-Cycle Support
  • 🔥 Adapt appriseit.com as new documentation source in #​1486
  • Improved documentation surrounding tagging in #​1489
  • improved on notification manger customization in #​1490
  • 🚀 100% test coverage in #​1491

New Contributors

Installation

Apprise is available on PyPI through pip:

# Install Apprise v1.9.7 from PyPI
pip install apprise==1.9.7

Full Changelog: caronc/apprise@v1.9.6...v1.9.7

v1.9.6

Compare Source

What's Changed

📣 New Notification Services:
🐞 Bugfixes
  • Updated RPM Spec file to fix rpmbuild errors on koji in #​1421
  • Added py.typed back into repository and Manifest in #​1426
  • fix(telegram): support <code> blocks wrapped in <pre> for syntax highlighting by @​hmnd in #​1423
  • Apprise API payload bugfix in #​1428
  • Matrix room/alias accepted characters re-aligned - bugfix in #​1442
  • fix parsing of USA callsigns--specifically different prefix/suffix counts like 1x2 and 1x3 calls by @​NeilHanlon in #​1418
  • dot:// setup_url to align with other apprise ones in #​1449 (extension to #​1445 in same release)
  • fixed handling of non-standard matrix:// ports in #​1450
  • Fix Reply-To header variable consistency by @​slavaGanzin in #​1446
💡 Features
  • increase of Pushover attachment size to 5MB in #​1427
  • Added basic support for ntfy Actions by @​ivangrimaldi in #​1436
  • feat(bark): Add 'call' parameter support to NotifyBark for ringtone r… by @​HerbertGao in #​1444
  • Improved TRUNCATE and SPLIT with smart text splitting in #​1459
  • Added support for slack-gov.com to slack:// in #​1463
  • Nextcloud group notification implementation by @​dev-KingMaster in #​1440
  • Resend plugin improvements adding improved support for name=, cc=, reply=, and to= in #​1465
  • discord:// supports ping= feature now in #​1466
❤️ Life-Cycle Support
  • EPEL10 GitHub workflow added - RPM Building in #​1460 and #​1451
  • Added additional test coverage for Apprise configuration parsing in #​1454
  • Added additional workflow:// test case in #​1458
  • Spelling mistakes + minor code alignment in #​1439

New Contributors

Installation

Apprise is available on PyPI through pip:

# Install Apprise v1.9.6 from PyPI
pip install apprise==1.9.6

Full Changelog: caronc/apprise@v1.9.5...v1.9.6

pypa/setuptools (setuptools)

v80.10.2

Compare Source

v80.10.1

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@sassanix sassanix changed the title Update dependency APScheduler to v3.11.1 (from 3.11.0) chore(deps): update dependency apscheduler to v3.11.1 (from 3.11.0) Nov 10, 2025
@sassanix sassanix force-pushed the renovate/python-packages branch from 9c48b61 to 6452d63 Compare December 1, 2025 01:55
@sassanix sassanix changed the title chore(deps): update dependency apscheduler to v3.11.1 (from 3.11.0) chore(deps): update python packages Dec 1, 2025
@sassanix sassanix force-pushed the renovate/python-packages branch from 6452d63 to 61d6c3d Compare December 8, 2025 01:42
@sassanix sassanix force-pushed the renovate/python-packages branch from 61d6c3d to 1160527 Compare December 15, 2025 01:47
@sassanix sassanix force-pushed the renovate/python-packages branch from 1160527 to edde7b1 Compare December 22, 2025 01:48
@sassanix sassanix force-pushed the renovate/python-packages branch from edde7b1 to e9f8bc1 Compare January 12, 2026 01:51
@sassanix sassanix force-pushed the renovate/python-packages branch from e9f8bc1 to 23742c4 Compare January 26, 2026 01:56
@sassanix sassanix force-pushed the renovate/python-packages branch from 23742c4 to 0e228ab Compare February 2, 2026 02:11
@sassanix sassanix force-pushed the renovate/python-packages branch 2 times, most recently from 74d3e3f to 6c689e1 Compare February 16, 2026 02:10
@sassanix sassanix force-pushed the renovate/python-packages branch from 6c689e1 to f0bfd37 Compare February 23, 2026 02:11
@sassanix sassanix force-pushed the renovate/python-packages branch from f0bfd37 to 963315f Compare March 9, 2026 02:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sassanix @renovate-bot