fix(deps): update all non-major dependencies (!163) · Merge requests · Information Services / DevOps / Identity and Access Management / Activate Account / API for Frontend

This MR contains the following updates:

Package	Change	Type	Update
cloup	`3.0.7` -> `3.0.8`	poc	patch
cryptography (changelog)	`45.0.3` -> `45.0.7`	dependencies	patch
django (changelog)	`4.2.19` -> `4.2.24`	dependencies	patch
django-crispy-forms (changelog)	`2.3` -> `2.4`	dependencies	minor
djangorestframework (source, changelog)	`3.15.2` -> `3.16.1`	dependencies	minor
google-auth	`2.38.0` -> `2.40.3`	poc	minor
google-cloud-pubsub	`2.29.0` -> `2.31.1`	dependencies	minor
message-schemas	`^0.3.0` -> `^0.6.0`	dependencies	minor
mkdocs-literate-nav (changelog)	`0.6.1` -> `0.6.2`	docs	patch
mkdocs-material (changelog)	`9.6.3` -> `9.6.18`	docs	patch
mkdocs-section-index (changelog)	`0.3.9` -> `0.3.10`	docs	patch
mkdocstrings (changelog)	`^0.27.0` -> `^0.30.0`	docs	minor
msgraph-sdk	`1.28.0` -> `1.40.0`	poc	minor
pre-commit/mirrors-mypy	`v1.4.1` -> `v1.17.1`	repository	minor
psycopg (source, changelog)	`3.2.4` -> `3.2.9`	dependencies	patch
pycqa/flake8	`7.1.1` -> `7.3.0`	repository	minor
python	`3.11-slim` -> `3.13-slim`		minor
registry.gitlab.developers.cam.ac.uk/uis/devops/infra/dockerimages/python	`3.11-slim` -> `3.13-slim`	final	minor
registry.gitlab.developers.cam.ac.uk/uis/devops/infra/dockerimages/python	`3.11-slim` -> `3.13-slim`	stage	minor
requests (source, changelog)	`2.32.3` -> `2.32.5`	dependencies	patch
tenacity	`9.0.0` -> `9.1.2`	dependencies	minor
uis/devops/continuous-delivery/ci-templates	`v7.6.2` -> `v7.14.1`	repository	minor

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

janLuke/cloup (cloup)

`v3.0.8`

Compare Source

What's Changed

Other Changes

Add show_subcommand_aliases to overloads for group by @ntessman-capsule in janluke#191

New Contributors

@ntessman-capsule made their first contribution in janluke#191

Full Changelog: https://github.com/janluke/cloup/compare/v3.0.7...v3.0.8

pyca/cryptography (cryptography)

django/django (django)

`v4.2.24`

Compare Source

`v4.2.23`

Compare Source

`v4.2.22`

Compare Source

`v4.2.21`

Compare Source

`v4.2.20`

Compare Source

django-crispy-forms/django-crispy-forms (django-crispy-forms)

`v2.4`

Compare Source

Added support for Python 3.13.
Confirmed support for Django 5.2.

encode/django-rest-framework (djangorestframework)

`v3.16.1`

Compare Source

This release fixes a few bugs, clean-up some old code paths for unsupported Python versions and improve translations.

Minor changes

Cleanup optional backports.zoneinfo dependency and conditions on unsupported Python 3.8 and lower in #9681. Python versions prior to 3.9 were already unsupported so this isn't considered as a breaking change.

Bug fixes

Fix regression in unique_together validation with SerializerMethodField in #9712
Fix UniqueTogetherValidator to handle fields with source attribute in #9688
Drop HTML line breaks on long headers in browsable API in #9438

Translations

Add Kazakh locale support in #9713
Update translations for Korean translations in #9571
Update German translations in #9676
Update Chinese translations in #9675
Update Arabic translations-sal in #9595
Update Persian translations in #9576
Update Spanish translations in #9701
Update Turkish Translations in #9749
Fix some typos in Brazilian Portuguese translations in #9673

Documentation

Removed reference to GitHub Issues and Discussions in #9660
Add drf-restwind and update outdated images in browsable-api.md in #9680
Updated funding page to represent current scope in #9686
Fix broken Heroku JSON Schema link in #9693
Update Django documentation links to use stable version in #9698
Expand docs on unique constraints cause 'required=True' in #9725
Revert extension back from djangorestframework-guardian2 to djangorestframework-guardian in #9734
Add note to tutorial about required request in serializer context when using HyperlinkedModelSerializer in #9732

Internal changes

Update GitHub Actions to use Ubuntu 24.04 for testing in #9677
Update test matrix to use Django 5.2 stable version in #9679
Add pyupgrade to pre-commit hooks in #9682
Fix test with Django 5 when pytz is available in #9715

New Contributors

@araggohnxd made their first contribution in #9673
@mbeijen made their first contribution in #9660
@stefan6419846 made their first contribution in #9676
@ren000thomas made their first contribution in #9675
@ulgens made their first contribution in #9682
@bukh-sal made their first contribution in #9595
@rezatn0934 made their first contribution in #9576
@Rohit10jr made their first contribution in #9693
@kushibayev made their first contribution in #9713
@alihassancods made their first contribution in #9732
@kulikjak made their first contribution in #9715
@Natgho made their first contribution in #9749

Full Changelog: https://github.com/encode/django-rest-framework/compare/3.16.0...3.16.1

`v3.16.0`

Compare Source

This release is considered a significant release to improve upstream support with Django and Python. Some of these may change the behaviour of existing features and pre-existing behaviour. Specifically, some fixes were added to around the support of UniqueConstraint with nullable fields which will improve built-in serializer validation.

Features

Add official support for Django 5.1 and its new LoginRequiredMiddleware in #9514 and #9657
Add official Django 5.2a1 support in #9634
Add support for Python 3.13 in #9527 and #9556
Support Django 2.1+ test client JSON data automatically serialized in #6511 and fix a regression in #9615

Bug fixes

Fix unique together validator to respect condition's fields from UniqueConstraint in #9360
Fix raising on nullable fields part of UniqueConstraint in #9531
Fix unique_together validation with source in #9482
Added protections to AttributeError raised within properties in #9455
Fix get_template_context to handle also lists in #9467
Fix "Converter is already registered" deprecation warning. in #9512
Fix noisy warning and accept integers as min/max values of DecimalField in #9515
Fix usages of open() in setup.py in #9661

Translations

Add some missing Chinese translations in #9505
Fix spelling mistakes in Farsi language were corrected in #9521
Fixing and adding missing Brazilian Portuguese translations in #9535

Removals

Remove support for Python 3.8 in #9670
Remove long deprecated code from request wrapper in #9441
Remove deprecated AutoSchema._get_reference method in #9525

Documentation and internal changes

Provide tests for hashing of OperandHolder in #9437
Update documentation: Add adrf third party package in #9198
Update tutorials links in Community contributions docs in #9476
Fix usage of deprecated Django function in example from docs in #9509
Move path converter docs into a separate section in #9524
Add test covering update view without queryset attribute in #9528
Fix Transifex link in #9541
Fix example httpie call in docs in #9543
Fix example for serializer field with choices in docs in #9563
Remove extra <> in validators example in #9590
Update strftime link in the docs in #9624
Switch to codecov GHA in #9618
Add note regarding availability of the action attribute in 'Introspecting ViewSet actions' docs section in #9633
Improved description of allowed throttling rates in documentation in #9640
Add rest-framework-gm2m-relations package to the list of 3rd party libraries in #9063
Fix a number of typos in the test suite in the docs in #9662
Add django-pyoidc as a third party authentication library in #9667

New Contributors

@maerteijn made their first contribution in #9198
@FraCata00 made their first contribution in #9444
@AlvaroVega made their first contribution in #9451
@james-mchugh made their first contribution in #9455
@ifeanyidavid made their first contribution in #9479
@p-schlickmann made their first contribution in #9480
@akkuman made their first contribution in #9505
@rafaelgramoschi made their first contribution in #9509
@Sinaatkd made their first contribution in #9521
@gtkacz made their first contribution in #9535
@sliverc made their first contribution in #9556
@gabrielromagnoli1987 made their first contribution in #9543
@cheehong1030 made their first contribution in #9563
@amansharma612 made their first contribution in #9590
@Gluroda made their first contribution in #9616
@deepakangadi made their first contribution in #9624
@EXG1O made their first contribution in #9633
@decadenza made their first contribution in #9640
@mojtabaakbari221b made their first contribution in #9063
@mikemanger made their first contribution in #9661
@gbip made their first contribution in #9667

Full Changelog: https://github.com/encode/django-rest-framework/compare/3.15.2...3.16.0

googleapis/google-auth-library-python (google-auth)

`v2.40.3`

Compare Source

Bug Fixes

Auth fetch token from default endpoint (#1779) (88891cc)
Remove unnecessary call to mds service (#1769) (7c61c7d)
Retry 504 errors (#1767) (554f967)

`v2.40.2`

Compare Source

Bug Fixes

Remove sync response logs in AuthorizedSession (97ed1c8)
Update test to consider new error message from cryptography (#1765) (44e38b6)

`v2.40.1`

Compare Source

Bug Fixes

Disable logging response body for async logs (#1756) (2f0ddfe)

`v2.40.0`

Compare Source

Features

Add request response logging to auth (#1678) (77ad53e)

Bug Fixes

Correct webauthn JSON parsing to be compliant with standard. (#1658) (0c5ef36)

`v2.39.0`

Compare Source

Features

Adds GA support for X.509 workload identity federation (#1695) (7495960)

Bug Fixes

Add impersonated SA via local ADC support for fetch_id_token (#1740) (f249764)
Add missing packaging dependency for feature requiring urllib3 (#1732) (221f4a8)
Add request timeout for MDS requests (#1699) (9f7d3fa)
Explicitly declare support for Python 3.13 (#1741) (6fd04d5)

googleapis/python-pubsub (google-cloud-pubsub)

`v2.31.1`

Compare Source

Bug Fixes

Change Log Severities for Terminated Streams (#1433) (3a3aa79)
Propagate Otel Context to Subscriber Callback if Provided (#1429) (b0f6f49)

`v2.31.0`

Compare Source

Features

Add MessageTransformationFailureReason to IngestionFailureEvent (#1427) (8ab13e1)

Bug Fixes

Surface Fatal Stream Errors to Future; Adjust Retryable Error Codes (#1422) (e081beb)

`v2.30.0`

Compare Source

Features

Add SchemaViolationReason to IngestionFailureEvent (#1411) (c046ca2)

`v2.29.1`

Compare Source

Bug Fixes

Remove setup.cfg configuration for creating universal wheels (#1376) (60639c4)

Documentation

sample: Add samples for topic and subscription SMTs (#1386) (4d072e0)
Update documentation for JavaScriptUDF to indicate that the message_id metadata field is optional instead of required (#1380) (be90054)
Update readme links (#1409) (77ba05d)

oprypin/mkdocs-literate-nav (mkdocs-literate-nav)

`v0.6.2`

Compare Source

Fix compatibility with MkDocs 1.6+
Require at least MkDocs 1.4

Other refactors, see https://github.com/oprypin/mkdocs-literate-nav/compare/v0.6.1...v0.6.2

squidfunk/mkdocs-material (mkdocs-material)

`v9.6.18`: mkdocs-material-9.6.18

Compare Source

Updated Azerbaijani translations
Fixed last compat issues with minijinja, now 100% compatible

`v9.6.17`: mkdocs-material-9.6.17

Compare Source

Fixed #8396: Videos do not autoplay when inside a content tab
Fixed #8394: Stroke width not effective in Mermaid.js diagrams
Fixed disappearing version selector when hiding page title

`v9.6.16`: mkdocs-material-9.6.16

Compare Source

Fixed #8349: Info plugin doesn't correctly detect virtualenv in some cases
Fixed #8334: Find-in-page detects matches in hidden search result list

`v9.6.15`: mkdocs-material-9.6.15

Compare Source

Updated Mongolian translations
Improved semantic markup of "edit this page" button
Improved info plugin virtual environment resolution
Fixed #8291: Large font size setting throws of breakpoints in JavaScript

`v9.6.14`: mkdocs-material-9.6.14

Compare Source

Fixed #8215: Social plugin crashes when CairoSVG is updated to 2.8

`v9.6.13`: mkdocs-material-9.6.13

Compare Source

Fixed #8204: Annotations showing list markers in print view
Fixed #8153: Improve style of cardinality symbols in Mermaid.js ER diagrams

`v9.6.12`: mkdocs-material-9.6.12

Compare Source

Fixed #8158: Flip footnote back reference icon for right-to-left languages

`v9.6.11`: mkdocs-material-9.6.11

Compare Source

Updated Docker image to latest Alpine Linux
Bump required Jinja version to 3.1
Fixed #8133: Jinja filter items not available (9.6.10 regression)
Fixed #8128: Search plugin not entirely disabled via enabled setting

`v9.6.10`: mkdocs-material-9.6.10

Compare Source

This version is a pure refactoring release, and does not contain new features or bug fixes. It strives to improve the compatibility of our templates with alternative Jinja-like template engines that we're currently exploring, including minijinja.

Additionally, it replaces several instances of Python function invocations with idiomatic use of template filters. All instances where variables have been mutated inside templates have been replaced. Most changes have been made in partials, and only a few in blocks, and all of them are fully backward compatible, so no changes to overrides are necessary.

Note that this release does not replace the Jinja template engine with minijinja. However, our templates are now 99% compatible with minijinja, which means we can explore alternative Jinja-compatible implementations. Additionally, immutability and removal of almost all Python function invocations means much more idiomatic templating.

`v9.6.9`: mkdocs-material-9.6.9

Compare Source

Updated Serbo-Croatian translations
Fixed #8086: Custom SVG icons containing hashes break rendering
Fixed #8067: Drawer has gap on right side in Firefox on some OSs

`v9.6.8`: mkdocs-material-9.6.8

Compare Source

Added Welsh translations
Fixed #8076: Privacy plugin crashes if HTTP download fails

`v9.6.7`: mkdocs-material-9.6.7

Compare Source

Fixed #8056: Error in backrefs implementation (9.6.6 regression)
Fixed #8054: Unescaped quotes in ARIA labels of table of contents

`v9.6.6`: mkdocs-material-9.6.6

Compare Source

Fixed #8040: Privacy plugin not replacing exteral assets (9.6.5 regression)
Fixed #8031: Replace unmaintained regex package in search plugin

`v9.6.5`: mkdocs-material-9.6.5

Compare Source

Fixed #8016: Tags listing not showing when when file name has spaces
Fixed #8012: Privacy plugin crashes if HTTP download fails

`v9.6.4`: mkdocs-material-9.6.4

Compare Source

Fixed #7985: Blog content sometimes not stretching to full width
Fixed #7978: Navigation rendering bug in Safari 18.3

oprypin/mkdocs-section-index (mkdocs-section-index)

`v0.3.10`

Compare Source

Adapt to mkdocs-material version 9.6.10 - 9260736, #26

mkdocstrings/mkdocstrings (mkdocstrings)

`v0.30.0`

Compare Source

Compare with 0.29.1

Features

Add data-skip-inventory boolean attribute for elements to skip registration in local inventory (f856160 by Bartosz Sławecki). Issue-671, MR-774
Add I18N support (translations) (2b4ed54 by Nyuan Zhang). MR-645, Co-authored-by: Timothée Mazzucotelli dev@pawamoy.fr

`v0.29.1`

Compare Source

Compare with 0.29.1

Features

Add data-skip-inventory boolean attribute for elements to skip registration in local inventory (f856160 by Bartosz Sławecki). Issue-671, MR-774
Add I18N support (translations) (2b4ed54 by Nyuan Zhang). MR-645, Co-authored-by: Timothée Mazzucotelli dev@pawamoy.fr

`v0.29.0`

Compare Source

Compare with 0.29.0

Dependencies

Remove unused typing-extensions dependency (ba98661 by Timothée Mazzucotelli).

Bug Fixes

Ignore invalid inventory lines (81caff5 by Josh Mitchell). MR-748

Code Refactoring

Rename loggers to "mkdocstrings" (1a98040 by Timothée Mazzucotelli).

`v0.28.3`

Compare Source

Compare with 0.28.3

This is the last version before v1!

Build

Depend on MkDocs 1.6 (11bc400 by Timothée Mazzucotelli).

Features

Support rendering backlinks through handlers (d4c7b9c by Timothée Mazzucotelli). Issue-723, Issue-mkdocstrings-python-153, MR-739

Code Refactoring

Save and forward titles to autorefs (f49fb29 by Timothée Mazzucotelli).
Use a combined event (each split with a different priority) for on_env (8d1dd75 by Timothée Mazzucotelli).

`v0.28.2`

Compare Source

Compare with 0.28.2

Deprecations

All public objects must now be imported from the top-level mkdocstrings module. Importing from submodules is deprecated, and will raise errors starting with v1. This should be the last deprecation before v1.

Build

Make python extra depend on latest mkdocstrings-python (1.16.2) (ba9003e by Timothée Mazzucotelli).

Code Refactoring

Finish exposing/hiding public/internal objects (0723fc2 by Timothée Mazzucotelli).
Re-expose public API in the top-level mkdocstrings module (e66e080 by Timothée Mazzucotelli).
Move modules to internal folder (23fe23f by Timothée Mazzucotelli).

`v0.28.1`

Compare Source

Compare with 0.28.1

Build

Depend on mkdocs-autorefs >= 1.4 (2c22bdc by Timothée Mazzucotelli).

`v0.28.0`

Compare Source

Compare with 0.28.0

Bug Fixes

Renew MkDocs' relpath processor instead of using same instance (4ab180d by Timothée Mazzucotelli). Issue-mkdocs-3919

microsoftgraph/msgraph-sdk-python (msgraph-sdk)

`v1.40.0`

Compare Source

Features

generation: update request builders and models (15c9742)

`v1.39.0`

Compare Source

Features

generation: update request builders and models (cd04cfb)

`v1.38.0`

Compare Source

Features

generation: update request builders and models (47a564d)
generation: update request builders and models (b35949b)

`v1.37.0`

Compare Source

Features

generation: update request builders and models (f7de565)

`v1.36.0`

Compare Source

Features

generation: update request builders and models (7f49d36)

`v1.35.0`

Compare Source

Features

generation: update request builders and models (5a3dc37)

`v1.34.0`

Compare Source

Features

generation: update request builders and models (49dbc7e)

`v1.33.0`

Compare Source

Features

generation: update request builders and models (2cb94a6)

`v1.32.0`

Compare Source

Features

generation: update request builders and models (48cf860)

`v1.31.0`

Compare Source

Features

generation: update request builders and models (f445a90)

`v1.30.0`

Compare Source

Features

generation: update request builders and models (303fb7d)

`v1.29.0`

Compare Source

Features

generation: update request builders and models (#1210) (cc4f2ed)

pre-commit/mirrors-mypy (pre-commit/mirrors-mypy)

The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

Added support for Python 3.14.
Dropped support for Python 3.8 following its end of support.

`v2.32.4`

Compare Source

Security

CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements