profile
viewpoint
Olav Vahtras vahtras KTH Stockholm Professor of Theoretical Chemistry Software/Data Carpentry Instructor Co-editor of SciPy Lecture Notes

cb2060/scilib 0

Scientific libraries

cb2060/testing 0

Testing with pytest

khinsen/2015-04-13-leidenuniv 0

Software Carpentry bootcamp at Leiden Observatory

pull request commentswcarpentry/python-novice-gapminder

Ep02 minor fixes/typos

We also have that a mathematical interval [x, y) is more like a set of numbers and fundamentally different from a Python sequence of numbers where there is an implied order.

On Tue, Jan 4, 2022 at 11:02 AM Alex Ball ***@***.***> wrote:

According to the Wikipedia link (and this is indeed how I remember it) mathematical interval notation uses a comma rather than a colon for separating the limits. To make it clearer that this isn't Python, perhaps it would be better to have [start, stop) or, even better, avoid the monospace and write it [start, stop).

— Reply to this email directly, view it on GitHub https://github.com/swcarpentry/python-novice-gapminder/pull/570#issuecomment-1004672259, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLLJBOFK3ADZTJFY3YGXBTUULAVFANCNFSM5D3FQNDA . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

vinisalazar

comment created time in 15 days

issue commentswcarpentry/python-novice-gapminder

Selecting random character from string (Ep. 6) missing a good solution

I agree here, random.choice is the easiest to read, most intuitive solution, and should be included

Olav

On Tue, Jan 4, 2022 at 12:02 PM Alex Ball ***@***.***> wrote:

The challenge "Locating the right module http://swcarpentry.github.io/python-novice-gapminder/06-libraries/index.html#locating-the-right-module" has several solutions, but I think the most obvious one is missing.

The solutions given are:

print(bases[random.randrange(len(bases))])print(bases[random.randint(0, len(bases) - 1)]) # impliedprint(random.sample(bases, 1)[0])

with the postscript "[There are] also other functions you could use, but with more convoluted code as a result." What about this?

print(random.choice(bases))

This is, I would argue, the most keystroke-efficient solution and most intuitive to read; it certainly does not fall into the "more convoluted" category. Is the reason for missing it out because it answers exactly the use case in the challenge, and is therefore not applicable to adjacent challenges (e.g. picking more than one distinct character; doing something else with the index)?

— Reply to this email directly, view it on GitHub https://github.com/swcarpentry/python-novice-gapminder/issues/581, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABLLJBPB7TALN5KLQ3R4PVTUULHUZANCNFSM5LHFQEZA . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

alex-ball

comment created time in 15 days

created repositoryvahtras/testaction1

created time in a month

PR merged vahtras/introduction

Bump jinja2 from 2.10.1 to 2.11.3 dependencies

Bumps jinja2 from 2.10.1 to 2.11.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/releases">jinja2's releases</a>.</em></p> <blockquote> <h2>2.11.3</h2> <p>This contains a fix for a speed issue with the <code>urlize</code> filter. <code>urlize</code> is likely to be called on untrusted user input. For certain inputs some of the regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became slightly stricter. The various speedups apply to <code>urlize</code> in general, not just the specific input cases.</p> <ul> <li>PyPI: <a href="https://pypi.org/project/Jinja2/2.11.3/">https://pypi.org/project/Jinja2/2.11.3/</a></li> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3</a></li> </ul> <h2>2.11.2</h2> <ul> <li>Changelog: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-2">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-2</a></li> </ul> <h2>2.11.1</h2> <p>This fixes an issue in async environment when indexing the result of an attribute lookup, like <code>{{ data.items[1:] }}</code>.</p> <ul> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1</a></li> </ul> <h2>2.11.0</h2> <ul> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-0">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-0</a></li> <li>Blog: <a href="https://palletsprojects.com/blog/jinja-2-11-0-released/">https://palletsprojects.com/blog/jinja-2-11-0-released/</a></li> <li>Twitter: <a href="https://twitter.com/PalletsTeam/status/1221883554537230336">https://twitter.com/PalletsTeam/status/1221883554537230336</a></li> </ul> <p>This is the last version to support Python 2.7 and 3.5. The next version will be Jinja 3.0 and will support Python 3.6 and newer.</p> <h2>2.10.3</h2> <ul> <li>Changes: <a href="http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-3">http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-3</a></li> </ul> <h2>2.10.2</h2> <ul> <li>Changes: <a href="http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-2">http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-2</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/blob/master/CHANGES.rst">jinja2's changelog</a>.</em></p> <blockquote> <h2>Version 2.11.3</h2> <p>Released 2021-01-31</p> <ul> <li>Improve the speed of the <code>urlize</code> filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. :pr:<code>1343</code></li> </ul> <h2>Version 2.11.2</h2> <p>Released 2020-04-13</p> <ul> <li>Fix a bug that caused callable objects with <code>getattr</code>, like :class:<code>~unittest.mock.Mock</code> to be treated as a :func:<code>contextfunction</code>. :issue:<code>1145</code></li> <li>Update <code>wordcount</code> filter to trigger :class:<code>Undefined</code> methods by wrapping the input in :func:<code>soft_str</code>. :pr:<code>1160</code></li> <li>Fix a hang when displaying tracebacks on Python 32-bit. :issue:<code>1162</code></li> <li>Showing an undefined error for an object that raises <code>AttributeError</code> on access doesn't cause a recursion error. :issue:<code>1177</code></li> <li>Revert changes to :class:<code>~loaders.PackageLoader</code> from 2.10 which removed the dependency on setuptools and pkg_resources, and added limited support for namespace packages. The changes caused issues when using Pytest. Due to the difficulty in supporting Python 2 and :pep:<code>451</code> simultaneously, the changes are reverted until 3.0. :pr:<code>1182</code></li> <li>Fix line numbers in error messages when newlines are stripped. :pr:<code>1178</code></li> <li>The special <code>namespace()</code> assignment object in templates works in async environments. :issue:<code>1180</code></li> <li>Fix whitespace being removed before tags in the middle of lines when <code>lstrip_blocks</code> is enabled. :issue:<code>1138</code></li> <li>:class:<code>~nativetypes.NativeEnvironment</code> doesn't evaluate intermediate strings during rendering. This prevents early evaluation which could change the value of an expression. :issue:<code>1186</code></li> </ul> <h2>Version 2.11.1</h2> <p>Released 2020-01-30</p> <ul> <li>Fix a bug that prevented looking up a key after an attribute (<code>{{ data.items[1:] }}</code>) in an async template. :issue:<code>1141</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/jinja/commit/cf215390d4a4d6f0a4de27e2687eed176878f13d"><code>cf21539</code></a> release version 2.11.3</li> <li><a href="https://github.com/pallets/jinja/commit/15ef8f09b659f9100610583938005a7a10472d4d"><code>15ef8f0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1343">#1343</a> from pallets/urlize-speedup</li> <li><a href="https://github.com/pallets/jinja/commit/ef658dc3b6389b091d608e710a810ce8b87995b3"><code>ef658dc</code></a> speed up urlize matching</li> <li><a href="https://github.com/pallets/jinja/commit/eeca0fecc3318d43f61bc340ad61db641b861ade"><code>eeca0fe</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1207">#1207</a> from mhansen/patch-1</li> <li><a href="https://github.com/pallets/jinja/commit/2dd769111cbb1a2637f805b3b4c652ec8096d371"><code>2dd7691</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1209">#1209</a> from mhansen/patch-3</li> <li><a href="https://github.com/pallets/jinja/commit/48929401db7228db04dfd8e88115dd5c30dc2d86"><code>4892940</code></a> do_dictsort: update example ready to copy/paste</li> <li><a href="https://github.com/pallets/jinja/commit/7db7d336ba12574e6205fdd929386fd529e3fad4"><code>7db7d33</code></a> api.rst: bugfix in docs, import PackageLoader</li> <li><a href="https://github.com/pallets/jinja/commit/9ec465baefe32e305bd4e61da49e6c39360c194e"><code>9ec465b</code></a> fix changelog header</li> <li><a href="https://github.com/pallets/jinja/commit/737a4cd41d09878e7e6c584a2062f5853dc30150"><code>737a4cd</code></a> release version 2.11.2</li> <li><a href="https://github.com/pallets/jinja/commit/179df6b54e87b3d420cabf65fc07b2605ffc05f8"><code>179df6b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1190">#1190</a> from pallets/native-eval</li> <li>Additional commits viewable in <a href="https://github.com/pallets/jinja/compare/2.10.1...2.11.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventvahtras/introduction

dependabot[bot]

commit sha ddf16adad842201387e77bd09cbc8b2c8d1c522f

Bump jinja2 from 2.10.1 to 2.11.3 Bumps [jinja2](https://github.com/pallets/jinja) from 2.10.1 to 2.11.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/2.10.1...2.11.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

Olav Vahtras

commit sha 5b3996ba07c61221371575845da802b0c2400bb8

Merge pull request #2 from vahtras/dependabot/pip/jinja2-2.11.3 Bump jinja2 from 2.10.1 to 2.11.3

view details

push time in a month

push eventvahtras/potsdam-testing

dependabot[bot]

commit sha b822c2bba0c8f1d14671aa74e3ee6b70b1c1e6ff

Bump werkzeug from 0.10.1 to 0.15.3 Bumps [werkzeug](https://github.com/pallets/werkzeug) from 0.10.1 to 0.15.3. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/master/CHANGES.rst) - [Commits](https://github.com/pallets/werkzeug/compare/0.10.1...0.15.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

Olav Vahtras

commit sha 59c9ade39de02bfdecd592aae395e32af58ec9b0

Merge pull request #3 from vahtras/dependabot/pip/werkzeug-0.15.3 Bump werkzeug from 0.10.1 to 0.15.3

view details

push time in a month

PR merged vahtras/potsdam-testing

Bump werkzeug from 0.10.1 to 0.15.3 dependencies

Bumps werkzeug from 0.10.1 to 0.15.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/werkzeug/releases">werkzeug's releases</a>.</em></p> <blockquote> <h2>0.15.3</h2> <ul> <li>Blog: <a href="https://palletsprojects.com/blog/werkzeug-0-15-3-released/">https://palletsprojects.com/blog/werkzeug-0-15-3-released/</a></li> <li>Changes: <a href="https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-3">https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-3</a></li> </ul> <h2>0.15.2</h2> <ul> <li>Blog: <a href="https://palletsprojects.com/blog/werkzeug-0-15-2-released/">https://palletsprojects.com/blog/werkzeug-0-15-2-released/</a></li> <li>Changes: <a href="https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-2">https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-2</a></li> </ul> <h2>0.15.1</h2> <ul> <li>Blog: <a href="https://palletsprojects.com/blog/werkzeug-0-15-1-released/">https://palletsprojects.com/blog/werkzeug-0-15-1-released/</a></li> <li>Changes: <a href="https://werkzeug.palletsprojects.com/en/0.15.x/changes/">https://werkzeug.palletsprojects.com/en/0.15.x/changes/</a></li> </ul> <h2>0.15.0</h2> <ul> <li>Blog: <a href="https://palletsprojects.com/blog/werkzeug-0-15-0-released/">https://palletsprojects.com/blog/werkzeug-0-15-0-released/</a></li> <li>Changes: <a href="https://werkzeug.palletsprojects.com/en/0.15.x/changes/">https://werkzeug.palletsprojects.com/en/0.15.x/changes/</a></li> </ul> <h2>0.13</h2> <p><a href="https://www.palletsprojects.com/blog/werkzeug-013-released/">Read the announcement here.</a></p> <p><a href="http://werkzeug.pocoo.org/docs/latest/changes/#version-0-13">Read the full changelog.</a></p> <p>Install from <a href="https://pypi.org/Werkzeug/0.13">PyPI</a> with pip:</p> <pre><code>pip install -U Werkzeug </code></pre> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/werkzeug/blob/master/CHANGES.rst">werkzeug's changelog</a>.</em></p> <blockquote> <h2>Version 0.15.3</h2> <p>Released 2019-05-14</p> <ul> <li>Properly handle multi-line header folding in development server in Python 2.7. (:issue:<code>1080</code>)</li> <li>Restore the <code>response</code> argument to :exc:<code>~exceptions.Unauthorized</code>. (:pr:<code>1527</code>)</li> <li>:exc:<code>~exceptions.Unauthorized</code> doesn't add the <code>WWW-Authenticate</code> header if <code>www_authenticate</code> is not given. (:issue:<code>1516</code>)</li> <li>The default URL converter correctly encodes bytes to string rather than representing them with <code>b''</code>. (:issue:<code>1502</code>)</li> <li>Fix the filename format string in :class:<code>~middleware.profiler.ProfilerMiddleware</code> to correctly handle float values. (:issue:<code>1511</code>)</li> <li>Update :class:<code>~middleware.lint.LintMiddleware</code> to work on Python 3. (:issue:<code>1510</code>)</li> <li>The debugger detects cycles in chained exceptions and does not time out in that case. (:issue:<code>1536</code>)</li> <li>When running the development server in Docker, the debugger security pin is now unique per container.</li> </ul> <h2>Version 0.15.2</h2> <p>Released 2019-04-02</p> <ul> <li><code>Rule</code> code generation uses a filename that coverage will ignore. The previous value, "generated", was causing coverage to fail. (:issue:<code>1487</code>)</li> <li>The test client removes the cookie header if there are no persisted cookies. This fixes an issue introduced in 0.15.0 where the cookies from the original request were used for redirects, causing functions such as logout to fail. (:issue:<code>1491</code>)</li> <li>The test client copies the environ before passing it to the app, to prevent in-place modifications from affecting redirect requests. (:issue:<code>1498</code>)</li> <li>The <code>"werkzeug"</code> logger only adds a handler if there is no handler configured for its level in the logging chain. This avoids double logging if other code configures logging first. (:issue:<code>1492</code>)</li> </ul> <h2>Version 0.15.1</h2> <p>Released 2019-03-21</p> <ul> <li>:exc:<code>~exceptions.Unauthorized</code> takes <code>description</code> as the first</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/werkzeug/commit/9b1123a779e95b5c38ca911ce1329e87a3348a92"><code>9b1123a</code></a> release version 0.15.3</li> <li><a href="https://github.com/pallets/werkzeug/commit/00bc43b1672e662e5e3b8cecd79e67fc968fa246"><code>00bc43b</code></a> unique debugger pin in Docker containers</li> <li><a href="https://github.com/pallets/werkzeug/commit/2cbdf2b02273daccf85845b1e1569096e65ffe58"><code>2cbdf2b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/werkzeug/issues/1542">#1542</a> from asottile/exceptions_arent_always_hashable</li> <li><a href="https://github.com/pallets/werkzeug/commit/0e669f6be532801267d35de23c5f5237b8406d8a"><code>0e669f6</code></a> Fix unhashable exception types</li> <li><a href="https://github.com/pallets/werkzeug/commit/bdc17e4cd10bbb17449006cef385ec953a11fc36"><code>bdc17e4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/werkzeug/issues/1540">#1540</a> from pallets/break-tb-cycle</li> <li><a href="https://github.com/pallets/werkzeug/commit/44e38c2985bcd3a7c17467bead901b8f36528f5f"><code>44e38c2</code></a> break cycle in chained exceptions</li> <li><a href="https://github.com/pallets/werkzeug/commit/777500b64647ea47b21e52e5e113ba1d86014c05"><code>777500b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/werkzeug/issues/1518">#1518</a> from NiklasMM/fix/1510_lint-middleware-python3-compa...</li> <li><a href="https://github.com/pallets/werkzeug/commit/e00c7c2cedcbcad3772e4522813c78bc9a860fbe"><code>e00c7c2</code></a> Make LintMiddleware Python 3 compatible and add tests</li> <li><a href="https://github.com/pallets/werkzeug/commit/d590cc7cf2fcb34ebc0783eb3c2913e8ce016ed8"><code>d590cc7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/werkzeug/issues/1539">#1539</a> from pallets/profiler-format</li> <li><a href="https://github.com/pallets/werkzeug/commit/0388fc95e696513bbefbde293f3f76cc482df8fa"><code>0388fc9</code></a> update filename_format for ProfilerMiddleware.</li> <li>Additional commits viewable in <a href="https://github.com/pallets/werkzeug/compare/0.10.1...0.15.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventvahtras/potsdam-testing

dependabot[bot]

commit sha 40c557419ff322efd88f23fcb153bcd3f32aa726

Bump flask from 0.10.1 to 1.0 Bumps [flask](https://github.com/pallets/flask) from 0.10.1 to 1.0. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/master/CHANGES.rst) - [Commits](https://github.com/pallets/flask/compare/0.10.1...1.0) Signed-off-by: dependabot[bot] <support@github.com>

view details

Olav Vahtras

commit sha 71fc27edff4d8e2cf0ab54b1df19e09dbb086fdd

Merge pull request #2 from vahtras/dependabot/pip/flask-1.0 Bump flask from 0.10.1 to 1.0

view details

push time in a month

PR merged vahtras/potsdam-testing

Bump flask from 0.10.1 to 1.0 dependencies

Bumps flask from 0.10.1 to 1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/flask/releases">flask's releases</a>.</em></p> <blockquote> <h2>1.0</h2> <p>The Pallets team is pleased to release Flask 1.0. [Read the announcement on our blog.](<a href="https://www.palletsprojects.com/blog/flask-1-0-released/">https://www.palletsprojects.com/blog/flask-1-0-released/</a></p> <p>There are over a year's worth of changes in this release. Many features have been improved or changed. <a href="http://flask.pocoo.org/docs/1.0/changelog/">Read the changelog</a> to understand how your project's code will be affected.</p> <h2>JSON Security Fix</h2> <p>Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.</p> <p>Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.</p> <h2>Install or Upgrade</h2> <p>Install from <a href="https://pypi.org/project/Flask/">PyPI</a> with pip:</p> <pre><code>pip install -U Flask </code></pre> <h2>0.12.4</h2> <p>This is a repackage of <a href="https://github.com/pallets/flask/releases/0.12.3">0.12.3</a> to fix an issue with how the package was built.</p> <h2>Upgrade</h2> <p>Upgrade from <a href="https://pypi.org/project/Flask/0.12.4/">PyPI</a> with pip. Use a version identifier if you want to stay at 0.12:</p> <pre><code>pip install -U 'Flask~=0.12.4' </code></pre> <h2>0.12.3</h2> <p>This release includes an important security fix for JSON and a minor backport for CLI support in PyCharm. It is provided for projects that cannot update to Flask 1.0 immediately. See the <a href="https://github.com/pallets/flask/blob/flask-1-0-released">1.0 announcement</a> and update to it instead if possible.</p> <h2>JSON Security Fix</h2> <p>Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.</p> <p>Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.</p> <h2>Upgrade</h2> <p>Upgrade from <a href="https://pypi.org/project/Flask/">PyPI</a> with pip. Use a version identifier if you want to stay at 0.12:</p> <pre><code>pip install -U 'Flask~=0.12.3' </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/flask/blob/master/CHANGES.rst">flask's changelog</a>.</em></p> <blockquote> <h2>Version 1.0</h2> <p>Released 2018-04-26</p> <ul> <li>Python 2.6 and 3.3 are no longer supported.</li> <li>Bump minimum dependency versions to the latest stable versions: Werkzeug >= 0.14, Jinja >= 2.10, itsdangerous >= 0.24, Click >= 5.1. :issue:<code>2586</code></li> <li>Skip :meth:<code>app.run <Flask.run></code> when a Flask application is run from the command line. This avoids some behavior that was confusing to debug.</li> <li>Change the default for :data:<code>JSONIFY_PRETTYPRINT_REGULAR</code> to <code>False</code>. :func:<code>~json.jsonify</code> returns a compact format by default, and an indented format in debug mode. :pr:<code>2193</code></li> <li>:meth:<code>Flask.init <Flask></code> accepts the <code>host_matching</code> argument and sets it on :attr:<code>~Flask.url_map</code>. :issue:<code>1559</code></li> <li>:meth:<code>Flask.init <Flask></code> accepts the <code>static_host</code> argument and passes it as the <code>host</code> argument when defining the static route. :issue:<code>1559</code></li> <li>:func:<code>send_file</code> supports Unicode in <code>attachment_filename</code>. :pr:<code>2223</code></li> <li>Pass <code>_scheme</code> argument from :func:<code>url_for</code> to :meth:<code>~Flask.handle_url_build_error</code>. :pr:<code>2017</code></li> <li>:meth:<code>~Flask.add_url_rule</code> accepts the <code>provide_automatic_options</code> argument to disable adding the <code>OPTIONS</code> method. :pr:<code>1489</code></li> <li>:class:<code>~views.MethodView</code> subclasses inherit method handlers from base classes. :pr:<code>1936</code></li> <li>Errors caused while opening the session at the beginning of the request are handled by the app's error handlers. :pr:<code>2254</code></li> <li>Blueprints gained :attr:<code>~Blueprint.json_encoder</code> and :attr:<code>~Blueprint.json_decoder</code> attributes to override the app's encoder and decoder. :pr:<code>1898</code></li> <li>:meth:<code>Flask.make_response</code> raises <code>TypeError</code> instead of <code>ValueError</code> for bad response types. The error messages have been improved to describe why the type is invalid. :pr:<code>2256</code></li> <li>Add <code>routes</code> CLI command to output routes registered on the application. :pr:<code>2259</code></li> <li>Show warning when session cookie domain is a bare hostname or an IP address, as these may not behave properly in some browsers, such as Chrome. :pr:<code>2282</code></li> <li>Allow IP address as exact session cookie domain. :pr:<code>2282</code></li> <li><code>SESSION_COOKIE_DOMAIN</code> is set if it is detected through <code>SERVER_NAME</code>. :pr:<code>2282</code></li> <li>Auto-detect zero-argument app factory called <code>create_app</code> or <code>make_app</code> from <code>FLASK_APP</code>. :pr:<code>2297</code></li> <li>Factory functions are not required to take a <code>script_info</code> parameter to work with the <code>flask</code> command. If they take a single parameter or a parameter named <code>script_info</code>, the</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/flask/commit/291f3c338c4d302dbde01ab9153a7817e5a780f5"><code>291f3c3</code></a> Bump version number to 1.0</li> <li><a href="https://github.com/pallets/flask/commit/36e68a439a073e927b1801704fc7921be58262e1"><code>36e68a4</code></a> release 1.0</li> <li><a href="https://github.com/pallets/flask/commit/216151c8a3c02e805fe5d1824708253f7e01e77f"><code>216151c</code></a> Merge branch '0.12-maintenance'</li> <li><a href="https://github.com/pallets/flask/commit/23047a71fd7da13be7b545f30807f38f4d9ecb25"><code>23047a7</code></a> Bump version number to 0.12.4.dev</li> <li><a href="https://github.com/pallets/flask/commit/1a9e58e8c97c47c969736d46410f724f4e834f54"><code>1a9e58e</code></a> Bump version number to 0.12.3</li> <li><a href="https://github.com/pallets/flask/commit/63deee0a8b0963f1657e2d327773d65632a387d3"><code>63deee0</code></a> release 0.12.3</li> <li><a href="https://github.com/pallets/flask/commit/062745b23f7abaafb144e3d94b6fbdf8ccc456b9"><code>062745b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/flask/issues/2720">#2720</a> from pallets/setup-link</li> <li><a href="https://github.com/pallets/flask/commit/5c8110de25f08bf20e9fda6611403dc5c59ec849"><code>5c8110d</code></a> ensure order of project urls</li> <li><a href="https://github.com/pallets/flask/commit/10a77a54309876a6aba2e3303d291498c0a9318c"><code>10a77a5</code></a> Add project_urls so that PyPI will show GitHub stats.</li> <li><a href="https://github.com/pallets/flask/commit/22992a0d533f7f68e9fa1845c86dae230d8ff9ba"><code>22992a0</code></a> add donate link</li> <li>Additional commits viewable in <a href="https://github.com/pallets/flask/compare/0.10.1...1.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

push eventvahtras/potsdam-testing

dependabot[bot]

commit sha c583d821a67f39488db9e4e06c9cae665f93f414

Bump jinja2 from 2.7.3 to 2.11.3 Bumps [jinja2](https://github.com/pallets/jinja) from 2.7.3 to 2.11.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/2.7.3...2.11.3) Signed-off-by: dependabot[bot] <support@github.com>

view details

Olav Vahtras

commit sha fdf02b3df56468bd89f8b0b75e73fa04755e2169

Merge pull request #1 from vahtras/dependabot/pip/jinja2-2.11.3 Bump jinja2 from 2.7.3 to 2.11.3

view details

push time in a month

PR merged vahtras/potsdam-testing

Bump jinja2 from 2.7.3 to 2.11.3 dependencies

Bumps jinja2 from 2.7.3 to 2.11.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/releases">jinja2's releases</a>.</em></p> <blockquote> <h2>2.11.3</h2> <p>This contains a fix for a speed issue with the <code>urlize</code> filter. <code>urlize</code> is likely to be called on untrusted user input. For certain inputs some of the regular expressions used to parse the text could take a very long time due to backtracking. As part of the fix, the email matching became slightly stricter. The various speedups apply to <code>urlize</code> in general, not just the specific input cases.</p> <ul> <li>PyPI: <a href="https://pypi.org/project/Jinja2/2.11.3/">https://pypi.org/project/Jinja2/2.11.3/</a></li> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-3</a></li> </ul> <h2>2.11.2</h2> <ul> <li>Changelog: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-2">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-2</a></li> </ul> <h2>2.11.1</h2> <p>This fixes an issue in async environment when indexing the result of an attribute lookup, like <code>{{ data.items[1:] }}</code>.</p> <ul> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1</a></li> </ul> <h2>2.11.0</h2> <ul> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-0">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-0</a></li> <li>Blog: <a href="https://palletsprojects.com/blog/jinja-2-11-0-released/">https://palletsprojects.com/blog/jinja-2-11-0-released/</a></li> <li>Twitter: <a href="https://twitter.com/PalletsTeam/status/1221883554537230336">https://twitter.com/PalletsTeam/status/1221883554537230336</a></li> </ul> <p>This is the last version to support Python 2.7 and 3.5. The next version will be Jinja 3.0 and will support Python 3.6 and newer.</p> <h2>2.10.3</h2> <ul> <li>Changes: <a href="http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-3">http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-3</a></li> </ul> <h2>2.10.2</h2> <ul> <li>Changes: <a href="http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-2">http://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-2</a></li> </ul> <h2>2.10.1</h2> <ul> <li>Changes: <a href="https://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-1">https://jinja.palletsprojects.com/en/2.10.x/changelog/#version-2-10-1</a></li> <li>Blog: <a href="https://palletsprojects.com/blog/jinja-2-10-1-released/">https://palletsprojects.com/blog/jinja-2-10-1-released/</a></li> <li>Twitter: <a href="https://twitter.com/PalletsTeam/status/1114605127308992513">https://twitter.com/PalletsTeam/status/1114605127308992513</a></li> </ul> <h2>2.10</h2> <h2>Primary changes</h2> <ul> <li>A <code>NativeEnvironment</code> that renders Python types instead of strings. <a href="http://jinja.pocoo.org/docs/2.10/nativetypes/">http://jinja.pocoo.org/docs/2.10/nativetypes/</a></li> <li>A <code>namespace</code> object that works with <code>{% set %}</code>. This replaces previous hacks for storing state across iterations or scopes. <a href="http://jinja.pocoo.org/docs/2.10/templates/#assignments">http://jinja.pocoo.org/docs/2.10/templates/#assignments</a></li> <li>The <code>loop</code> object now has <code>nextitem</code> and <code>previtem</code> attributes, as well as a <code>changed</code> method, for the common case of outputting something as a value in the loop changes. More complicated cases can use the <code>namespace</code> object. <a href="http://jinja.pocoo.org/docs/2.10/templates/#for">http://jinja.pocoo.org/docs/2.10/templates/#for</a></li> </ul> <h2>Install or upgrade</h2> <p>Install from <a href="https://pypi.python.org/pypi/Jinja2/2.10">PyPI</a> with pip:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/jinja/blob/master/CHANGES.rst">jinja2's changelog</a>.</em></p> <blockquote> <h2>Version 2.11.3</h2> <p>Released 2021-01-31</p> <ul> <li>Improve the speed of the <code>urlize</code> filter by reducing regex backtracking. Email matching requires a word character at the start of the domain part, and only word characters in the TLD. :pr:<code>1343</code></li> </ul> <h2>Version 2.11.2</h2> <p>Released 2020-04-13</p> <ul> <li>Fix a bug that caused callable objects with <code>getattr</code>, like :class:<code>~unittest.mock.Mock</code> to be treated as a :func:<code>contextfunction</code>. :issue:<code>1145</code></li> <li>Update <code>wordcount</code> filter to trigger :class:<code>Undefined</code> methods by wrapping the input in :func:<code>soft_str</code>. :pr:<code>1160</code></li> <li>Fix a hang when displaying tracebacks on Python 32-bit. :issue:<code>1162</code></li> <li>Showing an undefined error for an object that raises <code>AttributeError</code> on access doesn't cause a recursion error. :issue:<code>1177</code></li> <li>Revert changes to :class:<code>~loaders.PackageLoader</code> from 2.10 which removed the dependency on setuptools and pkg_resources, and added limited support for namespace packages. The changes caused issues when using Pytest. Due to the difficulty in supporting Python 2 and :pep:<code>451</code> simultaneously, the changes are reverted until 3.0. :pr:<code>1182</code></li> <li>Fix line numbers in error messages when newlines are stripped. :pr:<code>1178</code></li> <li>The special <code>namespace()</code> assignment object in templates works in async environments. :issue:<code>1180</code></li> <li>Fix whitespace being removed before tags in the middle of lines when <code>lstrip_blocks</code> is enabled. :issue:<code>1138</code></li> <li>:class:<code>~nativetypes.NativeEnvironment</code> doesn't evaluate intermediate strings during rendering. This prevents early evaluation which could change the value of an expression. :issue:<code>1186</code></li> </ul> <h2>Version 2.11.1</h2> <p>Released 2020-01-30</p> <ul> <li>Fix a bug that prevented looking up a key after an attribute (<code>{{ data.items[1:] }}</code>) in an async template. :issue:<code>1141</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/jinja/commit/cf215390d4a4d6f0a4de27e2687eed176878f13d"><code>cf21539</code></a> release version 2.11.3</li> <li><a href="https://github.com/pallets/jinja/commit/15ef8f09b659f9100610583938005a7a10472d4d"><code>15ef8f0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1343">#1343</a> from pallets/urlize-speedup</li> <li><a href="https://github.com/pallets/jinja/commit/ef658dc3b6389b091d608e710a810ce8b87995b3"><code>ef658dc</code></a> speed up urlize matching</li> <li><a href="https://github.com/pallets/jinja/commit/eeca0fecc3318d43f61bc340ad61db641b861ade"><code>eeca0fe</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1207">#1207</a> from mhansen/patch-1</li> <li><a href="https://github.com/pallets/jinja/commit/2dd769111cbb1a2637f805b3b4c652ec8096d371"><code>2dd7691</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1209">#1209</a> from mhansen/patch-3</li> <li><a href="https://github.com/pallets/jinja/commit/48929401db7228db04dfd8e88115dd5c30dc2d86"><code>4892940</code></a> do_dictsort: update example ready to copy/paste</li> <li><a href="https://github.com/pallets/jinja/commit/7db7d336ba12574e6205fdd929386fd529e3fad4"><code>7db7d33</code></a> api.rst: bugfix in docs, import PackageLoader</li> <li><a href="https://github.com/pallets/jinja/commit/9ec465baefe32e305bd4e61da49e6c39360c194e"><code>9ec465b</code></a> fix changelog header</li> <li><a href="https://github.com/pallets/jinja/commit/737a4cd41d09878e7e6c584a2062f5853dc30150"><code>737a4cd</code></a> release version 2.11.2</li> <li><a href="https://github.com/pallets/jinja/commit/179df6b54e87b3d420cabf65fc07b2605ffc05f8"><code>179df6b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pallets/jinja/issues/1190">#1190</a> from pallets/native-eval</li> <li>Additional commits viewable in <a href="https://github.com/pallets/jinja/compare/2.7.3...2.11.3">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in a month

create barnchvahtras/testpotsdam

branch : vahtras-patch-1

created branch time in 3 months

push eventvahtras/fortran-binary

dependabot[bot]

commit sha 932a9bc11441a934d3d377016bcc25fe871ff5d7

Bump py from 1.5.4 to 1.10.0 Bumps [py](https://github.com/pytest-dev/py) from 1.5.4 to 1.10.0. - [Release notes](https://github.com/pytest-dev/py/releases) - [Changelog](https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/py/compare/1.5.4...1.10.0) Signed-off-by: dependabot[bot] <support@github.com>

view details

Olav Vahtras

commit sha b6723a2908ce1324d065bb0a52d284111c5a9197

Merge pull request #2 from vahtras/dependabot/pip/py-1.10.0 Bump py from 1.5.4 to 1.10.0

view details

push time in 3 months

PR merged vahtras/fortran-binary

Bump py from 1.5.4 to 1.10.0 dependencies

Bumps py from 1.5.4 to 1.10.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/py/blob/master/CHANGELOG.rst">py's changelog</a>.</em></p> <blockquote> <h1>1.10.0 (2020-12-12)</h1> <ul> <li>Fix a regular expression DoS vulnerability in the py.path.svnwc SVN blame functionality (CVE-2020-29651)</li> <li>Update vendored apipkg: 1.4 => 1.5</li> <li>Update vendored iniconfig: 1.0.0 => 1.1.1</li> </ul> <h1>1.9.0 (2020-06-24)</h1> <ul> <li> <p>Add type annotation stubs for the following modules:</p> <ul> <li><code>py.error</code></li> <li><code>py.iniconfig</code></li> <li><code>py.path</code> (not including SVN paths)</li> <li><code>py.io</code></li> <li><code>py.xml</code></li> </ul> <p>There are no plans to type other modules at this time.</p> <p>The type annotations are provided in external .pyi files, not inline in the code, and may therefore contain small errors or omissions. If you use <code>py</code> in conjunction with a type checker, and encounter any type errors you believe should be accepted, please report it in an issue.</p> </li> </ul> <h1>1.8.2 (2020-06-15)</h1> <ul> <li>On Windows, <code>py.path.local</code>s which differ only in case now have the same Python hash value. Previously, such paths were considered equal but had different hashes, which is not allowed and breaks the assumptions made by dicts, sets and other users of hashes.</li> </ul> <h1>1.8.1 (2019-12-27)</h1> <ul> <li> <p>Handle <code>FileNotFoundError</code> when trying to import pathlib in <code>path.common</code> on Python 3.4 (<a href="https://github-redirect.dependabot.com/pytest-dev/py/issues/207">#207</a>).</p> </li> <li> <p><code>py.path.local.samefile</code> now works correctly in Python 3 on Windows when dealing with symlinks.</p> </li> </ul> <h1>1.8.0 (2019-02-21)</h1> <ul> <li> <p>add <code>"importlib"</code> pyimport mode for python3.5+, allowing unimportable test suites to contain identically named modules.</p> </li> <li> <p>fix <code>LocalPath.as_cwd()</code> not calling <code>os.chdir()</code> with <code>None</code>, when being invoked from a non-existing directory.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pytest-dev/py/commit/e5ff378fc3bd3f7c366dec769a718bdb1ceca1f1"><code>e5ff378</code></a> Update CHANGELOG for 1.10.0</li> <li><a href="https://github.com/pytest-dev/py/commit/94cf44fd41d957eb50773d3e4fb54e931836779e"><code>94cf44f</code></a> Update vendored libs</li> <li><a href="https://github.com/pytest-dev/py/commit/5e8ded5dea0a92656fe98383b66ebfb3cb84be03"><code>5e8ded5</code></a> testing: comment out an assert which fails on Python 3.9 for now</li> <li><a href="https://github.com/pytest-dev/py/commit/afdffcc981fd3f7cd12f24b5407f40aa01dde22a"><code>afdffcc</code></a> Rename HOWTORELEASE.rst to RELEASING.rst</li> <li><a href="https://github.com/pytest-dev/py/commit/2de53a67589d8eeaea35927357c0a05dd0329ce4"><code>2de53a6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pytest-dev/py/issues/266">#266</a> from nicoddemus/gh-actions</li> <li><a href="https://github.com/pytest-dev/py/commit/fa1b32e2912ad4ea39016cd50ec3125d204bcf65"><code>fa1b32e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/pytest-dev/py/issues/264">#264</a> from hugovk/patch-2</li> <li><a href="https://github.com/pytest-dev/py/commit/887d6b8937bd74c729c89b589ec8adaa557a78cf"><code>887d6b8</code></a> Skip test_samefile_symlink on pypy3 on Windows</li> <li><a href="https://github.com/pytest-dev/py/commit/e94e670032d8ccf42ad9d37730bd03b6da6f263b"><code>e94e670</code></a> Fix test_comments() in test_source</li> <li><a href="https://github.com/pytest-dev/py/commit/fef9a32a8578e9c467f6ef8ccc7bce81b89496a4"><code>fef9a32</code></a> Adapt test</li> <li><a href="https://github.com/pytest-dev/py/commit/4a694b00a68de2d93b547c2704da4283a375a53c"><code>4a694b0</code></a> Add GitHub Actions badge to README</li> <li>Additional commits viewable in <a href="https://github.com/pytest-dev/py/compare/1.5.4...1.10.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

dependabot[bot]

pr closed time in 3 months

push eventvahtras/.dotfiles

Olav Vahtras

commit sha a0aae56eeda5f2cdbe5ca2fdf4fa8ca0febd0df0

update

view details

push time in 3 months

push eventbb3110/comppy21

Olav Vahtras

commit sha 71c20d247d796901c167bebcc3d6dd6f93248070

final notebook

view details

push time in 3 months

push eventbb3110/comppy21

Olav Vahtras

commit sha 42cc4bcedb531b3be17d4dab41f63c240164c0dd

ignores some

view details

push time in 3 months

push eventbb3110/comppy21

Olav Vahtras

commit sha ed63cb9c9ecfaba6d2156de67d1a0188564bfb74

backup notes/sample codes

view details

push time in 3 months

push eventbb3110/comppy21

Olav Vahtras

commit sha dc02cc21ce63211798b733bc235a90f253c69648

add testing + leap year example

view details

push time in 3 months

more