chore(deps): bump the dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the dependencies group with 10 updates in the / directory:

Package	From	To
aiohttp	3.10.5	3.10.9
django	5.1	5.1.1
django-anymail	11.1	12.0
django-simpleui	2024.4.1	2024.8.28
ipython	8.26.0	8.28.0
redis	5.0.8	5.1.1
sentry-sdk	2.13.0	2.15.0
uwsgi	2.0.26	2.0.27
djlint	1.34.1	1.35.2
ruff	0.6.2	0.6.9

Updates aiohttp from 3.10.5 to 3.10.9

Release notes

Sourced from aiohttp's releases.

3.10.9

Bug fixes

• Fixed proxy headers being used in the ConnectionKey hash when a proxy was not being used -- by :user:bdraco.

  If default headers are used, they are also used for proxy headers. This could have led to creating connections that were not needed when one was already available.

  Related issues and pull requests on GitHub: #9368.

• Widened the type of the trace_request_ctx parameter of :meth:ClientSession.request() <aiohttp.ClientSession.request> and friends -- by :user:layday.

  Related issues and pull requests on GitHub: #9397.

Removals and backward incompatible breaking changes

• Fixed failure to try next host after single-host connection timeout -- by :user:brettdh.

  The default client :class:aiohttp.ClientTimeout params has changed to include a sock_connect timeout of 30 seconds so that this correct behavior happens by default.

  Related issues and pull requests on GitHub: #7342.

Miscellaneous internal changes

• Improved performance of resolving hosts with Python 3.12+ -- by :user:bdraco.

  Related issues and pull requests on GitHub: #9342.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.9 (2024-10-04)

Bug fixes

• Fixed proxy headers being used in the ConnectionKey hash when a proxy was not being used -- by :user:bdraco.

  If default headers are used, they are also used for proxy headers. This could have led to creating connections that were not needed when one was already available.

  Related issues and pull requests on GitHub: :issue:9368.

• Widened the type of the trace_request_ctx parameter of :meth:ClientSession.request() <aiohttp.ClientSession.request> and friends -- by :user:layday.

  Related issues and pull requests on GitHub: :issue:9397.

Removals and backward incompatible breaking changes

• Fixed failure to try next host after single-host connection timeout -- by :user:brettdh.

  The default client :class:aiohttp.ClientTimeout params has changed to include a sock_connect timeout of 30 seconds so that this correct behavior happens by default.

  Related issues and pull requests on GitHub: :issue:7342.

Miscellaneous internal changes

• Improved performance of resolving hosts with Python 3.12+ -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:9342.

... (truncated)

Commits

• b779432 Release 3.10.9 (#9415)
• 08ada3e [PR #9405/b96b01b backport][3.10] Only create the connection closed exception...
• 978ed74 [PR #9406/24b0e6f backport][3.10] Add slots to timer helpers (#9411)
• e1320b7 [PR #9398/3f43bd1b backport][3.10] Widen trace_request_ctx type (#9403)
• b5e2b0b [PR #7368/8a8913b backport][3.10] Fixed failure to try next host after single...
• 6198a56 [PR #9368/02d8dba9 backport][3.10] Avoid using the proxy headers in the Conne...
• 456cf5e [PR #9386/803d818d backport][3.10] Small speed up to starting client requests...
• 8e395a1 [PR #9366/43deadb2 backport][3.10] Small speed up to update_headers (#9383)
• 57ce46c [PR #9372/0416d28 backport][3.10] Only prepare proxy headers for a request if...
• 0a74b54 [PR #9367/b612127d backport][3.10] Speed up handling auth in urls (#9380)
• Additional commits viewable in compare view

Updates django from 5.1 to 5.1.1

Commits

• 1e1d791 [5.1.x] Bumped version for 5.1.1 release.
• 3c733c7 [5.1.x] Fixed CVE-2024-45231 -- Avoided server error on password reset when e...
• 022ab0a [5.1.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizet...
• 6203965 [5.1.x] Fixed #35716 -- Fixed VariableDoesNotExist when rendering admin field...
• 26c0667 [5.1.x] Fixed #35688 -- Restored timezone and role setters to be PostgreSQL D...
• fcb71a7 [5.1.x] Removed outdated note about lack of subquery support in MySQL.
• 9b09a4f [5.1.x] Fixed typos in docs/howto/initial-data.txt.
• 9a461ca [5.1.x] Fixed #35666 -- Documented stacklevel usage and testing, and adjusted...
• dd58edc [5.1.x] Refs #35405 -- Adjusted deprecation warning stacklevel in FieldCacheM...
• 8f5d2c3 [5.1.x] Refs #35326 -- Adjusted deprecation warning stacklevel in FileSystemS...
• Additional commits viewable in compare view

Updates django-anymail from 11.1 to 12.0

Release notes

Sourced from django-anymail's releases.

v12.0

Changelog

Changelog

Sourced from django-anymail's changelog.

v12.0

2024-09-09

Breaking changes

* Require **Django 4.0 or later** and Python 3.8 or later.
Features

* **Resend:** Add support for ``send_at``.
Fixes

* **Unisender Go:** Fix several problems in Anymail's Unisender Go status tracking
  webhook. Rework signature checking to fix false validation errors (particularly
  on "clicked" and "opened" events). Properly handle "use single event" webhook
  option. Correctly verify WEBHOOK_SECRET when set. Provide Unisender Go's
  ``delivery_status`` code and unsubscribe form ``comment`` in Anymail's
  ``event.description``. Treat soft bounces as "deferred" rather than "bounced".
  (Thanks to `@MikeVL`_ for fixing the signature validation problem.)

Other



Mandrill (docs): Explain how cc and bcc handling depends on

Mandrill's "preserve recipients" option. (Thanks to @dgilmanAIDENTIFIED_

for reporting the issue.)


Postal (docs): Update links to Postal's new documentation site.

(Thanks to @jmduke_.)

</code></pre>

</blockquote>

</details>

<details>

<summary>Commits</summary>


<ul>

<li><a href="https://github.com/anymail/django-anymail/commit/35383c7140289e82b39ada5980077898aa07d18d&quot;&gt;&lt;code&gt;35383c7&lt;/code&gt;&lt;/a> Release 12.0</li>

<li><a href="https://github.com/anymail/django-anymail/commit/063fb08a588de7432107c640e9030b457ded7df7&quot;&gt;&lt;code&gt;063fb08&lt;/code&gt;&lt;/a> Amazon SES: add webhook extension points; close webhook boto3 clients</li>

<li><a href="https://github.com/anymail/django-anymail/commit/1da9011f50e9e3c178d7958a1ff21f8b73b2f797&quot;&gt;&lt;code&gt;1da9011&lt;/code&gt;&lt;/a> CI/CD: use Python 3.12 by default</li>

<li><a href="https://github.com/anymail/django-anymail/commit/0e020b21e2d1b8804ad85b98c0d9ba3d4a67cb77&quot;&gt;&lt;code&gt;0e020b2&lt;/code&gt;&lt;/a> Docs: update tooling</li>

<li><a href="https://github.com/anymail/django-anymail/commit/2324cb48a365605b1a500acebdc635b958555804&quot;&gt;&lt;code&gt;2324cb4&lt;/code&gt;&lt;/a> Drop Python 3.7</li>

<li><a href="https://github.com/anymail/django-anymail/commit/e4331d224955a7df8b09063f639304d58163660a&quot;&gt;&lt;code&gt;e4331d2&lt;/code&gt;&lt;/a> Unisender Go: Fix status tracking webhook and tests.</li>

<li><a href="https://github.com/anymail/django-anymail/commit/2f2a888f610ec37577ecbcad92959ef89fa0fe16&quot;&gt;&lt;code&gt;2f2a888&lt;/code&gt;&lt;/a> Resend: add support for send_at</li>

<li><a href="https://github.com/anymail/django-anymail/commit/af6eaea5657ff2a0d51f36f742c61b1785b9b63e&quot;&gt;&lt;code&gt;af6eaea&lt;/code&gt;&lt;/a> Docs: Note Mandrill's cc/bcc handling depends on preserve_recipients</li>

<li><a href="https://github.com/anymail/django-anymail/commit/03f5fb7641c3c13eba7b3dd471f768c4b39fbbe4&quot;&gt;&lt;code&gt;03f5fb7&lt;/code&gt;&lt;/a> Docs: Update outdated Postal links</li>

<li><a href="https://github.com/anymail/django-anymail/commit/397dcf5f8a6dcbdf84c0e769919a531559c3658e&quot;&gt;&lt;code&gt;397dcf5&lt;/code&gt;&lt;/a> Docs: prep for upcoming RTD build changes</li>

<li>Additional commits viewable in <a href="https://github.com/anymail/django-anymail/compare/v11.1...v12.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates django-simpleui from 2024.4.1 to 2024.8.28

Release notes
Sourced from django-simpleui's releases.

2024.8.28
Optimize ui



Commits

See full diff in compare view




Updates ipython from 8.26.0 to 8.28.0

Commits

a9c7369 release 8.28.0
0e62e65 What's new and update release tools (#14530)
9b8d0c3 What's new and update release tools
0d3a38c DOC: whatsnew/v8: Update release notes for the Mamba and Micromamba magic com...
b912331 Update docs/source/whatsnew/version8.rst
d23bee0 Use environment variable to identify conda / mamba (#14515)
06f266d Update docs/source/whatsnew/version8.rst
e77bdfa remove json report files (#14529)
ea2fce1 [PR]: Make values public (_tb_highlight & _tb_highlight_style) (#14518)
ab2053a remove json report files
Additional commits viewable in compare view




Updates redis from 5.0.8 to 5.1.1

Release notes
Sourced from redis's releases.

5.1.1
Changes
5.1.1
🐛 Bug Fixes

Fixed return type for Redis Set commands to be Set instead of List (#3399)
Fixed bug with partial Hiredis availability (#3400)
Fixed bug with async pipeline and cluster fails with some commands (#3402)

5.1.0
🚀 New Features

Client-side caching (#3350, #3110, #3102, #3099, #3089, #3038)

How to start with Client-side caching?

Install redis-py 5.1.0
Use the following code snippet:

r = Redis(protocol=3, cache_config=CacheConfig())
cache = r.get_cache()

r.set("foo", "bar")
get key from redis and save in local cache
print(r.get("foo"))
get key from local cache
print(cache.get(CacheKey(command="GET", redis_keys=("foo",))).cache_value)
change key in redis (cause invalidation)
r.set("foo", "barbar")
Retrieves a new value from server and cache it
print(r.get("foo"))
Make sure that new value was cached
print(cache.get(CacheKey(command="GET", redis_keys=("foo",))).cache_value)


Check documentation to get more examples
🔥 Breaking Changes

Timeseries insertion filters for close samples (#3228)
Enhanced classes string representation (#3001)
Partial clean up of Python 3.7 compatibility (#2928)
Handle Redis Set data type as Python list to avoid a limitations with nested dictionaries (#3324)

Contributors
We'd like to thank all the contributors who worked on this release!
@​vladvildanov @​dmaier-redislabs @​vineethvkumar @​ramchandra-st @​RafalBielickiIM @​jules-ch


... (truncated)


Commits

4b3a6d0 Updated package version (#3403)
e20f354 Fix bug with async pipeline and cluster fails with some commands (#3402)
aa22225 Fix bug with partial Hiredis availability (#3400)
c31849c Fix bug with Redis Set commands returns List instead of Set (#3399)
7215a52 Updated package version (#3389)
2e46613 Client side caching refactoring (#3350)
7d73d74 DOC-4197: add TCEs to the geospatial query page (#3378)
c7483b3 DOC-4196: add TCEs to the full-text query page (#3377)
64d4bb8 DOC-4194: add TCEs to the range query page (#3374)
0c8a986 DOC-4194: add TCEs to the exact match query page (#3372)
Additional commits viewable in compare view




Updates sentry-sdk from 2.13.0 to 2.15.0

Release notes
Sourced from sentry-sdk's releases.

2.15.0
Integrations


Configure HTTP methods to capture in ASGI/WSGI middleware and frameworks (#3531) by @​antonpirker
We've added a new option to the Django, Flask, Starlette and FastAPI integrations called http_methods_to_capture. This is a configurable tuple of HTTP method verbs that should create a transaction in Sentry. The default is ("CONNECT", "DELETE", "GET", "PATCH", "POST", "PUT", "TRACE",). OPTIONS and HEAD are not included by default.
Here's how to use it (substitute Flask for your framework integration):
sentry_sdk.init(
    integrations=[
      FlaskIntegration(
          http_methods_to_capture=("GET", "POST"),
      ),
  ],
)



Django: Allow ASGI to use drf_request in DjangoRequestExtractor (#3572) by @​PakawiNz


Django: Don't let RawPostDataException bubble up (#3553) by @​sentrivana


Django: Add sync_capable to SentryWrappingMiddleware (#3510) by @​szokeasaurusrex


AIOHTTP: Add failed_request_status_codes (#3551) by @​szokeasaurusrex
You can now define a set of integers that will determine which status codes
should be reported to Sentry.
sentry_sdk.init(
    integrations=[
        AioHttpIntegration(
            failed_request_status_codes={403, *range(500, 600)},
        )
    ]
)

Examples of valid failed_request_status_codes:

{500} will only send events on HTTP 500.
{400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
{500, 503} will send events on HTTP 500 and 503.
set() (the empty set) will not send events for any HTTP status code.

The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.


AIOHTTP: Delete test which depends on AIOHTTP behavior (#3568) by @​szokeasaurusrex


AIOHTTP: Handle invalid responses (#3554) by @​szokeasaurusrex


FastAPI/Starlette: Support new failed_request_status_codes (#3563) by @​szokeasaurusrex
The format of failed_request_status_codes has changed from a list




... (truncated)


Changelog
Sourced from sentry-sdk's changelog.

2.15.0
Integrations


Configure HTTP methods to capture in ASGI/WSGI middleware and frameworks (#3531) by @​antonpirker
We've added a new option to the Django, Flask, Starlette and FastAPI integrations called http_methods_to_capture. This is a configurable tuple of HTTP method verbs that should create a transaction in Sentry. The default is ("CONNECT", "DELETE", "GET", "PATCH", "POST", "PUT", "TRACE",). OPTIONS and HEAD are not included by default.
Here's how to use it (substitute Flask for your framework integration):
sentry_sdk.init(
    integrations=[
      FlaskIntegration(
          http_methods_to_capture=("GET", "POST"),
      ),
  ],
)



Django: Allow ASGI to use drf_request in DjangoRequestExtractor (#3572) by @​PakawiNz


Django: Don't let RawPostDataException bubble up (#3553) by @​sentrivana


Django: Add sync_capable to SentryWrappingMiddleware (#3510) by @​szokeasaurusrex


AIOHTTP: Add failed_request_status_codes (#3551) by @​szokeasaurusrex
You can now define a set of integers that will determine which status codes
should be reported to Sentry.
sentry_sdk.init(
    integrations=[
        AioHttpIntegration(
            failed_request_status_codes={403, *range(500, 600)},
        )
    ]
)

Examples of valid failed_request_status_codes:

{500} will only send events on HTTP 500.
{400, *range(500, 600)} will send events on HTTP 400 as well as the 5xx range.
{500, 503} will send events on HTTP 500 and 503.
set() (the empty set) will not send events for any HTTP status code.

The default is {*range(500, 600)}, meaning that all 5xx status codes are reported to Sentry.


AIOHTTP: Delete test which depends on AIOHTTP behavior (#3568) by @​szokeasaurusrex


AIOHTTP: Handle invalid responses (#3554) by @​szokeasaurusrex


FastAPI/Starlette: Support new failed_request_status_codes (#3563) by @​szokeasaurusrex




... (truncated)


Commits

65909ed Update CHANGELOG.md
97b6d9f Fix changelog
5de346c Refactor changelog
7bee75f release: 2.15.0
1c64ff7 Configure HTTP methods to capture in WSGI middleware and frameworks (#3531)
a3ab1ea XFail one of the Lambda tests (#3592)
05411ff allowing ASGI to use drf_request in DjangoRequestExtractor (#3572)
4636afc fix(tracing): Fix add_query_source with modules outside of project root (#3...
aed18d4 build(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#3585)
205591e Test more integrations on 3.13 (#3578)
Additional commits viewable in compare view




Updates uwsgi from 2.0.26 to 2.0.27
Updates djlint from 1.34.1 to 1.35.2

Release notes
Sourced from djlint's releases.

v1.35.2

Unpin dependencies upper bounds.
Use min(cpu_count, files_count, 4) workers. Use a thread instead of a process if only one worker will be used. This gives the best performance and low resource usage.
Refactor the code.
Fix max attribute length with longer regex custom html tags (#884)
Fix Jinja formatting issues (#715)
Fix: not detecting tabs as a valid seperation between tags (#813)
Fix: Add ignore for sms links (#815)
Fix: Allow attributes on  (#830)

v1.34.2
1.34.2 (2024-08-28)
Bug Fixes

max attribute length with longer regex custom html tags (#884) (a8e3835)




Changelog
Sourced from djlint's changelog.

[1.35.2] - 2024-08-29

Fix npm publishing

[1.35.1] - 2024-08-29

Fix npm publishing

[1.35.0] - 2024-08-29

Unpin dependencies upper bounds.
Use min(cpu_count, files_count, 4) workers. Use a thread instead of a process if only one worker will be used. This gives the best performance and low resource usage.
Refactor the code.
Fix max attribute length with longer regex custom html tags (#884)
Fix Jinja formatting issues (#715)
Fix: not detecting tabs as a valid seperation between tags (#813)
Fix: Add ignore for sms links (#815)
Fix: Allow attributes on  (#830)




Commits

ca948cf v1.35.2
e0d7623 Fix npm publishing
5c62c54 v1.35.1
bac74ba Fix npm publishing
6e7e4ed Fix publishing
bd3c4fa Disable trusted publishing
edd1525 v1.35.0
7ba9d6b Add noqa to file
c4add03 Remove unused script
19f5a67 Check file amount when calculating worker count
Additional commits viewable in compare view




Updates ruff from 0.6.2 to 0.6.9

Release notes
Sourced from ruff's releases.

0.6.9
Release Notes
Preview features

Fix codeblock dynamic line length calculation for indented docstring examples (#13523)
[refurb] Mark FURB118 fix as unsafe (#13613)

Rule changes

[pydocstyle] Don't raise D208 when last line is non-empty (#13372)
[pylint] Preserve trivia (i.e. comments) in PLR5501 autofix (#13573)

Configuration

[pyflakes] Add allow-unused-imports setting for unused-import rule (F401) (#13601)

Bug fixes

Support ruff discovery in pip build environments (#13591)
[flake8-bugbear] Avoid short circuiting B017 for multiple context managers (#13609)
[pylint] Do not offer an invalid fix for PLR1716 when the comparisons contain parenthesis (#13527)
[pyupgrade] Fix UP043 to apply to collections.abc.Generator and collections.abc.AsyncGenerator (#13611)
[refurb] Fix handling of slices in tuples for FURB118, e.g., x[:, 1] (#13518)

Documentation

Update GitHub Action link to astral-sh/ruff-action (#13551)

Install ruff 0.6.9
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.6.9/ruff-installer.sh | sh

Install prebuilt binaries via powershell script
powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/ruff/releases/download/0.6.9/ruff-installer.ps1 | iex"

Download ruff 0.6.9



File
Platform
Checksum




ruff-aarch64-apple-darwin.tar.gz
Apple Silicon macOS
checksum


ruff-x86_64-apple-darwin.tar.gz
Intel macOS
checksum


ruff-aarch64-pc-windows-msvc.zip
ARM64 Windows
checksum





... (truncated)


Changelog
Sourced from ruff's changelog.

0.6.9
Preview features

Fix codeblock dynamic line length calculation for indented docstring examples (#13523)
[refurb] Mark FURB118 fix as unsafe (#13613)

Rule changes

[pydocstyle] Don't raise D208 when last line is non-empty (#13372)
[pylint] Preserve trivia (i.e. comments) in PLR5501 autofix (#13573)

Configuration

[pyflakes] Add allow-unused-imports setting for unused-import rule (F401) (#13601)

Bug fixes

Support ruff discovery in pip build environments (#13591)
[flake8-bugbear] Avoid short circuiting B017 for multiple context managers (#13609)
[pylint] Do not offer an invalid fix for PLR1716 when the comparisons contain parenthesis (#13527)
[pyupgrade] Fix UP043 to apply to collections.abc.Generator and collections.abc.AsyncGenerator (#13611)
[refurb] Fix handling of slices in tuples for FURB118, e.g., x[:, 1] (#13518)

Documentation

Update GitHub Action link to astral-sh/ruff-action (#13551)

0.6.8
Preview features

Remove unnecessary parentheses around match case clauses (#13510)
Parenthesize overlong if guards in match..case clauses (#13513)
Detect basic wildcard imports in ruff analyze graph (#13486)
[pylint] Implement boolean-chained-comparison (R1716) (#13435)

Rule changes

[lake8-simplify] Detect SIM910 when using variadic keyword arguments, i.e., **kwargs (#13503)
[pyupgrade] Avoid false negatives with non-reference shadowed bindings of loop variables (UP028) (#13504)

Bug fixes

Detect tuples bound to variadic positional arguments i.e. *args (#13512)
Exit gracefully on broken pipe errors (#13485)
Avoid panic when analyze graph hits broken pipe (#13484)

Performance


... (truncated)


Commits

975be9c Bump version to 0.6.9 (#13624)
99e4566 Mark FURB118 fix as unsafe (#13613)
7ad07c2 Add allow-unused-imports setting for unused-import rule (F401) (#13601)
4aefe52 Support ruff discovery in pip build environments (#13591)
cc1f766 Preserve trivia (i.e. comments) in PLR5501 (#13573)
fdd0a22 Move to maintained mirror of prettier (#13592)
3728d5b [pyupgrade] Fix UP043 to apply to collections.abc.Generator and `collecti...
7e3894f Avoid short circuiting B017 for multiple context managers (#13609)
c3b40da Use backticks for code in red-knot messages (#13599)
ef45185 Allow users to provide custom diagnostic messages when unwrapping calls (#13597)
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.