Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump the build-python group in /build/pip with 1 update #2490

Merged
merged 1 commit into from
Feb 20, 2024
Merged

Bump the build-python group in /build/pip with 1 update #2490

merged 1 commit into from
Feb 20, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 19, 2024

Bumps the build-python group in /build/pip with 1 update: urllib3.

Updates urllib3 from 2.2.0 to 2.2.1

Release notes

Sourced from urllib3's releases.

2.2.1

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. (#3331)
  • Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. (#3343)
  • Changed ProtocolError to InvalidChunkLength when response terminates before the chunk length is sent. (#2860)
  • Changed ProtocolError to be more verbose on incomplete reads with excess content. (#3261)
Changelog

Sourced from urllib3's changelog.

2.2.1 (2024-02-16)

  • Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. ([#3331](https://github.com/urllib3/urllib3/issues/3331) <https://github.com/urllib3/urllib3/issues/3331>__)
  • Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. This change was premature as it did not apply to proxy headers and HTTPHeaderDict does not handle byte header values correctly yet. ([#3343](https://github.com/urllib3/urllib3/issues/3343) <https://github.com/urllib3/urllib3/issues/3343>__)
  • Changed ProtocolError to InvalidChunkLength when response terminates before the chunk length is sent. ([#2860](https://github.com/urllib3/urllib3/issues/2860) <https://github.com/urllib3/urllib3/issues/2860>__)
  • Changed ProtocolError to be more verbose on incomplete reads with excess content. ([#3261](https://github.com/urllib3/urllib3/issues/3261) <https://github.com/urllib3/urllib3/issues/3261>__)
Commits
  • 54d6edf Release 2.2.1
  • 49b2dda Stop casting request headers to HTTPHeaderDict (#3344)
  • e22f651 Fix docstring of retries parameter
  • fa54179 Distinguish between truncated and excess content in response (#3273)
  • cfe52f9 Fix InsecureRequestWarning for HTTPS Emscripten requests (#3333)
  • 25155d7 Ensure no remote connections during testing (#3328)
  • 12f9233 Bump cryptography to 42.0.2 and PyOpenSSL to 24.0.0 (#3340)
  • 9929d3c Add nox session to start local Pyodide console
  • aa8d3dd Fix ssl_version tests for upcoming migration to pytest 8
  • 23f2287 Remove TODO about informational responses (#3319)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the build-python group in /build/pip with 1 update
da454be 
Bumps the build-python group in /build/pip with 1 update: [urllib3](https://github.com/urllib3/urllib3).


Updates `urllib3` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@2.2.0...2.2.1)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-python
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 19, 2024
@github-actions GitHub Actions
Copy link
Contributor

Benchmark Results

java_gradle_multithreaded.csv

Commit CPU Memory Time ExitCode
b55b734 10% 108120 0:23.65 0
6475093 9% 114264 0:23.61 0
e1b8dd9 10% 119588 0:22.49 0
d3092d8 10% 119468 0:22.86 0

java_maven_serial.csv

Commit CPU Memory Time ExitCode
b55b734 84% 216004 0:16.96 0
6475093 83% 260176 0:17.12 0
e1b8dd9 75% 234640 0:19.04 0
d3092d8 79% 237772 0:18.47 0

java_simple_multithreaded.csv

Commit CPU Memory Time ExitCode
b55b734 38% 67900 0:09.27 0
6475093 30% 68364 0:12.14 0
e1b8dd9 34% 65960 0:10.23 0
d3092d8 37% 65836 0:09.67 0

java_gradle_serial.csv

Commit CPU Memory Time ExitCode
b55b734 9% 118740 0:25.15 0
6475093 9% 117392 0:25.12 0
e1b8dd9 9% 120024 0:26.14 0
d3092d8 8% 118560 0:27.38 0

java_simple_parallel.csv

Commit CPU Memory Time ExitCode
b55b734 24% 72212 0:22.78 0
6475093 22% 72064 0:23.98 0
e1b8dd9 24% 72016 0:22.87 0
d3092d8 24% 72104 0:23.23 0

java_gradle_parallel.csv

Commit CPU Memory Time ExitCode
b55b734 5% 115740 0:40.07 0
6475093 5% 116668 0:46.13 0
e1b8dd9 5% 120188 0:41.12 0
d3092d8 5% 121224 0:43.15 0

java_maven_parallel.csv

Commit CPU Memory Time ExitCode
b55b734 43% 231220 0:31.14 0
6475093 44% 243516 0:29.99 0
e1b8dd9 40% 237048 0:33.03 0
d3092d8 42% 245080 0:32.99 0

java_simple_serial.csv

Commit CPU Memory Time ExitCode
b55b734 52% 66024 0:11.35 0
6475093 51% 65716 0:11.90 0
e1b8dd9 53% 67896 0:11.58 0
d3092d8 53% 68360 0:11.57 0

java_maven_multithreaded.csv

Commit CPU Memory Time ExitCode
b55b734 67% 234752 0:16.79 0
6475093 58% 202856 0:19.71 0
e1b8dd9 65% 245688 0:17.74 0
d3092d8 69% 188944 0:17.01 0

Notes

  • The results above are generated by running against seed projects in https://github.com/getgauge/gauge-benchmark
  • These results are not persisted, but on merging to master the benchmark will be rerun.
  • These benchmark are run in Github Actions' agents, which are virtualized. Results are not to be taken as actual benchmarks.Rather, these are indicative numbers and make sense for comparison.

See Workflow log for more details.

@chadlwilson chadlwilson merged commit 1aac184 into master Feb 20, 2024
28 checks passed
@chadlwilson chadlwilson deleted the dependabot/pip/build/pip/build-python-ac51cbb969 branch February 20, 2024 01:46
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@chadlwilson chadlwilson chadlwilson approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@chadlwilson