Django Query Capture can check the query situation at a glance, notice slow queries, and notice where N+1 occurs.

Last update: Nov 22, 2022

Overview

django-query-capture

Overview

Django Query Capture can check the query situation at a glance, notice slow queries, and notice where N+1 occurs.

Some reasons you might want to use django-query-capture:

It can be used to simply check queries in a specific block.
It supports Django Middleware, Context Manager, and Decorator.
When you use Context Manager, you can get real-time query data.
You can see where the query occurs.
Inefficient queries can be found in the test code.
It is easy to customize by simply changing the table shape, changing the color, and selecting and setting the desired output.
It supports customization that allows you to decorate the output freely from the beginning.
Fully Documented
It supports Type hint everywhere.

Simple Usage

Just add it to Middleware without any other settings, and it will be output whenever a query occurs.

MIDDLEWARE = [
  ...,
  "django_query_capture.middleware.QueryCaptureMiddleware",
]

Use in function-based views. or just function

from django_query_capture import query_capture

@query_capture()
def my_view(request):
  pass

Use in class-based views.

from django.utils.decorators import method_decorator
from django.views.generic import TemplateView
from django_query_capture import query_capture

@method_decorator(query_capture, name='dispatch')
class AboutView(TemplateView):
  pass

Use it as a context.

When used as Context, you can check the query in real time.

from django_query_capture import query_capture

from tests.news.models import Reporter

@query_capture()
def run_something():
    with query_capture() as capture:
        Reporter.objects.create(full_name=f"target-1")
        print(len(capture.captured_queries))  # console: 1
        Reporter.objects.create(full_name=f"target-2")
        print(len(capture.captured_queries))  # console: 2

Use in test

Test code can capture inefficient queries through the AssertInefficientQuery Util.

from django.test import TestCase

from django_query_capture.test_utils import AssertInefficientQuery


class AssertInefficientQueryTests(TestCase):
    def test_assert_inefficient_query(self):
          with AssertInefficientQuery(num=19):
            self.client.get('/api/reporter')  # desire threshold count 19 but, /api/reporter duplicate query: 20, so raise error

Installation

pip install -U django-query-capture

or install with Poetry

poetry add django-query-capture

Full Documentation

Extension documentation is found here: https://ashekr.github.io/django-query-capture/.

🛡 License

This project is licensed under the terms of the MIT license. See LICENSE for more details.

Credits

This project was generated with python-package-template

Comments

Replace print with logger

🚀 Feature Request

I found many print statements on the code, what do you think about replacing it with logger?

🔈 Motivation

logger is more organized rather than print.
enhancement

opened by sinwoobang 2
:arrow_up: Bump safety from 1.10.3 to 2.3.4
Bumps safety from 1.10.3 to 2.3.4.

Release notes

Sourced from safety's releases.

2.3.4

No release notes provided.

2.3.3

No release notes provided.

2.3.2

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

2.3.1

No release notes provided.

2.3.0

What's Changed

Safety Alerts: GitHub PRs and GitHub issues support by @cb22 in pyupio/safety#411

Safety 2.3.0 patch by @cb22 in pyupio/safety#415

Full Changelog: https://github.com/pyupio/safety/compare/2.2.1...2.3.0

2.2.1

What's Changed

Pull from Master by @yeisonvargasf in pyupio/safety#410

Common fixes for next release by @yeisonvargasf in pyupio/safety#412

2.2.1 Patch by @yeisonvargasf in pyupio/safety#414

Full Changelog: https://github.com/pyupio/safety/compare/2.2.0...2.2.1

2.2.0

What's Changed

Eat stderr messages from git commands. by @tarmack in pyupio/safety#399

Update from master branch by @yeisonvargasf in pyupio/safety#404

Remove AppVeyor and Travis by @yeisonvargasf in pyupio/safety#405

Using dparse to read requirements and fixes for custom integrations by @yeisonvargasf in pyupio/safety#406

Safety 2.2.0 patch by @yeisonvargasf in pyupio/safety#407

New Contributors

@tarmack made their first contribution in pyupio/safety#399

Full Changelog: https://github.com/pyupio/safety/compare/2.1.1...2.2.0

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

PyUp is excited to release Safety 2.0 CLI and Safety as a GitHub Action!

Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs. The new GitHub Action enables you to configure Python dependency security and compliance scans on your repositories on new commits, new branches, pull requests, and more.

... (truncated)

Changelog

Sourced from safety's changelog.

[2.3.4] - 2022-12-07

Removed LegacyVersion use; this fixes the issue with packaging 22.0.

Fixed typos in the README.

Added Python 3.11 to the classifiers in the setup.cfg.

[2.3.3] - 2022-11-27

Fixed recursive requirements issue when an unpinned package is found.

[2.3.2] - 2022-11-21

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

[2.3.1] - 2022-10-05

Add safety.alerts module to setup.cfg

[2.3.0] - 2022-10-05

Safety can now create GitHub PRs and Issues for vulnerabilities directly, with the new safety alert subcommand.

Support for GitHub PR and Issue alerting has been added to the GitHub Action.

[2.2.1] - 2022-10-04

Fixed the use of the SAFETY_COLOR environment variable

Fixed bug in the case of vulnerabilities without a CVE linked

Fixed GitHub version in the README

[2.2.0] - 2022-09-19

Safety starts to use dparse to parse files, now Safety supports mainly Poetry and Pipenv lock files plus other files supported by dparse.

Added logic for custom integrations like pipenv check.

The --db flag is compatible remote sources too.

Added more logging

Upgrade dparse dependency to avoid a possible ReDos security issue

Removed Travis and Appveyor, the CI/CD was migrated to GitHub Actions

[2.1.1] - 2022-07-18

Fix crash when running on systems without git present (Thanks @andyjones)

[2.1.0] - 2022-07-14

Summary:

Improved error messages & fixed issues with proxies

Fixed license command

Added the ability for scan outputs to be sent to pyup.io. This will only take effect if using an API key, the feature is enabled on your profile, and the --disable-audit-and-monitor is not set

Added the ability to have a Safety policy file set centrally on your pyup.io profile. This remote policy file will be used if there's no local policy file present, otherwise a warning will be issued.

Updated outputs:

Text & screen output: If a scan has been logged, this is now mentioned in the output.

JSON output: The JSON output now includes git metadata about the folder Safety was run in. It also includes a version field, and telemetry information that would be sent separately. There are no breaking changes in the output.

... (truncated)

Commits

46d54bc Version 2.3.4

9e4f843 Merge pull request #440 from pyupio/develop

68049bb Merge pull request #433 from cclauss/patch-1

7c72120 Merge pull request #439 from pyupio/fix/packaging-LegacyVersion

2c4bb4b Remove the LegacyVersion import.

a9da481 Merge pull request #434 from cclauss/patch-2

2105d42 Starting 2.3.4.dev version.

8b6b34f Merge pull request #436 from pyupio/main

6e5f76a setup.cfg: Programming Language :: Python :: 3.11

34827f3 Fix typos

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump pyupgrade from 2.38.4 to 3.3.0
Bumps pyupgrade from 2.38.4 to 3.3.0.

Commits

a19e733 v3.3.0

3879369 Merge pull request #764 from rominf/rominf/datetime-utc-alias

6bc3509 rewrite to datetime.UTC

28db01a v3.2.3

c1c97ba Merge pull request #762 from asottile/f-strings-no-u-prefix

43293bb fix rewrite of u strings to f strings

a389e99 Merge pull request #760 from asottile/pre-commit-ci-update-config

5bae913 [pre-commit.ci] pre-commit autoupdate

4c7ee5a Merge pull request #758 from asottile/pre-commit-ci-update-config

aa860f0 [pre-commit.ci] pre-commit autoupdate

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump pyupgrade from 2.38.4 to 3.2.3
Bumps pyupgrade from 2.38.4 to 3.2.3.

Commits

28db01a v3.2.3

c1c97ba Merge pull request #762 from asottile/f-strings-no-u-prefix

43293bb fix rewrite of u strings to f strings

a389e99 Merge pull request #760 from asottile/pre-commit-ci-update-config

5bae913 [pre-commit.ci] pre-commit autoupdate

4c7ee5a Merge pull request #758 from asottile/pre-commit-ci-update-config

aa860f0 [pre-commit.ci] pre-commit autoupdate

5b527ac Merge pull request #756 from asottile/all-repos_autofix_no-implicit-optional

23b9a87 remove no_implicit_optional

27239c1 Merge pull request #752 from asottile/pre-commit-ci-update-config

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump safety from 1.10.3 to 2.3.3
Bumps safety from 1.10.3 to 2.3.3.

Release notes

Sourced from safety's releases.

2.3.3

No release notes provided.

2.3.2

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

2.3.1

No release notes provided.

2.3.0

What's Changed

Safety Alerts: GitHub PRs and GitHub issues support by @cb22 in pyupio/safety#411

Safety 2.3.0 patch by @cb22 in pyupio/safety#415

Full Changelog: https://github.com/pyupio/safety/compare/2.2.1...2.3.0

2.2.1

What's Changed

Pull from Master by @yeisonvargasf in pyupio/safety#410

Common fixes for next release by @yeisonvargasf in pyupio/safety#412

2.2.1 Patch by @yeisonvargasf in pyupio/safety#414

Full Changelog: https://github.com/pyupio/safety/compare/2.2.0...2.2.1

2.2.0

What's Changed

Eat stderr messages from git commands. by @tarmack in pyupio/safety#399

Update from master branch by @yeisonvargasf in pyupio/safety#404

Remove AppVeyor and Travis by @yeisonvargasf in pyupio/safety#405

Using dparse to read requirements and fixes for custom integrations by @yeisonvargasf in pyupio/safety#406

Safety 2.2.0 patch by @yeisonvargasf in pyupio/safety#407

New Contributors

@tarmack made their first contribution in pyupio/safety#399

Full Changelog: https://github.com/pyupio/safety/compare/2.1.1...2.2.0

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

PyUp is excited to release Safety 2.0 CLI and Safety as a GitHub Action!

Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs. The new GitHub Action enables you to configure Python dependency security and compliance scans on your repositories on new commits, new branches, pull requests, and more.

Summary:

... (truncated)

Changelog

Sourced from safety's changelog.

[2.3.3] - 2022-11-27

Fixed recursive requirements issue when an unpinned package is found.

[2.3.2] - 2022-11-21

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

[2.3.1] - 2022-10-05

Add safety.alerts module to setup.cfg

[2.3.0] - 2022-10-05

Safety can now create GitHub PRs and Issues for vulnerabilities directly, with the new safety alert subcommand.

Support for GitHub PR and Issue alerting has been added to the GitHub Action.

[2.2.1] - 2022-10-04

Fixed the use of the SAFETY_COLOR environment variable

Fixed bug in the case of vulnerabilities without a CVE linked

Fixed GitHub version in the README

[2.2.0] - 2022-09-19

Safety starts to use dparse to parse files, now Safety supports mainly Poetry and Pipenv lock files plus other files supported by dparse.

Added logic for custom integrations like pipenv check.

The --db flag is compatible remote sources too.

Added more logging

Upgrade dparse dependency to avoid a possible ReDos security issue

Removed Travis and Appveyor, the CI/CD was migrated to GitHub Actions

[2.1.1] - 2022-07-18

Fix crash when running on systems without git present (Thanks @andyjones)

[2.1.0] - 2022-07-14

Summary:

Improved error messages & fixed issues with proxies

Fixed license command

Added the ability for scan outputs to be sent to pyup.io. This will only take effect if using an API key, the feature is enabled on your profile, and the --disable-audit-and-monitor is not set

Added the ability to have a Safety policy file set centrally on your pyup.io profile. This remote policy file will be used if there's no local policy file present, otherwise a warning will be issued.

Updated outputs:

Text & screen output: If a scan has been logged, this is now mentioned in the output.

JSON output: The JSON output now includes git metadata about the folder Safety was run in. It also includes a version field, and telemetry information that would be sent separately. There are no breaking changes in the output.

New inputs:

New command line flags

The --disable-audit-and-monitor flag can be set to disable sending a scan's result to pyup.io

The --project flag can be set to manually specify a project to associate these scans with. By default, it'll autodetect based on the current folder and git.

... (truncated)

Commits

78e2525 Version 2.3.3

57a73c4 Merge pull request #432 from pyupio/develop

7869401 Merge pull request #431 from pyupio/fix/recursive-deps-parsing

77b46da Returning deps after one unpinned dependency.

eadcbe1 Merge pull request #430 from pyupio/main

ab5a57c Update version file to the current live version.

e6bceee Starting version 2.3.3.dev

f55c927 Version 2.3.2

a8c8c96 Merge pull request #429 from pyupio/develop

d180854 Revert "Remove ignore flags in the CI config."

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump safety from 1.10.3 to 2.3.2
Bumps safety from 1.10.3 to 2.3.2.

Release notes

Sourced from safety's releases.

2.3.2

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

2.3.1

No release notes provided.

2.3.0

What's Changed

Safety Alerts: GitHub PRs and GitHub issues support by @cb22 in pyupio/safety#411

Safety 2.3.0 patch by @cb22 in pyupio/safety#415

Full Changelog: https://github.com/pyupio/safety/compare/2.2.1...2.3.0

2.2.1

What's Changed

Pull from Master by @yeisonvargasf in pyupio/safety#410

Common fixes for next release by @yeisonvargasf in pyupio/safety#412

2.2.1 Patch by @yeisonvargasf in pyupio/safety#414

Full Changelog: https://github.com/pyupio/safety/compare/2.2.0...2.2.1

2.2.0

What's Changed

Eat stderr messages from git commands. by @tarmack in pyupio/safety#399

Update from master branch by @yeisonvargasf in pyupio/safety#404

Remove AppVeyor and Travis by @yeisonvargasf in pyupio/safety#405

Using dparse to read requirements and fixes for custom integrations by @yeisonvargasf in pyupio/safety#406

Safety 2.2.0 patch by @yeisonvargasf in pyupio/safety#407

New Contributors

@tarmack made their first contribution in pyupio/safety#399

Full Changelog: https://github.com/pyupio/safety/compare/2.1.1...2.2.0

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

PyUp is excited to release Safety 2.0 CLI and Safety as a GitHub Action!

Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs. The new GitHub Action enables you to configure Python dependency security and compliance scans on your repositories on new commits, new branches, pull requests, and more.

Summary:

Safety 2.0 major release (notes below) and GitHub Action release

Updated outputs:

... (truncated)

Changelog

Sourced from safety's changelog.

[2.3.2] - 2022-11-21

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

[2.3.1] - 2022-10-05

Add safety.alerts module to setup.cfg

[2.3.0] - 2022-10-05

Safety can now create GitHub PRs and Issues for vulnerabilities directly, with the new safety alert subcommand.

Support for GitHub PR and Issue alerting has been added to the GitHub Action.

[2.2.1] - 2022-10-04

Fixed the use of the SAFETY_COLOR environment variable

Fixed bug in the case of vulnerabilities without a CVE linked

Fixed GitHub version in the README

[2.2.0] - 2022-09-19

Safety starts to use dparse to parse files, now Safety supports mainly Poetry and Pipenv lock files plus other files supported by dparse.

Added logic for custom integrations like pipenv check.

The --db flag is compatible remote sources too.

Added more logging

Upgrade dparse dependency to avoid a possible ReDos security issue

Removed Travis and Appveyor, the CI/CD was migrated to GitHub Actions

[2.1.1] - 2022-07-18

Fix crash when running on systems without git present (Thanks @andyjones)

[2.1.0] - 2022-07-14

Summary:

Improved error messages & fixed issues with proxies

Fixed license command

Added the ability for scan outputs to be sent to pyup.io. This will only take effect if using an API key, the feature is enabled on your profile, and the --disable-audit-and-monitor is not set

Added the ability to have a Safety policy file set centrally on your pyup.io profile. This remote policy file will be used if there's no local policy file present, otherwise a warning will be issued.

Updated outputs:

Text & screen output: If a scan has been logged, this is now mentioned in the output.

JSON output: The JSON output now includes git metadata about the folder Safety was run in. It also includes a version field, and telemetry information that would be sent separately. There are no breaking changes in the output.

New inputs:

New command line flags

The --disable-audit-and-monitor flag can be set to disable sending a scan's result to pyup.io

The --project flag can be set to manually specify a project to associate these scans with. By default, it'll autodetect based on the current folder and git.

[2.0.0] - 2022-06-28

Summary:

... (truncated)

Commits

f55c927 Version 2.3.2

a8c8c96 Merge pull request #429 from pyupio/develop

d180854 Revert "Remove ignore flags in the CI config."

7eef5a4 Remove ignore flags in the CI config.

7171e3e Merge pull request #428 from pyupio/main

e7b4c0c Merge pull request #427 from pyupio/fix/integrations

14db471 Fix announcements load and telemetry.

be1a7a8 Send announcements to stderr when not isatty only when the type announcement ...

6cd1ae3 Fix logic output for integrations, resource warnings fixed, and ruamel fix.

f1b86b8 Merge pull request #426 from pyupio/develop

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump JRubics/poetry-publish from 1.13 to 1.14
Bumps JRubics/poetry-publish from 1.13 to 1.14.

Commits

2be47ac Update pyenv version

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 1
:arrow_up: Bump pyupgrade from 2.38.4 to 3.2.2
Bumps pyupgrade from 2.38.4 to 3.2.2.

Commits

c1b1c53 v3.2.2

02b8cdc Merge pull request #751 from asottile/file

a89ff42 remove abspath(file) rewrite

b736e95 v3.2.1

bba6fec Merge pull request #750 from mhils/optional-forward-ref

9796546 fix Optional["ForwardRef"] rewriting

5c27928 Merge pull request #747 from asottile/pre-commit-ci-update-config

9b72ee9 [pre-commit.ci] pre-commit autoupdate

fe81c25 v3.2.0

1268511 Merge pull request #745 from tusharsadhwani/unpack

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump pyupgrade from 2.38.4 to 3.2.1
Bumps pyupgrade from 2.38.4 to 3.2.1.

Commits

b736e95 v3.2.1

bba6fec Merge pull request #750 from mhils/optional-forward-ref

9796546 fix Optional["ForwardRef"] rewriting

5c27928 Merge pull request #747 from asottile/pre-commit-ci-update-config

9b72ee9 [pre-commit.ci] pre-commit autoupdate

fe81c25 v3.2.0

1268511 Merge pull request #745 from tusharsadhwani/unpack

848751f Add PEP646 Unpack plugin

b1f3615 Merge pull request #741 from asottile/py311-release

e6669bd regenerate import symbols

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump mypy from 0.931 to 0.990
Bumps mypy from 0.931 to 0.990.

Commits

b71dc3d Remove +dev from version

719cef9 Add support for exception groups and except* (#14020)

91b6fc3 Fix crash on nested unions in recursive types (#14007)

42a4c69 Make TryStar not crash (#13991)

5fad1ac Warn on invalid *args and **kwargs with ParamSpec (#13892)

184add9 Revert sum literal integer change (#13961)

74e0dff Add hidden options to disable bytes promotion (#13952)

ec6d9d9 [mypyc] Fix ircheck if register is initialized through LoadAddress (#13944)

8ef701d Use 3.11 instead of 3.11-dev (#13945)

ec149da [mypyc] Fix glue methods with native int types (#13939)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump pytz from 2021.3 to 2022.6
Bumps pytz from 2021.3 to 2022.6.

Commits

4ebc28d Bump version numbers to 2022.6 / 2022f

f1bd81b IANA 2022f

5797f88 Squashed 'tz/' changes from c4eb3fcf2..623631d84

dacb1a1 Upgrade unittest asserts

d1abcdd Bump GitHub Actions

7ff7f35 Add support for Python 3.11

1ab3481 Bump version numbers to 2022.5 / 2022e

872168c Squashed 'tz/' changes from 0fc8f915a..16bd7a384

c5900e5 IANA 2022e

04b5402 Bump version numbers to 2022.4/2022d

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
:arrow_up: Bump shellingham from 1.4.0 to 1.5.0.post1
Bumps shellingham from 1.4.0 to 1.5.0.post1.

Release notes

Sourced from shellingham's releases.

Release 1.5.0.post1

What's Changed

Add syntax highlighting to readme by @swaldhoer in sarugaku/shellingham#63

Limit package installation to Python >= 3.7 by @hswong3i in sarugaku/shellingham#62

New Contributors

@swaldhoer made their first contribution in sarugaku/shellingham#63

@hswong3i made their first contribution in sarugaku/shellingham#62

Full Changelog: https://github.com/sarugaku/shellingham/compare/1.5.0...1.5.0.post1

1.5.0

What's Changed

Bump bleach from 3.2.1 to 3.3.0 by @dependabot in sarugaku/shellingham#44

Bump cryptography from 3.3.1 to 3.3.2 by @dependabot in sarugaku/shellingham#45

Bump urllib3 from 1.26.3 to 1.26.4 by @dependabot in sarugaku/shellingham#46

Modern python by @JeppeKlitgaard in sarugaku/shellingham#50

Update README.rst by @davidlatwe in sarugaku/shellingham#51

Bump urllib3 from 1.26.4 to 1.26.5 by @dependabot in sarugaku/shellingham#54

Add "nu" to _core.py to support detect NuShell by @gunungpw in sarugaku/shellingham#56

Fix typos by @kianmeng in sarugaku/shellingham#58

Add release job by @ofek in sarugaku/shellingham#59

chore: prepare for release 1.5.0 by @frostming in sarugaku/shellingham#60

New Contributors

@JeppeKlitgaard made their first contribution in sarugaku/shellingham#50

@davidlatwe made their first contribution in sarugaku/shellingham#51

@gunungpw made their first contribution in sarugaku/shellingham#56

@kianmeng made their first contribution in sarugaku/shellingham#58

@ofek made their first contribution in sarugaku/shellingham#59

@frostming made their first contribution in sarugaku/shellingham#60

Full Changelog: https://github.com/sarugaku/shellingham/compare/1.4.0...1.5.0

Changelog

Sourced from shellingham's changelog.

1.5.0.post1 (2023-01-03)

Fix package metadata to disallow installation on Python prior to 3.7. This was already done in 1.5.0, but the metadata of the release was incorrectly set to >=3.4.

1.5.0 (2022-08-04)

Features

Drop support for Python version older than 3.7. [#50](https://github.com/sarugaku/shellingham/issues/50) <https://github.com/sarugaku/shellingham/issues/50>_

Support detecting NuShell. [#56](https://github.com/sarugaku/shellingham/issues/56) <https://github.com/sarugaku/shellingham/issues/56>_

Commits

7646358 Prepare for release 1.5.0.post1

eb61246 Merge pull request #62 from alvistack/python_ge_37

57ed4fe Add syntax highlighting to readme (#63)

ee99294 Add syntax highlighting

32bcc83 [1.5.0] Incorrectly List by Pypi as Available for Python < 3.7

ace4525 chore: prepare for release 1.5.0 (#60)

b68e3df Add release job (#59)

6025d91 Fix typos (#58)

23cb5cb Add "nu" to _core.py to support detect NuShell (#56)

325c643 Bump urllib3 from 1.26.4 to 1.26.5 (#54)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 0
:arrow_up: Bump release-drafter/release-drafter from 5.21.0 to 5.22.0
Bumps release-drafter/release-drafter from 5.21.0 to 5.22.0.

Release notes

Sourced from release-drafter/release-drafter's releases.

v5.22.0

What's Changed

New

Only use last full release when drafting (#1240) @ssbarnea

Full Changelog: https://github.com/release-drafter/release-drafter/compare/v5.21.1...v5.22.0

v5.21.1

What's Changed

Dependency Updates

Address set-output deprecation (#1247) @NotMyFault

Full Changelog: https://github.com/release-drafter/release-drafter/compare/v5.21.0...v5.21.1

Commits

cfc5540 v5.22.0

7ef15e2 Only use last full release when drafting (#1240)

6df64e4 v5.21.1

26be07d Address set-output deprecation (#1247)

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 0
:arrow_up: Bump pytz from 2021.3 to 2022.7
Bumps pytz from 2021.3 to 2022.7.

Commits

309a457 Update i18n section of README

67b32d0 Separete legacy tests to run in legacy container

ce19dbe Bump version numbers to 2022.7/2022g

7285e70 IANA 2022g

3a52798 Squashed 'tz/' changes from d3dc2a9d6..9baf0d34d

8656870 Let _all_timezones_unchecked be garbage collected when no longer needed

bd3e51f Rename all_timezones_unchecked to strongly indicate it is not public

01592a9 Merge pull request #90 from eendebakpt/import_time_lazy_list

5e9f112 lazy timezone

4ebc28d Bump version numbers to 2022.6 / 2022f

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 0
:arrow_up: Bump mkdocstrings from 0.18.1 to 0.19.1
Bumps mkdocstrings from 0.18.1 to 0.19.1.

Release notes

Sourced from mkdocstrings's releases.

0.19.0

Highlights

We decided to deprecate a few things to pave the way towards a more stable code base, bringing us closer to a v1.

Selection and rendering options are now combined into a single options key. Using the old keys will emit a deprecation warning.

The BaseCollector and BaseRenderer classes are deprecated in favor of BaseHandler, which merges their functionality. Using the old classes will emit a deprecation warning.

New versions of the Python handler and the legacy Python handler were also released in coordination with mkdocstrings 0.19. See their respective changelogs: python, python-legacy. Most notably, the Python handler gained the members and filters options that prevented many users to switch to it.

mkdocstrings stopped depending directly on the legacy Python handler. It means you now have to explicitely depend on it, directly or through the extra provided by mkdocstrings, if you want to continue using it.

Packaging / Dependencies

Stop depending directly on mkdocstrings-python-legacy (9055d58 by Timothée Mazzucotelli). [Issue #376](mkdocstrings/mkdocstrings#376)

Features

Pass config file path to handlers (cccebc4 by Timothée Mazzucotelli). [Issue #311](mkdocstrings/mkdocstrings#311), [PR #425](mkdocstrings/mkdocstrings#425)

Code Refactoring

Support options / deprecated options mix-up (7c71f26 by Timothée Mazzucotelli).

Deprecate watch feature in favor of MkDocs' built-in one (c20022e by Timothée Mazzucotelli).

Log relative template paths if possible, instead of absolute (91f5f83 by Timothée Mazzucotelli).

Deprecate selection and rendering YAML keys (3335310 by Timothée Mazzucotelli). [PR #420](mkdocstrings/mkdocstrings#420)

Deprecate BaseCollector and BaseRenderer (eb822cb by Timothée Mazzucotelli). [PR #413](mkdocstrings/mkdocstrings#413)

Changelog

Sourced from mkdocstrings's changelog.

0.19.1 - 2022-12-13

Compare with 0.19.0

Bug Fixes

Fix regular expression for Sphinx inventory parsing (348bdd5 by Luis Michaelis). [Issue #496](mkdocstrings/mkdocstrings#496), [PR #497](mkdocstrings/mkdocstrings#497)

Code Refactoring

Small fixes to type annotations (9214b74 by Oleh Prypin). [PR #470](mkdocstrings/mkdocstrings#470)

Report usage-based warnings as user-facing messages (03dd7a6 by Oleh Prypin). [PR #464](mkdocstrings/mkdocstrings#464)

0.19.0 - 2022-05-28

Compare with 0.18.1

Highlights

We decided to deprecate a few things to pave the way towards a more stable code base, bringing us closer to a v1.

Selection and rendering options are now combined into a single options key. Using the old keys will emit a deprecation warning.

The BaseCollector and BaseRenderer classes are deprecated in favor of BaseHandler, which merges their functionality. Using the old classes will emit a deprecation warning.

New versions of the Python handler and the legacy Python handler were also released in coordination with mkdocstrings 0.19. See their respective changelogs: python, python-legacy. Most notably, the Python handler gained the members and filters options that prevented many users to switch to it.

mkdocstrings stopped depending directly on the legacy Python handler. It means you now have to explicitely depend on it, directly or through the extra provided by mkdocstrings, if you want to continue using it.

Packaging / Dependencies

Stop depending directly on mkdocstrings-python-legacy (9055d58 by Timothée Mazzucotelli). [Issue #376](mkdocstrings/mkdocstrings#376)

Features

Pass config file path to handlers (cccebc4 by Timothée Mazzucotelli). [Issue #311](mkdocstrings/mkdocstrings#311), [PR #425](mkdocstrings/mkdocstrings#425)

Code Refactoring

Support options / deprecated options mix-up (7c71f26 by Timothée Mazzucotelli).

Deprecate watch feature in favor of MkDocs' built-in one (c20022e by Timothée Mazzucotelli).

Log relative template paths if possible, instead of absolute (91f5f83 by Timothée Mazzucotelli).

Deprecate selection and rendering YAML keys (3335310 by Timothée Mazzucotelli). [PR #420](mkdocstrings/mkdocstrings#420)

Deprecate BaseCollector and BaseRenderer (eb822cb by Timothée Mazzucotelli). [PR #413](mkdocstrings/mkdocstrings#413)

Commits

d965ccc chore: Prepare release 0.19.1

348bdd5 fix: Fix regular expression for Sphinx inventory parsing

a5ed211 chore: Add JSON schema for plugin's options

6c3ef79 docs: Small improvement

34a1512 chore: Template upgrade

eeeb97b chore: Template upgrade

995e5dc docs: Remove mention of deprecated watch feature from recipes

20f6ea4 Merge branch 'master' of github.com:mkdocstrings/mkdocstrings

efa00b2 docs: Clarify custom_templates folder location in options documentation

e2fb97b chore: Template upgrade

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 0
:arrow_up: Bump python from 3.10.5-slim-buster to 3.11.1-slim-buster in /docker
Bumps python from 3.10.5-slim-buster to 3.11.1-slim-buster.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies docker
opened by dependabot[bot] 0
:arrow_up: Bump safety from 1.10.3 to 2.3.5
Bumps safety from 1.10.3 to 2.3.5.

Release notes

Sourced from safety's releases.

2.3.5

No release notes provided.

2.3.4

No release notes provided.

2.3.3

No release notes provided.

2.3.2

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

2.3.1

No release notes provided.

2.3.0

What's Changed

Safety Alerts: GitHub PRs and GitHub issues support by @cb22 in pyupio/safety#411

Safety 2.3.0 patch by @cb22 in pyupio/safety#415

Full Changelog: https://github.com/pyupio/safety/compare/2.2.1...2.3.0

2.2.1

What's Changed

Pull from Master by @yeisonvargasf in pyupio/safety#410

Common fixes for next release by @yeisonvargasf in pyupio/safety#412

2.2.1 Patch by @yeisonvargasf in pyupio/safety#414

Full Changelog: https://github.com/pyupio/safety/compare/2.2.0...2.2.1

2.2.0

What's Changed

Eat stderr messages from git commands. by @tarmack in pyupio/safety#399

Update from master branch by @yeisonvargasf in pyupio/safety#404

Remove AppVeyor and Travis by @yeisonvargasf in pyupio/safety#405

Using dparse to read requirements and fixes for custom integrations by @yeisonvargasf in pyupio/safety#406

Safety 2.2.0 patch by @yeisonvargasf in pyupio/safety#407

New Contributors

@tarmack made their first contribution in pyupio/safety#399

Full Changelog: https://github.com/pyupio/safety/compare/2.1.1...2.2.0

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

... (truncated)

Changelog

Sourced from safety's changelog.

[2.3.5] - 2022-12-08

Pinned packaging dependency to a compatible range.

Pinned the CI actions to the runner image with Python 3.6 support.

[2.3.4] - 2022-12-07

Removed LegacyVersion use; this fixes the issue with packaging 22.0.

Fixed typos in the README.

Added Python 3.11 to the classifiers in the setup.cfg.

[2.3.3] - 2022-11-27

Fixed recursive requirements issue when an unpinned package is found.

[2.3.2] - 2022-11-21

Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.

Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.

Fixed telemetry data missing when the CLI mode is used.

Fixed wrong database fetching when the KEY and the database arguments are used at the same time.

Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

[2.3.1] - 2022-10-05

Add safety.alerts module to setup.cfg

[2.3.0] - 2022-10-05

Safety can now create GitHub PRs and Issues for vulnerabilities directly, with the new safety alert subcommand.

Support for GitHub PR and Issue alerting has been added to the GitHub Action.

[2.2.1] - 2022-10-04

Fixed the use of the SAFETY_COLOR environment variable

Fixed bug in the case of vulnerabilities without a CVE linked

Fixed GitHub version in the README

[2.2.0] - 2022-09-19

Safety starts to use dparse to parse files, now Safety supports mainly Poetry and Pipenv lock files plus other files supported by dparse.

Added logic for custom integrations like pipenv check.

The --db flag is compatible remote sources too.

Added more logging

Upgrade dparse dependency to avoid a possible ReDos security issue

Removed Travis and Appveyor, the CI/CD was migrated to GitHub Actions

[2.1.1] - 2022-07-18

Fix crash when running on systems without git present (Thanks @andyjones)

[2.1.0] - 2022-07-14

Summary:

Improved error messages & fixed issues with proxies

Fixed license command

Added the ability for scan outputs to be sent to pyup.io. This will only take effect if using an API key, the feature is enabled on your profile, and the --disable-audit-and-monitor is not set

Added the ability to have a Safety policy file set centrally on your pyup.io profile. This remote policy file will be used if there's no local policy file present, otherwise a warning will be issued.

... (truncated)

Commits

d8bd6f7 Version 2.3.5

a10fbd8 Merge pull request #444 from pyupio/develop

7b24998 Test integration for 2.3.4

7d6dd5e Update the OS mapping in the binaries file.

b62b75c Merge pull request #443 from pyupio/fix/pin-compatible-packaging-versions

93598ae Pin the ubuntu version to be used for the CI.

aa1b153 Use packaging versions < 22.0 to prevent issues.

f78823c Starting version 2.3.5.dev

9164106 Merge pull request #442 from pyupio/main

46d54bc Version 2.3.4

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 0

Releases(v1.0.0)

v1.0.0(Jul 7, 2022)
What’s Changed

:package: Build System & CI/CD

:arrow_up: Bump actions/setup-python from 3 to 4 (#197) @dependabot

:arrow_up: Bump JRubics/poetry-publish from 1.10 to 1.11 (#180) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.19.0 to 5.20.0 (#173) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.18.1 to 5.19.0 (#100) @dependabot

:arrow_up: Bump EndBug/add-and-commit from 8 to 9 (#104) @dependabot

:arrow_up: Bump actions/cache from 2.1.7 to 3 (#117) @dependabot

:arrow_up: Bump actions/setup-python from 2.3.2 to 3 (#89) @dependabot

:arrow_up: Bump actions/checkout from 2 to 3 (#94) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.17.6 to 5.18.1 (#57) @dependabot

:arrow_up: Bump actions/setup-python from 2.3.1 to 2.3.2 (#53) @dependabot

:arrow_up: Dependencies updates

:arrow_up: Bump python from 3.10.4-slim-buster to 3.10.5-slim-buster in /docker (#198) @dependabot

:arrow_up: Bump actions/setup-python from 3 to 4 (#197) @dependabot

:arrow_up: Bump pylint from 2.12.2 to 2.14.0 (#190) @dependabot

:arrow_up: Bump mkdocs-git-revision-date-localized-plugin from 1.0.0 to 1.0.1 (#135) @dependabot

:arrow_up: Bump coverage from 6.3.2 to 6.4 (#183) @dependabot

:arrow_up: Bump JRubics/poetry-publish from 1.10 to 1.11 (#180) @dependabot

:arrow_up: Bump django from 4.0.3 to 4.0.4 (#147) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.19.0 to 5.20.0 (#173) @dependabot

:arrow_up: Bump black from 22.1.0 to 22.3.0 (#132) @dependabot

:arrow_up: Bump mkdocs-autorefs from 0.3.1 to 0.4.1 (#103) @dependabot

:arrow_up: Bump bandit from 1.7.2 to 1.7.4 (#97) @dependabot

:arrow_up: Bump pytest from 7.0.1 to 7.1.1 (#115) @dependabot

:arrow_up: Bump python from 3.10.3-slim-buster to 3.10.4-slim-buster in /docker (#127) @dependabot

:arrow_up: Bump pytkdocs from 0.16.0 to 0.16.1 (#102) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.18.1 to 5.19.0 (#100) @dependabot

:arrow_up: Bump mkdocs from 1.2.3 to 1.3.0 (#128) @dependabot

:arrow_up: Bump EndBug/add-and-commit from 8 to 9 (#104) @dependabot

:arrow_up: Bump mkdocstrings from 0.18.0 to 0.18.1 (#95) @dependabot

:arrow_up: Bump actions/cache from 2.1.7 to 3 (#117) @dependabot

:arrow_up: Bump django from 4.0.2 to 4.0.3 (#93) @dependabot

:arrow_up: Bump actions/setup-python from 2.3.2 to 3 (#89) @dependabot

:arrow_up: Bump python from 3.10.2-slim-buster to 3.10.3-slim-buster in /docker (#116) @dependabot

:arrow_up: Bump actions/checkout from 2 to 3 (#94) @dependabot

:arrow_up: Bump mkdocstrings-python-legacy from 0.2.1 to 0.2.2 (#86) @dependabot

:arrow_up: Bump mkdocs-git-revision-date-localized-plugin from 0.11.1 to 1.0.0 (#85) @dependabot

:arrow_up: Bump mkdocs-material from 8.1.9 to 8.2.1 (#77) @dependabot

:arrow_up: Bump pytest from 7.0.0 to 7.0.1 (#69) @dependabot

:arrow_up: Bump coverage from 6.3.1 to 6.3.2 (#80) @dependabot

:arrow_up: Bump pymdown-extensions from 9.1 to 9.2 (#66) @dependabot

:arrow_up: Bump pytkdocs from 0.15.0 to 0.16.0 (#84) @dependabot

:arrow_up: Bump mkdocstrings from 0.17.0 to 0.18.0 (#60) @dependabot

:arrow_up: Bump virtualenv from 20.13.0 to 20.13.1 (#58) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.17.6 to 5.18.1 (#57) @dependabot

:arrow_up: Bump pytest from 6.2.5 to 7.0.0 (#56) @dependabot

:arrow_up: Bump django from 4.0.1 to 4.0.2 (#48) @dependabot

:arrow_up: Bump actions/setup-python from 2.3.1 to 2.3.2 (#53) @dependabot

:arrow_up: Bump coverage from 6.3 to 6.3.1 (#51) @dependabot

:arrow_up: Bump bandit from 1.7.1 to 1.7.2 (#42) @dependabot

:arrow_up: Bump coverage from 6.2 to 6.3 (#43) @dependabot

:arrow_up: Bump black from 21.12b0 to 22.1.0 (#45) @dependabot

:arrow_up: Bump identify from 2.4.5 to 2.4.6 (#44) @dependabot

:arrow_up: Bump mkdocs-material from 8.1.8 to 8.1.9 (#46) @dependabot

:arrow_up: Bump charset-normalizer from 2.0.10 to 2.0.11 (#47) @dependabot

@AsheKR, @dependabot and @dependabot[bot]
Source code(tar.gz)
Source code(zip)
v0.3.1(Jan 26, 2022)
What’s Changed

:rocket: Features

Enhance/test util remove test case (#41) @AsheKR

:package: Build System & CI/CD

:arrow_up: Bump JRubics/poetry-publish from 1.9 to 1.10 (#40) @dependabot

:arrow_up: Dependencies updates

:arrow_up: Bump JRubics/poetry-publish from 1.9 to 1.10 (#40) @dependabot

@AsheKR, @dependabot and @dependabot[bot]
Source code(tar.gz)
Source code(zip)
v0.3.0(Jan 25, 2022)
What’s Changed

:rocket: Features

enhance: AssertInefficientQuery result can customize (#38) @AsheKR

:package: Build System & CI/CD

fix: use resolved version (#39) @AsheKR

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.9(Jan 25, 2022)
What’s Changed

:rocket: Features

enhance: Filter without mentioning the site-package. (#37) @AsheKR

:package: Build System & CI/CD

:arrow_up: Bump release-drafter/release-drafter from 5.17.5 to 5.17.6 (#28) @dependabot

:arrow_up: Bump EndBug/add-and-commit from 7 to 8 (#29) @dependabot

:arrow_up: Dependencies updates

:arrow_up: Bump mkdocs-gen-files from 0.3.3 to 0.3.4 (#33) @dependabot

:arrow_up: Bump asgiref from 3.4.1 to 3.5.0 (#36) @dependabot

:arrow_up: Bump identify from 2.4.4 to 2.4.5 (#35) @dependabot

:arrow_up: Bump mkdocs-material from 8.1.7 to 8.1.8 (#34) @dependabot

:arrow_up: Bump python from 3.8-slim-buster to 3.10.2-slim-buster in /docker (#32) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.17.5 to 5.17.6 (#28) @dependabot

:arrow_up: Bump EndBug/add-and-commit from 7 to 8 (#29) @dependabot

:arrow_up: Bump pyparsing from 3.0.6 to 3.0.7 (#30) @dependabot

@AsheKR, @dependabot and @dependabot[bot]
Source code(tar.gz)
Source code(zip)
v0.2.8(Jan 19, 2022)
What’s Changed

:wrench: Fixes & Refactoring

dependency: loosen-django-dependency (#27) @AsheKR

:arrow_up: Dependencies updates

dependency: loosen-django-dependency (#27) @AsheKR

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.7(Jan 19, 2022)
What’s Changed

:wrench: Fixes & Refactoring

dependency: loosen-django-dependency (#26) @AsheKR

:package: Build System & CI/CD

ci: doc publish when main merged (#24) @AsheKR

ci: remove mv htmlcov to docs (#23) @AsheKR

:pencil: Documentation

docs: remove list-of-contributer (#25) @AsheKR

ci: doc publish when main merged (#24) @AsheKR

ci: remove mv htmlcov to docs (#23) @AsheKR

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.6(Jan 18, 2022)
What’s Changed

:arrow_up: Dependencies updates

dependency: remove unused dependency (#22) @AsheKR

:busts_in_silhouette: List of contributors

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.5(Jan 18, 2022)
What’s Changed

:wrench: Fixes & Refactoring

refactor: remove unused var (#21) @AsheKR

:pencil: Documentation

docs: modifiy main image (#20) @AsheKR

:busts_in_silhouette: List of contributors

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.4(Jan 18, 2022)
What’s Changed

modify main image location in mkdocs

:busts_in_silhouette: List of contributors

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.3(Jan 18, 2022)
What’s Changed

:wrench: Fixes & Refactoring

mkdocs image rendering (#16) @AsheKR

:package: Build System & CI/CD

ci: docs add coverage html (#18) @AsheKR

:arrow_up: Bump release-drafter/release-drafter from 5.16.1 to 5.17.5 (#11) @dependabot

ci: change release-drafter.yml to release_drafter.yml ( because pycha… (#17) @AsheKR

:pencil: Documentation

ci: docs add coverage html (#18) @AsheKR

Add a Section Pointing mkdocs (#19) @AsheKR

mkdocs image rendering (#16) @AsheKR

:arrow_up: Dependencies updates

:arrow_up: Bump release-drafter/release-drafter from 5.16.1 to 5.17.5 (#11) @dependabot

:arrow_up: Bump importlib-metadata from 4.10.0 to 4.10.1 (#13) @dependabot

:busts_in_silhouette: List of contributors

@AsheKR, @dependabot and @dependabot[bot]
Source code(tar.gz)
Source code(zip)
v0.2.2(Jan 18, 2022)
What’s Changed

:package: Build System & CI/CD

Release Automation (#15) @AsheKR

:busts_in_silhouette: List of contributors

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.1(Jan 18, 2022)
What’s Changed

version dump

:busts_in_silhouette: List of contributors

@AsheKR
Source code(tar.gz)
Source code(zip)
v0.2.0(Jan 18, 2022)
What’s Changed

Docs (#14) @AsheKR

Docs (#10) @AsheKR

QueryCapture (#9) @AsheKR

Change query-capture to native-query-capture (#8) @AsheKR

:arrow_up: Dependencies updates

:arrow_up: Bump mypy from 0.910 to 0.931 (#6) @dependabot

:arrow_up: Bump rich from 10.16.2 to 11.0.0 (#5) @dependabot

:arrow_up: Bump actions/setup-python from 2.2.2 to 2.3.1 (#1) @dependabot

:arrow_up: Bump release-drafter/release-drafter from 5.15.0 to 5.16.1 (#4) @dependabot

:arrow_up: Bump actions/cache from 2.1.6 to 2.1.7 (#3) @dependabot

:busts_in_silhouette: List of contributors

@AsheKR, @dependabot and @dependabot[bot]
Source code(tar.gz)
Source code(zip)
0.1.0(Jan 14, 2022)

Source code(tar.gz)
Source code(zip)
0.0.1(Jan 14, 2022)

The basic functions of "Query Capture"
Source code(tar.gz)
Source code(zip)

Django Query Capture can check the query situation at a glance, notice slow queries, and notice where N+1 occurs.

Related tags

Overview

django-query-capture

Overview

Simple Usage

Installation

Full Documentation

🛡 License

Credits

Comments

🚀 Feature Request

🔈 Motivation

2.3.4

2.3.3

2.3.2

2.3.1

2.3.0

What's Changed

2.2.1

What's Changed

2.2.0

What's Changed

New Contributors

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

[2.3.4] - 2022-12-07

[2.3.3] - 2022-11-27

[2.3.2] - 2022-11-21

[2.3.1] - 2022-10-05

[2.3.0] - 2022-10-05

[2.2.1] - 2022-10-04

[2.2.0] - 2022-09-19

[2.1.1] - 2022-07-18

[2.1.0] - 2022-07-14

Summary:

Updated outputs:

2.3.3

2.3.2

2.3.1

2.3.0

What's Changed

2.2.1

What's Changed

2.2.0

What's Changed

New Contributors

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

Summary:

[2.3.3] - 2022-11-27

[2.3.2] - 2022-11-21

[2.3.1] - 2022-10-05

[2.3.0] - 2022-10-05

[2.2.1] - 2022-10-04

[2.2.0] - 2022-09-19

[2.1.1] - 2022-07-18

[2.1.0] - 2022-07-14

Summary:

Updated outputs:

New inputs:

2.3.2

2.3.1

2.3.0

What's Changed

2.2.1

What's Changed

2.2.0

What's Changed

New Contributors

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

Summary:

Updated outputs:

[2.3.2] - 2022-11-21

[2.3.1] - 2022-10-05

[2.3.0] - 2022-10-05

[2.2.1] - 2022-10-04

[2.2.0] - 2022-09-19

[2.1.1] - 2022-07-18

[2.1.0] - 2022-07-14

Summary:

Updated outputs: