Skip to content

Conversation

@pyup-bot
Copy link
Collaborator

@pyup-bot pyup-bot commented Oct 6, 2023

This PR updates simplejson from 3.16.0 to 3.19.2.

Changelog

3.19.2

* Updated test & build matrix to include Python 3.12 and use
GitHub Actions as a Trusted Publisher (OIDC)
https://github.com/simplejson/simplejson/pull/317

3.19.1

* This release contains security hardening measures based on recommendations
by a security audit sponsored by OSTIF and conducted by X41 D-Sec GmbH.
Several of these measures include changing defaults to be more strict,
by default simplejson will now only consume and produce compliant JSON,
but the flags still exist for any backwards compatibility needs.
No high priority issues were discovered, the reference count
leak is thought to be unreachable since the digits of the float are
checked before PyOS_string_to_double is called.
A link to the public version of this report will be included in a
future release of simplejson. The following fixes were implemented in
one PR: https://github.com/simplejson/simplejson/pull/313
* Fix invalid handling of unicode escape sequences in the pure Python
implementation of the decoder (SJ-PT-23-01)
* Fix missing reference count decrease if PyOS_string_to_double raises
an exception in Python 2.x; was probably unreachable (SJ-PT-23-02)
* Backport the integer string length limitation from Python 3.11 to
limit quadratic number parsing (SJ-PT-23-03)
* Fix inconsistencies with error messages between the C and Python
implementations (SJ-PT-23-100)
* Remove unused unichr import from encoder (SJ-PT-23-101)
* Remove unused namedtuple_as_object and tuple_as_array arguments from
simplejson.load (SJ-PT-23-102)
* Remove vestigial _one_shot code from iterencode (SJ-PT-23-103)
* Change default of allow_nan from True to False and add allow_nan
to decoder (SJ-PT-23-107)

3.18.4

* Test the sdist to prevent future regressions
https://github.com/simplejson/simplejson/pull/311
* Enable ppc64le wheels
https://github.com/simplejson/simplejson/pull/312

3.18.3

* Fix regression in sdist archive
https://github.com/simplejson/simplejson/pull/310

3.18.2

* Distribute a pure python wheel for Pyodide
https://github.com/simplejson/simplejson/pull/308

3.18.1

* Remove unnecessary `i` variable from encoder module namespace
https://github.com/simplejson/simplejson/pull/303
* Declare support for Python 3.11 and add wheels
https://github.com/simplejson/simplejson/pull/305

3.18.0

* Allow serialization of classes that implement for_json or _asdict by
ignoring TypeError when those methods are called
https://github.com/simplejson/simplejson/pull/302
* Raise JSONDecodeError instead of ValueError in invalid unicode escape
sequence edge case
https://github.com/simplejson/simplejson/pull/298

3.17.6

* Declare support for Python 3.10 and add wheels
https://github.com/simplejson/simplejson/pull/291
https://github.com/simplejson/simplejson/pull/292

3.17.5

* Fix the C extension module to harden is_namedtuple against looks-a-likes such
as Mocks. Also prevent dict encoding from causing an unraised SystemError when
encountering a non-Dict. Noticed by running user tests against a CPython
interpreter with C asserts enabled (COPTS += -UNDEBUG).
https://github.com/simplejson/simplejson/pull/284

3.17.4

* Upgrade cibuildwheel
https://github.com/simplejson/simplejson/pull/287

3.17.3

* Replaced Travis-CI and AppVeyor with Github Actions,
adding wheels for Python 3.9.
https://github.com/simplejson/simplejson/pull/283

3.17.2

* Added arm64 to build matrix and reintroduced
manylinux wheels
https://github.com/simplejson/simplejson/pull/264
* No more bdist_wininst builds per PEP 527
https://github.com/simplejson/simplejson/pull/260
* Minor grammatical issue fixed in README
https://github.com/simplejson/simplejson/pull/261

3.17.0

* Updated documentation to be Python 3 first, and
have removed documentation notes about version changes
that occurred more than five years ago.
https://github.com/simplejson/simplejson/pull/257
https://github.com/simplejson/simplejson/pull/254
* Update build matrix for Python 3.8
https://github.com/simplejson/simplejson/pull/255
https://github.com/simplejson/simplejson/pull/256

3.16.1

* Added examples for JSON lines use cases
https://github.com/simplejson/simplejson/pull/236
* Add wheels for more Python versions and platforms
https://github.com/simplejson/simplejson/pull/234
https://github.com/simplejson/simplejson/pull/233
https://github.com/simplejson/simplejson/pull/231
Links

@pyup-bot
Copy link
Collaborator Author

Closing this in favor of #1134

@pyup-bot pyup-bot closed this Aug 14, 2024
@sudo-smith sudo-smith deleted the pyup-update-simplejson-3.16.0-to-3.19.2 branch August 14, 2024 15:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant