Scheduled weekly dependency update for week 52

[pyup-bot]

Update black from 22.8.0 to 24.10.0.

Changelog

24.10.0

Highlights

- Black is now officially tested with Python 3.13 and provides Python 3.13
mypyc-compiled wheels. (4436) (4449)
- Black will issue an error when used with Python 3.12.5, due to an upstream memory
safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please
use Python 3.12.6 or Python 3.12.4 instead. (4447)
- Black no longer supports running with Python 3.8 (4452)

Stable style

- Fix crashes involving comments in parenthesised return types or `X | Y` style unions.
(4453)
- Fix skipping Jupyter cells with unknown `%%` magic (4462)

Preview style

- Fix type annotation spacing between * and more complex type variable tuple (i.e. `def
fn(*args: *tuple[*Ts, T]) -> None: pass`) (4440)

Caching

- Fix bug where the cache was shared between runs with and without `--unstable` (4466)

Packaging

- Upgrade version of mypyc used to 1.12 beta (4450) (4449)
- `blackd` now requires a newer version of aiohttp. (4451)

Output

- Added Python target version information on parse error (4378)
- Add information about Black version to internal error messages (4457)

24.8.0

Stable style

- Fix crash when ` fmt: off` is used before a closing parenthesis or bracket. (4363)

Packaging

- Packaging metadata updated: docs are explictly linked, the issue tracker is now also
linked. This improves the PyPI listing for Black. (4345)

Parser

- Fix regression where Black failed to parse a multiline f-string containing another
multiline string (4339)
- Fix regression where Black failed to parse an escaped single quote inside an f-string
(4401)
- Fix bug with Black incorrectly parsing empty lines with a backslash (4343)
- Fix bugs with Black's tokenizer not handling `\{` inside f-strings very well (4422)
- Fix incorrect line numbers in the tokenizer for certain tokens within f-strings
(4423)

Performance

- Improve performance when a large directory is listed in `.gitignore` (4415)

_Blackd_

- Fix blackd (and all extras installs) for docker container (4357)

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in
24.4.1.

Parser

- Fix regression where certain complex f-strings failed to parse (4332)

Performance

- Fix bad performance on certain complex string literals (4331)

24.4.1

Highlights

- Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (3822)

Stable style

- Fix crash involving indented dummy functions containing newlines (4318)

Parser

- Add support for type parameter defaults, a new syntactic feature added to Python 3.13
by PEP 696 (4327)

Integrations

- Github Action now works even when `git archive` is skipped (4313)

24.4.0

Stable style

- Fix unwanted crashes caused by AST equivalency check (4290)

Preview style

- `if` guards in `case` blocks are now wrapped in parentheses when the line is too long.
(4269)
- Stop moving multiline strings to a new line unless inside brackets (4289)

Integrations

- Add a new option `use_pyproject` to the GitHub Action `psf/black`. This will read the
Black version from `pyproject.toml`. (4294)

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).

This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

- Don't move comments along with delimiters, which could cause crashes (4248)
- Strengthen AST safety check to catch more unsafe changes to strings. Previous versions
of Black would incorrectly format the contents of certain unusual f-strings containing
nested strings with the same quote type. Now, Black will crash on such strings until
support for the new f-string syntax is implemented. (4270)
- Fix a bug where line-ranges exceeding the last code line would not work as expected
(4273)

Performance

- Fix catastrophic performance on docstrings that contain large numbers of leading tab
characters. This fixes
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).
(4278)

Documentation

- Note what happens when `--check` is used with `--quiet` (4236)

24.2.0

Stable style

- Fixed a bug where comments where mistakenly removed along with redundant parentheses
(4218)

Preview style

- Move the `hug_parens_with_braces_and_square_brackets` feature to the unstable style
due to an outstanding crash and proposed formatting tweaks (4198)
- Fixed a bug where base expressions caused inconsistent formatting of \*\* in tenary
expression (4154)
- Checking for newline before adding one on docstring that is almost at the line limit
(4185)
- Remove redundant parentheses in `case` statement `if` guards (4214).

Configuration

- Fix issue where _Black_ would ignore input files in the presence of symlinks (4222)
- _Black_ now ignores `pyproject.toml` that is missing a `tool.black` section when
discovering project root and configuration. Since _Black_ continues to use version
control as an indicator of project root, this is expected to primarily change behavior
for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
simply add an empty `[tool.black]` to the previously discovered `pyproject.toml`
(4204)

Output

- Black will swallow any `SyntaxWarning`s or `DeprecationWarning`s produced by the `ast`
module when performing equivalence checks (4189)

Integrations

- Add a JSONSchema and provide a validate-pyproject entry-point (4181)

24.1.1

Bugfix release to fix a bug that made Black unusable on certain file systems with strict
limits on path length.

Preview style

- Consistently add trailing comma on typed parameters (4164)

Configuration

- Shorten the length of the name of the cache file to fix crashes on file systems that
do not support long paths (4176)

24.1.0

Highlights

This release introduces the new 2024 stable style (4106), stabilizing the following
changes:

- Add parentheses around `if`-`else` expressions (2278)
- Dummy class and function implementations consisting only of `...` are formatted more
compactly (3796)
- If an assignment statement is too long, we now prefer splitting on the right-hand side
(3368)
- Hex codes in Unicode escape sequences are now standardized to lowercase (2916)
- Allow empty first lines at the beginning of most blocks (3967, 4061)
- Add parentheses around long type annotations (3899)
- Enforce newline after module docstrings (3932, 4028)
- Fix incorrect magic trailing comma handling in return types (3916)
- Remove blank lines before class docstrings (3692)
- Wrap multiple context managers in parentheses if combined in a single `with` statement
(3489)
- Fix bug in line length calculations for power operations (3942)
- Add trailing commas to collection literals even if there's a comment after the last
entry (3393)
- When using `--skip-magic-trailing-comma` or `-C`, trailing commas are stripped from
subscript expressions with more than 1 element (3209)
- Add extra blank lines in stubs in a few cases (3564, 3862)
- Accept raw strings as docstrings (3947)
- Split long lines in case blocks (4024)
- Stop removing spaces from walrus operators within subscripts (3823)
- Fix incorrect formatting of certain async statements (3609)
- Allow combining ` fmt: skip` with other comments (3959)

There are already a few improvements in the `--preview` style, which are slated for the
2025 stable style. Try them out and
[share your feedback](https://github.com/psf/black/issues). In the past, the preview
style has included some features that we were not able to stabilize. This year, we're
adding a separate `--unstable` style for features with known problems. Now, the
`--preview` style only includes features that we actually expect to make it into next
year's stable style.

Stable style

Several bug fixes were made in features that are moved to the stable style in this
release:

- Fix comment handling when parenthesising conditional expressions (4134)
- Fix bug where spaces were not added around parenthesized walruses in subscripts,
unlike other binary operators (4109)
- Remove empty lines before docstrings in async functions (4132)
- Address a missing case in the change to allow empty lines at the beginning of all
blocks, except immediately before a docstring (4130)
- For stubs, fix logic to enforce empty line after nested classes with bodies (4141)

Preview style

- Add `--unstable` style, covering preview features that have known problems that would
block them from going into the stable style. Also add the `--enable-unstable-feature`
flag; for example, use
`--enable-unstable-feature hug_parens_with_braces_and_square_brackets` to apply this
preview feature throughout 2024, even if a later Black release downgrades the feature
to unstable (4096)
- Format module docstrings the same as class and function docstrings (4095)
- Fix crash when using a walrus in a dictionary (4155)
- Fix unnecessary parentheses when wrapping long dicts (4135)
- Stop normalizing spaces before ` fmt: skip` comments (4146)

Configuration

- Print warning when configuration in `pyproject.toml` contains an invalid key (4165)
- Fix symlink handling, properly ignoring symlinks that point outside of root (4161)
- Fix cache mtime logic that resulted in false positive cache hits (4128)
- Remove the long-deprecated `--experimental-string-processing` flag. This feature can
currently be enabled with `--preview --enable-unstable-feature string_processing`.
(4096)

Integrations

- Revert the change to run Black's pre-commit integration only on specific git hooks
(3940) for better compatibility with older versions of pre-commit (4137)

23.12.1

Packaging

- Fixed a bug that included dependencies from the `d` extra by default (4108)

23.12.0

Highlights

It's almost 2024, which means it's time for a new edition of _Black_'s stable style!
Together with this release, we'll put out an alpha release 24.1a1 showcasing the draft
2024 stable style, which we'll finalize in the January release. Please try it out and
[share your feedback](https://github.com/psf/black/issues/4042).

This release (23.12.0) will still produce the 2023 style. Most but not all of the
changes in `--preview` mode will be in the 2024 stable style.

Stable style

- Fix bug where ` fmt: off` automatically dedents when used with the `--line-ranges`
option, even when it is not within the specified line range. (4084)
- Fix feature detection for parenthesized context managers (4104)

Preview style

- Prefer more equal signs before a break when splitting chained assignments (4010)
- Standalone form feed characters at the module level are no longer removed (4021)
- Additional cases of immediately nested tuples, lists, and dictionaries are now
indented less (4012)
- Allow empty lines at the beginning of all blocks, except immediately before a
docstring (4060)
- Fix crash in preview mode when using a short `--line-length` (4086)
- Keep suites consisting of only an ellipsis on their own lines if they are not
functions or class definitions (4066) (4103)

Configuration

- `--line-ranges` now skips _Black_'s internal stability check in `--safe` mode. This
avoids a crash on rare inputs that have many unformatted same-content lines. (4034)

Packaging

- Upgrade to mypy 1.7.1 (4049) (4069)
- Faster compiled wheels are now available for CPython 3.12 (4070)

Integrations

- Enable 3.12 CI (4035)
- Build docker images in parallel (4054)
- Build docker images with 3.12 (4055)

23.11.0

Highlights

- Support formatting ranges of lines with the new `--line-ranges` command-line option
(4020)

Stable style

- Fix crash on formatting bytes strings that look like docstrings (4003)
- Fix crash when whitespace followed a backslash before newline in a docstring (4008)
- Fix standalone comments inside complex blocks crashing Black (4016)
- Fix crash on formatting code like `await (a ** b)` (3994)
- No longer treat leading f-strings as docstrings. This matches Python's behaviour and
fixes a crash (4019)

Preview style

- Multiline dicts and lists that are the sole argument to a function are now indented
less (3964)
- Multiline unpacked dicts and lists as the sole argument to a function are now also
indented less (3992)
- In f-string debug expressions, quote types that are visible in the final string are
now preserved (4005)
- Fix a bug where long `case` blocks were not split into multiple lines. Also enable
general trailing comma rules on `case` blocks (4024)
- Keep requiring two empty lines between module-level docstring and first function or
class definition (4028)
- Add support for single-line format skip with other comments on the same line (3959)

Configuration

- Consistently apply force exclusion logic before resolving symlinks (4015)
- Fix a bug in the matching of absolute path names in `--include` (3976)

Performance

- Fix mypyc builds on arm64 on macOS (4017)

Integrations

- Black's pre-commit integration will now run only on git hooks appropriate for a code
formatter (3940)

23.10.1

Highlights

- Maintenance release to get a fix out for GitHub Action edge case (3957)

Preview style

- Fix merging implicit multiline strings that have inline comments (3956)
- Allow empty first line after block open before a comment or compound statement (3967)

Packaging

- Change Dockerfile to hatch + compile black (3965)

Integrations

- The summary output for GitHub workflows is now suppressible using the `summary`
parameter. (3958)
- Fix the action failing when Black check doesn't pass (3957)

Documentation

- It is known Windows documentation CI is broken
https://github.com/psf/black/issues/3968

23.10.0

Stable style

- Fix comments getting removed from inside parenthesized strings (3909)

Preview style

- Fix long lines with power operators getting split before the line length (3942)
- Long type hints are now wrapped in parentheses and properly indented when split across
multiple lines (3899)
- Magic trailing commas are now respected in return types. (3916)
- Require one empty line after module-level docstrings. (3932)
- Treat raw triple-quoted strings as docstrings (3947)

Configuration

- Fix cache versioning logic when `BLACK_CACHE_DIR` is set (3937)

Parser

- Fix bug where attributes named `type` were not accepted inside `match` statements
(3950)
- Add support for PEP 695 type aliases containing lambdas and other unusual expressions
(3949)

Output

- Black no longer attempts to provide special errors for attempting to format Python 2
code (3933)
- Black will more consistently print stacktraces on internal errors in verbose mode
(3938)

Integrations

- The action output displayed in the job summary is now wrapped in Markdown (3914)

23.9.1

Due to various issues, the previous release (23.9.0) did not include compiled mypyc
wheels, which make Black significantly faster. These issues have now been fixed, and
this release should come with compiled wheels once again.

There will be no wheels for Python 3.12 due to a bug in mypyc. We will provide 3.12
wheels in a future release as soon as the mypyc bug is fixed.

Packaging

- Upgrade to mypy 1.5.1 (3864)

Performance

- Store raw tuples instead of NamedTuples in Black's cache, improving performance and
decreasing the size of the cache (3877)

23.9.0

Preview style

- More concise formatting for dummy implementations (3796)
- In stub files, add a blank line between a statement with a body (e.g an
`if sys.version_info > (3, x):`) and a function definition on the same level (3862)
- Fix a bug whereby spaces were removed from walrus operators within subscript(3823)

Configuration

- Black now applies exclusion and ignore logic before resolving symlinks (3846)

Performance

- Avoid importing `IPython` if notebook cells do not contain magics (3782)
- Improve caching by comparing file hashes as fallback for mtime and size (3821)

_Blackd_

- Fix an issue in `blackd` with single character input (3558)

Integrations

- Black now has an
[official pre-commit mirror](https://github.com/psf/black-pre-commit-mirror). Swapping
`https://github.com/psf/black` to `https://github.com/psf/black-pre-commit-mirror` in
your `.pre-commit-config.yaml` will make Black about 2x faster (3828)
- The `.black.env` folder specified by `ENV_PATH` will now be removed on the completion
of the GitHub Action (3759)

23.7.0

Highlights

- Runtime support for Python 3.7 has been removed. Formatting 3.7 code will still be
supported until further notice (3765)

Stable style

- Fix a bug where an illegal trailing comma was added to return type annotations using
PEP 604 unions (3735)
- Fix several bugs and crashes where comments in stub files were removed or mishandled
under some circumstances (3745)
- Fix a crash with multi-line magic comments like `type: ignore` within parentheses
(3740)
- Fix error in AST validation when _Black_ removes trailing whitespace in a type comment
(3773)

Preview style

- Implicitly concatenated strings used as function args are no longer wrapped inside
parentheses (3640)
- Remove blank lines between a class definition and its docstring (3692)

Configuration

- The `--workers` argument to _Black_ can now be specified via the `BLACK_NUM_WORKERS`
environment variable (3743)
- `.pytest_cache`, `.ruff_cache` and `.vscode` are now excluded by default (3691)
- Fix _Black_ not honouring `pyproject.toml` settings when running `--stdin-filename`
and the `pyproject.toml` found isn't in the current working directory (3719)
- _Black_ will now error if `exclude` and `extend-exclude` have invalid data types in
`pyproject.toml`, instead of silently doing the wrong thing (3764)

Packaging

- Upgrade mypyc from 0.991 to 1.3 (3697)
- Remove patching of Click that mitigated errors on Python 3.6 with `LANG=C` (3768)

Parser

- Add support for the new PEP 695 syntax in Python 3.12 (3703)

Performance

- Speed up _Black_ significantly when the cache is full (3751)
- Avoid importing `IPython` in a case where we wouldn't need it (3748)

Output

- Use aware UTC datetimes internally, avoids deprecation warning on Python 3.12 (3728)
- Change verbose logging to exactly mirror _Black_'s logic for source discovery (3749)

_Blackd_

- The `blackd` argument parser now shows the default values for options in their help
text (3712)

Integrations

- Black is now tested with
[`PYTHONWARNDEFAULTENCODING = 1`](https://docs.python.org/3/library/io.html#io-encoding-warning)
(3763)
- Update GitHub Action to display black output in the job summary (3688)

Documentation

- Add a CITATION.cff file to the root of the repository, containing metadata on how to
cite this software (3723)
- Update the _classes_ and _exceptions_ documentation in Developer reference to match
the latest code base (3755)

23.3.0

Highlights

This release fixes a longstanding confusing behavior in Black's GitHub action, where the
version of the action did not determine the version of Black being run (issue 3382). In
addition, there is a small bug fix around imports and a number of improvements to the
preview style.

Please try out the
[preview style](https://black.readthedocs.io/en/stable/the_black_code_style/future_style.html#preview-style)
with `black --preview` and tell us your feedback. All changes in the preview style are
expected to become part of Black's stable style in January 2024.

Stable style

- Import lines with ` fmt: skip` and ` fmt: off` no longer have an extra blank line
added when they are right after another import line (3610)

Preview style

- Add trailing commas to collection literals even if there's a comment after the last
entry (3393)
- `async def`, `async for`, and `async with` statements are now formatted consistently
compared to their non-async version. (3609)
- `with` statements that contain two context managers will be consistently wrapped in
parentheses (3589)
- Let string splitters respect [East Asian Width](https://www.unicode.org/reports/tr11/)
(3445)
- Now long string literals can be split after East Asian commas and periods (`、` U+3001
IDEOGRAPHIC COMMA, `。` U+3002 IDEOGRAPHIC FULL STOP, & `，` U+FF0C FULLWIDTH COMMA)
besides before spaces (3445)
- For stubs, enforce one blank line after a nested class with a body other than just
`...` (3564)
- Improve handling of multiline strings by changing line split behavior (1879)

Parser

- Added support for formatting files with invalid type comments (3594)

Integrations

- Update GitHub Action to use the version of Black equivalent to action's version if
version input is not specified (3543)
- Fix missing Python binary path in autoload script for vim (3508)

Documentation

- Document that only the most recent release is supported for security issues;
vulnerabilities should be reported through Tidelift (3612)

23.1.0

Highlights

This is the first release of 2023, and following our
[stability policy](https://black.readthedocs.io/en/stable/the_black_code_style/index.html#stability-policy),
it comes with a number of improvements to our stable style, including improvements to
empty line handling, removal of redundant parentheses in several contexts, and output
that highlights implicitly concatenated strings better.

There are also many changes to the preview style; try out `black --preview` and give us
feedback to help us set the stable style for next year.

In addition to style changes, Black now automatically infers the supported Python
versions from your `pyproject.toml` file, removing the need to set Black's target
versions separately.

Stable style

- Introduce the 2023 stable style, which incorporates most aspects of last year's
preview style (3418). Specific changes:
- Enforce empty lines before classes and functions with sticky leading comments
 (3302) (22.12.0)
- Reformat empty and whitespace-only files as either an empty file (if no newline is
 present) or as a single newline character (if a newline is present) (3348)
 (22.12.0)
- Implicitly concatenated strings used as function args are now wrapped inside
 parentheses (3307) (22.12.0)
- Correctly handle trailing commas that are inside a line's leading non-nested parens
 (3370) (22.12.0)
- `--skip-string-normalization` / `-S` now prevents docstring prefixes from being
 normalized as expected (3168) (since 22.8.0)
- When using `--skip-magic-trailing-comma` or `-C`, trailing commas are stripped from
 subscript expressions with more than 1 element (3209) (22.8.0)
- Implicitly concatenated strings inside a list, set, or tuple are now wrapped inside
 parentheses (3162) (22.8.0)
- Fix a string merging/split issue when a comment is present in the middle of
 implicitly concatenated strings on its own line (3227) (22.8.0)
- Docstring quotes are no longer moved if it would violate the line length limit
 (3044, 3430) (22.6.0)
- Parentheses around return annotations are now managed (2990) (22.6.0)
- Remove unnecessary parentheses around awaited objects (2991) (22.6.0)
- Remove unnecessary parentheses in `with` statements (2926) (22.6.0)
- Remove trailing newlines after code block open (3035) (22.6.0)
- Code cell separators `%%` are now standardised to ` %%` (2919) (22.3.0)
- Remove unnecessary parentheses from `except` statements (2939) (22.3.0)
- Remove unnecessary parentheses from tuple unpacking in `for` loops (2945) (22.3.0)
- Avoid magic-trailing-comma in single-element subscripts (2942) (22.3.0)
- Fix a crash when a colon line is marked between ` fmt: off` and ` fmt: on` (3439)

Preview style

- Format hex codes in unicode escape sequences in string literals (2916)
- Add parentheses around `if`-`else` expressions (2278)
- Improve performance on large expressions that contain many strings (3467)
- Fix a crash in preview style with assert + parenthesized string (3415)
- Fix crashes in preview style with walrus operators used in function return annotations
and except clauses (3423)
- Fix a crash in preview advanced string processing where mixed implicitly concatenated
regular and f-strings start with an empty span (3463)
- Fix a crash in preview advanced string processing where a standalone comment is placed
before a dict's value (3469)
- Fix an issue where extra empty lines are added when a decorator has ` fmt: skip`
applied or there is a standalone comment between decorators (3470)
- Do not put the closing quotes in a docstring on a separate line, even if the line is
too long (3430)
- Long values in dict literals are now wrapped in parentheses; correspondingly
unnecessary parentheses around short values in dict literals are now removed; long
string lambda values are now wrapped in parentheses (3440)
- Fix two crashes in preview style involving edge cases with docstrings (3451)
- Exclude string type annotations from improved string processing; fix crash when the
return type annotation is stringified and spans across multiple lines (3462)
- Wrap multiple context managers in parentheses when targeting Python 3.9+ (3489)
- Fix several crashes in preview style with walrus operators used in `with` statements
or tuples (3473)
- Fix an invalid quote escaping bug in f-string expressions where it produced invalid
code. Implicitly concatenated f-strings with different quotes can now be merged or
quote-normalized by changing the quotes used in expressions. (3509)
- Fix crash on `await (yield)` when Black is compiled with mypyc (3533)

Configuration

- Black now tries to infer its `--target-version` from the project metadata specified in
`pyproject.toml` (3219)

Packaging

- Upgrade mypyc from `0.971` to `0.991` so mypycified _Black_ can be built on armv7
(3380)
- This also fixes some crashes while using compiled Black with a debug build of
 CPython
- Drop specific support for the `tomli` requirement on 3.11 alpha releases, working
around a bug that would cause the requirement not to be installed on any non-final
Python releases (3448)
- Black now depends on `packaging` version `22.0` or later. This is required for new
functionality that needs to parse part of the project metadata (3219)

Output

- Calling `black --help` multiple times will return the same help contents each time
(3516)
- Verbose logging now shows the values of `pyproject.toml` configuration variables
(3392)
- Fix false symlink detection messages in verbose output due to using an incorrect
relative path to the project root (3385)

Integrations

- Move 3.11 CI to normal flow now that all dependencies support 3.11 (3446)
- Docker: Add new `latest_prerelease` tag automation to follow latest black alpha
release on docker images (3465)

Documentation

- Expand `vim-plug` installation instructions to offer more explicit options (3468)

22.12.0

Preview style

- Enforce empty lines before classes and functions with sticky leading comments (3302)
- Reformat empty and whitespace-only files as either an empty file (if no newline is
present) or as a single newline character (if a newline is present) (3348)
- Implicitly concatenated strings used as function args are now wrapped inside
parentheses (3307)
- For assignment statements, prefer splitting the right hand side if the left hand side
fits on a single line (3368)
- Correctly handle trailing commas that are inside a line's leading non-nested parens
(3370)

Configuration

- Fix incorrectly applied `.gitignore` rules by considering the `.gitignore` location
and the relative path to the target file (3338)
- Fix incorrectly ignoring `.gitignore` presence when more than one source directory is
specified (3336)

Parser

- Parsing support has been added for walruses inside generator expression that are
passed as function args (for example,
`any(match := my_re.match(text) for text in texts)`) (3327).

Integrations

- Vim plugin: Optionally allow using the system installation of Black via
`let g:black_use_virtualenv = 0`(3309)

22.10.0

Highlights

- Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be
supported until further notice.

Stable style

- Fix a crash when ` fmt: on` is used on a different block level than ` fmt: off`
(3281)

Preview style

- Fix a crash when formatting some dicts with parenthesis-wrapped long string keys
(3262)

Configuration

- `.ipynb_checkpoints` directories are now excluded by default (3293)
- Add `--skip-source-first-line` / `-x` option to ignore the first line of source code
while formatting (3299)

Packaging

- Executables made with PyInstaller will no longer crash when formatting several files
at once on macOS. Native x86-64 executables for macOS are available once again.
(3275)
- Hatchling is now used as the build backend. This will not have any effect for users
who install Black with its wheels from PyPI. (3233)
- Faster compiled wheels are now available for CPython 3.11 (3276)

_Blackd_

- Windows style (CRLF) newlines will be preserved (3257).

Integrations

- Vim plugin: add flag (`g:black_preview`) to enable/disable the preview style (3246)
- Update GitHub Action to support formatting of Jupyter Notebook files via a `jupyter`
option (3282)
- Update GitHub Action to support use of version specifiers (e.g. `<23`) for Black
version (3265)

Links

• PyPI: https://pypi.org/project/black
• Changelog: https://data.safetycli.com/changelogs/black/

Update certifi from 2022.9.24 to 2024.12.14.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/certifi
• Repo: https://github.com/certifi/python-certifi

Update idna from 2.10 to 3.10.

Changelog

3.10

+++++++++++++++++

- Reverted to Unicode 15.1.0 data. Unicode 16 has some significant changes
to UTS46 processing that will require more work to properly implement.

3.9

++++++++++++++++

- Update to Unicode 16.0.0
- Deprecate setup.cfg in favour of pyproject.toml
- Use ruff for code formatting

Thanks to Waket Zheng for contributions to this release.

3.8

++++++++++++++++

- Fix regression where IDNAError exception was not being produced for
certain inputs.
- Add support for Python 3.13, drop support for Python 3.5 as it is no
longer testable.
- Documentation improvements
- Updates to package testing using Github actions

Thanks to Hugo van Kemenade for contributions to this release.

3.7

++++++++++++++++

- Fix issue where specially crafted inputs to encode() could
take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

3.6

++++++++++++++++

- Fix regression to include tests in source distribution.

3.5

++++++++++++++++

- Update to Unicode 15.1.0
- String codec name is now "idna2008" as overriding the system codec
"idna" was not working.
- Fix typing error for codec encoding
- "setup.cfg" has been added for this release due to some downstream
lack of adherence to PEP 517. Should be removed in a future release
so please prepare accordingly.
- Removed reliance on a symlink for the "idna-data" tool to comport
with PEP 517 and the Python Packaging User Guide for sdist archives.
- Added security reporting protocol for project

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions
to this release.

3.4

++++++++++++++++

- Update to Unicode 15.0.0
- Migrate to pyproject.toml for build information (PEP 621)
- Correct another instance where generic exception was raised instead of
IDNAError for malformed input
- Source distribution uses zeroized file ownership for improved
reproducibility

Thanks to Seth Michael Larson for contributions to this release.

3.3

++++++++++++++++

- Update to Unicode 14.0.0
- Update to in-line type annotations
- Throw IDNAError exception correctly for some malformed input
- Advertise support for Python 3.10
- Improve testing regime on Github
- Fix Russian typo in documentation

Thanks to Jon Defresne, Hugo van Kemenade, Seth Michael Larson,
Patrick Ventuzelo and Boris Verhovsky for contributions to this
release.

3.2

++++++++++++++++

- Add type hints (Thanks, Seth Michael Larson!)
- Remove support for Python 3.4

3.1

++++++++++++++++

- Ensure license is included in package (Thanks, Julien Schueller)
- No longer mark wheel has universal (Thanks, Matthieu Darbois)
- Test on PowerPC using Travis CI

3.0

++++++++++++++++

- Python 2 is no longer supported (the 2.x branch supports Python 2,
use "idna<3" in your requirements file if you need Python 2 support)
- Support for V2 UTS 46 test vectors.

Links

• PyPI: https://pypi.org/project/idna
• Changelog: https://data.safetycli.com/changelogs/idna/

Update jinja2 from 3.1.2 to 3.1.5.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/jinja2

Update pygments from 2.13.0 to 2.18.0.

The bot wasn't able to find a changelog for this release. Got an idea?

Links

• PyPI: https://pypi.org/project/pygments

Update requests from 2.28.1 to 2.32.3.

Changelog

2.32.3

-------------------

**Bugfixes**
- Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of
HTTPAdapter. (6716)
- Fixed issue where Requests started failing to run on Python versions compiled
without the `ssl` module. (6724)

2.32.2

-------------------

**Deprecations**
- To provide a more stable migration for custom HTTPAdapters impacted
by the CVE changes in 2.32.0, we've renamed `_get_connection` to
a new public API, `get_connection_with_tls_context`. Existing custom
HTTPAdapters will need to migrate their code to use this new API.
`get_connection` is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease
migration, but we strongly urge users to evaluate if their custom adapter
is subject to the same issue described in CVE-2024-35195. (6710)

2.32.1

-------------------

**Bugfixes**
- Add missing test certs to the sdist distributed on PyPI.

2.32.0

-------------------

**Security**
- Fixed an issue where setting `verify=False` on the first request from a
Session will cause subsequent requests to the _same origin_ to also ignore
cert verification, regardless of the value of `verify`.
(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)

**Improvements**
- `verify=True` now reuses a global SSLContext which should improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a Python
version built with OpenSSL 3.x. (6667)
- Requests now supports optional use of character detection
(`chardet` or `charset_normalizer`) when repackaged or vendored.
This enables `pip` and other projects to minimize their vendoring
surface area. The `Response.text()` and `apparent_encoding` APIs
will default to `utf-8` if neither library is present. (6702)

**Bugfixes**
- Fixed bug in length detection where emoji length was incorrectly
calculated in the request content-length. (6589)
- Fixed deserialization bug in JSONDecodeError. (6629)
- Fixed bug where an extra leading `/` (path separator) could lead
urllib3 to unnecessarily reparse the request URI. (6644)

**Deprecations**

- Requests has officially added support for CPython 3.12 (6503)
- Requests has officially added support for PyPy 3.9 and 3.10 (6641)
- Requests has officially dropped support for CPython 3.7 (6642)
- Requests has officially dropped support for PyPy 3.7 and 3.8 (6641)

**Documentation**
- Various typo fixes and doc improvements.

**Packaging**
- Requests has started adopting some modern packaging practices.
The source files for the projects (formerly `requests`) is now located
in `src/requests` in the Requests sdist. (6506)
- Starting in Requests 2.33.0, Requests will migrate to a PEP 517 build system
using `hatchling`. This should not impact the average user, but extremely old
versions of packaging utilities may have issues with the new packaging format.

2.31.0

-------------------

**Security**
- Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential
forwarding of `Proxy-Authorization` headers to destination servers when
following HTTPS redirects.

When proxies are defined with user info (`https://user:passproxy:8080`), Requests
will construct a `Proxy-Authorization` header that is attached to the request to
authenticate with the proxy.

In cases where Requests receives a redirect response, it previously reattached
the `Proxy-Authorization` header incorrectly, resulting in the value being
sent through the tunneled connection to the destination server. Users who rely on
defining their proxy credentials in the URL are *strongly* encouraged to upgrade
to Requests 2.31.0+ to prevent unintentional leakage and rotate their proxy
credentials once the change has been fully deployed.

Users who do not use a proxy or do not supply their proxy credentials through
the user information portion of their proxy URL are not subject to this
vulnerability.

Full details can be read in our [Github Security Advisory](https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q)
and [CVE-2023-32681](https://nvd.nist.gov/vuln/detail/CVE-2023-32681).

2.30.0

-------------------

**Dependencies**
- ⚠️ Added support for urllib3 2.0. ⚠️

This may contain minor breaking changes so we advise careful testing and
reviewing https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html
prior to upgrading.

Users who wish to stay on urllib3 1.x can pin to `urllib3<2`.

2.29.0

-------------------

**Improvements**

- Requests now defers chunked requests to the urllib3 implementation to improve
standardization. (6226)
- Requests relaxes header component requirements to support bytes/str subclasses. (6356)

2.28.2

-------------------

**Dependencies**

- Requests now supports charset\_normalizer 3.x. (6261)

**Bugfixes**

- Updated MissingSchema exception to suggest https scheme rather than http. (6188)

Links

• PyPI: https://pypi.org/project/requests
• Changelog: https://data.safetycli.com/changelogs/requests/
• Docs: https://requests.readthedocs.io

Update tqdm from 4.51.0 to 4.67.1.

Changelog

4.67.0

- `contrib.discord`: replace `disco-py` with `requests` (1536)

4.66.6

- cli: zip-safe `--manpath`, `--comppath` (1627)
- misc framework updates (1627)
+ fix `pytest` `DeprecationWarning`
+ fix `snapcraft` build
+ fix `nbval` `DeprecationWarning`
+ update & tidy workflows
+ bump pre-commit
+ docs: update URLs

4.66.5

- support `ncols` auto-detection on FreeBSD (1602 <- https://github.com/casperdcl/git-fame/issues/98)
- fix Python 3.13 CLI (1594 <- 1585)
- fix Python 3.13 tests (1595 <- https://github.com/python/cpython/issues/117536#issuecomment-2036883124)
- misc framework updates (1602)
+ add official Python 3.12 support
+ bump deps (https://github.com/NiklasRosenstein/pydoc-markdown/issues/329, https://github.com/tikitu/jsmin/pull/44)

4.66.4

- `rich`: fix completion (1395 <- 1306)
- minor framework updates & code tidy (1578)

4.66.3

- `cli`: `eval` safety (fixes CVE-2024-34062, GHSA-g7vv-2v7x-gj9p)

4.66.2

- `pandas`: add `DataFrame.progress_map` (1549)
- `notebook`: fix HTML padding (1506)
- `keras`: fix resuming training when `verbose>=2` (1508)
- fix `format_num` negative fractions missing leading zero (1548)
- fix Python 3.12 `DeprecationWarning` on `import` (1519)
- linting: use f-strings (1549)
- update tests (1549)
+ fix `pandas` warnings
+ fix `asv` (https://github.com/airspeed-velocity/asv/issues/1323)
+ fix macos `notebook` docstring indentation
- CI: bump actions (1549)

4.66.1

- fix `utils.envwrap` types (1493 <- 1491, 1320 <- 966, 1319)
+ e.g. cloudwatch & kubernetes workaround: `export TQDM_POSITION=-1`
- drop mentions of unsupported Python versions

4.66.0

- environment variables to override defaults (`TQDM_*`) (1491 <- 1061, 950 <- 614, 1318, 619, 612, 370)
+ e.g. in CI jobs, `export TQDM_MININTERVAL=5` to avoid log spam
+ add tests & docs for `tqdm.utils.envwrap`
- fix & update CLI completion
- fix & update API docs
- minor code tidy: replace `os.path` => `pathlib.Path`
- fix docs image hosting
- release with CI bot account again (https://github.com/cli/cli/issues/6680)

4.65.2

- exclude `examples` from distributed wheel (1492)

4.65.1

- migrate `setup.{cfg,py}` => `pyproject.toml` (1490)
+ fix `asv` benchmarks
+ update docs
- fix snap build (1490)
- fix & update tests (1490)
+ fix flaky notebook tests
+ bump `pre-commit`
+ bump workflow actions

4.65.0

- add Python 3.11 and drop Python 3.6 support (1439, 1419, 502 <- 720, 620)
- misc code & docs tidy
- fix & update CI workflows & tests

4.64.1

- support `ipywidgets>=8`  (1366, 1361 <- 1310, 1359, 1360, 1364)
+ fix jupyter lab display
+ update notebook tests

4.64.0

- add `contrib.slack` (1313)

4.63.2

- `rich`: expose `options` kwargs (1282)
- `autonotebook`: re-enable VSCode (1309)
- misc docs typos (1301, 1299)
- update dev dependencies (1311)

4.63.1

- fix stderr/stdout missing `flush()` (1248 <- 1177)
- misc speed improvements/optimisations

4.63.0

- add `__reversed__()`
- add efficient `__contains__()`
- improve CLI startup time (replace `pkg_resources` => `importlib`)
- `tqdm.autonotebook` warning & `std` fallback on missing `ipywidgets` (1218 <- 1082, 1217)
- warn on positional CLI arguments
- misc build/test framework updates
+ enable `py3.10` tests
+ add `conda` dependencies
+ update pre-commit hooks
+ fix `pytest` config (`nbval`, `asyncio`)
+ fix dependencies & tests
+ fix site deployment

4.62.3

- fix minor typo (1246)
- minor example fix (1246)
- misc tidying & refactoring
- misc build/dev framework updates
+ update dependencies
+ update linters
+ update docs deployment branches
- misc test/ci updates
+ test forks
+ tidy OS & Python version tests
+ bump primary python version 3.7 => 3.8
+ beta py3.10 testing
+ fix py2.7 tests
+ better timeout handling

4.62.2

- fix notebook memory leak (1216)
- fix `contrib.concurrent` with generators (1233 <- 1231)

4.62.1

- `contrib.logging`: inherit existing handler output stream (1191)
- fix `PermissionError` by using `weakref` in `DisableOnWriteError` (1207)
- fix `contrib.telegram` creation rate limit handling (1223, 1221 <- 1220, 1076)
- tests: fix py27 `keras` dependencies (1222)
- misc tidy: use relative imports (1222)
- minor documentation updates (1222)

4.62.0

- `asyncio.gather` API consistency with stdlib (1212)
- fix shutdown exception (1209 <- 1198)
- misc build framework updates (1209)
- add [GH Sponsors](https://github.com/sponsors/tqdm/dashboard/tiers?frequency=one-time) & [merch](https://tqdm.github.io/merch) links

4.61.2

- install `colorama` on Windows (1139, 454)
- add telegram support for `leave=False` (1189)
- support `pandas==1.3.0` (1199)
- fix `keras` potential `AttributeError` (1184 <- 1183)
- fix py3.10 `asyncio` tests (1176)
- flush `stdout`/`err` before first render (1177)
- misc minor build & test framework updates (1180)

4.61.1

- fix `utils._screen_shape_linux()` sometimes raising `ValueError` (1174)
- minor build/CI framework updates (1175)
- minor documentation updates
- fix typo (1178)
- link to [merch](https://tqdm.github.io/merch)! :billed_cap: :shirt:

4.61.0

- `keras` support for `initial_epoch` (1150 <- 1138)
- misc documentation updates
+ update & shorten URLs (1163)
+ fix typos (1162)
- fix & update tests (1163)
- minor framework updates (1163)

4.60.0

- add `contrib.logging` helpers for redirecting to `tqdm.write()` (1155 <- 786)
- support `delay` in `notebook` (1142)
- fix `contrib.tmap`, `tzip` not using `tqdm_class` (1148)
- add `notebook` tests (1143)
- updates & misc minor fixes for documentation

4.59.0

- add `tqdm.dask.TqdmCallback` (1079, 279 <- 278)
- add `asyncio.gather()` (1136)
- add basic support for `length_hint` (1068)
- add & update tests
- misc documentation updates (1132)
+ update contributing guide
+ update URLs
+ bash completion: add missing `--delay`
- misc code tidy
- add `[notebook]` extra (1135)

4.58.0

- add start `delay` in seconds (836 <- 1069, 704)
- add tests
- misc code tidy (1130)
- misc documentation updates

4.57.0

- add line buffering for `DummyTqdmFile` (960)
- fix & update demo notebook (1127)
- fix py3 urllib examples (1127)
- suppress deprecated `pandas` warnings (824, 1094)
- misc framework updates
- misc tests updates
- misc code tidy

4.56.2

- fix attribute errors when disabled (1126)
+ `reset()` (1125)
+ `unpause()`
- add tests

4.56.1

- fix `repr()` & `format_dict` when disabled (1113 <- 624)
- rename `__repr__()` => `__str__()`
- minor documentation updates (1113)
+ fix Binder demo notebook (1119)
+ remove explicit Dockerfile
+ move some images to external repo
- add & update tests

4.56.0

- add `tqdm.tk` (1006)
- add `tqdm.rich`
- minor formatting improvements for `tqdm.gui`
- fix `display()` inheritance/override
- add tests
- add documentation

4.55.2

- update tests (1108)
+ make pre-commit `pytest` quicker
+ switch pre-commit from `make` to `python`
+ add and update (auto) formatters & CI (1108, 1093)
- update contributing guidelines (1108)
+ fix formatting
+ test dependencies (1109)
- update `.gitignore`
- fix (auto & manual) formatting
- fix minor detected bugs
- misc build/CI framework upgrades

4.55.1

- fix `(Rolling|Expanding).progress_apply()` on `pandas==1.2.0` (1106)
- minor documentation updates

4.55.0

- fix ASCII notebook export (937, 1035, 1098)
- fix notebook gui-mode extra spaces (433, 479, 550, 935)
- better ETA for early iterations (1101)
- better ETA for wildly varying iteration rates (1102)
- update submodule inheritance
+ `tqdm.gui`
+ `tqdm.notebook`
+ `tqdm.contrib.telegram`
+ `tqdm.contrib.discord`
- documentation updates
- misc code optimisations
- add tests
- framework updates
+ build
+ CI & test
- misc code linting/formatting

4.54.1

- drop `py3.4` (no longer tested) (1091)
- misc CI updates (1091)
+ update `snap` build & deploy method
+ bot releases

4.54.0

- get rid of `get_new` (1085 <- 1084, 509)
- minor CI framework optimisations

4.53.0

- provide `get_new()` helper for mixed subclasses in nested mode (509)
- fix nested `asyncio` (1074)
+ document async `break` hazard
- add tests
- drop py2.6/3.2/3.3 and distutils (no longer tested)
+ drop py2.6 (502 <- 620, 127)
+ drop `distutils` in favour of `setuptools`/`setup.cfg` (723, 721)
- CI framework overhaul
+ drop appveyor (Windows already tested by GHA)
+ skip `devel` PRs
+ automate linting comments on failure
- use `setuptools_scm` (722)
+ fix & update tests
+ fix & upgrade snap build
+ update CONTRIBUTING docs

4.52.0

- allow delaying `display()` to a different notebook cell (1059 <- 909, 954)
+ add `notebook` argument `display=True` (use `display=False` with `display(tqdm_object.container)`)
+ add `keras.TqdmCallback` support for initialiser arguments (use `display=False` with `tqdm_callback_object.display()`) (1059 <- 1065)
+ add documentation
- add CI on windows (507)
- enable CI on OSX
- migrate CI Travis => GHA
+ add tests for MacOS & Windows
+ add tests for py3.9 (1073)
+ update documentation
- minify docker build
- update tests
- misc tidy

Links

• PyPI: https://pypi.org/project/tqdm
• Changelog: https://data.safetycli.com/changelogs/tqdm/

Update urllib3 from 1.26.11 to 2.3.0.

Changelog

2.3.0

==================

Features
--------

- Added ``HTTPResponse.shutdown()`` to stop any ongoing or future reads for a specific response. It calls ``shutdown(SHUT_RD)`` on the underlying socket. This feature was `sponsored by LaunchDarkly <https://opencollective.com/urllib3/contributions/815307>`__. (`#2868 <https://github.com/urllib3/urllib3/issues/2868>`__)
- Added support for JavaScript Promise Integration on Emscripten. This enables more efficient WebAssembly 
requests and streaming, and makes it possible to use in Node.js if you launch it as  ``node --experimental-wasm-stack-switching``. (`3400 <https://github.com/urllib3/urllib3/issues/3400>`__)
- Added the ``proxy_is_tunneling`` property to ``HTTPConnection`` and ``HTTPSConnection``. (`3285 <https://github.com/urllib3/urllib3/issues/3285>`__)
- Added pickling support to ``NewConnectionError`` and ``NameResolutionError``. (`3480 <https://github.com/urllib3/urllib3/issues/3480>`__)


Bugfixes
--------

- Fixed an issue in debug logs where the HTTP version was rendering as "HTTP/11" instead of "HTTP/1.1". (`3489 <https://github.com/urllib3/urllib3/issues/3489>`__)


Deprecations and Removals
-------------------------

- Removed support for Python 3.8. (`3492 <https://github.com/urllib3/urllib3/issues/3492>`__)

2.2.3

==================

Features
--------

- Added support for Python 3.13. (`3473 <https://github.com/urllib3/urllib3/issues/3473>`__)

Bugfixes
--------

- Fixed the default encoding of chunked request bodies to be UTF-8 instead of ISO-8859-1.
All other methods of supplying a request body already use UTF-8 starting in urllib3 v2.0. (`3053 <https://github.com/urllib3/urllib3/issues/3053>`__)
- Fixed ResourceWarning on CONNECT with Python < 3.11.4 by backporting https://github.com/python/cpython/issues/103472. (`#3252 <https://github.com/urllib3/urllib3/issues/3252>`__)
- Adjust tolerance for floating-point comparison on Windows to avoid flakiness in CI (`3413 <https://github.com/urllib3/urllib3/issues/3413>`__)
- Fixed a crash where certain standard library hash functions were absent in restricted environments. (`3432 <https://github.com/urllib3/urllib3/issues/3432>`__)
- Fixed mypy error when adding to ``HTTPConnection.default_socket_options``. (`3448 <https://github.com/urllib3/urllib3/issues/3448>`__)

HTTP/2 (experimental)
---------------------

HTTP/2 support is still in early development.

- Excluded Transfer-Encoding: chunked from HTTP/2 request body (`3425 <https://github.com/urllib3/urllib3/issues/3425>`__)
- Added version checking for ``h2`` (https://pypi.org/project/h2/) usage.

Now only accepting supported h2 major version 4.x.x. (`3290 <https://github.com/urllib3/urllib3/issues/3290>`__)
- Added a probing mechanism for determining whether a given target origin
supports HTTP/2 via ALPN. (`3301 <https://github.com/urllib3/urllib3/issues/3301>`__)
- Add support for sending a request body with HTTP/2 (`3302 <https://github.com/urllib3/urllib3/issues/3302>`__)


Deprecations and Removals
-------------------------

- Note for downstream distributors: the ``_version.py`` file has been removed and is now created at build time by hatch-vcs. (`3412 <https://github.com/urllib3/urllib3/issues/3412>`__)
- Drop support for end-of-life PyPy3.8 and PyPy3.9. (`3475 <https://github.com/urllib3/urllib3/issues/3475>`__)

2.2.2

==================

- Added the ``Proxy-Authorization`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.
- Allowed passing negative integers as ``amt`` to read methods of ``http.client.HTTPResponse`` as an alternative to ``None``. (`3122 <https://github.com/urllib3/urllib3/issues/3122>`__)
- Fixed return types representing copying actions to use ``typing.Self``. (`3363 <https://github.com/urllib3/urllib3/issues/3363>`__)

2.2.1

==================

- Fixed issue where ``InsecureRequestWarning`` was emitted for HTTPS connections when using Emscripten. (`3331 <https://github.com/urllib3/urllib3/issues/3331>`__)
- Fixed ``HTTPConnectionPool.urlopen`` to stop automatically casting non-proxy headers to ``HTTPHeaderDict``. This change was premature as it did not apply to proxy headers and ``HTTPHeaderDict`` does not handle byte header values correctly yet. (`3343 <https://github.com/urllib3/urllib3/issues/3343>`__)
- Changed ``InvalidChunkLength`` to ``ProtocolError`` when response terminates before the chunk length is sent. (`2860 <https://github.com/urllib3/urllib3/issues/2860>`__)
- Changed ``ProtocolError`` to be more verbose on incomplete reads with excess content. (`3261 <https://github.com/urllib3/urllib3/issues/3261>`__)

2.2.0

==================

- Added support for `Emscripten and Pyodide <https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html>`__, including streaming support in cross-origin isolated browser environments where threading is enabled. (`#2951 <https://github.com/urllib3/urllib3/issues/2951>`__)
- Added support for ``HTTPResponse.read1()`` method. (`3186 <https://github.com/urllib3/urllib3/issues/3186>`__)
- Added rudimentary support for HTTP/2. (`3284 <https://github.com/urllib3/urllib3/issues/3284>`__)
- Fixed issue where requests against urls with trailing dots were failing due to SSL errors
when using proxy. (`2244 <https://github.com/urllib3/urllib3/issues/2244>`__)
- Fixed ``HTTPConnection.proxy_is_verified`` and ``HTTPSConnection.proxy_is_verified``
to be always set to a boolean after connecting to a proxy. It could be
``None`` in some cases previously. (`3130 <https://github.com/urllib3/urllib3/issues/3130>`__)
- Fixed an issue where ``headers`` passed in a request with ``json=`` would be mutated (`3203 <https://github.com/urllib3/urllib3/issues/3203>`__)
- Fixed ``HTTPSConnection.is_verified`` to be set to ``False`` when connecting
from a HTTPS proxy to an HTTP target. It was set to ``True`` previously. (`3267 <https://github.com/urllib3/urllib3/issues/3267>`__)
- Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS (`3268 <https://github.com/urllib3/urllib3/issues/3268>`__)
- Fixed TLS 1.3 post-handshake auth when the server certificate validation is disabled (`3325 <https://github.com/urllib3/urllib3/issues/3325>`__)
- Note for downstream distributors: To run integration tests, you now need to run the tests a second
time with the ``--integration`` pytest flag. (`3181 <https://github.com/urllib3/urllib3/issues/3181>`__)

2.1.0

==================

- Removed support for the deprecated urllib3[secure] extra. (`2680 <https://github.com/urllib3/urllib3/issues/2680>`__)
- Removed support for the deprecated SecureTransport TLS implementation. (`2681 <https://github.com/urllib3/urllib3/issues/2681>`__)
- Removed support for the end-of-life Python 3.7. (`3143 <https://github.com/urllib3/urllib3/issues/3143>`__)
- Allowed loading CA certificates from memory for proxies. (`3065 <https://github.com/urllib3/urllib3/issues/3065>`__)
- Fixed decoding Gzip-encoded responses which specified ``x-gzip`` content-encoding. (`3174 <https://github.com/urllib3/urllib3/issues/3174>`__)

2.0.7

==================

* Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

2.0.6

==================

* Added the ``Cookie`` header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via ``Retry.remove_headers_on_redirect``.

2.0.5

==================

- Allowed pyOpenSSL third-party module without any deprecation warning. (`3126 <https://github.com/urllib3/urllib3/issues/3126>`__)
- Fixed default ``blocksize`` of ``HTTPConnection`` classes to match high-level classes. Previously was 8KiB, now 16KiB. (`3066 <https://github.com/urllib3/urllib3/issues/3066>`__)

2.0.4

==================

- Added support for union operators to ``HTTPHeaderDict`` (`2254 <https://github.com/urllib3/urllib3/issues/2254>`__)
- Added ``BaseHTTPResponse`` to ``urllib3.__all__`` (`3078 <https://github.com/urllib3/urllib3/issues/3078>`__)
- Fixed ``urllib3.connection.HTTPConnection`` to raise the ``http.client.connect`` audit event to have the same behavior as the standard library HTTP client (`2757 <https://github.com/urllib3/urllib3/issues/2757>`__)
- Relied on the standard library for checking hostnames in supported PyPy releases (`3087 <https://github.com/urllib3/urllib3/issues/3087>`__)

2.0.3

==================

- Allowed alternative SSL libraries such as LibreSSL, while still issuing a warning as we cannot help users facing issues with implementations other than OpenSSL. (`3020 <https://github.com/urllib3/urllib3/issues/3020>`__)
- Deprecated URLs which don't have an explicit scheme (`2950 <https://github.com/urllib3/urllib3/pull/2950>`_)
- Fixed response decoding with Zstandard when compressed data is made of several frames. (`3008 <https://github.com/urllib3/urllib3/issues/3008>`__)
- Fixed ``assert_hostname=False`` to correctly skip hostname check. (`3051 <https://github.com/urllib3/urllib3/issues/3051>`__)

2.0.2

==================

- Fixed ``HTTPResponse.stream()`` to continue yielding bytes if buffered decompressed data
was still available to be read even if the underlying socket is closed. This prevents
a compressed response from being truncated. (`3009 <https://github.com/urllib3/urllib3/issues/3009>`__)

2.0.1

==================

- Fixed a socket leak when fingerprint or hostname verifications fail. (`2991 <https://github.com/urllib3/urllib3/issues/2991>`__)
- Fixed an error when ``HTTPResponse.read(0)`` was the first ``read`` call or when the internal response body buffer was otherwise empty. (`2998 <https://github.com/urllib3/urllib3/issues/2998>`__)

2.0.0

==================

Read the `v2.0 migration guide <https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html>`__ for help upgrading to the latest version of urllib3.

Removed
-------

* Removed support for Python 2.7, 3.5, and 3.6 (`883 <https://github.com/urllib3/urllib3/issues/883>`__, `#2336 <https://github.com/urllib3/urllib3/issues/2336>`__).
* Removed fallback on certificate ``commonName`` in ``match_hostname()`` function.
This behavior was deprecated in May 2000 in RFC 2818. Instead only ``subjectAltName``
is used to verify the hostname by default. To enable verifying the hostname against
``commonName`` use ``SSLContext.hostname_checks_common_name = True`` (`2113 <https://github.com/urllib3/urllib3/issues/2113>`__).
* Removed support for Python with an ``ssl`` module compiled with LibreSSL, CiscoSSL,
wolfSSL, and all other OpenSSL alternatives. Python is moving to require OpenSSL with PEP 644 (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed support for OpenSSL versions earlier than 1.1.1 or that don't have SNI support.
When an incompatible OpenSSL version is detected an ``ImportError`` is raised (`2168 <https://github.com/urllib3/urllib3/issues/2168>`__).
* Removed the list of default ciphers for OpenSSL 1.1.1+ and SecureTransport as their own defaults are already secure (`2082 <https://github.com/urllib3/urllib3/issues/2082>`__).
* Removed ``urllib3.contrib.appengine.AppEngineManager`` and support for Google App Engine Standard Environment (`2044 <https://github.com/urllib3/urllib3/issues/2044>`__).
* Removed deprecated ``Retry`` options ``method_whitelist``, ``DEFAULT_REDIRECT_HEADERS_BLACKLIST`` (`2086 <https://github.com/urllib3/urllib3/issues/2086>`__).
* Removed ``urllib3.HTTPResponse.from_httplib`` (`2648 <https://github.com/urllib3/urllib3/issues/2648>`__).
* Removed default value of ``None`` for the ``request_context`` parameter of ``urllib3.PoolManager.connection_from_pool_key``. This change should have no effect on users as the default value of ``None`` was an invalid option and was never used (`1897 <https://github.com/urllib3/urllib3/issues/1897>`__).
* Removed the ``urllib3.request`` module. ``urllib3.request.RequestMethods`` has been made a private API.
This change was made to ensure that ``from urllib3 import request`` imported the top-level ``request()``
function instead of the ``urllib3.request`` module (`2269 <https://github.com/urllib3/urllib3/issues/2269>`__).
* Removed support for SSLv3.0 from the ``urllib3.contrib.pyopenssl`` even when support is available from the compiled OpenSSL library (`2233 <https://github.com/urllib3/urllib3/issues/2233>`__).
* Removed the deprecated ``urllib3.contrib.ntlmpool`` module (`2339 <https://github.com/urllib3/urllib3/issues

## Summary by Sourcery

Update several dependencies to their latest versions.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request updates several dependencies, including a major version bump for idna and urllib3. The most significant change is the update of black to 24.10.0, which introduces new stable style changes for 2024 and drops support for Python 3.8. Additionally, urllib3 is updated to 2.3.0, which includes new features and bug fixes, but also drops support for Python 3.8.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Updated black to version 24.10.0.	Dropped support for Python 3.8. Officially tested with Python 3.13. Fixed crashes involving comments in parenthesized return types or union types. Fixed skipping Jupyter cells with unknown magic.	requirements-dev.txt
Updated certifi to version 2024.12.14.		requirements-dev.txt
Updated idna to version 3.10.	Reverted to Unicode 15.1.0 data due to significant changes in Unicode 16's UTS46 processing that require further implementation work. Deprecated setup.cfg in favor of pyproject.toml. Adopted ruff for code formatting. Fixed a regression where IDNAError exception was not produced for certain inputs. Added support for Python 3.13 and dropped support for Python 3.5. Fixed an issue where specially crafted inputs to encode() could take an exceptionally long time to process (CVE-2024-3651). Updated to Unicode 15.1.0. Changed string codec name to idna2008. Added support for Python 3.10. Removed support for Python 2 in the 3.x branch. Added support for V2 UTS 46 test vectors. Added type hints and removed support for Python 3.4. Ensured license is included in the package and removed universal wheel marker. Added security reporting protocol for the project. Updated to Unicode 14.0.0 and improved testing regime on Github. Migrated to pyproject.toml for build information (PEP 621). Updated to in-line type annotations. Updated to Unicode 15.0.0 and source distribution uses zeroized file ownership for improved reproducibility. Fixed a regression to include tests in source distribution. Fixed typing error for codec encoding. Removed reliance on a symlink for the idna-data tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives. Added setup.cfg for this release due to downstream lack of adherence to PEP 517 (will be removed in a future release).	requirements-dev.txt
Updated jinja2 to version 3.1.5.		requirements-dev.txt
Updated pygments to version 2.18.0.		requirements-dev.txt
Updated requests to version 2.32.3.	Fixed a bug breaking the ability to specify custom SSLContexts in subclasses of HTTPAdapter. Fixed an issue where Requests started failing to run on Python versions compiled without the ssl module. Added support for CPython 3.12, PyPy 3.9, and 3.10. Dropped support for CPython 3.7, PyPy 3.7, and 3.8. Fixed a security issue where setting verify=False on the first request from a Session would cause subsequent requests to the same origin to also ignore certificate verification. verify=True now reuses a global SSLContext to improve request time variance and minimize certificate load time on Windows with OpenSSL 3.x. Added support for optional character detection (chardet or charset_normalizer) when repackaged or vendored. Fixed a bug in length detection where emoji length was incorrectly calculated. Fixed a deserialization bug in JSONDecodeError. Fixed a bug where an extra leading / could lead urllib3 to unnecessarily reparse the request URI. Fixed a vulnerability where Proxy-Authorization headers could be forwarded to destination servers when following HTTPS redirects. Added support for urllib3 2.0. Deferred chunked requests to the urllib3 implementation for improved standardization. Relaxed header component requirements to support bytes/str subclasses. Added support for charset_normalizer 3.x. Updated MissingSchema exception to suggest https scheme. Renamed _get_connection to get_connection_with_tls_context (deprecated get_connection).	requirements-dev.txt
Updated tqdm to version 4.67.1.	Replaced disco-py with requests in contrib.discord. Added support for Python 3.12 and dropped support for Python 3.6. Added environment variables to override defaults (TQDM_*). Added contrib.logging helpers for redirecting to tqdm.write(). Added tqdm.dask.TqdmCallback. Added asyncio.gather(). Added basic support for length_hint. Added start delay in seconds. Added line buffering for DummyTqdmFile. Added tqdm.tk and tqdm.rich. Improved formatting for tqdm.gui. Fixed display() inheritance/override. Fixed attribute errors when disabled. Fixed repr() and format_dict when disabled. Renamed repr to str. Got rid of get_new. Provided get_new() helper for mixed subclasses in nested mode. Fixed nested asyncio. Dropped py2.6/3.2/3.3 and distutils. Allowed delaying display() to a different notebook cell. Added notebook argument display=True. Added keras.TqdmCallback support for initializer arguments. Added support for ipywidgets>=8. Added contrib.slack. Exposed options kwargs in rich. Re-enabled VSCode in autonotebook. Fixed stderr/stdout missing flush(). Improved CLI startup time. Added tqdm.autonotebook warning and std fallback on missing ipywidgets. Warned on positional CLI arguments. Fixed notebook memory leak. Fixed contrib.concurrent with generators. Fixed contrib.logging to inherit existing handler output stream. Fixed PermissionError by using weakref in DisableOnWriteError. Fixed contrib.telegram creation rate limit handling. Ensured asyncio.gather API consistency with stdlib. Fixed shutdown exception. Installed colorama on Windows. Added telegram support for leave=False. Supported pandas==1.3.0. Fixed keras potential AttributeError. Flushed stdout/err before first render. Fixed utils._screen_shape_linux() sometimes raising ValueError. Added keras support for initial_epoch. Allowed implicitly concatenated strings used as function args to be wrapped inside parentheses. Reformatted empty and whitespace-only files. Enforced empty lines before classes and functions with sticky leading comments. Preferred splitting the right-hand side for assignment statements if the left-hand side fits on a single line. Handled trailing commas inside a line's leading non-nested parens correctly. Fixed a crash when formatting some dicts with parenthesis-wrapped long string keys. Added --skip-source-first-line / -x option to ignore the first line of source code while formatting. Excluded .ipynb_checkpoints directories by default. Fixed a crash when fmt: on is used on a different block level than fmt: off. Fixed incorrectly applied .gitignore rules. Fixed incorrectly ignoring .gitignore presence when more than one source directory is specified. Added parsing support for walruses inside generator expressions passed as function args. Added an option to use the system installation of Black in the Vim plugin. Updated GitHub Action to support formatting Jupyter Notebook files. Updated GitHub Action to support use of version specifiers for Black version. Fixed ASCII notebook export. Fixed notebook gui-mode extra spaces. Improved ETA for early and wildly varying iterations. Updated submodule inheritance for tqdm.gui, tqdm.notebook, tqdm.contrib.telegram, and tqdm.contrib.discord. Dropped py3.4. Fixed (Rolling	Expanding).progress_apply() on pandas==1.2.0.
Updated urllib3 to version 2.3.0.	Added HTTPResponse.shutdown() to stop ongoing or future reads for a specific response. Added support for JavaScript Promise Integration on Emscripten. Added the proxy_is_tunneling property to HTTPConnection and HTTPSConnection. Added pickling support to NewConnectionError and NameResolutionError. Fixed an issue in debug logs where the HTTP version was rendering incorrectly. Removed support for Python 3.8. Added support for Python 3.13. Fixed the default encoding of chunked request bodies to UTF-8. Fixed ResourceWarning on CONNECT with Python < 3.11.4. Fixed a crash where certain standard library hash functions were absent. Fixed mypy error when adding to HTTPConnection.default_socket_options. Excluded Transfer-Encoding: chunked from HTTP/2 request body. Added version checking for h2 usage. Added a probing mechanism for determining HTTP/2 support via ALPN. Added support for sending a request body with HTTP/2. Removed _version.py file (now created at build time). Dropped support for end-of-life PyPy3.8 and PyPy3.9. Added Proxy-Authorization header to the list of headers to strip when redirecting. Allowed passing negative integers as amt to read methods of http.client.HTTPResponse. Fixed return types representing copying actions to use typing.Self. Fixed issue where InsecureRequestWarning was emitted for HTTPS connections when using Emscripten. Fixed HTTPConnectionPool.urlopen to stop automatically casting non-proxy headers to HTTPHeaderDict. Changed InvalidChunkLength to ProtocolError when response terminates early. Changed ProtocolError to be more verbose on incomplete reads. Added support for Emscripten and Pyodide. Added support for HTTPResponse.read1() method. Fixed issue where requests against URLs with trailing dots were failing due to SSL errors when using a proxy. Fixed HTTPConnection.proxy_is_verified and HTTPSConnection.proxy_is_verified to always be boolean. Fixed an issue where headers passed in a request with json= would be mutated. Fixed HTTPSConnection.is_verified to be set to False when connecting from HTTPS proxy to HTTP target. Fixed handling of new error message from OpenSSL 3.2.0 when configuring an HTTP proxy as HTTPS. Fixed TLS 1.3 post-handshake auth when server certificate validation is disabled. Removed support for the deprecated urllib3[secure] extra. Removed support for the deprecated SecureTransport TLS implementation. Removed support for end-of-life Python 3.7. Allowed loading CA certificates from memory for proxies. Fixed decoding Gzip-encoded responses with x-gzip content-encoding. Made body stripped from HTTP requests changing method to GET after 303 redirects. Added Cookie header to list of headers to strip when redirecting. Allowed pyOpenSSL without deprecation warning. Fixed default blocksize of HTTPConnection classes. Added support for union operators to HTTPHeaderDict. Added BaseHTTPResponse to urllib3.all. Fixed urllib3.connection.HTTPConnection to raise the http.client.connect audit event. Relied on the standard library for checking hostnames in supported PyPy releases. Allowed alternative SSL libraries with a warning. Deprecated URLs without explicit schemes. Fixed response decoding with Zstandard. Fixed assert_hostname=False to correctly skip hostname check. Fixed HTTPResponse.stream() to continue yielding bytes even if the socket is closed. Fixed a socket leak when fingerprint or hostname verifications fail. Fixed an error when HTTPResponse.read(0) was the first read call. Removed support for Python 2.7, 3.5, and 3.6. Removed fallback on certificate commonName in match_hostname(). Removed support for Python with ssl module compiled with OpenSSL alternatives. Removed support for OpenSSL versions earlier than 1.1.1. Removed default ciphers for OpenSSL 1.1.1+ and SecureTransport. Removed urllib3.contrib.appengine.AppEngineManager. Removed deprecated Retry options method_whitelist and DEFAULT_REDIRECT_HEADERS_BLACKLIST. Removed urllib3.HTTPResponse.from_httplib. Removed default value of None for request_context parameter of urllib3.PoolManager.connection_from_pool_key. Removed urllib3.request module. Removed support for SSLv3.0 from urllib3.contrib.pyopenssl.	requirements-dev.txt

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, pyup-bot!). We assume it knows what it's doing!

[what-the-diff]

PR Summary

This pull request contains several updates to the software libraries that our application uses. This improves security, performance and compatibility of our software. These changes don't directly affect users, but they ensure the health and stability of the app over time.

• Update of black code formatter
  The 'black' tool, which we use to maintain consistent code style, has been updated to a newer version. This allows us to benefit from the latest improvements and features.

• Update of certifi
  Certifi, a Python library that provides Mozilla’s carefully curated collection of Root Certificates, has been updated to offer improved security for the application.

• Update of idna
  We've updated the 'idna' library, which is used for Internationalized Domain Names support. The update ensures greater compliance with newer standards.

• Update of jinja2
  The 'jinja2' library, used for rendering templates, has been updated for improved performance and bug fixes.

• Update of pygments
  'Pygments', a library used for syntax highlighting has been upgraded to benefit from latest enhancements.

• Update of requests
  We’ve updated the 'requests' library, used for making HTTP requests, to its latest version for improved stability and functionality.

• Update of tqdm
  The 'tqdm' library, used for progress bars in our command line tools, has been updated, improving performances of those processes.

• Update of urllib3
  We've updated 'urllib3', a library used for handling HTTP connections, in order to benefit from the latest security and functionality improvements.

• Update of virtualenv
  The 'virtualenv' tool, used for creating isolated Python environments, has been updated to its latest version, assuring compatibility with the newest Python versions.