Updates the requirements on
[pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) to permit
the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest-asyncio/releases">pytest-asyncio's
releases</a>.</em></p>
<blockquote>
<h2>pytest-asyncio 0.23.3</h2>
<h1>0.23.3 (2024-01-01)</h1>
<ul>
<li>Fixes a bug that caused event loops to be closed prematurely when
using async generator fixtures with class scope or wider in a
function-scoped test <a
href="https://redirect.github.com/pytest-dev/pytest-asyncio/issues/706">#706</a></li>
<li>Fixes various bugs that caused an internal pytest error during test
collection <a
href="https://redirect.github.com/pytest-dev/pytest-asyncio/issues/711">#711</a>
<a
href="https://redirect.github.com/pytest-dev/pytest-asyncio/issues/713">#713</a>
<a
href="https://redirect.github.com/pytest-dev/pytest-asyncio/issues/719">#719</a></li>
</ul>
<h2>Known issues</h2>
<p>As of v0.23, pytest-asyncio attaches an asyncio event loop to each
item of the test suite (i.e. session, packages, modules, classes,
functions) and allows tests to be run in those loops when marked
accordingly. Pytest-asyncio currently assumes that async fixture scope
is correlated with the new event loop scope. This prevents fixtures from
being evaluated independently from the event loop scope and breaks some
existing test suites (see <a
href="https://redirect.github.com/pytest-dev/pytest-asyncio/issues/706">#706</a>).
For example, a test suite may require all fixtures and tests to run in
the same event loop, but have async fixtures that are set up and torn
down for each module. If you're affected by this issue, please continue
using the v0.21 release, until it is resolved.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="260b79185b"><code>260b791</code></a>
[docs] Prepare release of v0.23.3.</li>
<li><a
href="6a253e20fb"><code>6a253e2</code></a>
[docs] Shorten changelog by combining multiple issues.</li>
<li><a
href="e2cbb906c5"><code>e2cbb90</code></a>
[docs] Mention correct issue in changelog.</li>
<li><a
href="0c522bff15"><code>0c522bf</code></a>
[fix] Fixes a bug that caused an internal pytest error when using
ImportWarni...</li>
<li><a
href="31c7e6f9ac"><code>31c7e6f</code></a>
Build(deps): Bump coverage from 7.3.3 to 7.3.4 in
/dependencies/default</li>
<li><a
href="38d5c7eed0"><code>38d5c7e</code></a>
Build(deps): Bump sphinx-rtd-theme in /dependencies/docs</li>
<li><a
href="650ec5875d"><code>650ec58</code></a>
Build(deps): Bump babel from 2.13.1 to 2.14.0 in /dependencies/docs</li>
<li><a
href="0166a7e55f"><code>0166a7e</code></a>
Build(deps): Bump typing-extensions in /dependencies/default</li>
<li><a
href="3a15f3039c"><code>3a15f30</code></a>
Build(deps): Bump coverage from 7.3.2 to 7.3.3 in
/dependencies/default</li>
<li><a
href="28e91f00cd"><code>28e91f0</code></a>
Build(deps): Bump hypothesis in /dependencies/default</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest-asyncio/compare/v0.17.0...v0.23.3">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from
6.2.0 to 6.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pyinstaller/pyinstaller/releases">pyinstaller's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.0</h2>
<p>Please see the <a
href="https://pyinstaller.org/en/v6.3.0/CHANGES.html#id1">v6.3.0 section
of the changelog</a> for a list of the changes since v6.2.0.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst">pyinstaller's
changelog</a>.</em></p>
<blockquote>
<h2>6.3.0 (2023-12-10)</h2>
<p>Bugfix</p>
<pre><code>
* (Linux) Optimize the automatic binary-vs-data classification by
avoiding
``objdump`` based check on files that do not have ELF signature. This
mitigates noticeably longer analysis times for projects with large
number of
(data) files. (:issue:`8148`)
* (Windows) Add Windows error code 110 (``ERROR_OPEN_FAILED``) to the
list of
error codes eligible for the retry mechanism that attempts to mitigate
build
failures due to anti-virus program interference. (:issue:`8138`)
* (Windows) Fix issue with non-functional :func:`time.sleep()` when
building
program with Python <= 3.8.6 or Python 3.9.0. (:issue:`8104`)
* (Windows) Fix issue with splash screen in ``onefile`` mode failing to
extract
``VCRUNTIME140.dll`` from the archive due to character-case mismatch. We
now
perform case-insensitive comparison between the name listed in splash
dependency list and the names in archive TOC. (:issue:`8103`)
* Fix PEP 597 EncodingWarnings when :envvar:`PYTHONWARNDEFAULTENCODING`
is set
to true. (:issue:`8117`)
* Fix pre-safe-import hooks for ``six.moves``,
``urllib3.packages.six.moves``,
and ``setuptools.extern.six.moves`` to gracefully handle cases when the
corresponding ``six`` package is unavailable, as the hook may end up
being
executed even in that case. (:issue:`8145`)
* Fix symbolic link tracking in ``MERGE`` processing, so that distinct
symbolic
links with same relative target (e.g. ``Current -> A`` symbolic links
in Qt
.framework bundles collected on macOS) are properly processed, and kept
in the
original TOC upon their first occurrence. (:issue:`8124`)
<p>Hooks</p>
<pre><code>
* Add hook for ``gi.repository.DBus``. (:issue:`8149`)
* Add hooks for ``gi.repository.AppIndicator3`` and
``gi.repository.AyatanaAppIndicator3``. (:issue:`8149`)
Bootloader
</code></pre>
<ul>
<li>When setting up embedded Python interpreter configuration, set
<code>PyConfig.install_signal_handlers=1</code> to install
signal handlers.
This matches the behavior of PyInstaller 5.x bootloaders, where
interpreter
was initialized via <code>Py_Initialize()</code>, which in
turn calls
<code>Py_InitializeEx(1)</code>, i.e., with
<code>install_sigs=1</code>.
(:issue:<code>8105</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f563dce1e8"><code>f563dce</code></a>
Release v6.3.0. [skip ci]</li>
<li><a
href="79aa828e13"><code>79aa828</code></a>
hooks: gi: add hook for gi.repository.DBus</li>
<li><a
href="3f42b9574f"><code>3f42b95</code></a>
hooks: gi: add hooks for AppIndicator3 and
AyatanaAppIndicator3</li>
<li><a
href="b262373f68"><code>b262373</code></a>
Tests: Requirements: Scheduled weekly dependency update for week 50
(<a
href="https://redirect.github.com/pyinstaller/pyinstaller/issues/8157">#8157</a>)</li>
<li><a
href="0f51fca360"><code>0f51fca</code></a>
bindepend: optimize binary-vs-data classification on linux</li>
<li><a
href="14af1e7143"><code>14af1e7</code></a>
building: add an INFO message at start of binary-vs-data
reclassification</li>
<li><a
href="8c4d099e5f"><code>8c4d099</code></a>
pre-safe-import-hooks: create six.move runtime package only if six is
available</li>
<li><a
href="ac91826b1f"><code>ac91826</code></a>
pre-safe-import-hooks: gracefully handle cases when six is
unavailable</li>
<li><a
href="bb1b306cca"><code>bb1b306</code></a>
Tests: Requirements: Scheduled weekly dependency update for week 49
(<a
href="https://redirect.github.com/pyinstaller/pyinstaller/issues/8142">#8142</a>)</li>
<li><a
href="ac7f6835c2"><code>ac7f683</code></a>
building: retry mechanism: enable retry on winerror 110</li>
<li>Additional commits viewable in <a
href="https://github.com/pyinstaller/pyinstaller/compare/v6.2.0...v6.3.0">compare
view</a></li>
</ul>
</details>
<br />
</code></pre>
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
/cc @driuba - does that look good?
---------
Co-authored-by: Andrius Andrikonis <andrius.andrikonis@toughlex.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
This fixes#6494: if CA and leaf share the same Subject Key Identifier,
SChannel gets confused. So we just skip the SKI for leafs, which is
still fine with OpenSSL 3.x (this was previously fixed by @mmaxim) and
RFC 5280.
Co-authored-by: Andrius Andrikonis <andrius.andrikonis@toughlex.com>
#### Description
Closes https://github.com/mitmproxy/mitmproxy/issues/6547
Responses in flows constructed from HAR files were using the
`Response.make` utility which resulted in the injection of
`content-length` headers. When a `content-length` header existed
already, this could cause failures during replay.
#### Checklist
- [x] I have updated tests where applicable.
- [x] I have added an entry to the CHANGELOG.
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
#### Description
Currently when an empty cookie attribute (`Secure`, `HttpOnly` ...) is
encountered while parsing a `Set-Cookie` header it will create a
`CookieAttrs` object containing a (key, value) pair with an empty string
for the attribute value ie:
```python
CookieAttrs[('Secure', ''), ('HttpOnly', ''), ('Path', '/')]
```
Resulting in an updated `Set-Cookie` header for the `Response` object
with invalid values for those empty attributes ie:
```python
(b'SetCookie', b'value=XYZ; Secure=; HttpOnly=; Path=/')
```
My browser (Firefox 95.0.1) does not pickup these attributes so the
cookie looses them.
______
This fix replaces the empty string attribute for empty cookie attributes
by the value `None` ie:
```python
CookieAttrs[('Secure', None), ('HttpOnly', None), ('Path', '/')]
```
So that they can be told apart from attributes with intentional empty
string values when setting the updated header, which results in a
properly formatted header:
```python
(b'SetCookie', b'value=XYZ; Secure; HttpOnly; Path=/')
```
#### Checklist
- [x] I have updated tests where applicable.
- [x] I have added an entry to the CHANGELOG.
Co-authored-by: Lucas FICHEUX <lficheux@corp.free.fr>
basedBaba