Skip to content

Bump the pip group across 1 directory with 8 updates#67

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/pip-3918740b35
Open

Bump the pip group across 1 directory with 8 updates#67
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/pip-3918740b35

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 19, 2025

Bumps the pip group with 8 updates in the / directory:

Package From To
certifi 2022.9.24 2024.7.4
ecdsa 0.18.0 0.19.0
fastecdsa 2.2.3 2.3.2
idna 3.4 3.7
mpmath 1.2.1 1.3.0
pycryptodome 3.15.0 3.19.1
urllib3 1.26.13 1.26.19
websockets 8.1 9.1

Updates certifi from 2022.9.24 to 2024.7.4

Commits

Updates ecdsa from 0.18.0 to 0.19.0

Release notes

Sourced from ecdsa's releases.

ecdsa 0.19.0

New API:

  • to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

  • Support for twisted Brainpool curves

Doc fix:

  • Fix curve equation in glossary
  • Documentation for signature encoding and signature decoding functions

Maintenance:

  • Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is unaffected)
  • Fixes around hypothesis parameters
  • Officially support Python 3.11 and 3.12
  • Small updates to test suite to make it work with 3.11 and 3.12 and new releases of test dependencies
  • Dropped the internal _rwlock module as it's unused
  • Added mutation testing to CI, lots of speed-ups to the test suite to make it happen
  • Removal of unnecessary six.b literals (Alexandre Detiste)

Deprecations:

  • int_to_string, string_to_int, and digest_integer from ecdsa.ecdsa module are now considered deprecated, they will be removed in a future release
Changelog

Sourced from ecdsa's changelog.

  • Release 0.19.1 (13 Mar 2025)

New API:

  • der.remove_implitic and der.encode_implicit for decoding and encoding DER IMPLICIT values with custom tag values and arbitrary classes

Bug fixes:

  • Minor fixes around arithmetic with curves that have non-prime order (useful for experimentation, not practical deployments)
  • Fix arithmetic to work with curves that have (0, 0) on the curve
  • Fix canonicalization of signatures when s is just slightly above half of curve order

Maintenance:

  • Dropped official support for Python 3.5 (again, issues with CI, support for Python 2.6 and Python 2.7 is unchanged)

  • Officialy support Python 3.12 and 3.13 (add them to CI)

  • Removal of few more unnecessary six.b literals (Alexandre Detiste)

  • Fix typos in warning messages

  • Release 0.19.0 (08 Apr 2024)

New API:

  • to_ssh in VerifyingKey and SigningKey, supports Ed25519 keys only (Pablo Mazzini)

New features:

  • Support for twisted Brainpool curves

Doc fix:

  • Fix curve equation in glossary
  • Documentation for signature encoding and signature decoding functions

Maintenance:

  • Dropped official support for 3.3 and 3.4 (because of problems running them in CI, not because it's actually incompatible; support for 2.6 and 2.7 is unaffected)
  • Fixes aroung hypothesis parameters
  • Officially support Python 3.11 and 3.12
  • Small updates to test suite to make it work with 3.11 and 3.12 and new releases of test dependencies
  • Dropped the internal _rwlock module as it's unused
  • Added mutation testing to CI, lots of speed-ups to the test suite to make it happen
  • Removal of unnecessary six.b literals (Alexandre Detiste)

Deprecations:

  • int_to_string, string_to_int, and digest_integer from ecdsa.ecdsa

... (truncated)

Commits
  • be70016 Merge pull request #337 from tlsfuzzer/release-0.19
  • 217735b allow early exit from worker processes when running mutation testing
  • 6e7adff don't check rate if no tests executed
  • c56030e make coveralls submission work with py2.6 again
  • 66d0d74 add release notes for 0.19.0 release
  • 0d5a38c Merge pull request #156 from tomato42/cosmic-ray
  • 02c8350 be more permissive for the PR mutation test coverage
  • 4845e8f better is_prime()
  • 09f0d10 add hard timeout for test mutation test suite
  • e16173b two digit precision for the mutation score badge
  • Additional commits viewable in compare view

Updates fastecdsa from 2.2.3 to 2.3.2

Changelog

Sourced from fastecdsa's changelog.

[2.3.2]

Added

  • Support for python3.12

Removed

  • CI/CD pipelines

Fixed

[2.3.1]

Added

  • Building wheels via CI/CD for the following architectures
    • Linux x86_64
    • Linux i686
    • MacOS x86_64
    • MacOS arm64 (M1)

[2.3.0]

Added

  • Support for python3.11
  • pyproject.toml per PEP-621
  • Support for PEP-517 builds

Removed

  • Support for python3.6
Commits
  • 80a1066 Release 2.3.2
  • 57fc568 fix memory corruption issue
  • 3258e0d bundle test vectors as part of project
  • 3fc709c remove gh action for wheel builds, it's slow and broken
  • 46ea741 Merge pull request #91 from nicolapace/main
  • f2a35cb fixed urlopen giving error 403 in tests by adding User-Agent
  • 44c86a7 Update README.rst
  • 87c8856 Merge pull request #90 from akaIDIOT/bugfix/escapes-in-docstrings
  • 13d164f Fix computng → computing typo
  • 044e662 Use raw string for docstring use \bmod
  • Additional commits viewable in compare view

Updates idna from 3.4 to 3.7

Release notes

Sourced from idna's releases.

v3.7

What's Changed

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

Changelog

Sourced from idna's changelog.

3.7 (2024-04-11) ++++++++++++++++

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

3.6 (2023-11-25) ++++++++++++++++

  • Fix regression to include tests in source distribution.

3.5 (2023-11-24) ++++++++++++++++

  • Update to Unicode 15.1.0
  • String codec name is now "idna2008" as overriding the system codec "idna" was not working.
  • Fix typing error for codec encoding
  • "setup.cfg" has been added for this release due to some downstream lack of adherence to PEP 517. Should be removed in a future release so please prepare accordingly.
  • Removed reliance on a symlink for the "idna-data" tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives.
  • Added security reporting protocol for project

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions to this release.

Commits
  • 1d365e1 Release v3.7
  • c1b3154 Merge pull request #172 from kjd/optimize-contextj
  • 0394ec7 Merge branch 'master' into optimize-contextj
  • cd58a23 Merge pull request #152 from elliotwutingfeng/dev
  • 5beb28b More efficient resolution of joiner contexts
  • 1b12148 Update ossf/scorecard-action to v2.3.1
  • d516b87 Update Github actions/checkout to v4
  • c095c75 Merge branch 'master' into dev
  • 60a0a4c Fix typo in GitHub Actions workflow key
  • 5918a0e Merge branch 'master' into dev
  • Additional commits viewable in compare view

Updates mpmath from 1.2.1 to 1.3.0

Release notes

Sourced from mpmath's releases.

1.3.0

Security issues:

  • Fixed ReDOS vulnerability in mpmathify() (CVE-2021-29063) (Vinzent Steinberg)

Features:

  • Added quadsubdiv() for numerical integration with adaptive path splitting (Fredrik Johansson)
  • Added the Cohen algorithm for inverse Laplace transforms (Guillermo Navas-Palencia)
  • Some speedup of matrix multiplication (Fredrik Johansson)
  • Optimizations to Carlson elliptic integrals (Paul Masson)
  • Added signal functions (squarew(), trianglew(), sawtoothw(), unit_triangle() sigmoidw()) (Nike Dattani, Deyan Mihaylov, Tina Yu)

Bug fixes:

  • Correct mpf initialization from tuple for finf and fninf (Sergey B Kirpichev)
  • Support QR decomposition for matrices of width 0 and 1 (Clemens Hofreither)
  • Fixed some cases where elliprj() gave inaccurate results (Fredrik Johansson)
  • Fixed cases where digamma() hangs for complex input (Fredrik Johansson)
  • Fixed cases of polylog() with integer-valued parameter with complex type (Fredrik Johansson)
  • Fixed fp.nsum() with Euler-Maclaurin algorithm (Fredrik Johansson)

Maintenance:

  • Dropped support for Python 3.4 (Sergey B Kirpichev)
  • Documentation cleanup (Sergey B Kirpichev)
  • Removed obsolete files (Sergey B Kirpichev)
  • Added options to runtests.py to skip tests and exit on failure (Jonathan Warner)
Changelog

Sourced from mpmath's changelog.

--1.4.0-- Released TBD

Features:

  • Support underscores as digit separators per PEP 515, see #661 (Sergey B Kirpichev)
  • Add rationals converter for mpf's, see #666 (Sergey B Kirpichev)
  • Rewrite bernpoly/eulerpoly to avoid dependency on bernoulli(1) convention, see #700 (Sergey B Kirpichev)
  • Support base kwarg for from_str(), see #703 (Jonathan Warner, Sergey B Kirpichev)
  • Support randmatrix() for mp.iv and mp contexts, see #527 (Maximilian Gaukler)
  • Added rand() function for matrices, see #610 (Jan-Philipp Hoffmann)
  • Add plus flag to select the B_1 sign convention for bernoulli/bernfrac, see #724 (Jeremy Tan Jie Rui, Sergey B Kirpichev)
  • Add mpf.as_integer_ratio() method, support construction of mpf from Decimal objects, see #731 (Sergey B Kirpichev)
  • Expose lower/upper_gamma functions, see #740 (Sergey B Kirpichev)
  • Support mpc initialization from string, see #743 (Sergey B Kirpichev)
  • Support asinh/acosh/atanh in the fp context, see #750 (Sergey B Kirpichev)
  • Support binary/octal/hexadecimal string output, see #711 (Jonathan Warner, Sergey B Kirpichev)
  • Support pickling for matrices and mpi, see #761 (Sergey B Kirpichev)
  • Support matrix.array() dunder method, see #767 (Sergey B Kirpichev)
  • Support more number syntaxes, see #778 (Sergey B Kirpichev)
  • Run mpmath as a module for interactive work, see #773, #923, #931, #936, #939 and #954 (Sergey B Kirpichev)
  • Add signed option to to_man_exp(), see #783 (Sergey B Kirpichev)
  • Add fp.hypot, see #798 (Sergey B Kirpichev)
  • Support inf/nan's in ctx.almosteq(), #802 (Sergey B Kirpichev)
  • Implement mpf.format(), see #819, #831, #850, #859, #857, #862, #881 and #944 (Javier Garcia, Sergey B Kirpichev)
  • Support conversion from scalar ndarray's, see #821 (Sergey B Kirpichev)
  • Support rounding modes in mpf.format, see #823, #831 and #834 (Javier Garcia, Sergey B Kirpichev)
  • Support '%' presentation type for mpf, see #847 (Sergey B Kirpichev)
  • Support gmpy2-like rounding modes in to_str(), see #830 (Javier Garcia)
  • Implement 'a'/'A' formating types for mpf.format, see #841 and #870 (Sergey B Kirpichev)
  • Add mpc.format(), see #855 (Sergey B Kirpichev)
  • Now mpf.round() returns mpf, see #826 (Sergey B Kirpichev)
  • Support 'b' (binary) format type for mpf/mpc, see #867 (Sergey B Kirpichev)
  • Implement mpf.floordiv() and mpf.divmod(), see #873 (Sergey B Kirpichev)
  • Add parameters for MPContext constructor, see #876 (Sergey B Kirpichev)
  • Add MPFR-compatible aliases for rounding modes, see #892 (Sergey B Kirpichev)
  • Support negative indexes in matrix, see #897 (Riccardo Orsi)

... (truncated)

Commits
  • b5c0450 version 1.3.0
  • a27581c Merge pull request #656 from cclauss/patch-2
  • 9d7884b don't use .ae method in library code
  • 967de83 Downgrade to ubuntu-20.04 for Py35 and Py36
  • 6425c6a build: strategy: fail-fast: false
  • e2341c7 GitHub Actions: Test on Python 3.11 production release
  • 1258e33 fix failing doctests
  • b7c15d6 include signals documentation; remove duplicate docstrings
  • 1b476ea update doc building instructions
  • 5f57beb Merge pull request #646 from cclauss/patch-1
  • Additional commits viewable in compare view

Updates pycryptodome from 3.15.0 to 3.19.1

Release notes

Sourced from pycryptodome's releases.

v3.19.1 - Zeil

Resolved issues

  • Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack. Thanks to Hubert Kario.

v3.19.0 - Ulm

New features

  • The update() methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
  • Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

  • GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

v3.18.0 - Trier

New features

  • Added support for DER BOOLEAN encodings.

  • The library now compiles on Windows ARM64. Thanks to Niyas Sait.

    Resolved issues

  • GH#722: nonce attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
  • GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
  • GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.
  • Correctly check that the scalar matches the point when importing an ECC private key.

v3.17.0 - Stuttgart

No release notes provided.

v3.16.0 - Ravensburg

New features

  • Build wheels for musl Linux. Thanks to Ben Raz.

Resolved issues

  • GH#639: ARC4 now also works with 'keys' as short as 8 bits.
  • GH#669: fix segfaults when running in a manylinux2010 i686 image.
Changelog

Sourced from pycryptodome's changelog.

3.19.1 (28 December 2023) ++++++++++++++++++++++++++

Resolved issues

  • Fixed a side-channel leakage with OAEP decryption that could be exploited to carry out a Manger attack (CVE-2023-52323). Thanks to Hubert Kario.

3.19.0 (16 September 2023) ++++++++++++++++++++++++++

New features

  • The update() methods of TupleHash128 and TupleHash256 objects can now hash multiple items (byte strings) at once. Thanks to Sylvain Pelissier.
  • Added support for ECDH, with Crypto.Protocol.DH.

Resolved issues

  • GH#754: due to a bug in cffi, do not use it on Windows with Python 3.12+.

3.18.0 (18 May 2023) ++++++++++++++++++++++++++

New features

  • Added support for DER BOOLEAN encodings.
  • The library now compiles on Windows ARM64. Thanks to Niyas Sait.

Resolved issues

  • GH#722: nonce attribute was not correctly set for XChaCha20_Poly1305 ciphers. Thanks to Liam Haber.
  • GH#728: Workaround for a possible x86 emulator bug in Windows for ARM64.
  • GH#739: OID encoding for arc 2 didn't accept children larger than 39. Thanks to James.
  • Correctly check that the scalar matches the point when importing an ECC private key.

3.17.0 (29 January 2023) ++++++++++++++++++++++++++

New features

  • Added support for the Counter Mode KDF defined in SP 800-108 Rev 1.
  • Reduce the minimum tag length for the EAX cipher to 2 bytes.
  • An RSA object has 4 new properties for the CRT coefficients: dp, dq, invq and invq (invp is the same value as the existing u).

Resolved issues

... (truncated)

Commits
  • ef270ab Update wheels action
  • 3278edd Update changelog and version
  • 10e8216 Update PSS verify signature code example.
  • 4ec4b85 Bump version
  • 0deea1b Use constant-time (faster) padding decoding also for OAEP
  • 519e7ae Avoid changing signature of RSA._decrypt() method if possible
  • 1aa9dca Update changelog and bump version
  • afb5e27 Fix side-channel leakage in RSA decryption
  • ee91c67 Update CMAC.py
  • 43a466d Fix small "passes" typo.
  • Additional commits viewable in compare view

Updates urllib3 from 1.26.13 to 1.26.19

Release notes

Sourced from urllib3's releases.

1.26.19

🚀 urllib3 is fundraising for HTTP/2 support

urllib3 is raising ~$40,000 USD to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support for 2023. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects please consider contributing financially to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.

Thank you for your support.

Changes

  • Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.

Full Changelog: urllib3/urllib3@1.26.18...1.26.19

Note that due to an issue with our release automation, no multiple.intoto.jsonl file is available for this release.

1.26.18

  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses. (GHSA-g4mx-q9vg-27p4)

1.26.17

  • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (GHSA-v845-jxx5-vc9f)

1.26.16

  • Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954)

1.26.15

1.26.14

  • Fixed parsing of port 0 (zero) returning None, instead of 0 (#2850)
  • Removed deprecated HTTPResponse.getheaders() calls in urllib3.contrib module.
Changelog

Sourced from urllib3's changelog.

1.26.19 (2024-06-17)

  • Added the Proxy-Authorization header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect.
  • Fixed handling of OpenSSL 3.2.0 new error message for misconfiguring an HTTP proxy as HTTPS. ([#3405](https://github.com/urllib3/urllib3/issues/3405) <https://github.com/urllib3/urllib3/issues/3405>__)

1.26.18 (2023-10-17)

  • Made body stripped from HTTP requests changing the request method to GET after HTTP 303 "See Other" redirect responses.

1.26.17 (2023-10-02)

  • Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. ([#3139](https://github.com/urllib3/urllib3/issues/3139) <https://github.com/urllib3/urllib3/pull/3139>_)

1.26.16 (2023-05-23)

  • Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress ([#2954](https://github.com/urllib3/urllib3/issues/2954) <https://github.com/urllib3/urllib3/pull/2954>_)

1.26.15 (2023-03-10)

  • Fix socket timeout value when HTTPConnection is reused ([#2645](https://github.com/urllib3/urllib3/issues/2645) <https://github.com/urllib3/urllib3/issues/2645>__)
  • Remove "!" character from the unreserved characters in IPv6 Zone ID parsing ([#2899](https://github.com/urllib3/urllib3/issues/2899) <https://github.com/urllib3/urllib3/issues/2899>__)
  • Fix IDNA handling of '\x80' byte ([#2901](https://github.com/urllib3/urllib3/issues/2901) <https://github.com/urllib3/urllib3/issues/2901>__)

1.26.14 (2023-01-11)

  • Fixed parsing of port 0 (zero) returning None, instead of 0. ([#2850](https://github.com/urllib3/urllib3/issues/2850) <https://github.com/urllib3/urllib3/issues/2850>__)
  • Removed deprecated getheaders() calls in contrib module. Fixed the type hint of PoolKey.key_retries by adding bool to the union. ([#2865](https://github.com/urllib3/urllib3/issues/2865) <https://github.com/urllib3/urllib3/issues/2865>__)
Commits

Updates websockets from 8.1 to 9.1

Release notes

Sourced from websockets's releases.

9.1

See https://websockets.readthedocs.io/en/stable/project/changelog.html for details.

9.0.2

See https://websockets.readthedocs.io/en/stable/project/changelog.html for details.

9.0.1

See https://websockets.readthedocs.io/en/stable/project/changelog.html for details.

9.0

See https://websockets.readthedocs.io/en/stable/project/changelog.html for details.

Changelog

Sourced from websockets's changelog.

9.1 ...

May 27, 2021

.. note::

**Version 9.1 fixes a security issue introduced in version 8.0.**

Version 8.0 was vulnerable to timing attacks on HTTP Basic Auth passwords.

9.0.2 .....

May 15, 2021

  • Restored compatibility of python -m websockets with Python < 3.9.

  • Restored compatibility with mypy.

9.0.1 .....

May 2, 2021

  • Fixed issues with the packaging of the 9.0 release.

9.0 ...

May 1, 2021

.. note::

**Version 9.0 moves or deprecates several APIs.**

Aliases provide backwards compatibility for all previously public APIs.


    

  • 

    :class:~datastructures.Headers and
    
:exc:~datastructures.MultipleValuesError were moved from
    
websockets.http to :mod:websockets.datastructures. If you're using
    
them, you should adjust the import path.
    

    • 

  • 

    The client, server, protocol, and auth modules were
    
moved from the websockets package to websockets.legacy
    
sub-package, as part of an upcoming refactoring. Despite the name,
    
they're still fully supported. The refactoring should be a transparent
    
upgrade for most uses when it's available. The legacy implementation
    
will be preserved according to the backwards-compatibility policy_.

... (truncated)

Commits
  • d0f3288 Bump version number.
  • 547a26b Use constant-time comparison for passwords.
  • a14226a Bump version number.
  • 8900c13 Add mypy to dictionary.
  • 0713dbf Add test coverage.
  • b99c4fe Restore real imports for compatibility with mypy.
  • e44e085 Use relative imports everywhere, for consistency.
  • 70fadbf Restore compatibility with Python < 3.9.
  • 217ac2d Fix broken link.
  • fc176f4 Bump version number.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the pip group across 1 directory with 8 updates
b6276c8 
Bumps the pip group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2022.9.24` | `2024.7.4` |
| [ecdsa](https://github.com/tlsfuzzer/python-ecdsa) | `0.18.0` | `0.19.0` |
| [fastecdsa](https://github.com/AntonKueltz/fastecdsa) | `2.2.3` | `2.3.2` |
| [idna](https://github.com/kjd/idna) | `3.4` | `3.7` |
| [mpmath](https://github.com/fredrik-johansson/mpmath) | `1.2.1` | `1.3.0` |
| [pycryptodome](https://github.com/Legrandin/pycryptodome) | `3.15.0` | `3.19.1` |
| [urllib3](https://github.com/urllib3/urllib3) | `1.26.13` | `1.26.19` |
| [websockets](https://github.com/python-websockets/websockets) | `8.1` | `9.1` |



Updates `certifi` from 2022.9.24 to 2024.7.4
- [Commits](certifi/python-certifi@2022.09.24...2024.07.04)

Updates `ecdsa` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/tlsfuzzer/python-ecdsa/releases)
- [Changelog](https://github.com/tlsfuzzer/python-ecdsa/blob/master/NEWS)
- [Commits](tlsfuzzer/python-ecdsa@python-ecdsa-0.18.0...python-ecdsa-0.19.0)

Updates `fastecdsa` from 2.2.3 to 2.3.2
- [Release notes](https://github.com/AntonKueltz/fastecdsa/releases)
- [Changelog](https://github.com/AntonKueltz/fastecdsa/blob/main/CHANGELOG.md)
- [Commits](AntonKueltz/fastecdsa@v2.2.3...v2.3.2)

Updates `idna` from 3.4 to 3.7
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v3.4...v3.7)

Updates `mpmath` from 1.2.1 to 1.3.0
- [Release notes](https://github.com/fredrik-johansson/mpmath/releases)
- [Changelog](https://github.com/mpmath/mpmath/blob/master/CHANGES)
- [Commits](mpmath/mpmath@1.2.1...1.3.0)

Updates `pycryptodome` from 3.15.0 to 3.19.1
- [Release notes](https://github.com/Legrandin/pycryptodome/releases)
- [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst)
- [Commits](Legrandin/pycryptodome@v3.15.0...v3.19.1)

Updates `urllib3` from 1.26.13 to 1.26.19
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.26.13...1.26.19)

Updates `websockets` from 8.1 to 9.1
- [Release notes](https://github.com/python-websockets/websockets/releases)
- [Changelog](https://github.com/python-websockets/websockets/blob/9.1/docs/changelog.rst)
- [Commits](python-websockets/websockets@8.1...9.1)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2024.7.4
  dependency-type: indirect
  dependency-group: pip
- dependency-name: ecdsa
  dependency-version: 0.19.0
  dependency-type: indirect
  dependency-group: pip
- dependency-name: fastecdsa
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: pip
- dependency-name: idna
  dependency-version: '3.7'
  dependency-type: indirect
  dependency-group: pip
- dependency-name: mpmath
  dependency-version: 1.3.0
  dependency-type: indirect
  dependency-group: pip
- dependency-name: pycryptodome
  dependency-version: 3.19.1
  dependency-type: indirect
  dependency-group: pip
- dependency-name: urllib3
  dependency-version: 1.26.19
  dependency-type: indirect
  dependency-group: pip
- dependency-name: websockets
  dependency-version: '9.1'
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 19, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants