Bump the production-dependencies group across 1 directory with 16 updates

[dependabot]

Bumps the production-dependencies group with 16 updates in the / directory:

Package	From	To
babel	2.16.0	2.17.0
blinker	1.8.2	1.9.0
click	8.1.7	8.1.8
flask	3.0.3	3.1.0
flask-wtf	1.2.1	1.2.2
jinja2	3.1.4	3.1.6
markupsafe	2.1.5	3.0.2
packaging	24.1	25.0
psycopg2	2.9.9	2.9.10
pytz	2024.2	2025.2
setuptools	75.1.0	80.1.0
six	1.16.0	1.17.0
sqlalchemy	2.0.35	2.0.40
typing-extensions	4.12.2	4.13.2
werkzeug	3.0.6	3.1.3
wtforms	3.1.2	3.2.1

Updates babel from 2.16.0 to 2.17.0

Release notes

Sourced from babel's releases.

v2.17.0

Happy 2025! This release is being made from FOSDEM 2025, in Brussels, Belgium. 🇧🇪

Thank you to all contributors, new and old, and here's to another great year of internationalization and localization!

---

The changelog below is auto-generated by GitHub.

Please see CHANGELOG.rst for additional details.

---

What's Changed

• Fix deprecation warnings for datetime.utcnow() by @​tomasr8 in python-babel/babel#1119
• Enclose white spaces in references by @​Dunedan in python-babel/babel#1105
• Replace str.index with str.find by @​tomasr8 in python-babel/babel#1130
• Replace more alternate characters in format_skeleton by @​tomasr8 in python-babel/babel#1122
• Fix extracted lineno with nested calls by @​dylankiss in python-babel/babel#1126
• "Deleted duplicate code in test" by @​mattdiaz007 in python-babel/babel#1138
• Fix of list index out of range error in PoFileParser.add_message when translations is empty by @​gabe-sherman in python-babel/babel#1135
• Make seconds optional in parse_time time formats by @​tomasr8 in python-babel/babel#1141
• Mark wraptext deprecated; use TextWrapper directly in write_po by @​akx in python-babel/babel#1140
• Fix the way obsolete messages are stored by @​tomasr8 in python-babel/babel#1132
• Replace OrderedDict with just dict by @​tomasr8 in python-babel/babel#1149
• Use CLDR 46 by @​tomasr8 in python-babel/babel#1145
• Update CI to use python 3.13 and Ubuntu 24.04 by @​tomasr8 in python-babel/babel#1153
• Adjust docs/conf.py to add compatibility with sphinx 8 by @​hrnciar in python-babel/babel#1155
• Allow specifying an explicit format in parse_date/parse_time by @​tomasr8 in python-babel/babel#1131
• Simplify read_mo logic regarding catalog.charset by @​tomasr8 in python-babel/babel#1148
• Bump CI/tool versions by @​akx in python-babel/babel#1160
• fix: check_and_call_extract_file uses the first matching method and options, instead of the first matching method and last matching options by @​jpmckinney in python-babel/babel#1121
• Prevent wrapping file locations containing white space by @​tomasr8 in python-babel/babel#1120
• Add tzdata as dev dependency and sync with tox.ini by @​wandrew004 in python-babel/babel#1159
• Support short and narrow formats for format_timedelta when using add_direction by @​akx in python-babel/babel#1163
• Improve handling for locale=None by @​akx in python-babel/babel#1164
• Use pytest.raises(match=...) by @​akx in python-babel/babel#1166
• Strip extra leading slashes in /etc/localtime by @​akx in python-babel/babel#1165
• Remove redundant assignment in Catalog.__setitem__ by @​tomasr8 in python-babel/babel#1167
• Small cleanups by @​akx in python-babel/babel#1170
• Small test cleanup by @​akx in python-babel/babel#1172
• Add Message.python_brace_format by @​tomasr8 in python-babel/babel#1169
• Import Literal from the typing module by @​tomasr8 in python-babel/babel#1175
• Prefer LC_MONETARY when formatting currencies by @​akx in python-babel/babel#1173
• Fix dates formatting Y, w and W symbols for week-numbering by @​jun66j5 in python-babel/babel#1179
• Increase test coverage of the python_format checker by @​tomasr8 in python-babel/babel#1176
• Prepare for 2.17.0 by @​akx in python-babel/babel#1182

New Contributors

• @​Dunedan made their first contribution in python-babel/babel#1105

... (truncated)

Changelog

Sourced from babel's changelog.

Version 2.17.0

Happy 2025! This release is being made from FOSDEM 2025, in Brussels, Belgium.

Thank you to all contributors, new and old, and here's to another great year of internationalization and localization!

Features

* CLDR: Babel now uses CLDR 46, by @tomasr8 in :gh:`1145`
* Dates: Allow specifying an explicit format in parse_date/parse_time by @tomasr8 in :gh:`1131`
* Dates: More alternate characters are now supported by `format_skeleton`. By @tomasr8 in :gh:`1122`
* Dates: Support short and narrow formats for format_timedelta when using `add_direction`, by @akx in :gh:`1163`
* Messages: .po files now enclose white spaces in filenames like GNU gettext does. By @Dunedan in :gh:`1105`, and @tomasr8 in :gh:`1120`
* Messages: Initial support for `Message.python_brace_format`, by @tomasr8 in :gh:`1169`
* Numbers: LC_MONETARY is now preferred when formatting currencies, by @akx in :gh:`1173`
Bugfixes

• Dates: Make seconds optional in parse_time time formats by @​tomasr8 in :gh:1141
• Dates: Replace str.index with str.find by @​tomasr8 in :gh:1130
• Dates: Strip extra leading slashes in /etc/localtime by @​akx in :gh:1165
• Dates: Week numbering and formatting of dates with week numbers was repaired by @​jun66j5 in :gh:1179
• General: Improve handling for locale=None by @​akx in :gh:1164
• General: Remove redundant assignment in Catalog.__setitem__ by @​tomasr8 in :gh:1167
• Messages: Fix extracted lineno with nested calls, by @​dylankiss in :gh:1126
• Messages: Fix of list index out of range when translations is empty, by @​gabe-sherman in :gh:1135
• Messages: Fix the way obsolete messages are stored by @​tomasr8 in :gh:1132
• Messages: Simplify read_mo logic regarding catalog.charset by @​tomasr8 in :gh:1148
• Messages: Use the first matching method & options, rather than first matching method & last options, by @​jpmckinney in :gh:1121

Deprecation and compatibility

* Dates: Fix deprecation warnings for `datetime.utcnow()` by @tomasr8 in :gh:`1119`
* Docs: Adjust docs/conf.py to add compatibility with sphinx 8 by @hrnciar in :gh:`1155`
* General: Import `Literal` from the typing module by @tomasr8 in :gh:`1175`
* General: Replace `OrderedDict` with just `dict` by @tomasr8 in :gh:`1149`
* Messages: Mark `wraptext` deprecated; use `TextWrapper` directly in `write_po` by @akx in :gh:`1140`
Infrastructure

* Add tzdata as dev dependency and sync with tox.ini by @wandrew004 in :gh:`1159`
* Duplicate test code was deleted by @mattdiaz007 in :gh:`1138`
* Increase test coverage of the `python_format` checker by @tomasr8 in :gh:`1176`
* Small cleanups by @akx in :gh:`1160`, :gh:`1166`, :gh:`1170` and :gh:`1172`
</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/python-babel/babel/commit/b50a1d2186c20f3359f7e10853d2b2225a46ed40&quot;&gt;&lt;code&gt;b50a1d2&lt;/code&gt;&lt;/a> Prepare for 2.17.0 (<a href="https://redirect.github.com/python-babel/babel/issues/1182&quot;&gt;#1182&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/python-babel/babel/commit/5f117b2689573aa98acc8a47108c49b99f4d1394&quot;&gt;&lt;code&gt;5f117b2&lt;/code&gt;&lt;/a> Increase test coverage of the <code>python_format</code> checker (<a href="https://redirect.github.com/python-babel/babel/issues/1176&quot;&gt;#1176&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/python-babel/babel/commit/363ad7531fb5dcdc3e9844573592b0b44afb914b&quot;&gt;&lt;code&gt;363ad75&lt;/code&gt;&lt;/a> Fix dates formatting <code>Y</code>, <code>w</code> and <code>W</code> symbols for week-numbering (<a href="https://redirect.github.com/python-babel/babel/issues/1179&quot;&gt;#1179&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/python-babel/babel/commit/e9c3ef8d0de3080ca59f7f8dbabf9b52983adc7d&quot;&gt;&lt;code&gt;e9c3ef8&lt;/code&gt;&lt;/a> Merge pull request <a href="https://redirect.github.com/python-babel/babel/issues/1173&quot;&gt;#1173&lt;/a> from python-babel/lc-monetary-2</li>

<li><a href="https://github.com/python-babel/babel/commit/56ef7c7f578a904917464c187e399abb762bd5e3&quot;&gt;&lt;code&gt;56ef7c7&lt;/code&gt;&lt;/a> Prefer LC_MONETARY when formatting currency</li>

<li><a href="https://github.com/python-babel/babel/commit/aee6d698b541dc50439280d7e093092cc0d4b832&quot;&gt;&lt;code&gt;aee6d69&lt;/code&gt;&lt;/a> <code>default_locale</code>: support multiple keys</li>

<li><a href="https://github.com/python-babel/babel/commit/2d8a808864d1aae5d3d02d4f95917c79740c5d35&quot;&gt;&lt;code&gt;2d8a808&lt;/code&gt;&lt;/a> Import <code>Literal</code> &amp; <code>TypedDict</code> from the typing module (<a href="https://redirect.github.com/python-babel/babel/issues/1175&quot;&gt;#1175&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/python-babel/babel/commit/98b9562c05e5276038c27ec12c12f3e92dc027b6&quot;&gt;&lt;code&gt;98b9562&lt;/code&gt;&lt;/a> Add basic support for <code>Message.python_brace_format</code> (<a href="https://redirect.github.com/python-babel/babel/issues/1169&quot;&gt;#1169&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/python-babel/babel/commit/0c1091c9de9543e30bc4b845eb10b5bf84516d7b&quot;&gt;&lt;code&gt;0c1091c&lt;/code&gt;&lt;/a> Small test cleanup (<a href="https://redirect.github.com/python-babel/babel/issues/1172&quot;&gt;#1172&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/python-babel/babel/commit/db4879136a7fbcef475f26b75dbdd65d0ce488f9&quot;&gt;&lt;code&gt;db48791&lt;/code&gt;&lt;/a> Merge pull request <a href="https://redirect.github.com/python-babel/babel/issues/1170&quot;&gt;#1170&lt;/a> from python-babel/small-cleanup</li>

<li>Additional commits viewable in <a href="https://github.com/python-babel/babel/compare/v2.16.0...v2.17.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates blinker from 1.8.2 to 1.9.0

Release notes
Sourced from blinker's releases.

1.9.0
This is the Blinker 1.9.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.
PyPI: https://pypi.org/project/blinker/1.9.0/
Changes: https://blinker.readthedocs.io/en/stable/#version-1-9-0
Milestone: https://github.com/pallets-eco/blinker/milestone/1?closed=1

Drop support for Python 3.8. #175
Remove previously deprecated __version__, receiver_connected, Signal.temporarily_connected_to and WeakNamespace. #172
Skip weakref signal cleanup if the interpreter is shutting down. #173




Changelog
Sourced from blinker's changelog.

Version 1.9.0
Released 2024-11-08

Drop support for Python 3.8. :pr:175
Remove previously deprecated __version__, receiver_connected,
Signal.temporarily_connected_to and WeakNamespace. :pr:172
Skip weakref signal cleanup if the interpreter is shutting down.
:issue:173




Commits

669f3a0 release version 1.9.0
cfe116f try disabling attestions on test pypi
16e4bd7 Merge pull request #174 from projectgus/bugfix/weakref_disconnect_shutdown
42561fd Fix "Exception ignored" in weakref callback during interpreter shutdown.
dcce3e9 Merge pull request #175 from pallets-eco/drop-python3.8
efa95ea drop support for python 3.8
8230518 update dev dependencies
94f1202 update dev dependencies
8c983ec remove previously deprecated code (#172)
f5915f3 set up pre-commit lite workflow
Additional commits viewable in compare view




Updates click from 8.1.7 to 8.1.8

Release notes
Sourced from click's releases.

8.1.8
This is the Click 8.1.8 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.
PyPI: https://pypi.org/project/click/8.1.8/
Changes: https://click.palletsprojects.com/en/stable/changes/#version-8-1-8
Milestone https://github.com/pallets/click/milestones/23?closed=1

Fix an issue with type hints for click.open_file(). #2717
Fix issue where error message for invalid click.Path displays on
multiple lines. #2697
Fixed issue that prevented a default value of "" from being displayed in
the help for an option. #2500
The test runner handles stripping color consistently on Windows. #2705
Show correct value for flag default when using default_map. #2632
Fix click.echo(color=...) passing color to coloroma so it can be
forced on Windows. #2606.
More robust bash version check, fixing problem on Windows with git-bash. #2638
Cache the help option generated by the help_option_names setting to
respect its eagerness. #2811
Replace uses of os.system with subprocess.Popen. #1476
Exceptions generated during a command will use the context's color
setting when being displayed. #2193
Error message when defining option with invalid name is more descriptive. #2452
Refactor code generating default --help option to deduplicate code. #2563
Test CLIRunner resets patched _compat.should_strip_ansi. #2732




Changelog
Sourced from click's changelog.

Version 8.1.8
Released 2024-12-19

Fix an issue with type hints for click.open_file(). :issue:2717
Fix issue where error message for invalid click.Path displays on
multiple lines. :issue:2697
Fixed issue that prevented a default value of "" from being displayed in
the help for an option. :issue:2500
The test runner handles stripping color consistently on Windows.
:issue:2705
Show correct value for flag default when using default_map.
:issue:2632
Fix click.echo(color=...) passing color to coloroma so it can be
forced on Windows. :issue:2606.
More robust bash version check, fixing problem on Windows with git-bash.
:issue:2638
Cache the help option generated by the help_option_names setting to
respect its eagerness. :pr:2811
Replace uses of os.system with subprocess.Popen. :issue:1476
Exceptions generated during a command will use the context's color
setting when being displayed. :issue:2193
Error message when defining option with invalid name is more descriptive.
:issue:2452
Refactor code generating default --help option to deduplicate code.
:pr:2563
Test CLIRunner resets patched _compat.should_strip_ansi.
:issue:2732




Commits

934813e release version 8.1.8
c23223b Add links to third-party projects enhancing Click (#2815)
822d4fd Add links to third-party projects
8e7bed0 Break up arguments section (#2586)
3241541 Remove some typing hints.
bed0377 remove test pypi
6534590 update dev dependencies
b1e392e fix typos
fdc6b02 Fix missing reset in isolation function (#2733)
ffd43e9 Fixed missing reset on _compat.should_strip_ansi.
Additional commits viewable in compare view




Updates flask from 3.0.3 to 3.1.0

Release notes
Sourced from flask's releases.

3.1.0
This is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.
PyPI: https://pypi.org/project/Flask/3.1.0/
Changes: https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0
Milestone: https://github.com/pallets/flask/milestone/33?closed=1

Drop support for Python 3.8. #5623
Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. #5624, #5633
Provide a configuration option to control automatic option responses. #5496
Flask.open_resource/open_instance_resource and Blueprint.open_resource take an encoding parameter to use when opening in text mode. It defaults to utf-8. #5504
Request.max_content_length can be customized per-request instead of only through the MAX_CONTENT_LENGTH config. Added MAX_FORM_MEMORY_SIZE and MAX_FORM_PARTS config. Added documentation about resource limits to the security page. #5625
Add support for the Partitioned cookie attribute (CHIPS), with the SESSION_COOKIE_PARTITIONED config. #5472
-e path takes precedence over default .env and .flaskenv files. load_dotenv loads default files in addition to a path unless load_defaults=False is passed. #5628
Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. #5621
Fix how setting host_matching=True or subdomain_matching=False interacts with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to only that domain. #5553
Request.trusted_hosts is checked during routing, and can be set through the TRUSTED_HOSTS config. #5636




Changelog
Sourced from flask's changelog.

Version 3.1.0
Released 2024-11-13

Drop support for Python 3.8. :pr:5623
Update minimum dependency versions to latest feature releases.
Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. :pr:5624,5633
Provide a configuration option to control automatic option
responses. :pr:5496
Flask.open_resource/open_instance_resource and
Blueprint.open_resource take an encoding parameter to use when
opening in text mode. It defaults to utf-8. :issue:5504
Request.max_content_length can be customized per-request instead of only
through the MAX_CONTENT_LENGTH config. Added
MAX_FORM_MEMORY_SIZE and MAX_FORM_PARTS config. Added documentation
about resource limits to the security page. :issue:5625
Add support for the Partitioned cookie attribute (CHIPS), with the
SESSION_COOKIE_PARTITIONED config. :issue:5472
-e path takes precedence over default .env and .flaskenv files.
load_dotenv loads default files in addition to a path unless
load_defaults=False is passed. :issue:5628
Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old
secret keys that can still be used for unsigning. Extensions will need to
add support. :issue:5621
Fix how setting host_matching=True or subdomain_matching=False
interacts with SERVER_NAME. Setting SERVER_NAME no longer restricts
requests to only that domain. :issue:5553
Request.trusted_hosts is checked during routing, and can be set through
the TRUSTED_HOSTS config. :issue:5636




Commits

ab81496 release version 3.1.0
70602a1 remove test pypi
6748a09 update dev dependencies
22c48a7 Merge remote-tracking branch 'origin/stable'
2eab96a use generic bases for session (#5638)
f49dbfd use generic bases for session
7b21d43 configure and check request.trusted_hosts (#5637)
4f7156f configure and check trusted_hosts
10bdf61 setting SERVER_NAME does not restrict routing for both subdomain_matching...
4995a77 fix subdomain_matching=False behavior
Additional commits viewable in compare view




Updates flask-wtf from 1.2.1 to 1.2.2

Release notes
Sourced from flask-wtf's releases.

v1.2.2

Move the project to the pallets-eco organization. #602
Stop support for Python 3.8. Start support for Python 3.13. #603




Changelog
Sourced from flask-wtf's changelog.

Version 1.2.2
Released 2024-10-20

Move the project to the pallets-eco organization. :pr:602
Stop support for Python 3.8. Start support for Python 3.13. :pr:603




Commits

2e14295 chore: pre-commit autoupdate
552b7a7 chore: bump to 1.2.2
32f1276 chore: install 'build' dependency for the release GHA workflow
f712367 chore: dependencies update
b929162 chore: use Flask inspired GHA workflow
07049e3 Merge pull request #604 from azmeuk/flask-pre-commit
49a1380 chore: pre-commit configuration insipred from Flask
f2bbd1b Merge pull request #603 from azmeuk/py313
d3cd8bf chore: stop support for python 3.8; start support for python 3.13
0b2e5e4 Merge pull request #602 from azmeuk/pallets-eco
Additional commits viewable in compare view




Updates jinja2 from 3.1.4 to 3.1.6

Release notes
Sourced from jinja2's releases.

3.1.6
This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.
PyPI: https://pypi.org/project/Jinja2/3.1.6/
Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. https://github.com/pallets/jinja/security/advisories/GHSA-cpwx-vrp4-4pq7

3.1.5
This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.
PyPI: https://pypi.org/project/Jinja2/3.1.5/
Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5
Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
Sandbox does not allow clear and pop on known mutable sequence types. #2032
Calling sync render for an async template uses asyncio.run. #1952
Avoid unclosed auto_aiter warnings. #1960
Return an aclose-able AsyncGenerator from Template.generate_async. #1960
Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
Avoid leaving async generators unclosed in blocks, includes and extends. #1960
The runtime uses the correct concat function for the current environment when calling block references. #1701
Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
|int filter handles OverflowError from scientific notation. #1921
Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
Fix copy/pickle support for the internal missing object. #2027
Environment.overlay(enable_async) is applied correctly. #2061
The error message from FileSystemLoader includes the paths that were searched. #1661
PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
Improve annotations for methods returning copies. #1880
urlize does not add mailto: to values like @a@b. #1870
Tests decorated with @pass_context can be used with the |select filter. #1624
Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253




Changelog
Sourced from jinja2's changelog.

Version 3.1.6
Released 2025-03-05

The |attr filter does not bypass the environment's attribute lookup,
allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Version 3.1.5
Released 2024-12-21

The sandboxed environment handles indirect calls to str.format, such as
by passing a stored reference to a filter that calls its argument.
:ghsa:q2x7-8rv6-6q7h
Escape template name before formatting it into error messages, to avoid
issues with names that contain f-string syntax.
:issue:1792, :ghsa:gmj6-6f8f-6699
Sandbox does not allow clear and pop on known mutable sequence
types. :issue:2032
Calling sync render for an async template uses asyncio.run.
:pr:1952
Avoid unclosed auto_aiter warnings. :pr:1960
Return an aclose-able AsyncGenerator from
Template.generate_async. :pr:1960
Avoid leaving root_render_func() unclosed in
Template.generate_async. :pr:1960
Avoid leaving async generators unclosed in blocks, includes and extends.
:pr:1960
The runtime uses the correct concat function for the current environment
when calling block references. :issue:1701
Make |unique async-aware, allowing it to be used after another
async-aware filter. :issue:1781
|int filter handles OverflowError from scientific notation.
:issue:1921
Make compiling deterministic for tuple unpacking in a {% set ... %}
call. :issue:2021
Fix dunder protocol (copy/pickle/etc) interaction with Undefined
objects. :issue:2025
Fix copy/pickle support for the internal missing object.
:issue:2027
Environment.overlay(enable_async) is applied correctly. :pr:2061
The error message from FileSystemLoader includes the paths that were
searched. :issue:1661
PackageLoader shows a clearer error message when the package does not
contain the templates directory. :issue:1705
Improve annotations for methods returning copies. :pr:1880
urlize does not add mailto: to values like @a@b. :pr:1870



... (truncated)


Commits

1520688 release version 3.1.6
90457bb Merge commit from fork
065334d attr filter uses env.getattr
033c200 start version 3.1.6
bc68d4e use global contributing guide (#2070)
247de5e use global contributing guide
ab8218c use project advisory link instead of global
b4ffc8f release version 3.1.5 (#2066)
877f6e5 release version 3.1.5
8d58859 remove test pypi
Additional commits viewable in compare view




Updates markupsafe from 2.1.5 to 3.0.2

Release notes
Sourced from markupsafe's releases.

3.0.2
This is the MarkupSafe 3.0.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.
PyPI: https://pypi.org/project/MarkupSafe/3.0.2/
Changes: https://markupsafe.palletsprojects.com/en/stable/changes/#version-3-0-2
Milestone: https://github.com/pallets/markupsafe/milestone/14?closed=1

Fix compatibility when __str__ returns a str subclass. #472
Build requires setuptools >= 70.1. #475

3.0.1
This is the MarkupSafe 3.0.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.
PyPI: https://pypi.org/project/MarkupSafe/3.0.1/
Changes: https://markupsafe.palletsprojects.com/en/stable/changes/#version-3-0-1
Milestone: https://github.com/pallets/markupsafe/milestone/13?closed=1

Address compiler warnings that became errors in GCC 14. #466
Fix compatibility with proxy objects. #467

3.0.0
This is the MarkupSafe 3.0.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. The 3.0.x branch is now the supported fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.
PyPI: https://pypi.org/project/MarkupSafe/3.0.0/
Changes: https://markupsafe.palletsprojects.com/en/stable/changes/#version-3-0-0
Milestone: https://github.com/pallets/markupsafe/milestone/10?closed=1

Support Python 3.13 and its experimental free-threaded build. #461
Drop support for Python 3.7 and 3.8.
Use modern packaging metadata with pyproject.toml instead of setup.cfg. #348
Change distutils imports to setuptools. #399
Use deferred evaluation of annotations. #400
Update signatures for Markup methods to match str signatures. Use positional-only arguments. #400
Some str methods on Markup no longer escape their argument: strip, lstrip, rstrip, removeprefix, removesuffix, partition, and rpartition; replace only escapes its new argument. These methods are conceptually linked to search methods such as in, find, and index, which already do not escape their argument. #401
The __version__ attribute is deprecated. Use feature detection, or importlib.metadata.version("markupsafe"), instead. #402
Speed up escaping plain strings by 40%. #434
Simplify speedups implementation. #437




Changelog
Sourced from markupsafe's changelog.

Version 3.0.2
Released 2024-10-18

Fix compatibility when __str__ returns a str subclass. :issue:472
Build requires setuptools >= 70.1. :issue:475

Version 3.0.1
Released 2024-10-08

Address compiler warnings that became errors in GCC 14. :issue:466
Fix compatibility with proxy objects. :issue:467

Version 3.0.0
Released 2024-10-07

Support Python 3.13 and its experimental free-threaded build. :pr:461
Drop support for Python 3.7 and 3.8.
Use modern packaging metadata with pyproject.toml instead of setup.cfg.
:pr:348
Change distutils imports to setuptools. :pr:399
Use deferred evaluation of annotations. :pr:400
Update signatures for Markup methods to match str signatures. Use
positional-only arguments. :pr:400
Some str methods on Markup no longer escape their argument:
strip, lstrip, rstrip, removeprefix, removesuffix,
partition, and rpartition; replace only escapes its new
argument. These methods are conceptually linked to search methods such as
in, find, and index, which already do not escape their argument.
:issue:401
The __version__ attribute is deprecated. Use feature detection, or
importlib.metadata.version("markupsafe"), instead. :pr:402
Speed up escaping plain strings by 40%. :pr:434
Simplify speedups implementation. :pr:437




Commits

28ace20 release version 3.0.2
6b51fd8 build requires at least setuptools 70.1 (#478)
99dda9f build requires at least setuptools 70.1
3d8fd8c fix version
1933c4b fix version
e85aff4 relax speedups str check (#477)
8cb1691 relax speedups str check
4dafb7c start version 3.1.0
9c44ecf update docs build
275c769 Merge branch '2.1.x' into 3.0.x
Additional commits viewable in compare view




Updates packaging from 24.1 to 25.0

Release notes
Sourced from packaging's releases.

25.0
What's Changed

Re-add a test for Unicode file name parsing by @​Siddhesh-Agarwal in pypa/packaging#863
Upgrade to ruff 0.9.1 by @​DimitriPapadopoulos in pypa/packaging#865
Add support for PEP 738 Android tags by @​mhsmith in pypa/packaging#880
feat(markers): support 'extras' and 'dependency_groups' markers by @​frostming in pypa/packaging#888

New Contributors

@​Siddhesh-Agarwal made their first contribution in pypa/packaging#863
@​mhsmith made their first contribution in pypa/packaging#880
@​frostming made their first contribution in pypa/packaging#888

Full Changelog: https://github.com/pypa/packaging/compare/24.2...25.0
24.2
What's Changed

The source is auto-formatted with ruff, not black by @​DimitriPapadopoulos in pypa/packaging#798
Bump the github-actions group across 1 directory with 3 updates by @​dependabot in pypa/packaging#813
Apply ruff rules (RUF) by @​DimitriPapadopoulos in pypa/packaging#800
Fix typo in Version __str__ by @​aryanpingle in pypa/packaging#817
Bump the github-actions group with 3 updates by @​dependabot in pypa/packaging#819
Get rid of duplicate test cases by @​DimitriPapadopoulos in pypa/packaging#821
Fix doc for canonicalize_version and a typo in a docstring by @​Laurent-Dx in pypa/packaging#801
docs: public/base_version comparison by @​henryiii in pypa/packaging#818
Apply ruff/bugbear rules (B) by @​DimitriPapadopoulos in pypa/packaging#787
Apply ruff/pyupgrade rules (UP) by @​DimitriPapadopoulos in pypa/packaging#786
Add a changelog entry for dropping Python 3.7 support by @​alexwlchan in pypa/packaging#824
Patch python_full_version unconditionally by @​jaraco in pypa/packaging#825
Refactor canonicalize_version by @​jaraco in pypa/packaging#793
Allow creating a SpecifierSet from a list of specifiers by @​pfmoore in pypa/packaging#777
Fix uninformative error message by @​abravalheri in pypa/packaging#830
Fix prerelease detection for > and < by @​notatallshaw in pypa/packaging#794
Bump the github-actions group across 1 directory with 4 updates by @​dependabot in pypa/packaging#839
Add support for PEP 730 iOS tags. by @​freakboy3742 in pypa/packaging#832
Update the changelog to reflect 24.1 changes by @​pradyunsg in pypa/packaging#840
Mention updating changelog in release process by @​pradyunsg in pypa/packaging#841
Add a comment as to why Metadata.name isn't normalized by Description has been truncated


Note

Automatic rebases have been disabled on this pull request as it has been open for over 30 days.