Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump jsonschema from 4.2.1 to 4.18.6 #29

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 7, 2023

Bumps jsonschema from 4.2.1 to 4.18.6.

Release notes

Sourced from jsonschema's releases.

v4.18.6

Full Changelog: python-jsonschema/jsonschema@v4.18.5...v4.18.6

v4.18.5

  • Declare support for Py3.12

Full Changelog: python-jsonschema/jsonschema@v4.18.4...v4.18.5

v4.18.4

  • Improve the hashability of wrapped referencing exceptions when they contain hashable data.

Full Changelog: python-jsonschema/jsonschema@v4.18.3...v4.18.4

v4.18.3

  • Properly preserve applicable_validators in extended validators. Specifically, validators extending early drafts where siblings of $ref were ignored will properly ignore siblings in the extended validator.

Full Changelog: python-jsonschema/jsonschema@v4.18.2...v4.18.3

v4.18.2

  • Fix an additional regression with the deprecated jsonschema.RefResolver and pointer resolution.

Full Changelog: python-jsonschema/jsonschema@v4.18.1...v4.18.2

v4.18.1

  • Fix a regression with jsonschema.RefResolver based resolution when used in combination with a custom validation dialect (via jsonschema.validators.create).

Full Changelog: python-jsonschema/jsonschema@v4.18.0...v4.18.1

v4.18.0

What's Changed

This release majorly rehauls the way in which JSON Schema reference resolution is configured. It does so in a way that should be backwards compatible, preserving old behavior whilst emitting deprecation warnings.

... (truncated)

Changelog

Sourced from jsonschema's changelog.

v4.18.6

  • Set a jsonschema specific user agent when automatically retrieving remote references (which is deprecated).

v4.18.5

  • Declare support for Py3.12

v4.18.4

  • Improve the hashability of wrapped referencing exceptions when they contain hashable data.

v4.18.3

  • Properly preserve applicable_validators in extended validators. Specifically, validators extending early drafts where siblings of $ref were ignored will properly ignore siblings in the extended validator.

v4.18.2

  • Fix an additional regression with the deprecated jsonschema.RefResolver and pointer resolution.

v4.18.1

  • Fix a regression with jsonschema.RefResolver based resolution when used in combination with a custom validation dialect (via jsonschema.validators.create).

v4.18.0

This release majorly rehauls the way in which JSON Schema reference resolution is configured. It does so in a way that should be backwards compatible, preserving old behavior whilst emitting deprecation warnings.

  • jsonschema.RefResolver is now deprecated in favor of the new referencing library <https://github.com/python-jsonschema/referencing/>_. referencing will begin in beta, but already is more compliant than the existing $ref support. This change is a culmination of a meaningful chunk of work to make $ref resolution more flexible and more correct. Backwards compatibility should be preserved for existing code which uses RefResolver, though doing so is again now deprecated, and all such use cases should be doable using the new APIs. Please file issues on the referencing tracker if there is functionality missing from it, or here on the jsonschema issue tracker if you have issues with existing code not functioning the same, or with figuring out how to change it to use referencing. In particular, this referencing change includes a change concerning automatic retrieval of remote references (retrieving http://foo/bar automatically within a schema). This behavior has always been a potential security risk and counter to the recommendations of the JSON Schema specifications; it has survived this long essentially only for backwards compatibility reasons, and now explicitly produces warnings. The referencing library itself will not automatically retrieve references if you interact directly with it, so the deprecated behavior is only triggered if you fully rely on the default $ref resolution behavior and also include remote references in your schema, which will still be retrieved during the deprecation period (after which they will become an error).
  • Support for Python 3.7 has been dropped, as it is nearing end-of-life. This should not be a "visible" change in the sense that requires-python has been updated, so users using 3.7 should still receive v4.17.3 when installing the library.
  • On draft 2019-09, unevaluatedItems now properly does not consider items to be evaluated by an additionalItems schema if items is missing from the schema, as the specification says in this case that additionalItems must be completely ignored.
  • Fix the date format checker on Python 3.11 (when format assertion behavior is enabled), where it was too liberal (#1076).
  • Speed up validation of unevaluatedProperties (#1075).

... (truncated)

Commits
  • 4e999e0 Set a library-specific user agent when automatically retrieving $refs.
  • 4fdc365 Declare support for 3.12.
  • d012f8f Avoid a spurious DeprecationWarning in the docs build.
  • b3f9d0e Make the noxfile support passing a less temporary directory for building docs.
  • a7ebc41 Merge pull request #1147 from python-jsonschema/pre-commit-ci-update-config
  • 0a97e18 [pre-commit.ci] pre-commit autoupdate
  • d8744fe Enable another ruff ruleset.
  • 8dbcf2a More correct listing of nox envs for the GitHub actions workflow
  • 28778ee Update docs requirements, fixing the noxenv to do so.
  • 7a2da6b Pull in another microbenchmark that can be improved later.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.2.1 to 4.18.6.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.2.1...v4.18.6)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Aug 7, 2023
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 14, 2023

Superseded by #32.

@dependabot dependabot bot closed this Aug 14, 2023
@dependabot dependabot bot deleted the dependabot/pip/jsonschema-4.18.6 branch August 14, 2023 05:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants