Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the pip group across 1 directory with 3 updates #184

Merged
merged 1 commit into from
Aug 25, 2024
Merged

chore(deps): bump the pip group across 1 directory with 3 updates #184

merged 1 commit into from
Aug 25, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 25, 2024

Bumps the pip group with 3 updates in the / directory: streamlit, aiohttp and nltk.

Updates streamlit from 1.35.0 to 1.37.0

Release notes

Sourced from streamlit's releases.

1.37.0

What's Changed

New Features 🎉

Bug Fixes 🐛

Other Changes

New Contributors

Full Changelog: streamlit/streamlit@1.36.0...1.37.0

1.36.0

What's Changed

... (truncated)

Commits
  • e2c3c93 Up version to 1.37.0
  • 88389e3 Docstrings for 1.37.0 (#9115)
  • 898fd80 Temp solution to fix invalid material icon error rendering (#9113)
  • b2c88c6 Reset ctx.current_fragment_id to last ID instead of None (#9114)
  • 3a63985 Validate the path using Tornado before performing checks (#8990)
  • 40303e1 Move the filled star icon for feedback widget from python code to web app (#9...
  • 6296baf Update the feedback widget design (#9094)
  • b9c3521 Fixes two st.map width bugs (#9070)
  • a2ae47a Only expose selected objects in components module (#8873)
  • 340f3f7 De-experimentalize st.dialog (#9020)
  • Additional commits viewable in compare view

Updates aiohttp from 3.10.3 to 3.10.5

Release notes

Sourced from aiohttp's releases.

3.10.5

Bug fixes

  • Fixed :meth:aiohttp.ClientResponse.json() not setting status when :exc:aiohttp.ContentTypeError is raised -- by :user:bdraco.

    Related issues and pull requests on GitHub: #8742.

Miscellaneous internal changes

  • Improved performance of the WebSocket reader -- by :user:bdraco.

    Related issues and pull requests on GitHub: #8736, #8747.

3.10.4

Bug fixes

  • Fixed decoding base64 chunk in BodyPartReader -- by :user:hyzyla.

    Related issues and pull requests on GitHub: #3867.

  • Fixed a race closing the server-side WebSocket where the close code would not reach the client -- by :user:bdraco.

    Related issues and pull requests on GitHub: #8680.

  • Fixed unconsumed exceptions raised by the WebSocket heartbeat -- by :user:bdraco.

    If the heartbeat ping raised an exception, it would not be consumed and would be logged as an warning.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.10.5 (2024-08-19)

Bug fixes

  • Fixed :meth:aiohttp.ClientResponse.json() not setting status when :exc:aiohttp.ContentTypeError is raised -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:8742.

Miscellaneous internal changes

  • Improved performance of the WebSocket reader -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:8736, :issue:8747.

3.10.4 (2024-08-17)

Bug fixes

  • Fixed decoding base64 chunk in BodyPartReader -- by :user:hyzyla.

    Related issues and pull requests on GitHub: :issue:3867.

  • Fixed a race closing the server-side WebSocket where the close code would not reach the client -- by :user:bdraco.

    Related issues and pull requests on GitHub: :issue:8680.

... (truncated)

Commits

Updates nltk from 3.8.1 to 3.9

Changelog

Sourced from nltk's changelog.

Version 3.9.1 2024-08-19

  • Fixed bug that prevented wordnet from loading

Version 3.9 2024-08-18

  • Avoid need for pickled models, resolves security vulnerability CVE-2024-39705
  • No longer sort WordNet synsets and relations (sort in calling function when required)
  • Add Python 3.12 support
  • Many other minor fixes

Thanks to the following contributors to 3.8.2: Tom Aarsen, Cat Lee Ball, Veralara Bernhard, Carlos Brandt, Konstantin Chernyshev, Michael Higgins, Eric Kafe, Vivek Kalyan, David Lukes, Rob Malouf, purificant, Alex Rudnick, Liling Tan, Akihiro Yamazaki.

Version 3.8.1 2023-01-02

  • Resolve RCE vulnerability in localhost WordNet Browser (#3100)
  • Remove unused tool scripts (#3099)
  • Resolve XSS vulnerability in localhost WordNet Browser (#3096)
  • Add Python 3.11 support (#3090)

Thanks to the following contributors to 3.8.1: Francis Bond, John Vandenberg, Tom Aarsen

Version 3.8 2022-12-12

  • Refactor dispersion plot (#3082)
  • Provide type hints for LazyCorpusLoader variables (#3081)
  • Throw warning when LanguageModel is initialized with incorrect vocabulary (#3080)
  • Fix WordNet's all_synsets() function (#3078)
  • Resolve TreebankWordDetokenizer inconsistency with end-of-string contractions (#3070)
  • Support both iso639-3 codes and BCP-47 language tags (#3060)
  • Avoid DeprecationWarning in Regexp tokenizer (#3055)
  • Fix many doctests, add doctests to CI (#3054, #3050, #3048)
  • Fix bool field not being read in VerbNet (#3044)
  • Greatly improve time efficiency of SyllableTokenizer when tokenizing numbers (#3042)
  • Fix encodings of Polish udhr corpus reader (#3038)
  • Allow TweetTokenizer to tokenize emoji flag sequences (#3034)
  • Prevent LazyModule from increasing the size of nltk.dict (#3033)
  • Fix CoreNLPServer non-default port issue (#3031)
  • Add "acion" suffix to the Spanish SnowballStemmer (#3030)
  • Allow loading WordNet without OMW (#3026)
  • Use input() in nltk.chat.chatbot() for Jupyter support (#3022)
  • Fix edit_distance_align() in distance.py (#3017)
  • Tackle performance and accuracy regression of sentence tokenizer since NLTK 3.6.6 (#3014)
  • Add the Iota operator to semantic logic (#3010)
  • Resolve critical errors in WordNet app (#3008)
  • Resolve critical error in CHILDES Corpus (#2998)
  • Make WordNet information_content() accept adjective satellites (#2995)
  • Add "strict=True" parameter to CoreNLP (#2993, #3043)
  • Resolve issue with WordNet's synset_from_sense_key (#2988)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the pip group across 1 directory with 3 updates
2d767ac 
Bumps the pip group with 3 updates in the / directory: [streamlit](https://github.com/streamlit/streamlit), [aiohttp](https://github.com/aio-libs/aiohttp) and [nltk](https://github.com/nltk/nltk).


Updates `streamlit` from 1.35.0 to 1.37.0
- [Release notes](https://github.com/streamlit/streamlit/releases)
- [Commits](streamlit/streamlit@1.35.0...1.37.0)

Updates `aiohttp` from 3.10.3 to 3.10.5
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](aio-libs/aiohttp@v3.10.3...v3.10.5)

Updates `nltk` from 3.8.1 to 3.9
- [Changelog](https://github.com/nltk/nltk/blob/develop/ChangeLog)
- [Commits](nltk/nltk@3.8.1...3.9)

---
updated-dependencies:
- dependency-name: streamlit
  dependency-type: direct:production
  dependency-group: pip
- dependency-name: aiohttp
  dependency-type: indirect
  dependency-group: pip
- dependency-name: nltk
  dependency-type: indirect
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 25, 2024
@dependabot dependabot bot mentioned this pull request Aug 25, 2024
Closed
@Daethyra Daethyra merged commit bc8095f into streamlit Aug 25, 2024
3 checks passed
@dependabot dependabot bot deleted the dependabot/pip/pip-120c627233 branch August 25, 2024 03:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Daethyra