Bump the pip-dependencies group with 7 updates

[dependabot]

Bumps the pip-dependencies group with 7 updates:

Package	From	To
flask	2.3.3	3.0.3
flask-migrate	4.0.5	4.0.7
pymupdf	1.23.26	1.24.2
pyparsing	3.1.1	3.1.2
zipp	3.17.0	3.18.1
pandas	2.2.1	2.2.2
uwsgi	2.0.24	2.0.25.1

Updates flask from 2.3.3 to 3.0.3

Release notes

Sourced from flask's releases.

3.0.3

This is a fix release for the 3.0.x feature branch.

PyPI: https://pypi.org/project/Flask/3.0.3/ Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3 Milestone: https://github.com/pallets/flask/milestone/35?closed=1

• The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. #5448
• Don't initialize the cli attribute in the sansio scaffold, but rather in the Flask concrete class. #5270

3.0.2

This is a fix release for the 3.0.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2
• Milestone: https://github.com/pallets/flask/milestone/34?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.2/

3.0.1

This is a fix release for the 3.0.x feature release branch.

Fixes an issue where using other JSON providers, such as flask-orjson, previously caused loaded session data to have an incorrect format in some cases.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1
• Milestone: https://github.com/pallets/flask/milestone/32?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.1/

3.0.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0
• Milestone: https://github.com/pallets/flask/milestone/20?closed=1

Changelog

Sourced from flask's changelog.

Version 3.0.3

Released 2024-04-07

• The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. :issue:5448
• Don't initialize the cli attribute in the sansio scaffold, but rather in the Flask concrete class. :pr:5270

Version 3.0.2

Released 2024-02-03

• Correct type for jinja_loader property. :issue:5388
• Fix error with --extra-files and --exclude-patterns CLI options. :issue:5391

Version 3.0.1

Released 2024-01-18

• Correct type for path argument to send_file. :issue:5230
• Fix a typo in an error message for the flask run --key option. :pr:5344
• Session data is untagged without relying on the built-in json.loads object_hook. This allows other JSON providers that don't implement that. :issue:5381
• Address more type findings when using mypy strict mode. :pr:5383

Version 3.0.0

Released 2023-09-30

• Remove previously deprecated code. :pr:5223
• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("flask"), instead. :issue:5230
• Restructure the code such that the Flask (app) and Blueprint classes have Sans-IO bases. :pr:5127
• Allow self as an argument to url_for. :pr:5264
• Require Werkzeug >= 3.0.0.

Commits

• c12a5d8 release version 3.0.3
• 5e22cc9 Don't set the cli attribute in the sansio scaffold (#5270)
• 5fdce4c Don't set the cli attribute in the sansio scaffold
• adb7dd9 don't access app.logger when configuring app.logger
• b739390 support FIPS builds without SHA-1 (#5460)
• db46111 access sha1 lazily
• 7320e31 start version 3.0.3
• 87d5f5b update project files (#5457)
• d5e321b release version 3.0.2 (#5403)
• d203059 release version 3.0.2
• Additional commits viewable in compare view

Updates flask-migrate from 4.0.5 to 4.0.7

Release notes

Sourced from flask-migrate's releases.

Release 4.0.7

See CHANGES.md for release notes.

Release 4.0.6

See CHANGES.md for release notes.

Changelog

Sourced from flask-migrate's changelog.

Flask-Migrate Change Log

Release 4.0.7 - 2024-03-11

• Regression from #438: check g.x_arg exists before accessing it #541 (commit) (thanks Skye Im!)

Release 4.0.6 - 2024-03-09

• Accept -x options for all db commands #438 (commit)
• Add --purge flag to the stamp command #540 (commit) (thanks Jono N!)

Release 4.0.5 - 2023-09-12

• Compatiblity fixes for Flask-SQLAlchemy >= 3.1 #526 (commit) (thanks David Lord!)
• Allow process_revision_directives option to be configurable #523 (commit) (thanks llc!)
• Stop testing Python 3.7, as Flask-SQLAlchemy 3.1 stopped supporting it (commit)

Release 4.0.4 - 2023-02-02

• Correctly obtain database URL with SQLAlchemy 2.0 #505 (commit)

Release 4.0.3 - 2023-01-29

• Remove legacy future import in Alembic templates #504 (commit) (thanks Pamela Fox!)
• Add SQLAlchemy 1.4 and 2.0 to the test matrix (commit)
• Switch to pytest as test runner (commit)

Release 4.0.2 - 2023-01-18

• Support "check" command #502 (commit) (thanks Masamitsu MURASE!)

Release 4.0.1 - 2023-01-05

• Do not use deprecated functions in Flask-SQLAlchemy 3.0 (commit)
• Stop building Python 3.6 (commit)
• Remove tests from pypi package (commit)

Release 4.0.0 - 2022-11-13

• Updates for Flask-SQLAlchemy 3.x compatiblity (commit)
• Enable type comparison and batch mode by default (commit)
• Option to rename "db" command group to a custom name (commit)
• Better handling of MetaData instances in templates (commit)
• Set options correctly when revision --autogenerate is used #463 (commit) (thanks Frazer McLean!)
• Documentation section on configuring Alembic (commit)
• Upgrade build to pypy-3.9 (commit)
• Add Python 3.10 to build (commit)
• Add Python 3.11 to build (commit)
• Specify license in project metadata #489 (commit) (thanks Frazer McLean!)
• Remove tests from pypi package (commit)

... (truncated)

Commits

• faf06d1 Release 4.0.7
• 7e8032c Check g.x_arg exists before working on it (#541)
• 9c0adac Version 4.0.7.dev0
• e8689ca Release 4.0.6
• af67bb0 Add --purge flag to the stamp command (#540)
• d70e25c Migrate Python package metadata to pyproject.toml
• 6f3f889 Accept -x options for all db commands (Fixes #438)
• 0ebfd4e Version 4.0.6.dev0
• See full diff in compare view

Updates pymupdf from 1.23.26 to 1.24.2

Release notes

Sourced from pymupdf's releases.

PyMuPDF-1.24.2 released

PyMuPDF-1.24.2 has been released.

Wheels for Windows, Linux and MacOS, and the sdist, are available on pypi.org and can be installed in the usual way, for example:

python -m pip install --upgrade pymupdf

[Linux-aarch64 wheels will be built and uploaded later.]

Changes in version 1.24.2 (2024-04-17)

• Removed obsolete classic implementation from releases (previously available as module fitz_old).

• Fixed issues:

  • Fixed #3331
  • Fixed #3354

• Other:

  • New/modified methods:

    • Document.bake(): new, make annotations / fields permanent content.
    • Page.cluster_drawings(): new, identifies drawing items (i.e. vector graphics or line-art) that belong together based on their geometrical vicinity.
    • Page.apply_redactions(): added new parameter text.
    • Document.subset_fonts(): use MuPDF's pdf_subset_fonts() instead of PyMuPDF code.

  • The Document class now supports page numbers specified as slices.

  • Avoid causing MuPDF warnings.

PyMuPDF-1.24.1 released

PyMuPDF-1.24.1 has been released.

Wheels for Windows, Linux and MacOS, and the sdist, are available on pypi.org and can be installed in the usual way, for example:

python -m pip install --upgrade pymupdf

[Linux-aarch64 wheels will be built and uploaded later.]

Changes in version 1.24.1 (2024-04-02)

• Fixed issues:

... (truncated)

Changelog

Sourced from pymupdf's changelog.

Change Log

Changes in version 1.24.3 (2024-04-xx)

• Fixed issues:

  • Fixed 3402 <https://github.com/pymupdf/PyMuPDF/issues/3402>_: Cannot add Widgets containing inter-field-calculation JavaScript

  • Fixed 3379 <https://github.com/pymupdf/PyMuPDF/issues/3379>_: Documentation mismatch for get_text_blocks return value order.

• Other:

  • New/modified methods:

    • Page.remove_rotation(): new, set page rotation to zero while keeping appearance.

Changes in version 1.24.2 (2024-04-17)

• Removed obsolete classic implementation from releases (previously available as module fitz_old).

• Fixed issues:

  • Fixed 3331 <https://github.com/pymupdf/PyMuPDF/issues/3331>_: Document.pages() is incorrectly type-hinted
  • Fixed 3354 <https://github.com/pymupdf/PyMuPDF/issues/3354>_: PyMuPDF==1.24.1: AttributeError: property 'metadata' of 'Document' object has no setter

• Other:

  • New/modified methods:

    • Document.bake(): new, make annotations / fields permanent content.
    • Page.cluster_drawings(): new, identifies drawing items (i.e. vector graphics or line-art) that belong together based on their geometrical vicinity.
    • Page.apply_redactions(): added new parameter text.
    • Document.subset_fonts(): use MuPDF's pdf_subset_fonts() instead of PyMuPDF code.

  • The Document class now supports page numbers specified as slices.

  • Avoid causing MuPDF warnings.

Changes in version 1.24.1 (2024-04-02)

• Fixed issues:

... (truncated)

Commits

• 272bbe2 src/init.py: avoid problems with type hint on Python-3.8.
• 6b7673f wdev.py: improved fix for alternative output from py -0.
• 616d55d scripts/sysinstall.py: exclude test_textbox3().
• 8227b50 Update changelog, version numbers and release dates for release 1.24.2.
• 3cf0f04 tests/test_mupdf_regressions.py: fix expectations with mupdf-1.24.x.
• a7333fc changes.txt: updated to match changes since 1.24.1.
• 8c1d843 Restore ability to set Document.metadata, broken in 1.24.1.
• 915b3c4 wdev.py: cope with slightly different output from py -0.
• 872f44d Support MuPDF subset font version
• 1af6417 New Document method "bakes-in" annotations and fields
• Additional commits viewable in compare view

Updates pyparsing from 3.1.1 to 3.1.2

Changelog

Sourced from pyparsing's changelog.

Version 3.1.2 - March, 2024

• Added ieee_float expression to pyparsing.common, which parses float values, plus "NaN", "Inf", "Infinity". PR submitted by Bob Peterson (#538).

• Updated pep8 synonym wrappers for better type checking compatibility. PR submitted by Ricardo Coccioli (#507).

• Fixed empty error message bug, PR submitted by InSync (#534). This should return pyparsing's exception messages to a former, more helpful form. If you have code that parses the exception messages returned by pyparsing, this may require some code changes.

• Added unit tests to test for exception message contents, with enhancement to pyparsing.testing.assertRaisesParseException to accept an expected exception message.

• Updated example select_parser.py to use PEP8 names and added Groups for better retrieval of parsed values from multiple SELECT clauses.

• Added example email_address_parser.py, as suggested by John Byrd (#539).

• Added example directx_x_file_parser.py to parse DirectX template definitions, and generate a Pyparsing parser from a template to parse .x files.

• Some code refactoring to reduce code nesting, PRs submitted by InSync.

• All internal string expressions using '%' string interpolation and str.format() converted to f-strings.

Commits

• 7d4bda2 Prep for 3.1.2 release
• 9533fcb Add early break when checking warning inside a for loop
• d252980 Update tox.ini to handle posargs when tox is run
• a1b7aad Better exception messages for nested expressions; enhance assertRaisesParseEx...
• 5d48b2d Added directx_x_file_parser.py example (parser + parser generator)
• e13a03b Blackening (updated black)
• 26e2180 Blackening
• 670ba22 Convert legacy string formatting to f-strings; expand on some docstrings and ...
• c19df25 Add CHANGES note for new ieee_float expression in pyparsing.common
• 640d75b Accept floating-point NaN and Inf literals (#538)
• Additional commits viewable in compare view

Updates zipp from 3.17.0 to 3.18.1

Changelog

Sourced from zipp's changelog.

v3.18.1

No significant changes.

v3.18.0

Features

• Bypass ZipFile.namelist in glob for better performance. (#106)
• Refactored glob functionality to support a more generalized solution with support for platform-specific path separators. (#108)

Bugfixes

• Add special accounting for pypy when computing the stack level for text encoding warnings. (#114)

Commits

• bfae834 Finalize
• 487066e Merge changelog into last release.
• 4584ee2 Move changelog entry, saved to the wrong location :(
• 3c06d30 Finalize
• 48b72b8 Merge pull request #113 from jaraco/feature/glob-perf
• 171fa98 Add news fragment.
• ac8ea7a Bypass ZipFile.namelist in glob. Closes #106.
• 4cceb49 Add special accounting for pypy when computing the stack level for text encod...
• 2ec3ed8 Add another test at another magnitude.
• d9bf5aa Fix name generator for width=1
• Additional commits viewable in compare view

Updates pandas from 2.2.1 to 2.2.2

Release notes

Sourced from pandas's releases.

Pandas 2.2.2

We are pleased to announce the release of pandas 2.2.2. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.2.2 supports Python 3.9 and higher.

The release will be available on the defaults and conda-forge channels:

conda install pandas

Or via PyPI:

python3 -m pip install --upgrade pandas

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits

• d9cdd2e RLS: 2.2.2
• 98aeac9 Backport PR #58209: CI: Pin blosc to fix pytables (#58211)
• 5466f15 Backport PR #58202: DOC/TST: Document numpy 2.0 support and add tests… (#58208)
• 45b0b32 Backport PR #58203 on branch 2.2.x (DOC: Add release date/contributors for 2....
• c7ec566 Backport PR #58087 on branch 2.2.x (BLD: Build wheels using numpy 2.0rc1) (#5...
• 691fc88 Backport PR #58181 on branch 2.2.x (CI: correct error msg in test_view_index)...
• a947587 Backport PR #58138 on branch 2.2.x (BLD: Fix nightlies not building) (#58140)
• b56842d Backport PR #58100 on branch 2.2.x (MNT: fix compatibility with beautifulsoup...
• 0f83d50 Revert "BLD: Pin numpy on 2.2.x" (#58093)
• e9b81ee Backport PR #58126: BLD: Build wheels with numpy 2.0rc1 (#58127)
• Additional commits viewable in compare view

Updates uwsgi from 2.0.24 to 2.0.25.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions