{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":43748432,"defaultBranch":"master","name":"continuous-integration","ownerLogin":"bazelbuild","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2015-10-06T12:14:16.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/11684617?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1716455977.0","currentOid":""},"activityList":{"items":[{"before":"f267a20a46300f69b212f73e722e62a4cbd4e9d8","after":null,"ref":"refs/heads/dependabot/pip/actions/update-lockfile/requests-2.32.2","pushedAt":"2024-05-23T09:19:37.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"}},{"before":"968f5d3d21148f7a52bcc8752370d919731966b1","after":"195ca8dd39d0f35121df8693fb4c6e00bdcce35c","ref":"refs/heads/master","pushedAt":"2024-05-23T09:19:36.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Bump requests from 2.31.0 to 2.32.2 in /actions/update-lockfile (#1958)\n\nBumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.2.\r\n
\r\nRelease notes\r\n

Sourced from requests's\r\nreleases.

\r\n
\r\n

v2.32.2

\r\n

2.32.2 (2024-05-21)

\r\n

Deprecations

\r\n\r\n

v2.32.1

\r\n

2.32.1 (2024-05-20)

\r\n

Bugfixes

\r\n\r\n

v2.32.0

\r\n

2.32.0 (2024-05-20)

\r\n

🐍 PYCON US 2024 EDITION 🐍

\r\n

Security

\r\n\r\n

Improvements

\r\n\r\n

Bugfixes

\r\n\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from requests's\r\nchangelog.

\r\n
\r\n

2.32.2 (2024-05-21)

\r\n

Deprecations

\r\n\r\n

2.32.1 (2024-05-20)

\r\n

Bugfixes

\r\n\r\n

2.32.0 (2024-05-20)

\r\n

Security

\r\n\r\n

Improvements

\r\n\r\n

Bugfixes

\r\n\r\n

Deprecations

\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.31.0&new-version=2.32.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/bazelbuild/continuous-integration/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump requests from 2.31.0 to 2.32.2 in /actions/update-lockfile (#1958)"}},{"before":"d17c0eb618f70c9f1a8764a9ef84dbccdc757cf8","after":null,"ref":"refs/heads/dependabot/pip/actions/cherry_picker/requests-2.32.0","pushedAt":"2024-05-22T15:56:31.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"f267a20a46300f69b212f73e722e62a4cbd4e9d8","ref":"refs/heads/dependabot/pip/actions/update-lockfile/requests-2.32.2","pushedAt":"2024-05-22T15:56:27.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"---\nupdated-dependencies:\n- dependency-name: requests\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"---"}},{"before":"ada80845567251d7714192c80480dd24adfcf2ca","after":"968f5d3d21148f7a52bcc8752370d919731966b1","ref":"refs/heads/master","pushedAt":"2024-05-22T15:55:56.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Update lockfiles when PR is merged to a release branch (#1950)\n\nThis will resolve the lockfile conflicts in the `release-` branch PR's\r\nif the changes were to happen in a `release` branch.\r\nThis is first triggered by any changes pushed to a `release` branch. And\r\nthen once it finds out that there is conflicts with the lockfiles, then\r\nit will update the lockfiles and force push the changes. Only applies to\r\nthe PR's from the `bazel-io` account.","shortMessageHtmlLink":"Update lockfiles when PR is merged to a release branch (#1950)"}},{"before":"9fe262a5dc799e023ff3cda8b76222c85cbf13b3","after":"ada80845567251d7714192c80480dd24adfcf2ca","ref":"refs/heads/master","pushedAt":"2024-05-21T14:27:56.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"fweikert","name":"Florian Weikert","path":"/fweikert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/12609729?s=80&v=4"},"commit":{"message":"Shard summary: Show root cause of build failures (#1953)\n\nCaveat: We're only showing the first root cause (not sure if there can\r\nbe multiple).","shortMessageHtmlLink":"Shard summary: Show root cause of build failures (#1953)"}},{"before":"061ce4e133a686b96e567301f167ce1784a6b0f7","after":"9fe262a5dc799e023ff3cda8b76222c85cbf13b3","ref":"refs/heads/master","pushedAt":"2024-05-21T12:32:26.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"fweikert","name":"Florian Weikert","path":"/fweikert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/12609729?s=80&v=4"},"commit":{"message":"Test shard summary: Include FAILED_TO_BULD targets (#1952)\n\nPreviously shard summaries would only show actual test failures.\r\n\r\nExample: https://buildkite.com/bazel/bazel-bazel-macos-ninja/builds/1507\r\n(For an older version of this PR - with the most recent version the text\r\nwill be `in 1 out of 1 run(s):`) .","shortMessageHtmlLink":"Test shard summary: Include FAILED_TO_BULD targets (#1952)"}},{"before":"d92a692d83313645d55604a2983b15d6470740c1","after":"061ce4e133a686b96e567301f167ce1784a6b0f7","ref":"refs/heads/master","pushedAt":"2024-05-21T12:12:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Add docker image for fedora 40 linux distribution (#1947)\n\nFedora 40 ist one of the distribution to ship new and shiny gcc version\r\n40.\r\n\r\nChange-Id: I35aeb6a9a337cb361d7cea5b8608310895a103e6","shortMessageHtmlLink":"Add docker image for fedora 40 linux distribution (#1947)"}},{"before":"3cb453b8c2ad8f3be67c7ae6fad2c3a9eba31993","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/dashboard/client/next-14.1.1","pushedAt":"2024-05-21T11:26:31.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"3cb453b8c2ad8f3be67c7ae6fad2c3a9eba31993","ref":"refs/heads/dependabot/npm_and_yarn/dashboard/client/next-14.1.1","pushedAt":"2024-05-21T10:17:00.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"---\nupdated-dependencies:\n- dependency-name: next\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"---"}},{"before":null,"after":"d17c0eb618f70c9f1a8764a9ef84dbccdc757cf8","ref":"refs/heads/dependabot/pip/actions/cherry_picker/requests-2.32.0","pushedAt":"2024-05-21T10:16:29.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"---\nupdated-dependencies:\n- dependency-name: requests\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"---"}},{"before":"57ac0eee8496da5421529795ce7cae8395152286","after":null,"ref":"refs/heads/dependabot/pip/buildkite/docker/ubuntu1604/requests-2.32.0","pushedAt":"2024-05-21T10:16:00.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"}},{"before":"57255fdc09a102f555263bc567d064a6921d7b2b","after":"d92a692d83313645d55604a2983b15d6470740c1","ref":"refs/heads/master","pushedAt":"2024-05-21T10:15:59.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Bump requests from 2.31.0 to 2.32.0 in /buildkite/docker/ubuntu1604 (#1954)\n\nBumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.0.\r\n
\r\nRelease notes\r\n

Sourced from requests's\r\nreleases.

\r\n
\r\n

v2.32.0

\r\n

2.32.0 (2024-05-20)

\r\n

🐍 PYCON US 2024 EDITION 🐍

\r\n

Security

\r\n
    \r\n
  • Fixed an issue where setting verify=False on the first\r\nrequest from a\r\nSession will cause subsequent requests to the same origin to\r\nalso ignore\r\ncert verification, regardless of the value of verify.\r\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)
    • \r\n
\r\n

Improvements

\r\n
    \r\n
  • verify=True now reuses a global SSLContext which should\r\nimprove\r\nrequest time variance between first and subsequent requests. It should\r\nalso minimize certificate load time on Windows systems when using a\r\nPython\r\nversion built with OpenSSL 3.x. (#6667)
    • \r\n
  • Requests now supports optional use of character detection\r\n(chardet or charset_normalizer) when\r\nrepackaged or vendored.\r\nThis enables pip and other projects to minimize their\r\nvendoring\r\nsurface area. The Response.text() and\r\napparent_encoding APIs\r\nwill default to utf-8 if neither library is present. (#6702)
    • \r\n
\r\n

Bugfixes

\r\n
    \r\n
  • Fixed bug in length detection where emoji length was incorrectly\r\ncalculated in the request content-length. (#6589)
    • \r\n
  • Fixed deserialization bug in JSONDecodeError. (#6629)
    • \r\n
  • Fixed bug where an extra leading / (path separator)\r\ncould lead\r\nurllib3 to unnecessarily reparse the request URI. (#6644)
    • \r\n
\r\n

Deprecations

\r\n
    \r\n
  • Requests has officially added support for CPython 3.12 (#6503)
    • \r\n
  • Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
    • \r\n
  • Requests has officially dropped support for CPython 3.7 (#6642)
    • \r\n
  • Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)
    • \r\n
\r\n

Documentation

\r\n
    \r\n
  • Various typo fixes and doc improvements.
    • \r\n
\r\n

Packaging

\r\n
    \r\n
  • Requests has started adopting some modern packaging practices.\r\nThe source files for the projects (formerly requests) is\r\nnow located\r\nin src/requests in the Requests sdist. (#6506)
    • \r\n
  • Starting in Requests 2.33.0, Requests will migrate to a PEP 517\r\nbuild system\r\nusing hatchling. This should not impact the average user,\r\nbut extremely old\r\nversions of packaging utilities may have issues with the new packaging\r\nformat.
    • \r\n
\r\n

New Contributors

\r\n
    \r\n
  • @​matthewarmand\r\nmade their first contribution in psf/requests#6258
    • \r\n
  • @​cpzt made their\r\nfirst contribution in psf/requests#6456
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from requests's\r\nchangelog.

\r\n
\r\n

2.32.0 (2024-05-20)

\r\n

Security

\r\n
    \r\n
  • Fixed an issue where setting verify=False on the first\r\nrequest from a\r\nSession will cause subsequent requests to the same origin to\r\nalso ignore\r\ncert verification, regardless of the value of verify.\r\n(https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)
    • \r\n
\r\n

Improvements

\r\n
    \r\n
  • verify=True now reuses a global SSLContext which should\r\nimprove\r\nrequest time variance between first and subsequent requests. It should\r\nalso minimize certificate load time on Windows systems when using a\r\nPython\r\nversion built with OpenSSL 3.x. (#6667)
    • \r\n
  • Requests now supports optional use of character detection\r\n(chardet or charset_normalizer) when\r\nrepackaged or vendored.\r\nThis enables pip and other projects to minimize their\r\nvendoring\r\nsurface area. The Response.text() and\r\napparent_encoding APIs\r\nwill default to utf-8 if neither library is present. (#6702)
    • \r\n
\r\n

Bugfixes

\r\n
    \r\n
  • Fixed bug in length detection where emoji length was incorrectly\r\ncalculated in the request content-length. (#6589)
    • \r\n
  • Fixed deserialization bug in JSONDecodeError. (#6629)
    • \r\n
  • Fixed bug where an extra leading / (path separator)\r\ncould lead\r\nurllib3 to unnecessarily reparse the request URI. (#6644)
    • \r\n
\r\n

Deprecations

\r\n
    \r\n
  • Requests has officially added support for CPython 3.12 (#6503)
    • \r\n
  • Requests has officially added support for PyPy 3.9 and 3.10 (#6641)
    • \r\n
  • Requests has officially dropped support for CPython 3.7 (#6642)
    • \r\n
  • Requests has officially dropped support for PyPy 3.7 and 3.8 (#6641)
    • \r\n
\r\n

Documentation

\r\n
    \r\n
  • Various typo fixes and doc improvements.
    • \r\n
\r\n

Packaging

\r\n
    \r\n
  • Requests has started adopting some modern packaging practices.\r\nThe source files for the projects (formerly requests) is\r\nnow located\r\nin src/requests in the Requests sdist. (#6506)
    • \r\n
  • Starting in Requests 2.33.0, Requests will migrate to a PEP 517\r\nbuild system\r\nusing hatchling. This should not impact the average user,\r\nbut extremely old\r\nversions of packaging utilities may have issues with the new packaging\r\nformat.
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • d6ebc4a\r\nv2.32.0
    • \r\n
  • 9a40d12\r\nAvoid reloading root certificates to improve concurrent performance (#6667)
    • \r\n
  • 0c030f7\r\nMerge pull request #6702\r\nfrom nateprewitt/no_char_detection
    • \r\n
  • 555b870\r\nAllow character detection dependencies to be optional in post-packaging\r\nsteps
    • \r\n
  • d6dded3\r\nMerge pull request #6700\r\nfrom franekmagiera/update-redirect-to-invalid-uri-test
    • \r\n
  • bf24b7d\r\nUse an invalid URI that will not cause httpbin to throw 500
    • \r\n
  • 2d5f547\r\nPin 3.8 and 3.9 runners back to macos-13 (#6688)
    • \r\n
  • f1bb07d\r\nMerge pull request #6687\r\nfrom psf/dependabot/github_actions/github/codeql-act...
    • \r\n
  • 60047ad\r\nBump github/codeql-action from 3.24.0 to 3.25.0
    • \r\n
  • 31ebb81\r\nMerge pull request #6682\r\nfrom frenzymadness/pytest8
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.31.0&new-version=2.32.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/bazelbuild/continuous-integration/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump requests from 2.31.0 to 2.32.0 in /buildkite/docker/ubuntu1604 (#…"}},{"before":null,"after":"57ac0eee8496da5421529795ce7cae8395152286","ref":"refs/heads/dependabot/pip/buildkite/docker/ubuntu1604/requests-2.32.0","pushedAt":"2024-05-21T05:29:40.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"---\nupdated-dependencies:\n- dependency-name: requests\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"---"}},{"before":"6075a23e48cf865c2eac1ef287362461c6800f13","after":null,"ref":"refs/heads/fweikert-patch-1","pushedAt":"2024-05-17T18:17:47.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"Wyverald","name":"Xùdōng Yáng","path":"/Wyverald","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/453203?s=80&v=4"}},{"before":"102c2a75b67cf28b1a7e5959a6b7f06d8f4a92a6","after":"57255fdc09a102f555263bc567d064a6921d7b2b","ref":"refs/heads/master","pushedAt":"2024-05-17T18:17:46.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"Wyverald","name":"Xùdōng Yáng","path":"/Wyverald","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/453203?s=80&v=4"},"commit":{"message":"Improve display of available Xcode versions (#1951)","shortMessageHtmlLink":"Improve display of available Xcode versions (#1951)"}},{"before":null,"after":"6075a23e48cf865c2eac1ef287362461c6800f13","ref":"refs/heads/fweikert-patch-1","pushedAt":"2024-05-16T10:17:35.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"fweikert","name":"Florian Weikert","path":"/fweikert","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/12609729?s=80&v=4"},"commit":{"message":"Improve display of available Xcode versions","shortMessageHtmlLink":"Improve display of available Xcode versions"}},{"before":"b9928ed7bb4b791349b0812f1d931fc0f424c5bf","after":"102c2a75b67cf28b1a7e5959a6b7f06d8f4a92a6","ref":"refs/heads/master","pushedAt":"2024-05-06T19:03:25.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"Wyverald","name":"Xùdōng Yáng","path":"/Wyverald","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/453203?s=80&v=4"},"commit":{"message":"Update README.md","shortMessageHtmlLink":"Update README.md"}},{"before":"41a5b5c2f1a075e7fbab8f6b82e839906139ccc6","after":"b9928ed7bb4b791349b0812f1d931fc0f424c5bf","ref":"refs/heads/master","pushedAt":"2024-05-06T18:28:04.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"Wyverald","name":"Xùdōng Yáng","path":"/Wyverald","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/453203?s=80&v=4"},"commit":{"message":"update slack invite link again","shortMessageHtmlLink":"update slack invite link again"}},{"before":"b4c16485ce2f91eb92a06613e004b6c8ff4a7c1c","after":"41a5b5c2f1a075e7fbab8f6b82e839906139ccc6","ref":"refs/heads/master","pushedAt":"2024-04-22T18:16:23.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"Wyverald","name":"Xùdōng Yáng","path":"/Wyverald","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/453203?s=80&v=4"},"commit":{"message":"BCR presubmit: check task list is not empty (#1930)\n\nAddressing\r\nhttps://github.com/bazelbuild/bazel-central-registry/pull/1656#discussion_r1533558361","shortMessageHtmlLink":"BCR presubmit: check task list is not empty (#1930)"}},{"before":"62f5f73b18a2e983d7f2970117a3829ba8fe1676","after":"b4c16485ce2f91eb92a06613e004b6c8ff4a7c1c","ref":"refs/heads/master","pushedAt":"2024-04-16T12:46:36.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"Wyverald","name":"Xùdōng Yáng","path":"/Wyverald","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/453203?s=80&v=4"},"commit":{"message":"Use a custom config for bazel in downstream (#1945)\n\nRe-applying\r\nhttps://github.com/bazelbuild/continuous-integration/pull/1878 to\r\naddress\r\nhttps://github.com/bazelbuild/bazel/issues/21864#issuecomment-2058993449\r\n\r\nThe postsubmit.yml was synced to the latest version in Bazel","shortMessageHtmlLink":"Use a custom config for bazel in downstream (#1945)"}},{"before":"9f04f3ef19b132ab0c407cfbc0eb33f211290043","after":"62f5f73b18a2e983d7f2970117a3829ba8fe1676","ref":"refs/heads/master","pushedAt":"2024-04-15T08:40:14.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Create a junction for MSYS2 (#1944)\n\nRelated: https://github.com/bazelbuild/bazel/pull/21984","shortMessageHtmlLink":"Create a junction for MSYS2 (#1944)"}},{"before":"c5d18745c3eae425b34db8c0d1a09524d6aeffe6","after":null,"ref":"refs/heads/dependabot/pip/buildkite/docker/ubuntu1604/idna-3.7","pushedAt":"2024-04-12T08:33:36.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"}},{"before":"7e5367d62210f73f647540ff9f59e27251eec1f6","after":"9f04f3ef19b132ab0c407cfbc0eb33f211290043","ref":"refs/heads/master","pushedAt":"2024-04-12T08:33:35.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Bump idna from 2.8 to 3.7 in /buildkite/docker/ubuntu1604 (#1943)\n\nBumps [idna](https://github.com/kjd/idna) from 2.8 to 3.7.\r\n
\r\nRelease notes\r\n

Sourced from idna's\r\nreleases.

\r\n
\r\n

v3.7

\r\n

What's Changed

\r\n
    \r\n
  • Fix issue where specially crafted inputs to encode() could take\r\nexceptionally long amount of time to process. [CVE-2024-3651]
    • \r\n
\r\n

Thanks to Guido Vranken for reporting the issue.

\r\n

Full Changelog: https://github.com/kjd/idna/compare/v3.6...v3.7

\r\n
\r\n
\r\n
\r\nChangelog\r\n

Sourced from idna's\r\nchangelog.

\r\n
\r\n

3.7 (2024-04-11)\r\n++++++++++++++++

\r\n
    \r\n
  • Fix issue where specially crafted inputs to encode() could\r\ntake exceptionally long amount of time to process. [CVE-2024-3651]
    • \r\n
\r\n

Thanks to Guido Vranken for reporting the issue.

\r\n

3.6 (2023-11-25)\r\n++++++++++++++++

\r\n
    \r\n
  • Fix regression to include tests in source distribution.
    • \r\n
\r\n

3.5 (2023-11-24)\r\n++++++++++++++++

\r\n
    \r\n
  • Update to Unicode 15.1.0
    • \r\n
  • String codec name is now "idna2008" as overriding the\r\nsystem codec\r\n"idna" was not working.
    • \r\n
  • Fix typing error for codec encoding
    • \r\n
  • "setup.cfg" has been added for this release due to some\r\ndownstream\r\nlack of adherence to PEP 517. Should be removed in a future release\r\nso please prepare accordingly.
    • \r\n
  • Removed reliance on a symlink for the "idna-data" tool to\r\ncomport\r\nwith PEP 517 and the Python Packaging User Guide for sdist\r\narchives.
    • \r\n
  • Added security reporting protocol for project
    • \r\n
\r\n

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for\r\ncontributions\r\nto this release.

\r\n

3.4 (2022-09-14)\r\n++++++++++++++++

\r\n
    \r\n
  • Update to Unicode 15.0.0
    • \r\n
  • Migrate to pyproject.toml for build information (PEP 621)
    • \r\n
  • Correct another instance where generic exception was raised instead\r\nof\r\nIDNAError for malformed input
    • \r\n
  • Source distribution uses zeroized file ownership for improved\r\nreproducibility
    • \r\n
\r\n

Thanks to Seth Michael Larson for contributions to this release.

\r\n

3.3 (2021-10-13)\r\n++++++++++++++++

\r\n
    \r\n
  • Update to Unicode 14.0.0
    • \r\n
  • Update to in-line type annotations
    • \r\n
  • Throw IDNAError exception correctly for some malformed input
    • \r\n
  • Advertise support for Python 3.10
    • \r\n
  • Improve testing regime on Github
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 1d365e1\r\nRelease v3.7
    • \r\n
  • c1b3154\r\nMerge pull request #172 from\r\nkjd/optimize-contextj
    • \r\n
  • 0394ec7\r\nMerge branch 'master' into optimize-contextj
    • \r\n
  • cd58a23\r\nMerge pull request #152 from\r\nelliotwutingfeng/dev
    • \r\n
  • 5beb28b\r\nMore efficient resolution of joiner contexts
    • \r\n
  • 1b12148\r\nUpdate ossf/scorecard-action to v2.3.1
    • \r\n
  • d516b87\r\nUpdate Github actions/checkout to v4
    • \r\n
  • c095c75\r\nMerge branch 'master' into dev
    • \r\n
  • 60a0a4c\r\nFix typo in GitHub Actions workflow key
    • \r\n
  • 5918a0e\r\nMerge branch 'master' into dev
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=2.8&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/bazelbuild/continuous-integration/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump idna from 2.8 to 3.7 in /buildkite/docker/ubuntu1604 (#1943)"}},{"before":null,"after":"c5d18745c3eae425b34db8c0d1a09524d6aeffe6","ref":"refs/heads/dependabot/pip/buildkite/docker/ubuntu1604/idna-3.7","pushedAt":"2024-04-11T23:35:47.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump idna from 2.8 to 3.7 in /buildkite/docker/ubuntu1604\n\nBumps [idna](https://github.com/kjd/idna) from 2.8 to 3.7.\n- [Release notes](https://github.com/kjd/idna/releases)\n- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)\n- [Commits](https://github.com/kjd/idna/compare/v2.8...v3.7)\n\n---\nupdated-dependencies:\n- dependency-name: idna\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump idna from 2.8 to 3.7 in /buildkite/docker/ubuntu1604"}},{"before":"35fc1da116a96631f83b45217ceb84e6ccee0106","after":"7e5367d62210f73f647540ff9f59e27251eec1f6","ref":"refs/heads/master","pushedAt":"2024-04-11T10:13:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Enable rules_nodejs in Downstream CI (#1939)\n\nFixes https://github.com/bazelbuild/rules_nodejs/issues/3713\r\n\r\nDisabled CI is Green now for rules_nodejs\r\nhttps://buildkite.com/bazel/bazel-at-head-plus-disabled/builds/2001","shortMessageHtmlLink":"Enable rules_nodejs in Downstream CI (#1939)"}},{"before":"faa1d4e18b2eea0fe269b923220befe4b6726f20","after":"35fc1da116a96631f83b45217ceb84e6ccee0106","ref":"refs/heads/master","pushedAt":"2024-04-08T13:50:07.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"},"commit":{"message":"Allow tasks change the content of files under kythe release dir. (#1942)\n\nso that the pipeline can remove `_wkt` suffix if they use old protobuf.\r\n\r\nb/329055020","shortMessageHtmlLink":"Allow tasks change the content of files under kythe release dir. (#1942)"}},{"before":"f9c9c948f9a518c62867f1557000066d8a557017","after":null,"ref":"refs/heads/dependabot/cargo/agent/h2-0.3.24","pushedAt":"2024-04-05T15:58:26.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"686f983013ccbaba436054867732e75761056e74","ref":"refs/heads/dependabot/cargo/agent/h2-0.3.26","pushedAt":"2024-04-05T15:58:23.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump h2 from 0.3.18 to 0.3.26 in /agent\n\nBumps [h2](https://github.com/hyperium/h2) from 0.3.18 to 0.3.26.\n- [Release notes](https://github.com/hyperium/h2/releases)\n- [Changelog](https://github.com/hyperium/h2/blob/v0.3.26/CHANGELOG.md)\n- [Commits](https://github.com/hyperium/h2/compare/v0.3.18...v0.3.26)\n\n---\nupdated-dependencies:\n- dependency-name: h2\n dependency-type: indirect\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump h2 from 0.3.18 to 0.3.26 in /agent"}},{"before":"75392c20161aa1d135d6c769b522748335f3ed44","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/actions/bcr-pr-reviewer/undici-5.28.4","pushedAt":"2024-04-05T09:38:15.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"meteorcloudy","name":"Yun Peng","path":"/meteorcloudy","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/4171702?s=80&v=4"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEUc_FwAA","startCursor":null,"endCursor":null}},"title":"Activity · bazelbuild/continuous-integration"}