From fdad983b485b8f07be5fa6716b46da998b6cdcd5 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 12 Aug 2024 09:11:02 +0100
Subject: [PATCH] chore(deps): update dependency gunicorn to v23 (#3066)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [gunicorn](https://togithub.com/benoitc/gunicorn)
([changelog](https://docs.gunicorn.org/en/stable/news.html)) |
`>=22.0.0,<22.1` -> `>=22.0.0,<23.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/gunicorn/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/gunicorn/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/gunicorn/22.0.0/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/gunicorn/22.0.0/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>benoitc/gunicorn (gunicorn)</summary>

###
[`v23.0.0`](https://togithub.com/benoitc/gunicorn/releases/tag/23.0.0)

[Compare
Source](https://togithub.com/benoitc/gunicorn/compare/22.0.0...23.0.0)

Gunicorn 23.0.0 has been released. This version fix the numerous
security vulnerabilities. You're invited to upgrade asap your own
installation.

# 23.0.0 - 2024-08-10

-   minor docs fixes (:pr:`3217`, :pr:`3089`, :pr:`3167`)
-   worker_class parameter accepts a class (:pr:`3079`)
- fix deadlock if request terminated during chunked parsing (:pr:`2688`)
- permit receiving Transfer-Encodings: compress, deflate, gzip
(:pr:`3261`)
- permit Transfer-Encoding headers specifying multiple encodings. note:
no parameters, still (:pr:`3261`)
- sdist generation now explicitly excludes sphinx build folder
(:pr:`3257`)
- decode bytes-typed status (as can be passed by gevent) as utf-8
instead of raising `TypeError` (:pr:`2336`)
- raise correct Exception when encounting invalid chunked requests
(:pr:`3258`)
- the SCRIPT_NAME and PATH_INFO headers, when received from allowed
forwarders, are no longer restricted for containing an underscore
(:pr:`3192`)
- include IPv6 loopback address `[::1]` in default for
:ref:`forwarded-allow-ips` and :ref:`proxy-allow-ips` (:pr:`3192`)

\*\* NOTE \*\*

- The SCRIPT_NAME change mitigates a regression that appeared first in
the 22.0.0 release
- Review your :ref:`forwarded-allow-ips` setting if you are still not
seeing the SCRIPT_NAME transmitted
- Review your :ref:`forwarder-headers` setting if you are missing
headers after upgrading from a version prior to 22.0.0

\*\* Breaking changes \*\*

-   refuse requests where the uri field is empty (:pr:`3255`)
- refuse requests with invalid CR/LR/NUL in heade field values
(:pr:`3253`)
- remove temporary `--tolerate-dangerous-framing` switch from 22.0
(:pr:`3260`)
- If any of the breaking changes affect you, be aware that now refused
requests can post a security problem, especially so in setups involving
request pipe-lining and/or proxies.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/libretime/libretime).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yMC4xIiwidXBkYXRlZEluVmVyIjoiMzguMjAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIiwicHl0aG9uIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 api/requirements.txt | 2 +-
 api/setup.py         | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/requirements.txt b/api/requirements.txt
index 4c5279dbe..3e6b69253 100644
--- a/api/requirements.txt
+++ b/api/requirements.txt
@@ -5,7 +5,7 @@ django-filter>=2.4.0,<24.4
 django>=4.2.0,<4.3
 djangorestframework>=3.14.0,<3.16
 drf-spectacular>=0.22.1,<0.28
-gunicorn>=22.0.0,<22.1
+gunicorn>=22.0.0,<23.1
 psycopg[c]>=3.1.8,<3.2
 requests>=2.32.2,<2.33
 uvicorn[standard]>=0.17.6,<0.31.0
diff --git a/api/setup.py b/api/setup.py
index 62c3fadda..39ff96ced 100644
--- a/api/setup.py
+++ b/api/setup.py
@@ -35,7 +35,7 @@ setup(
     ],
     extras_require={
         "prod": [
-            "gunicorn>=22.0.0,<22.1",
+            "gunicorn>=22.0.0,<23.1",
             "psycopg[c]>=3.1.8,<3.2",
             "uvicorn[standard]>=0.17.6,<0.31.0",
         ],