[](https://renovatebot.com)
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [lxml](https://lxml.de/) ([source](https://togithub.com/lxml/lxml),
[changelog](https://git.launchpad.net/lxml/plain/CHANGES.txt)) |
`>=4.5.0,<4.10.0` -> `>=4.5.0,<5.1.0` |
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
---
### Release Notes
<details>
<summary>lxml/lxml (lxml)</summary>
###
[`v5.0.0`](https://togithub.com/lxml/lxml/blob/HEAD/CHANGES.txt#500-2023-12-29)
[Compare
Source](https://togithub.com/lxml/lxml/compare/lxml-4.9.4...lxml-5.0.0)
\==================
## Features added
- Character escaping in `C14N2` serialisation now uses a single pass
over the text
instead of searching for each unescaped character separately.
- Early support for Python 3.13a2 was added.
## Bugs fixed
- [LP#1976304](https://togithub.com/LP/lxml/issues/1976304): The
`Element.addnext()` method previously inserted the new element
before existing tail text. The tail text of both sibling elements now
stays on
the respective elements.
- [LP#1980767](https://togithub.com/LP/lxml/issues/1980767),
[GH#379](https://togithub.com/GH/lxml/issues/379): `TreeBuilder.close()`
could fail with a `TypeError` after
parsing incorrect input. Original patch by Enrico Minack.
- `Element.itertext(with_tail=False)` returned the tail text of comments
and
processing instructions, despite the explicit option.
- [GH#370](https://togithub.com/GH/lxml/issues/370): A crash with recent
libxml2 2.11.x versions was resolved.
Patch by Michael Schlenker.
- A compile problem with recent libxml2 2.12.x versions was resolved.
- The internal exception handling in C callbacks was improved for Cython
3.0.
- The exception declarations of `xmlInputReadCallback`,
`xmlInputCloseCallback`,
`xmlOutputWriteCallback` and `xmlOutputCloseCallback` in `tree.pxd` were
corrected to prevent running Python code or calling into the C-API with
a live
exception set.
- [GH#385](https://togithub.com/GH/lxml/issues/385): The long deprecated
`unittest.m̀akeSuite()` function is no longer used.
Patch by Miro Hrončok.
- [LP#1522052](https://togithub.com/LP/lxml/issues/1522052): A
file-system specific test is now optional and should no longer fail
on systems that don't support it.
- [GH#392](https://togithub.com/GH/lxml/issues/392): Some tests were
adapted for libxml2 2.13.
Patch by Nick Wellnhofer.
- Contains all fixes from lxml 4.9.4.
## Other changes
- [LP#1742885](https://togithub.com/LP/lxml/issues/1742885): lxml no
longer expands external entities (XXE) by default to prevent
the security risk of loading arbitrary files and URLs. If this feature
is needed,
it can be enabled in a backwards compatible way by using a parser with
the option
`resolve_entities=True`. The new default is
`resolve_entities='internal'`.
- With libxml2 2.10.4 and later (as provided by the lxml 5.0 binary
wheels),
parsing HTML tags with "prefixes" no longer builds a namespace
dictionary
in `nsmap` but considers the `prefix:name` string the actual tag name.
With older libxml2 versions, since 2.9.11, the prefix was removed.
Before
that, the prefix was parsed as XML prefix.
lxml 5.0 does not try to hide this difference but now changes the
ElementPath
implementation to let `element.find("part1:part2")` search for the tag
`part1:part2` in documents parsed as HTML, instead of looking only for
`part2`.
- [LP#2024343](https://togithub.com/LP/lxml/issues/2024343): The
validation of the schema file itself is now optional in the
ISO-Schematron implementation. This was done because some lxml
distributions
discard the RNG validation schema file due to licensing issues. The
validation
can now always be disabled with `Schematron(...,
validate_schema=False)`.
It is enabled by default if available and disabled otherwise. The module
constant `lxml.isoschematron.schematron_schema_valid_supported` can be
used
to detect whether schema file validation is available.
- Some redundant and long deprecated methods were removed:
`parser.setElementClassLookup()`,
`xslt_transform.apply()`,
`xpath.evaluate()`.
- Some incorrect declarations were removed from `python.pxd`. In
general, this file
should not be used by external Cython code. Use the C-API declarations
provided by
Cython itself instead.
- Binary wheels use the library versions libxml2 2.12.3 and libxslt
1.1.39.
- Built with Cython 3.0.7, updated to follow recent changes in Cython
3.1-dev.
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/libretime/libretime).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMDMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjEwMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: jo <ljonas@riseup.net>
This forces to use the same version as the worker.
Previously playout installed kombu>=5.2 and got instanlty
reverted back to 4.6.11 when the worker was installed.
renovate[bot]
jo
Jonas L
