Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore(deps): update dependency gunicorn to v23 (#3066) 

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [gunicorn](https://togithub.com/benoitc/gunicorn)
([changelog](https://docs.gunicorn.org/en/stable/news.html)) |
`>=22.0.0,<22.1` -> `>=22.0.0,<23.1` |
[![age](https://developer.mend.io/api/mc/badges/age/pypi/gunicorn/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/gunicorn/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/gunicorn/22.0.0/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/gunicorn/22.0.0/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>benoitc/gunicorn (gunicorn)</summary>

###
[`v23.0.0`](https://togithub.com/benoitc/gunicorn/releases/tag/23.0.0)

[Compare
Source](https://togithub.com/benoitc/gunicorn/compare/22.0.0...23.0.0)

Gunicorn 23.0.0 has been released. This version fix the numerous
security vulnerabilities. You're invited to upgrade asap your own
installation.

# 23.0.0 - 2024-08-10

-   minor docs fixes (:pr:`3217`, :pr:`3089`, :pr:`3167`)
-   worker_class parameter accepts a class (:pr:`3079`)
- fix deadlock if request terminated during chunked parsing (:pr:`2688`)
- permit receiving Transfer-Encodings: compress, deflate, gzip
(:pr:`3261`)
- permit Transfer-Encoding headers specifying multiple encodings. note:
no parameters, still (:pr:`3261`)
- sdist generation now explicitly excludes sphinx build folder
(:pr:`3257`)
- decode bytes-typed status (as can be passed by gevent) as utf-8
instead of raising `TypeError` (:pr:`2336`)
- raise correct Exception when encounting invalid chunked requests
(:pr:`3258`)
- the SCRIPT_NAME and PATH_INFO headers, when received from allowed
forwarders, are no longer restricted for containing an underscore
(:pr:`3192`)
- include IPv6 loopback address `[::1]` in default for
:ref:`forwarded-allow-ips` and :ref:`proxy-allow-ips` (:pr:`3192`)

\*\* NOTE \*\*

- The SCRIPT_NAME change mitigates a regression that appeared first in
the 22.0.0 release
- Review your :ref:`forwarded-allow-ips` setting if you are still not
seeing the SCRIPT_NAME transmitted
- Review your :ref:`forwarder-headers` setting if you are missing
headers after upgrading from a version prior to 22.0.0

\*\* Breaking changes \*\*

-   refuse requests where the uri field is empty (:pr:`3255`)
- refuse requests with invalid CR/LR/NUL in heade field values
(:pr:`3253`)
- remove temporary `--tolerate-dangerous-framing` switch from 22.0
(:pr:`3260`)
- If any of the breaking changes affect you, be aware that now refused
requests can post a security problem, especially so in setups involving
request pipe-lining and/or proxies.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job
log](https://developer.mend.io/github/libretime/libretime).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yMC4xIiwidXBkYXRlZEluVmVyIjoiMzguMjAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIiwicHl0aG9uIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
This commit is contained in:
renovate[bot] 2024-08-12 09:11:02 +01:00 committed by GitHub
parent 4b5ab6a2ad
commit fdad983b48
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/requirements.txt
View File

@ -5,7 +5,7 @@ django-filter>=2.4.0,<24.4
django>=4.2.0,<4.3 django>=4.2.0,<4.3
djangorestframework>=3.14.0,<3.16 djangorestframework>=3.14.0,<3.16
drf-spectacular>=0.22.1,<0.28 drf-spectacular>=0.22.1,<0.28
gunicorn>=22.0.0,<22.1 gunicorn>=22.0.0,<23.1
psycopg[c]>=3.1.8,<3.2 psycopg[c]>=3.1.8,<3.2
requests>=2.32.2,<2.33 requests>=2.32.2,<2.33
uvicorn[standard]>=0.17.6,<0.31.0 uvicorn[standard]>=0.17.6,<0.31.0

2
api/setup.py
View File

@ -35,7 +35,7 @@ setup(
], ],
extras_require={ extras_require={
"prod": [ "prod": [
"gunicorn>=22.0.0,<22.1", "gunicorn>=22.0.0,<23.1",
"psycopg[c]>=3.1.8,<3.2", "psycopg[c]>=3.1.8,<3.2",
"uvicorn[standard]>=0.17.6,<0.31.0", "uvicorn[standard]>=0.17.6,<0.31.0",
], ],