A set of Python scripts for finding threats in Office365

Overview

Py365

A collection of scripts for finding threats in Office365

Risky Rules

A tool for finding risky or suspicious inbox rules - more detail in this post

Prerequisities

This tool requires Reqeusts, Requests-cache and Jinja2 - these can be installed with pip install -r requirements.txt It requires an administrative access to AzureAD & Office365 environment to set up but no specific account is required for its continued use. You will need to create a new application registration in the AzureAD portal and grant it the following permissions at the application level and grant admin consent for them:

  • Microsoft Graph
    • Mail.ReadBasic.All
    • MailboxSettings.Read
    • User.Read.All

AzureAD App

Next, generate a secret and make a record of the secret string as well as the app/client ID. You will then need to make a copy of config.example.py and update it with your own domain, app id and secret

Usage

Just run riskyrules.py - no arguments are required and once the script has finished the report will be saved as report.html in the current directory

Comments
  • TypeError: 'bool' object is not subscriptable

    TypeError: 'bool' object is not subscriptable

    Using Python 3, not sure if this was made for 2.7. Error pops up on running script, configurations set as instructed:

    Traceback (most recent call last): File ".\riskyrules.py", line 110, in renderRules() File ".\riskyrules.py", line 104, in renderRules rulesdata = getAllRules() File ".\riskyrules.py", line 77, in getAllRules output.append(getRuleRisk(rule, user["userPrincipalName"])) File ".\riskyrules.py", line 95, in getRuleRisk risk += factor.calculateRisk(rule, user) File ".\riskyrules.py", line 30, in calculateRisk if isinstance(actionValue[0], dict): TypeError: 'bool' object is not subscriptable

    opened by maxdemajo 2
  • Bump requests-cache from 0.8.1 to 0.9.6

    Bump requests-cache from 0.8.1 to 0.9.6

    Bumps requests-cache from 0.8.1 to 0.9.6.

    Release notes

    Sourced from requests-cache's releases.

    Improved performance, thread safety, Cache-Control support, and general QoL

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.6 (2022-08-24)

    • Remove potentially problematic row count from BaseCache.__str__()
    • Remove upper version constraints for all non-dev dependencies
    • Make dependency specification consistent between PyPI and Conda-Forge packages

    0.9.5 (2022-06-29)

    • Backport bugfixes from 1.0

    0.9.4 (2022-04-22)

    • Fix forwarding connection parameters passed to RedisCache for redis-py 4.2 and python <=3.8
    • Fix forwarding connection parameters passed to MongoCache for pymongo 4.1 and python <=3.8

    0.9.3 (2022-02-22)

    • Fix handling BSON serializer differences between pymongo's bson and standalone bson codec.
    • Handle CorruptGridFile error in GridFS backend
    • Fix cache path expansion for user directories (~/...) for SQLite and filesystem backends
    • Fix request normalization for request body with a list as a JSON root
    • Skip normalizing a JSON request body if it's excessively large (>10MB) due to performance impact
    • Fix some thread safety issues:
      • Fix race condition in SQLite backend with dropping and recreating tables in multiple threads
      • Fix race condition in filesystem backend when one thread deletes a file after it's opened but before it is read by a different thread
      • Fix multiple race conditions in GridFS backend

    0.9.2 (2022-02-15)

    • Fix serialization in filesystem backend with binary content that is also valid UTF-8
    • Fix some regression bugs introduced in 0.9.0:
      • Add support for params as a positional argument to CachedSession.request()
      • Add support for disabling expiration for a single request with CachedSession.request(..., expire_after=-1)

    0.9.1 (2022-01-15)

    • Add support for python 3.10.2 and 3.9.10 (regarding resolving ForwardRef types during deserialization)
    • Add support for key-only request parameters (regarding hashing request data for cache key creation)
    • Reduce verbosity of log messages when encountering an invalid JSON request body

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Add optional integration with Redis TTL to improve performance for removing expired responses
      • This is enabled by default, but may be disabled

    Other features:

    ... (truncated)

    Commits
    • 24f6846 Remove upper version constraints for all non-dev dependencies (v0.9)
    • fafccd7 Remove row count from BaseCache.str()
    • d10c3c2 Remove catching/logging ImportErrors in top-level package
    • 52e1ba2 Merge pull request #638 from JWCook/path-url-0.9
    • 0d6c381 Add CachedRequest.path_url property
    • a47fe91 Merge pull request #635 from JWCook/docs
    • 7d345af Update repo links
    • 66550b5 Merge pull request #626 from JWCook/cattrs-22
    • f11fac4 Add compatibility with cattrs 22.1
    • 7d63e72 Merge pull request #619 from JWCook/fix-patch-memory
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.5

    Bump requests-cache from 0.8.1 to 0.9.5

    Bumps requests-cache from 0.8.1 to 0.9.5.

    Release notes

    Sourced from requests-cache's releases.

    Improved performance, thread safety, Cache-Control support, and general QoL

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.5 (2022-06-29)

    • Backport bugfixes from 1.0

    0.9.4 (2022-04-22)

    • Fix forwarding connection parameters passed to RedisCache for redis-py 4.2 and python <=3.8
    • Fix forwarding connection parameters passed to MongoCache for pymongo 4.1 and python <=3.8

    0.9.3 (2022-02-22)

    • Fix handling BSON serializer differences between pymongo's bson and standalone bson codec.
    • Handle CorruptGridFile error in GridFS backend
    • Fix cache path expansion for user directories (~/...) for SQLite and filesystem backends
    • Fix request normalization for request body with a list as a JSON root
    • Skip normalizing a JSON request body if it's excessively large (>10MB) due to performance impact
    • Fix some thread safety issues:
      • Fix race condition in SQLite backend with dropping and recreating tables in multiple threads
      • Fix race condition in filesystem backend when one thread deletes a file after it's opened but before it is read by a different thread
      • Fix multiple race conditions in GridFS backend

    0.9.2 (2022-02-15)

    • Fix serialization in filesystem backend with binary content that is also valid UTF-8
    • Fix some regression bugs introduced in 0.9.0:
      • Add support for params as a positional argument to CachedSession.request()
      • Add support for disabling expiration for a single request with CachedSession.request(..., expire_after=-1)

    0.9.1 (2022-01-15)

    • Add support for python 3.10.2 and 3.9.10 (regarding resolving ForwardRef types during deserialization)
    • Add support for key-only request parameters (regarding hashing request data for cache key creation)
    • Reduce verbosity of log messages when encountering an invalid JSON request body

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Add optional integration with Redis TTL to improve performance for removing expired responses
      • This is enabled by default, but may be disabled

    Other features:

    • Support expire_after param for CachedSession.send()

    Performance:

    • Fix duplicate read operation for checking whether to read from redirects cache
    • Skip unnecessary contains check if a key is in the main responses cache

    ... (truncated)

    Commits
    • d10c3c2 Remove catching/logging ImportErrors in top-level package
    • 52e1ba2 Merge pull request #638 from JWCook/path-url-0.9
    • 0d6c381 Add CachedRequest.path_url property
    • a47fe91 Merge pull request #635 from JWCook/docs
    • 7d345af Update repo links
    • 66550b5 Merge pull request #626 from JWCook/cattrs-22
    • f11fac4 Add compatibility with cattrs 22.1
    • 7d63e72 Merge pull request #619 from JWCook/fix-patch-memory
    • a6831ff Initialize backend with install_cache() prior to patching requests.Session
    • 39fb312 Merge pull request #614 from JWCook/parameter-forwarding
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests from 2.26.0 to 2.28.0

    Bump requests from 2.26.0 to 2.28.0

    Bumps requests from 2.26.0 to 2.28.0.

    Release notes

    Sourced from requests's releases.

    v2.28.0

    2.28.0 (2022-06-09)

    Deprecations

    • ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (#6091)
    • Requests has officially dropped support for Python 3.6 (including pypy3). (#6091)

    Improvements

    • Wrap JSON parsing issues in Request's JSONDecodeError for payloads without an encoding to make json() API consistent. (#6097)
    • Parse header components consistently, raising an InvalidHeader error in all invalid cases. (#6154)
    • Added provisional 3.11 support with current beta build. (#6155)
    • Requests got a makeover and we decided to paint it black. (#6095)

    Bugfixes

    • Fixed bug where setting CURL_CA_BUNDLE to an empty string would disable cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074)
    • Fixed urllib3 exception leak, wrapping urllib3.exceptions.SSLError with requests.exceptions.SSLError for content and iter_content. (#6057)
    • Fixed issue where invalid Windows registry entires caused proxy resolution to raise an exception rather than ignoring the entry. (#6149)
    • Fixed issue where entire payload could be included in the error message for JSONDecodeError. (#6079)

    New Contributors

    Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2280-2022-06-09

    v2.27.1

    2.27.1 (2022-01-05)

    Bugfixes

    • Fixed parsing issue that resulted in the auth component being dropped from proxy URLs. (#6028)

    Full Changelog: https://github.com/psf/requests/blob/v2.27.1/HISTORY.md#2271-2022-01-05

    ... (truncated)

    Changelog

    Sourced from requests's changelog.

    2.28.0 (2022-06-09)

    Deprecations

    • ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (#6091)
    • Requests has officially dropped support for Python 3.6 (including pypy3.6). (#6091)

    Improvements

    • Wrap JSON parsing issues in Request's JSONDecodeError for payloads without an encoding to make json() API consistent. (#6097)
    • Parse header components consistently, raising an InvalidHeader error in all invalid cases. (#6154)
    • Added provisional 3.11 support with current beta build. (#6155)
    • Requests got a makeover and we decided to paint it black. (#6095)

    Bugfixes

    • Fixed bug where setting CURL_CA_BUNDLE to an empty string would disable cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074)
    • Fixed urllib3 exception leak, wrapping urllib3.exceptions.SSLError with requests.exceptions.SSLError for content and iter_content. (#6057)
    • Fixed issue where invalid Windows registry entires caused proxy resolution to raise an exception rather than ignoring the entry. (#6149)
    • Fixed issue where entire payload could be included in the error message for JSONDecodeError. (#6036)

    2.27.1 (2022-01-05)

    Bugfixes

    • Fixed parsing issue that resulted in the auth component being dropped from proxy URLs. (#6028)

    2.27.0 (2022-01-03)

    Improvements

    • Officially added support for Python 3.10. (#5928)

    • Added a requests.exceptions.JSONDecodeError to unify JSON exceptions between Python 2 and 3. This gets raised in the response.json() method, and is backwards compatible as it inherits from previously thrown exceptions. Can be caught from requests.exceptions.RequestException as well. (#5856)

    • Improved error text for misnamed InvalidSchema and MissingSchema exceptions. This is a temporary fix until exceptions can be renamed

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.4

    Bump requests-cache from 0.8.1 to 0.9.4

    Bumps requests-cache from 0.8.1 to 0.9.4.

    Release notes

    Sourced from requests-cache's releases.

    Improved performance, thread safety, Cache-Control support, and general QoL

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.4 (2022-04-22)

    • Fix forwarding connection parameters passed to RedisCache for redis-py 4.2 and python <=3.8
    • Fix forwarding connection parameters passed to MongoCache for pymongo 4.1 and python <=3.8

    0.9.3 (2022-02-22)

    • Fix handling BSON serializer differences between pymongo's bson and standalone bson codec.
    • Handle CorruptGridFile error in GridFS backend
    • Fix cache path expansion for user directories (~/...) for SQLite and filesystem backends
    • Fix request normalization for request body with a list as a JSON root
    • Skip normalizing a JSON request body if it's excessively large (>10MB) due to performance impact
    • Fix some thread safety issues:
      • Fix race condition in SQLite backend with dropping and recreating tables in multiple threads
      • Fix race condition in filesystem backend when one thread deletes a file after it's opened but before it is read by a different thread
      • Fix multiple race conditions in GridFS backend

    0.9.2 (2022-02-15)

    • Fix serialization in filesystem backend with binary content that is also valid UTF-8
    • Fix some regression bugs introduced in 0.9.0:
      • Add support for params as a positional argument to CachedSession.request()
      • Add support for disabling expiration for a single request with CachedSession.request(..., expire_after=-1)

    0.9.1 (2022-01-15)

    • Add support for python 3.10.2 and 3.9.10 (regarding resolving ForwardRef types during deserialization)
    • Add support for key-only request parameters (regarding hashing request data for cache key creation)
    • Reduce verbosity of log messages when encountering an invalid JSON request body

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & Headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Add optional integration with Redis TTL to improve performance for removing expired responses
      • This is enabled by default, but may be disabled

    Other features:

    • Support expire_after param for CachedSession.send()

    Performance:

    • Fix duplicate read operation for checking whether to read from redirects cache
    • Skip unnecessary contains check if a key is in the main responses cache
    • Make per-request expiration thread-safe for both CachedSession.request() and CachedSession.send()
    • Some micro-optimizations for request matching

    ... (truncated)

    Commits
    • 39fb312 Merge pull request #614 from JWCook/parameter-forwarding
    • 259f803 Fix forwarding connection parameters for redis-py 4.2 and pymongo 4.1 on pyth...
    • e85e3c0 Forgot to bump version in init file
    • 1e84136 Change wording a bit on cache header behavior
    • cc5305f Merge pull request #537 from JWCook/concurrency-tests
    • 3c77e2c Update dev dependencies and changelog
    • 3453ae6 Handle CorruptGridFile error in GridFS backend
    • fe82501 Increase stress test multiplier to 10 for pre-deployment tests
    • 0bd1446 Add lock around remove_expired_responses() for SQLite, Filesystem, and GridFS...
    • 9576fcf Improve filesystem backend thread safety
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump jinja2 from 3.0.3 to 3.1.0

    Bump jinja2 from 3.0.3 to 3.1.0

    Bumps jinja2 from 3.0.3 to 3.1.0.

    Release notes

    Sourced from jinja2's releases.

    3.1.0

    This is a feature release, which includes new features and removes previously deprecated features. The 3.1.x branch is now the supported bugfix branch, the 3.0.x branch has become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. We also encourage upgrading to MarkupSafe 2.1.1, the latest version at this time.

    Changelog

    Sourced from jinja2's changelog.

    Version 3.1.0

    Released 2022-03-24

    • Drop support for Python 3.6. :pr:1534

    • Remove previously deprecated code. :pr:1544

      • WithExtension and AutoEscapeExtension are built-in now.
      • contextfilter and contextfunction are replaced by pass_context. evalcontextfilter and evalcontextfunction are replaced by pass_eval_context. environmentfilter and environmentfunction are replaced by pass_environment.
      • Markup and escape should be imported from MarkupSafe.
      • Compiled templates from very old Jinja versions may need to be recompiled.
      • Legacy resolve mode for Context subclasses is no longer supported. Override resolve_or_missing instead of resolve.
      • unicode_urlencode is renamed to url_quote.
    • Add support for native types in macros. :issue:1510

    • The {% trans %} tag can use pgettext and npgettext by passing a context string as the first token in the tag, like {% trans "title" %}. :issue:1430

    • Update valid identifier characters from Python 3.6 to 3.7. :pr:1571

    • Filters and tests decorated with @async_variant are pickleable. :pr:1612

    • Add items filter. :issue:1561

    • Subscriptions ([0], etc.) can be used after filters, tests, and calls when the environment is in async mode. :issue:1573

    • The groupby filter is case-insensitive by default, matching other comparison filters. Added the case_sensitive parameter to control this. :issue:1463

    • Windows drive-relative path segments in template names will not result in FileSystemLoader and PackageLoader loading from drive-relative paths. :pr:1621

    Commits
    • 84c0e2c Merge pull request #1625 from pallets/release-3.1.0
    • 7b0c47f release version 3.1.0
    • ede0f98 Merge pull request #1621 from pallets/template-safe-path
    • 040088a use posixpath.join when loading template names
    • a292075 Merge pull request #1620 from janfilips/patch-1
    • 6e4df02 Fix formatting in tricks.rst
    • 3a050b1 Merge pull request #1617 from pallets/docs-prose
    • 4b63cd8 rewrite include statement section
    • a98d482 clean up faq, move technical discussions
    • 9de99f8 clean up engine comparisons
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.3

    Bump requests-cache from 0.8.1 to 0.9.3

    Bumps requests-cache from 0.8.1 to 0.9.3.

    Release notes

    Sourced from requests-cache's releases.

    Improvements to performance, thread safety, Cache-Control support, and general QoL

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.3 (2022-02-22)

    • Fix handling BSON serializer differences between pymongo's bson and standalone bson codec.
    • Handle CorruptGridFile error in GridFS backend
    • Fix cache path expansion for user directories (~/...) for SQLite and filesystem backends
    • Fix request normalization for request body with a list as a JSON root
    • Skip normalizing a JSON request body if it's excessively large (>10MB) due to performance impact
    • Fix some thread safety issues:
      • Fix race condition in SQLite backend with dropping and recreating tables in multiple threads
      • Fix race condition in filesystem backend when one thread deletes a file after it's opened but before it is read by a different thread
      • Fix multiple race conditions in GridFS backend

    0.9.2 (2022-02-15)

    • Fix serialization in filesystem backend with binary content that is also valid UTF-8
    • Fix some regression bugs introduced in 0.9.0:
      • Add support for params as a positional argument to CachedSession.request()
      • Add support for disabling expiration for a single request with CachedSession.request(..., expire_after=-1)

    0.9.1 (2022-01-15)

    • Add support for python 3.10.2 and 3.9.10 (regarding resolving ForwardRef types during deserialization)
    • Add support for key-only request parameters (regarding hashing request data for cache key creation)
    • Reduce verbosity of log messages when encountering an invalid JSON request body

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & Headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Improve performance by using native Redis TTL for cache expiration

    Other features:

    • Support expire_after param for CachedSession.send()

    Performance:

    • Fix duplicate read operation for checking whether to read from redirects cache
    • Skip unnecessary contains check if a key is in the main responses cache
    • Make per-request expiration thread-safe for both CachedSession.request() and CachedSession.send()
    • Some micro-optimizations for request matching

    Bugfixes:

    • Fix regression bug causing headers used for cache key to not guarantee sort order
    • Handle some additional corner cases when normalizing request data
    • Add support for BaseCache keyword arguments passed along with a backend instance
    • Fix issue with cache headers not being used correctly if cache_control=True is used with an expire_after value

    ... (truncated)

    Commits
    • cc5305f Merge pull request #537 from JWCook/concurrency-tests
    • 3c77e2c Update dev dependencies and changelog
    • 3453ae6 Handle CorruptGridFile error in GridFS backend
    • fe82501 Increase stress test multiplier to 10 for pre-deployment tests
    • 0bd1446 Add lock around remove_expired_responses() for SQLite, Filesystem, and GridFS...
    • 9576fcf Improve filesystem backend thread safety
    • 25f2cab Improve GridFS backend thread safety
    • 8b2a669 Fix race condition with dropping and recreating SQLite tables in multiple thr...
    • a5e87b2 Run additional stress tests with multiple processes
    • 3d9d4c4 Improve multithreaded tests: use fewer unique responses and more total reques...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.2

    Bump requests-cache from 0.8.1 to 0.9.2

    Bumps requests-cache from 0.8.1 to 0.9.2.

    Release notes

    Sourced from requests-cache's releases.

    Performance, QoL, and Cache-Control improvements

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.2 (2022-02-15)

    • Fix serialization in filesystem backend with binary content that is also valid UTF-8
    • Fix some regression bugs introduced in 0.9.0:
      • Add support for params as a positional argument to CachedSession.request()
      • Add support for disabling expiration for a single request with CachedSession.request(..., expire_after=-1)

    0.9.1 (2022-01-15)

    • Add support for python 3.10.2 and 3.9.10 (regarding resolving ForwardRef types during deserialization)
    • Add support for key-only request parameters (regarding hashing request data for cache key creation)
    • Reduce verbosity of log messages when encountering an invalid JSON request body

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & Headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Improve performance by using native Redis TTL for cache expiration

    Other features:

    • Support expire_after param for CachedSession.send()

    Performance:

    • Fix duplicate read operation for checking whether to read from redirects cache
    • Skip unnecessary contains check if a key is in the main responses cache
    • Make per-request expiration thread-safe for both CachedSession.request() and CachedSession.send()
    • Some micro-optimizations for request matching

    Bugfixes:

    • Fix regression bug causing headers used for cache key to not guarantee sort order
    • Handle some additional corner cases when normalizing request data
    • Add support for BaseCache keyword arguments passed along with a backend instance
    • Fix issue with cache headers not being used correctly if cache_control=True is used with an expire_after value
    • Fix license metadata as shown on PyPI
    • Fix CachedResponse serialization behavior when using stdlib pickle in a custom serializer
    Commits
    • 9b06688 Merge pull request #529 from JWCook/fix-binary-serializer-detection
    • b5bac5a Fix serialization in filesystem backend with binary content that is also vali...
    • 43c9287 Merge pull request #528 from JWCook/backtesting-example
    • 49c1178 Add documentation example for backtesting with time-machine
    • c2baccd Merge pull request #527 from JWCook/fix-expire-override
    • 7f64c17 Update changelog and contributors
    • 1f5d6f6 Use only integers for expire_after values in tests and docs
    • 261bda4 Fix disabling expiration for a single request with `CachedSession.request(......
    • 04ff30b Adjust stress test settings for pre-deploy tests
    • ebb5f69 Merge pull request #525 from JWCook/fix-params-positional-arg
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.1

    Bump requests-cache from 0.8.1 to 0.9.1

    Bumps requests-cache from 0.8.1 to 0.9.1.

    Release notes

    Sourced from requests-cache's releases.

    Performance, QoL, and Cache-Control improvements

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.1 (2022-01-15)

    • Add support for python 3.10.2 (regarding resolving ForwardRef types during deserialization)
    • Add support for key-only request parameters (regarding hashing request data for cache key creation)
    • Reduce verbosity of log messages when encountering an invalid JSON request body

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & Headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Improve performance by using native Redis TTL for cache expiration

    Other features:

    • Support expire_after param for CachedSession.send()

    Performance:

    • Fix duplicate read operation for checking whether to read from redirects cache
    • Skip unnecessary contains check if a key is in the main responses cache
    • Make per-request expiration thread-safe for both CachedSession.request() and CachedSession.send()
    • Some micro-optimizations for request matching

    Bugfixes:

    • Fix regression bug causing headers used for cache key to not guarantee sort order
    • Handle some additional corner cases when normalizing request data
    • Add support for BaseCache keyword arguments passed along with a backend instance
    • Fix issue with cache headers not being used correctly if cache_control=True is used with an expire_after value
    • Fix license metadata as shown on PyPI
    • Fix CachedResponse serialization behavior when using stdlib pickle in a custom serializer
    Commits
    • 8823984 Update changelog and contributors
    • ddf7ad8 Merge pull request #503 from JWCook/py3.10.2-compat
    • 4c8e386 Switch to a different method of resolving ForwardRefs during deserialization ...
    • 0b8f7c8 Merge pull request #502 from reclosedev/dependabot/pip/sphinx-automodapi-0.14.1
    • 78c15b5 Bump sphinx-automodapi from 0.13 to 0.14.1
    • a29b85c Merge pull request #500 from JWCook/key-only-params
    • 483574f Update changelog and contributors
    • 030e788 Add support for key-only request parameters
    • 0185d02 Update changelog and bump version
    • 3a5acf7 Bump dependencies
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests from 2.26.0 to 2.27.1

    Bump requests from 2.26.0 to 2.27.1

    Bumps requests from 2.26.0 to 2.27.1.

    Changelog

    Sourced from requests's changelog.

    2.27.1 (2022-01-05)

    Bugfixes

    • Fixed parsing issue that resulted in the auth component being dropped from proxy URLs. (#6028)

    2.27.0 (2022-01-03)

    Improvements

    • Officially added support for Python 3.10. (#5928)

    • Added a requests.exceptions.JSONDecodeError to unify JSON exceptions between Python 2 and 3. This gets raised in the response.json() method, and is backwards compatible as it inherits from previously thrown exceptions. Can be caught from requests.exceptions.RequestException as well. (#5856)

    • Improved error text for misnamed InvalidSchema and MissingSchema exceptions. This is a temporary fix until exceptions can be renamed (Schema->Scheme). (#6017)

    • Improved proxy parsing for proxy URLs missing a scheme. This will address recent changes to urlparse in Python 3.9+. (#5917)

    Bugfixes

    • Fixed defect in extract_zipped_paths which could result in an infinite loop for some paths. (#5851)

    • Fixed handling for AttributeError when calculating length of files obtained by Tarfile.extractfile(). (#5239)

    • Fixed urllib3 exception leak, wrapping urllib3.exceptions.InvalidHeader with requests.exceptions.InvalidHeader. (#5914)

    • Fixed bug where two Host headers were sent for chunked requests. (#5391)

    • Fixed regression in Requests 2.26.0 where Proxy-Authorization was incorrectly stripped from all requests sent with Session.send. (#5924)

    • Fixed performance regression in 2.26.0 for hosts with a large number of proxies available in the environment. (#5924)

    • Fixed idna exception leak, wrapping UnicodeError with requests.exceptions.InvalidURL for URLs with a leading dot (.) in the domain. (#5414)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.0

    Bump requests-cache from 0.8.1 to 0.9.0

    Bumps requests-cache from 0.8.1 to 0.9.0.

    Release notes

    Sourced from requests-cache's releases.

    Performance, QoL, and Cache-Control improvements

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.0 (2022-01-01)

    See all issues and PRs for 0.9

    Expiration & Headers:

    • Use Cache-Control request headers by default
    • Add support for Cache-Control: immutable
    • Add support for immediate expiration + revalidation with Cache-Control: max-age=0 and Expires: 0
    • Reset expiration for cached response when a 304 Not Modified response is received

    Backends:

    • Filesystem and SQLite backends: Add better error message if parent path exists but isn't a directory
    • Redis: Improve performance by using native Redis TTL for cache expiration

    Other features:

    • Support expire_after param for CachedSession.send()

    Performance:

    • Fix duplicate read operation for checking whether to read from redirects cache
    • Skip unnecessary contains check if a key is in the main responses cache
    • Make per-request expiration thread-safe for both CachedSession.request() and CachedSession.send()
    • Some micro-optimizations for request matching

    Bugfixes:

    • Fix regression bug causing headers used for cache key to not guarantee sort order
    • Handle some additional corner cases when normalizing request data
    • Add support for BaseCache keyword arguments passed along with a backend instance
    • Fix issue with cache headers not being used correctly if cache_control=True is used with an expire_after value
    • Fix license metadata as shown on PyPI
    • Fix CachedResponse serialization behavior when using stdlib pickle in a custom serializer
    Commits
    • 418b216 Merge branch 'docs-and-deps'
    • 83120fc Update changelog
    • 3df3a1d Revert to previous version of mypy due to false positive
    • b51f361 Update dependencies and pre-commit hooks
    • ccf789a Update contributors
    • e58f491 Fix typo in docs
    • 023b9bf Format using a more typical line length of 100
    • 3470482 Merge pull request #474 from grubberr/improve_get_matched_headers
    • 99b7793 Fix black and type checking issues, and update changelog
    • 3d5f55d make order of headers repeatable
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump requests-cache from 0.8.1 to 0.9.7

    Bump requests-cache from 0.8.1 to 0.9.7

    Bumps requests-cache from 0.8.1 to 0.9.7.

    Release notes

    Sourced from requests-cache's releases.

    Improved performance, thread safety, Cache-Control support, and general QoL

    See Changelog for release details

    Changelog

    Sourced from requests-cache's changelog.

    0.9.7 (2022-10-26)

    Backport compatibility fixes from 1.0:

    • PyInstaller: Fix potential AttributeError due to undetected imports when requests-cache is bundled in a PyInstaller package
    • requests-oauthlib: Add support for header values as bytes for compatibility with OAuth1 features
    • cattrs: Add compatibility with cattrs 22.2
    • python: Add tests to ensure compatibility with python 3.11
    • Fix AttributeError when attempting to unpickle a CachedSession object, and instead disable pickling by raising a NotImplementedError

    Add the following for forwards-compatibility with 1.0:

    • DeprecationWarnings to give an earlier notice for methods deprecated (not removed) in 1.0
    • requests_cache.policy subpackage (will replace requests_cache.cache_control module)
    • BaseCache.contains()
    • BaseCache.delete()
    • BaseCache.filter()
    • CachedSession.settings

    0.9.6 (2022-08-24)

    Backport fixes from 1.0:

    • Remove potentially problematic row count from BaseCache.__str__()
    • Remove upper version constraints for all non-dev dependencies
    • Make dependency specification consistent between PyPI and Conda-Forge packages

    0.9.5 (2022-06-29)

    Backport fixes from 1.0:

    • Fix usage of memory backend with install_cache()
    • Add CachedRequest.path_url property
    • Add compatibility with cattrs 22.1

    0.9.4 (2022-04-22)

    Backport fixes from 1.0:

    • Fix forwarding connection parameters passed to RedisCache for redis-py 4.2 and python <=3.8
    • Fix forwarding connection parameters passed to MongoCache for pymongo 4.1 and python <=3.8

    0.9.3 (2022-02-22)

    • Fix handling BSON serializer differences between pymongo's bson and standalone bson codec.
    • Handle CorruptGridFile error in GridFS backend
    • Fix cache path expansion for user directories (~/...) for SQLite and filesystem backends
    • Fix request normalization for request body with a list as a JSON root
    • Skip normalizing a JSON request body if it's excessively large (>10MB) due to performance impact
    • Fix some thread safety issues:
      • Fix race condition in SQLite backend with dropping and recreating tables in multiple threads
      • Fix race condition in filesystem backend when one thread deletes a file after it's opened but before it is read by a different thread
      • Fix multiple race conditions in GridFS backend

    0.9.2 (2022-02-15)

    • Fix serialization in filesystem backend with binary content that is also valid UTF-8
    • Fix some regression bugs introduced in 0.9.0:
      • Add support for params as a positional argument to CachedSession.request()
      • Add support for disabling expiration for a single request with CachedSession.request(..., expire_after=-1)

    ... (truncated)

    Commits
    • fe4edbf Update changelog
    • ea25c28 Run CI jobs with python 3.11
    • 7ee48d9 Merge pull request #710 from requests-cache/forwards-compat
    • 096b10d Add wrapper properties for settings for partial forwards-compatibility with C...
    • 864afeb Add BaseCache.contains(), delete(), and filter() for forwards-compatibility w...
    • 1894434 Add DeprecationWarning if importing from cache_control module
    • 0035af2 Add policy subpackage for forwards-compatibility with 1.0
    • ae2a169 Add support for header values as bytes
    • 446bbc8 Explicitly disable pickling CachedSession objects
    • 170a627 Fix potential AttributeError due to undetected imports when requests-cache ...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump requests from 2.26.0 to 2.28.1

    Bump requests from 2.26.0 to 2.28.1

    Bumps requests from 2.26.0 to 2.28.1.

    Release notes

    Sourced from requests's releases.

    v2.28.1

    2.28.1 (2022-06-29)

    Improvements

    • Speed optimization in iter_content with transition to yield from. (#6170)

    Dependencies

    • Added support for chardet 5.0.0 (#6179)
    • Added support for charset-normalizer 2.1.0 (#6169)

    New Contributors

    Full Changelog: https://github.com/psf/requests/blob/main/HISTORY.md#2281-2022-06-29

    v2.28.0

    2.28.0 (2022-06-09)

    Deprecations

    • ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (#6091)
    • Requests has officially dropped support for Python 3.6 (including pypy3). (#6091)

    Improvements

    • Wrap JSON parsing issues in Request's JSONDecodeError for payloads without an encoding to make json() API consistent. (#6097)
    • Parse header components consistently, raising an InvalidHeader error in all invalid cases. (#6154)
    • Added provisional 3.11 support with current beta build. (#6155)
    • Requests got a makeover and we decided to paint it black. (#6095)

    Bugfixes

    • Fixed bug where setting CURL_CA_BUNDLE to an empty string would disable cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074)
    • Fixed urllib3 exception leak, wrapping urllib3.exceptions.SSLError with requests.exceptions.SSLError for content and iter_content. (#6057)
    • Fixed issue where invalid Windows registry entires caused proxy resolution to raise an exception rather than ignoring the entry. (#6149)
    • Fixed issue where entire payload could be included in the error message for JSONDecodeError. (#6079)

    New Contributors

    ... (truncated)

    Changelog

    Sourced from requests's changelog.

    2.28.1 (2022-06-29)

    Improvements

    • Speed optimization in iter_content with transition to yield from. (#6170)

    Dependencies

    • Added support for chardet 5.0.0 (#6179)
    • Added support for charset-normalizer 2.1.0 (#6169)

    2.28.0 (2022-06-09)

    Deprecations

    • ⚠️ Requests has officially dropped support for Python 2.7. ⚠️ (#6091)
    • Requests has officially dropped support for Python 3.6 (including pypy3.6). (#6091)

    Improvements

    • Wrap JSON parsing issues in Request's JSONDecodeError for payloads without an encoding to make json() API consistent. (#6097)
    • Parse header components consistently, raising an InvalidHeader error in all invalid cases. (#6154)
    • Added provisional 3.11 support with current beta build. (#6155)
    • Requests got a makeover and we decided to paint it black. (#6095)

    Bugfixes

    • Fixed bug where setting CURL_CA_BUNDLE to an empty string would disable cert verification. All Requests 2.x versions before 2.28.0 are affected. (#6074)
    • Fixed urllib3 exception leak, wrapping urllib3.exceptions.SSLError with requests.exceptions.SSLError for content and iter_content. (#6057)
    • Fixed issue where invalid Windows registry entires caused proxy resolution to raise an exception rather than ignoring the entry. (#6149)
    • Fixed issue where entire payload could be included in the error message for JSONDecodeError. (#6036)

    2.27.1 (2022-01-05)

    Bugfixes

    • Fixed parsing issue that resulted in the auth component being dropped from proxy URLs. (#6028)

    2.27.0 (2022-01-03)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump jinja2 from 3.1.1 to 3.1.2

    Bump jinja2 from 3.1.1 to 3.1.2

    Bumps jinja2 from 3.1.1 to 3.1.2.

    Release notes

    Sourced from jinja2's releases.

    3.1.2

    This is a fix release for the 3.1.0 feature release.

    Changelog

    Sourced from jinja2's changelog.

    Version 3.1.2

    Released 2022-04-28

    • Add parameters to Environment.overlay to match __init__. :issue:1645
    • Handle race condition in FileSystemBytecodeCache. :issue:1654
    Commits
    • b08cd4b Merge pull request #1660 from pallets/release-3.1.2
    • 1e68ba8 release version 3.1.2
    • 8efee35 pre-commit updates latest release branch
    • a24df26 ignore new mypy finding
    • 9faee28 update requirements
    • b802b5a Merge pull request #1655 from dvitek/dvitek/issue1654
    • 746bb95 Fix race conditions in FileSystemBytecodeCache
    • 466a200 update requirements
    • 990602f Merge pull request #1647 from Tom-Brouwer/202204/add-missing-overlay-options
    • 5d3d241 fix flake8-bugbear finding
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
Owner
Martin Rothe
Security Operations Centre Analyst @node4ltd. Detection & SIEM engineering/scripting enthusiast. Dabbles with Python & Powershell. Former @URN1350 Tech mgr
Martin Rothe
Create Open XML PowerPoint documents in Python

python-pptx is a Python library for creating and updating PowerPoint (.pptx) files. A typical use would be generating a customized PowerPoint presenta

Steve Canny 1.7k Jan 5, 2023
A Python module for creating Excel XLSX files.

XlsxWriter XlsxWriter is a Python module for writing files in the Excel 2007+ XLSX file format. XlsxWriter can be used to write text, numbers, formula

John McNamara 3.1k Dec 29, 2022
Python Module for Tabular Datasets in XLS, CSV, JSON, YAML, &c.

Tablib: format-agnostic tabular dataset library _____ ______ ___________ ______ __ /_______ ____ /_ ___ /___(_)___ /_ _ __/_ __ `/__ _

Jazzband 4.2k Dec 30, 2022
Xiaobo Zhang 30 Jan 8, 2023
Transpiler for Excel formula like language to Python. Support script and module mode

Transpiler for Excel formula like language to Python. Support script and module mode (formulas are functions).

Edward Villegas-Pulgarin 1 Dec 7, 2021
Excel-report-evaluator - A simple Python GUI application to aid with bulk evaluation of Microsoft Excel reports.

Excel Report Evaluator Simple Python GUI with Tkinter for evaluating Microsoft Excel reports (.xlsx-Files). Usage Start main.py and choose one of the

Alexander H. 1 Dec 29, 2021
PyExcelerate - Accelerated Excel XLSX Writing Library for Python 2/3

PyExcelerate Accelerated Excel XLSX writing library for Python master: dev: test coverage: Authors: Kevin Wang and Kevin Zhang Copyright 2015 Kevin Wa

null 448 Dec 28, 2022
An advanced real time threat intelligence framework to identify threats and malicious web traffic on the basis of IP reputation and historical data.

ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of MISP to identify threats and malicious web traffic on the basis of IP reputation and historical data. It also performs automatic enrichment and threat scoring by collecting, processing and correlating observables based on different factors.

CRED 225 Dec 31, 2022
Office365 (Microsoft365) audit log analysis tool

Office365 (Microsoft365) audit log analysis tool The header describes it all WHY?? The first line of code was written long time before other colleague

Anatoly 1 Jul 27, 2022
Automatically download the cwru data set, and then divide it into training data set and test data set

Automatically download the cwru data set, and then divide it into training data set and test data set.自动下载cwru数据集,然后分训练数据集和测试数据集

null 6 Jun 27, 2022
Voxel Set Transformer: A Set-to-Set Approach to 3D Object Detection from Point Clouds (CVPR 2022)

Voxel Set Transformer: A Set-to-Set Approach to 3D Object Detection from Point Clouds (CVPR2022)[paper] Authors: Chenhang He, Ruihuang Li, Shuai Li, L

Billy HE 141 Dec 30, 2022
A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

PyArmor Homepage (中文版网站) Documentation(中文版) PyArmor is a command line tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine

Dashingsoft 1.9k Jan 1, 2023
A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

PyArmor Homepage (中文版网站) Documentation(中文版) PyArmor is a command line tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine

Dashingsoft 1.9k Dec 30, 2022
Custom SLURM wrapper scripts to make finding job histories and system resource usage more easily accessible

SLURM Wrappers Executables job-history A simple wrapper for grabbing data for completed and running jobs. nodes-busy Developed for the HPC systems at

Sara 2 Dec 13, 2021
A set of Python scripts to surpass human limits in accomplishing simple tasks.

Human benchmark fooler Summary A set of Python scripts with Selenium designed to surpass human limits in accomplishing simple tasks available on https

Bohdan Dudchenko 3 Feb 10, 2022
A set of Python scripts and notebooks to help administer and configure Workforce projects.

Workforce Scripts A set of Python scripts and notebooks to help administer and configure Workforce projects. Notebooks Several example Jupyter noteboo

Esri 75 Sep 9, 2022
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

?? The Social-Engineer Toolkit (SET) ?? Copyright 2020 The Social-Engineer Toolkit (SET) Written by: David Kennedy (ReL1K) @HackingDave Company: Trust

trustedsec 8.4k Dec 31, 2022
This is our ARTS test set, an enriched test set to probe Aspect Robustness of ABSA.

This is the repository for our 2020 paper "Tasty Burgers, Soggy Fries: Probing Aspect Robustness in Aspect-Based Sentiment Analysis". Data We provide

null 35 Nov 16, 2022
Open-Set Recognition: A Good Closed-Set Classifier is All You Need

Open-Set Recognition: A Good Closed-Set Classifier is All You Need Code for our paper: "Open-Set Recognition: A Good Closed-Set Classifier is All You

null 194 Jan 3, 2023