• 9e9e840 2022.12.07
• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 9e9e840 2022.12.07
• b81bdb2 2022.09.24
• 939a28f 2022.09.14
• aca828a 2022.06.15.2
• de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
• b8eb5e9 2022.06.15.1
• 47fb7ab Fix deprecation warning on Python 3.11 (#199)
• b0b48e0 fixes #198 -- update link in license
• 9d514b4 2022.06.15
• 4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from protobuf's releases.

Protocol Buffers v3.18.3

C++

• Reduce memory consumption of MessageSet parsing
• This release addresses a Security Advisory for C++ and Python users

Protocol Buffers v3.18.2

Java

• Improve performance characteristics of UnknownFieldSet parsing (#9371)

Protocol Buffers v3.18.1

Python

• Update setup.py to reflect that we now require at least Python 3.5 (#8989)
• Performance fix for DynamicMessage: force GetRaw() to be inlined (#9023)

Ruby

• Update ruby_generator.cc to allow proto2 imports in proto3 (#9003)

Protocol Buffers v3.18.0

C++

• Fix warnings raised by clang 11 (#8664)
• Make StringPiece constructible from std::string_view (#8707)
• Add missing capability attributes for LLVM 12 (#8714)
• Stop using std::iterator (deprecated in C++17). (#8741)
• Move field_access_listener from libprotobuf-lite to libprotobuf (#8775)
• Fix #7047 Safely handle setlocale (#8735)
• Remove deprecated version of SetTotalBytesLimit() (#8794)
• Support arena allocation of google::protobuf::AnyMetadata (#8758)
• Fix undefined symbol error around SharedCtor() (#8827)
• Fix default value of enum(int) in json_util with proto2 (#8835)
• Better Smaller ByteSizeLong
• Introduce event filters for inject_field_listener_events
• Reduce memory usage of DescriptorPool
• For lazy fields copy serialized form when allowed.
• Re-introduce the InlinedStringField class
• v2 access listener
• Reduce padding in the proto's ExtensionRegistry map.
• GetExtension performance optimizations
• Make tracker a static variable rather than call static functions
• Support extensions in field access listener
• Annotate MergeFrom for field access listener
• Fix incomplete types for field access listener
• Add map_entry/new_map_entry to SpecificField in MessageDifferencer. They record the map items which are different in MessageDifferencer's reporter.
• Reduce binary size due to fieldless proto messages
• TextFormat: ParseInfoTree supports getting field end location in addition to start.
• Fix repeated enum extension size in field listener
• Enable Any Text Expansion for Descriptors::DebugString()
• Switch from int{8,16,32,64} to int{8,16,32,64}_t

... (truncated)

• a902b39 No-op whitespace change
• ae62acd Updating version.json and repo version numbers to: 18.3
• f43ac49 Merge pull request #10542 from deannagarcia/3.18.x
• 9efdf55 Add missing includes
• d1635e1 Apply patch
• 5b37c91 Update version.json with "lts": true (#10534)
• c39d622 Merge pull request #10529 from protocolbuffers/deannagarcia-patch-5
• f77d3b6 Update version.json
• 8178b06 Merge pull request #10503 from deannagarcia/3.18.x
• 24ca839 Add version file
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from protobuf's releases.

Protocol Buffers v3.18.3

C++

• Reduce memory consumption of MessageSet parsing
• This release addresses a Security Advisory for C++ and Python users

Protocol Buffers v3.18.2

Java

• Improve performance characteristics of UnknownFieldSet parsing (#9371)

Protocol Buffers v3.18.1

Python

• Update setup.py to reflect that we now require at least Python 3.5 (#8989)
• Performance fix for DynamicMessage: force GetRaw() to be inlined (#9023)

Ruby

• Update ruby_generator.cc to allow proto2 imports in proto3 (#9003)

Protocol Buffers v3.18.0

C++

• Fix warnings raised by clang 11 (#8664)
• Make StringPiece constructible from std::string_view (#8707)
• Add missing capability attributes for LLVM 12 (#8714)
• Stop using std::iterator (deprecated in C++17). (#8741)
• Move field_access_listener from libprotobuf-lite to libprotobuf (#8775)
• Fix #7047 Safely handle setlocale (#8735)
• Remove deprecated version of SetTotalBytesLimit() (#8794)
• Support arena allocation of google::protobuf::AnyMetadata (#8758)
• Fix undefined symbol error around SharedCtor() (#8827)
• Fix default value of enum(int) in json_util with proto2 (#8835)
• Better Smaller ByteSizeLong
• Introduce event filters for inject_field_listener_events
• Reduce memory usage of DescriptorPool
• For lazy fields copy serialized form when allowed.
• Re-introduce the InlinedStringField class
• v2 access listener
• Reduce padding in the proto's ExtensionRegistry map.
• GetExtension performance optimizations
• Make tracker a static variable rather than call static functions
• Support extensions in field access listener
• Annotate MergeFrom for field access listener
• Fix incomplete types for field access listener
• Add map_entry/new_map_entry to SpecificField in MessageDifferencer. They record the map items which are different in MessageDifferencer's reporter.
• Reduce binary size due to fieldless proto messages
• TextFormat: ParseInfoTree supports getting field end location in addition to start.
• Fix repeated enum extension size in field listener
• Enable Any Text Expansion for Descriptors::DebugString()
• Switch from int{8,16,32,64} to int{8,16,32,64}_t

... (truncated)

• a902b39 No-op whitespace change
• ae62acd Updating version.json and repo version numbers to: 18.3
• f43ac49 Merge pull request #10542 from deannagarcia/3.18.x
• 9efdf55 Add missing includes
• d1635e1 Apply patch
• 5b37c91 Update version.json with "lts": true (#10534)
• c39d622 Merge pull request #10529 from protocolbuffers/deannagarcia-patch-5
• f77d3b6 Update version.json
• 8178b06 Merge pull request #10503 from deannagarcia/3.18.x
• 24ca839 Add version file
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from oauthlib's releases.

3.2.1

In short

OAuth2.0 Provider:

• #803 : Metadata endpoint support of non-HTTPS
• CVE-2022-36087

OAuth1.0:

• #818 : Allow IPv6 being parsed by signature

General:

• Improved and fixed documentation warnings.
• Cosmetic changes based on isort

What's Changed

• add missing slots to TokenBase by @​ariebovenberg in oauthlib/oauthlib#804
• Add CORS support for Refresh Token Grant. by @​luhn in oauthlib/oauthlib#806
• GitHub Action to lint Python code by @​cclauss in oauthlib/oauthlib#797
• Docs: fix Sphinx warnings for better ReadTheDocs generation by @​JonathanHuot in oauthlib/oauthlib#807
• Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. by @​luhn in oauthlib/oauthlib#803
• chore: fix typo in test by @​tamanobi in oauthlib/oauthlib#816
• Fix typo in server.rst by @​NemanjaT in oauthlib/oauthlib#819
• Fixed isort imports by @​dasm in oauthlib/oauthlib#820
• docs: Fix a few typos by @​timgates42 in oauthlib/oauthlib#822
• docs: fix typos by @​kianmeng in oauthlib/oauthlib#823

New Contributors

• @​ariebovenberg made their first contribution in oauthlib/oauthlib#804
• @​tamanobi made their first contribution in oauthlib/oauthlib#816
• @​NemanjaT made their first contribution in oauthlib/oauthlib#819
• @​kianmeng made their first contribution in oauthlib/oauthlib#823

Full Changelog: https://github.com/oauthlib/oauthlib/compare/v3.2.0...v3.2.1

3.2.0

Changelog

OAuth2.0 Client:

• #795: Add Device Authorization Flow for Web Application
• #786: Add PKCE support for Client
• #783: Fallback to none in case of wrong expires_at format.

OAuth2.0 Provider:

• #790: Add support for CORS to metadata endpoint.
• #791: Add support for CORS to token endpoint.
• #787: Remove comma after Bearer in WWW-Authenticate

OAuth2.0 Provider - OIDC:

• #755: Call save_token in Hybrid code flow
• #751: OIDC add support of refreshing ID Tokens with refresh_id_token
• #751: The RefreshTokenGrant modifiers now take the same arguments as the AuthorizationCodeGrant modifiers (token, token_handler, request).

... (truncated)

Sourced from oauthlib's changelog.

3.2.1 (2022-09-09)

OAuth2.0 Provider:

• #803: Metadata endpoint support of non-HTTPS
• CVE-2022-36087

OAuth1.0:

• #818: Allow IPv6 being parsed by signature

General:

• Improved and fixed documentation warnings.
• Cosmetic changes based on isort

3.2.0 (2022-01-29)

OAuth2.0 Client:

• #795: Add Device Authorization Flow for Web Application
• #786: Add PKCE support for Client
• #783: Fallback to none in case of wrong expires_at format.

OAuth2.0 Provider:

• #790: Add support for CORS to metadata endpoint.
• #791: Add support for CORS to token endpoint.
• #787: Remove comma after Bearer in WWW-Authenticate

OAuth2.0 Provider - OIDC:

• #755: Call save_token in Hybrid code flow
• #751: OIDC add support of refreshing ID Tokens with refresh_id_token
• #751: The RefreshTokenGrant modifiers now take the same arguments as the AuthorizationCodeGrant modifiers (token, token_handler, request).

General:

• Added Python 3.9, 3.10, 3.11
• Improve Travis & Coverage

• 88bb156 Updated date and authors
• 1a45d97 Prepare 3.2.1 release
• 0adbbe1 docs: fix typos
• 6569ec3 docs: Fix a few typos
• bdc486e Fixed isort imports
• 7db45bd Fix typo in server.rst
• b14ad85 chore: s/bode_code_verifier/body_code_verifier/g
• b123283 Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. (#803)
• 2f887b5 Docs: fix Sphinx warnings for better ReadTheDocs generation (#807)
• d4bafd9 Merge pull request #797 from cclauss/patch-2
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from cookiecutter's releases.

2.1.1

Documentation updates

• Fix local extensions documentation (#1686) @​alkatar21

Bugfixes

• Sanitize Mercurial branch information before checkout. (#1689) @​ericof

This release is made by wonderful contributors:

@​alkatar21, @​ericof and @​jensens

2.1.0

Preamble

This release log lists all changes from 1.7.3 to this release. It includes the log of the 2.0.x releases, which were never published on PyPI. Because of that it might look a bit blurry.

We release the current stable state of the project, knowing there are a bunch of open pull requests. Those will be reviewed by the core-committers and merged or dropped.

Future releases will happen more frequently. Stay tuned.

Fetch fresh from PyPI https://pypi.org/project/cookiecutter/2.1.0/

Changes

• Move contributors and backers to credits section (#1599) @​doobrie
• test_generate_file_verbose_template_syntax_error fixed (#1671) @​MaciejPatro
• Removed changes related to setuptools_scm (#1629) @​ozer550
• Release 2.0.1 (#1620) @​audreyfeldroy

Breaking Changes

• Release preparation for 2.0.1rc1 (#1608) @​audreyfeldroy
• Replace poyo with pyyaml. (#1489) @​dHannasch
• Added: Path templates will be rendered when copy_without_render used (#839) @​noirbizarre
• Added: End of line detection and configuration. (#1407) @​insspb
• Remove support for python2.7 (#1386) @​ssbarnea

Minor Changes

• Documentation overhaul (#1677) @​jensens
• Feature/local extensions (#1240) @​mwesterhof
• Adopt setuptools-scm packaging (#1577) @​ssbarnea
• Log the error message when git clone fails, not just the return code (#1505) @​logworthy
• allow jinja 3.0.0 (#1548) @​wouterdb
• Added uuid extension to be able to generate uuids (#1493) @​jonaswre

... (truncated)

Sourced from cookiecutter's changelog.

2.1.1 (2022-06-01)

Documentation updates

• Fix local extensions documentation (#1686) @​alkatar21

Bugfixes

• Sanitize Mercurial branch information before checkout. (#1689) @​ericof

This release is made by wonderfull contributors:

@​alkatar21, @​ericof and @​jensens

2.1.0 (2022-05-30)

Changes

• Move contributors and backers to credits section (#1599) @​doobrie
• test_generate_file_verbose_template_syntax_error fixed (#1671) @​MaciejPatro
• Removed changes related to setuptools_scm (#1629) @​ozer550
• Feature/local extensions (#1240) @​mwesterhof

CI/CD and QA changes

• Check manifest: pre-commit, fixes, cleaning (#1683) @​jensens
• Follow PyPA guide to release package using GitHub Actions. (#1682) @​ericof

Documentation updates

• Fix typo in dict_variables.rst (#1680) @​ericof
• Documentation overhaul (#1677) @​jensens
• Fixed incorrect link on docs. (#1649) @​luzfcb

Bugfixes

• Restore accidentally deleted support for click 8.x (#1643) @​jaklan

This release was made possible by our wonderful contributors:

@​doobrie, @​jensens, @​ericof, @​luzfcb

2.0.2 (2021-12-27)

Remark: This release never made it to official PyPI

• Fix Python version number in cookiecutter --version and test on Python 3.10 (#1621) @​ozer550
• Removed changes related to setuptools_scm (#1629) @​audreyfeldroy @​ozer550

... (truncated)

• f9376a9 Prepare release 2.1.1
• fdffddb Merge pull request #1689 from cookiecutter/sanitize-mercurial-checkout
• 85a7884 Lint fixes
• e26c465 Sanitize Mercurial branch information before checkout.
• 94036d0 Merge pull request #1687 from cookiecutter/bump-version-back-to-dev
• 70b2ee2 Merge pull request #1686 from alkatar21/patch-1
• 8b33e96 Bump version to 2.1.1.dev0
• 58d716f [Docs] Fix local extensions documentation
• f601b71 Merge pull request #1684 from cookiecutter/bump-release-2.1.0
• 96c6826 bump version and edit historie
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from ujson's releases.

5.2.0

Added

• Support parsing NaN, Infinity and -Infinity (#514) @​Erotemic
• Support dynamically linking against system double-conversion library (#508) @​musicinmybrain
• Add env var to control stripping debug info (#507) @​musicinmybrain
• Add JSONDecodeError (#498) @​JustAnotherArchivist

Fixed

• Fix buffer overflows (CVE-2021-45958) (#519) @​JustAnotherArchivist
• Upgrade Black to fix Click (#515) @​hugovk
• simplify exception handling on integer overflow (#510) @​RouquinBlanc
• Remove dead code that used to handle the separate int type in Python 2 (#509) @​JustAnotherArchivist
• Fix exceptions on encoding list or dict elements and non-overflow errors on int handling getting silenced (#505) @​JustAnotherArchivist

5.1.0

Changed

• Strip debugging symbols from Linux binaries (#493) @​bwoodsend

5.0.0

Added

• Use cibuildwheel to build wheels (#491) @​bwoodsend

Removed

• Drop support for soon-EOL Python 3.6 (#490) @​hugovk

Fixed

• Install Twine to upload to PyPI (#492) @​hugovk

4.3.0

Added

• Enable Windows on ARM64 target (#488) @​nsait-linaro

4.2.0

Added

• Add a default keyword argument to dumps (#470) @​garenchan
• Add support for Python 3.10 (#472) @​hugovk
• Build 32-bit wheels for Windows (#481) @​hugovk
• Build PyPy3 wheels for manylinux (#475) @​hugovk
• Build wheels for musl aarch64 (aka ARM) Linux (musllinux_1_1_aarch64) (#478) @​bwoodsend
• Build wheels for musl Linux (musllinux_1_1_x86_64) (#476) @​bwoodsend

Changed

... (truncated)

• f6860f1 Remove shebang
• c0ff7b1 python -m pytest
• 362fed3 Clearer pytest command
• 82917c0 actions/checkout@v3
• 3c095f1 Widen tests to cover more possible buffer overflows
• f4d2c87 Refactor buffer reservations to ensure sufficient space on all additions
• 1846e08 Add fuzz test to CI/CD.
• 5875168 Fix some more seg-faults on encoding.
• 1a39406 Remove the hidden JSON_NO_EXTRA_WHITESPACE compile knob.
• 20aa1a6 Add a fuzzing test to search for segfaults in encoding.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.