A tool to clone efficiently all the repos in an organization

Overview

cloner

A tool to clone efficiently all the repos in an organization

CodeQL

Installation

MacOS (not yet tested)

python3 -m venv .venv
pip3 install virtualenv
source .venv/bin/activate
pip3 install -r requirements.txt
python3 cloner --help

Windows10

python3 -m venv .\.venv\
pip3 install virtualenv
.\.venv\Scripts\activate
pip3 install -r .\requirements.txt
python3 cloner --help

Usage

Cloning only public repos:

python3 cloner <organization>

Cloning all the repos your user can see (GitHub token needed):

python3 cloner <organization> --token=<your_github_token>

More info:

python3 cloner --help

To exit the virtual env:

deactivate

Running Tests (WIP)

With the virtual env active and in the root folder:

pip3 install -r requirements-dev.txt
pytest tests

Contributing

Issues and Pull Requests are welcome :)

License

MIT

Other & Troubleshooting

Multithreading doesn't work to clone repos, since the os.system call is 1 for each PID. The splitting is done with multithreading, the cloning with multiprocessing. Same amount of threads and processes.

If we can't activate the virtual env in Windows10, review with this:

> Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser
> Get-ExecutionPolicy -List
Comments
  • Bump mccabe from 0.6.1 to 0.7.0

    Bump mccabe from 0.6.1 to 0.7.0

    Bumps mccabe from 0.6.1 to 0.7.0.

    Commits
    • 835a540 Prepare for v0.7.0
    • 2d4dd94 Merge pull request #81 from MaxG87/master
    • 7c54a18 Merge pull request #88 from cclauss/patch-1
    • ff7e1ea [flake8] max-line-length = 88
    • 2dfdfb1 flake8 --max-line-length=88 again
    • 7285c3b Merge pull request #87 from cclauss/patch-1
    • 78ce383 tox.ini: flake8 --max-line-length=88
    • 4ba21d2 Travis CI: allow_failures in Python end of life branches
    • 80794d3 Apply suggestions from code review
    • e864119 Merge pull request #86 from cclauss/patch-1
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 5
  • Bump click from 8.0.3 to 8.1.3

    Bump click from 8.0.3 to 8.1.3

    Bumps click from 8.0.3 to 8.1.3.

    Release notes

    Sourced from click's releases.

    8.1.3

    This is a fix release for the 8.1.0 feature release.

    8.1.2

    This is a fix release for the 8.1.0 feature release.

    8.1.1

    This is a fix release for the 8.1.0 feature release.

    8.1.0

    This is a feature release, which includes new features and removes previously deprecated features. The 8.1.x branch is now the supported bugfix branch, the 8.0.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

    8.0.4

    Changelog

    Sourced from click's changelog.

    Version 8.1.3

    Released 2022-04-28

    • Use verbose form of typing.Callable for @command and @group. :issue:2255
    • Show error when attempting to create an option with multiple=True, is_flag=True. Use count instead. :issue:2246

    Version 8.1.2

    Released 2022-03-31

    • Fix error message for readable path check that was mixed up with the executable check. :pr:2236
    • Restore parameter order for Path, placing the executable parameter at the end. It is recommended to use keyword arguments instead of positional arguments. :issue:2235

    Version 8.1.1

    Released 2022-03-30

    • Fix an issue with decorator typing that caused type checking to report that a command was not callable. :issue:2227

    Version 8.1.0

    Released 2022-03-28

    • Drop support for Python 3.6. :pr:2129

    • Remove previously deprecated code. :pr:2130

      • Group.resultcallback is renamed to result_callback.
      • autocompletion parameter to Command is renamed to shell_complete.
      • get_terminal_size is removed, use shutil.get_terminal_size instead.
      • get_os_args is removed, use sys.argv[1:] instead.
    • Rely on :pep:538 and :pep:540 to handle selecting UTF-8 encoding instead of ASCII. Click's locale encoding detection is removed.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 4
  • Bump click from 8.0.3 to 8.1.2

    Bump click from 8.0.3 to 8.1.2

    Bumps click from 8.0.3 to 8.1.2.

    Release notes

    Sourced from click's releases.

    8.1.2

    This is a fix release for the 8.1.0 feature release.

    8.1.1

    This is a fix release for the 8.1.0 feature release.

    8.1.0

    This is a feature release, which includes new features and removes previously deprecated features. The 8.1.x branch is now the supported bugfix branch, the 8.0.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

    8.0.4

    Changelog

    Sourced from click's changelog.

    Version 8.1.2

    Released 2022-03-31

    • Fix error message for readable path check that was mixed up with the executable check. :pr:2236
    • Restore parameter order for Path, placing the executable parameter at the end. It is recommended to use keyword arguments instead of positional arguments. :issue:2235

    Version 8.1.1

    Released 2022-03-30

    • Fix an issue with decorator typing that caused type checking to report that a command was not callable. :issue:2227

    Version 8.1.0

    Released 2022-03-28

    • Drop support for Python 3.6. :pr:2129

    • Remove previously deprecated code. :pr:2130

      • Group.resultcallback is renamed to result_callback.
      • autocompletion parameter to Command is renamed to shell_complete.
      • get_terminal_size is removed, use shutil.get_terminal_size instead.
      • get_os_args is removed, use sys.argv[1:] instead.
    • Rely on :pep:538 and :pep:540 to handle selecting UTF-8 encoding instead of ASCII. Click's locale encoding detection is removed. :issue:2198

    • Single options boolean flags with show_default=True only show the default if it is True. :issue:1971

    • The command and group decorators can be applied with or without parentheses. :issue:1359

    • The Path type can check whether the target is executable. :issue:1961

    • Command.show_default overrides Context.show_default, instead of the other way around. :issue:1963

    • Parameter decorators and @group handles cls=None the same as not passing cls. @option handles help=None the same as not passing help. :issue:[#1959](https://github.com/pallets/click/issues/1959)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 3
  • Bump pytest from 7.1.3 to 7.2.0

    Bump pytest from 7.1.3 to 7.2.0

    Bumps pytest from 7.1.3 to 7.2.0.

    Release notes

    Sourced from pytest's releases.

    7.2.0

    pytest 7.2.0 (2022-10-23)

    Deprecations

    • #10012: Update pytest.PytestUnhandledCoroutineWarning{.interpreted-text role="class"} to a deprecation; it will raise an error in pytest 8.

    • #10396: pytest no longer depends on the py library. pytest provides a vendored copy of py.error and py.path modules but will use the py library if it is installed. If you need other py.* modules, continue to install the deprecated py library separately, otherwise it can usually be removed as a dependency.

    • #4562: Deprecate configuring hook specs/impls using attributes/marks.

      Instead use :pypytest.hookimpl{.interpreted-text role="func"} and :pypytest.hookspec{.interpreted-text role="func"}. For more details, see the docs <legacy-path-hooks-deprecated>{.interpreted-text role="ref"}.

    • #9886: The functionality for running tests written for nose has been officially deprecated.

      This includes:

      • Plain setup and teardown functions and methods: this might catch users by surprise, as setup() and teardown() are not pytest idioms, but part of the nose support.
      • Setup/teardown using the @​with_setup decorator.

      For more details, consult the deprecation docs <nose-deprecation>{.interpreted-text role="ref"}.

    Features

    • #9897: Added shell-style wildcard support to testpaths.

    Improvements

    • #10218: @pytest.mark.parametrize() (and similar functions) now accepts any Sequence[str] for the argument names, instead of just list[str] and tuple[str, ...].

      (Note that str, which is itself a Sequence[str], is still treated as a comma-delimited name list, as before).

    • #10381: The --no-showlocals flag has been added. This can be passed directly to tests to override --showlocals declared through addopts.

    • #3426: Assertion failures with strings in NFC and NFD forms that normalize to the same string now have a dedicated error message detailing the issue, and their utf-8 representation is expresed instead.

    • #7337: A warning is now emitted if a test function returns something other than [None]{.title-ref}. This prevents a common mistake among beginners that expect that returning a [bool]{.title-ref} (for example [return foo(a, b) == result]{.title-ref}) would cause a test to pass or fail, instead of using [assert]{.title-ref}.

    • #8508: Introduce multiline display for warning matching via :pypytest.warns{.interpreted-text role="func"} and enhance match comparison for :py_pytest._code.ExceptionInfo.match{.interpreted-text role="func"} as returned by :pypytest.raises{.interpreted-text role="func"}.

    • #8646: Improve :pypytest.raises{.interpreted-text role="func"}. Previously passing an empty tuple would give a confusing error. We now raise immediately with a more helpful message.

    • #9741: On Python 3.11, use the standard library's tomllib{.interpreted-text role="mod"} to parse TOML.

      tomli{.interpreted-text role="mod"}` is no longer a dependency on Python 3.11.

    • #9742: Display assertion message without escaped newline characters with -vv.

    • #9823: Improved error message that is shown when no collector is found for a given file.

    ... (truncated)

    Commits
    • 3af3f56 Prepare release version 7.2.0
    • bc2c3b6 Merge pull request #10408 from NateMeyvis/patch-2
    • d84ed48 Merge pull request #10409 from pytest-dev/asottile-patch-1
    • ffe49ac Merge pull request #10396 from pytest-dev/pylib-hax
    • d352098 allow jobs to pass if codecov.io fails
    • c5c562b Fix typos in CONTRIBUTING.rst
    • d543a45 add deprecation changelog for py library vendoring
    • f341a5c Merge pull request #10407 from NateMeyvis/patch-1
    • 1027dc8 [pre-commit.ci] auto fixes from pre-commit.com hooks
    • 6b905ee Add note on tags to CONTRIBUTING.rst
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 2
  • Bump certifi from 2021.10.8 to 2022.5.18.1

    Bump certifi from 2021.10.8 to 2022.5.18.1

    Bumps certifi from 2021.10.8 to 2022.5.18.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 2
  • Bump coverage from 6.3.2 to 6.4

    Bump coverage from 6.3.2 to 6.4

    Bumps coverage from 6.3.2 to 6.4.

    Changelog

    Sourced from coverage's changelog.

    Version 6.4 — 2022-05-22

    • A new setting, :ref:config_run_sigterm, controls whether a SIGTERM signal handler is used. In 6.3, the signal handler was always installed, to capture data at unusual process ends. Unfortunately, this introduced other problems (see issue 1310_). Now the signal handler is only used if you opt-in by setting [run] sigterm = true.

    • Small changes to the HTML report:

      • Added links to next and previous file, and more keyboard shortcuts: [ and ] for next file and previous file; u for up to the index; and ? to open/close the help panel. Thanks, J. M. F. Tsang <pull 1364_>_.

      • The timestamp and version are displayed at the top of the report. Thanks, Ammar Askar <pull 1354_>. Closes issue 1351.

    • A new debug option debug=sqldata adds more detail to debug=sql, logging all the data being written to the database.

    • Previously, running coverage report (or any of the reporting commands) in an empty directory would create a .coverage data file. Now they do not, fixing issue 1328_.

    • On Python 3.11, the [toml] extra no longer installs tomli, instead using tomllib from the standard library. Thanks Shantanu <pull 1359_>_.

    • In-memory CoverageData objects now properly update(), closing issue 1323_.

    .. _issue 1310: nedbat/coveragepy#1310 .. _issue 1323: nedbat/coveragepy#1323 .. _issue 1328: nedbat/coveragepy#1328 .. _issue 1351: nedbat/coveragepy#1351 .. _pull 1354: nedbat/coveragepy#1354 .. _pull 1359: nedbat/coveragepy#1359 .. _pull 1364: nedbat/coveragepy#1364

    .. _changes_633:

    Version 6.3.3 — 2022-05-12

    • Fix: Coverage.py now builds successfully on CPython 3.11 (3.11.0b1) again. Closes issue 1367_. Some results for generators may have changed.

    .. _issue 1367: nedbat/coveragepy#1367

    ... (truncated)

    Commits
    • e6df5b3 fix: don't create a data file when just trying to read one. #1328
    • d849b25 docs: latest sample HTML report
    • 3ab15f4 build: prep for 6.4
    • b5a1102 docs: spell check
    • 0d8c6cb docs: mention in the man page
    • 2b0f584 build: more make targets for release steps
    • c739564 docs: add a note about using --debug=trace to debug No Data. #1379
    • 439ccad style(docs): use definition list for warnings
    • a49ca09 feat: a new debug option sqldata shows all the data being written to the db.
    • 8991e9d refactor: SqliteDb uses its debug object more like other code
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 2
  • Bump faker from 13.3.4 to 13.6.0

    Bump faker from 13.3.4 to 13.6.0

    Bumps faker from 13.3.4 to 13.6.0.

    Release notes

    Sourced from faker's releases.

    Release v13.6.0

    See CHANGELOG.md.

    Release v13.5.0

    See CHANGELOG.md.

    Release v13.4.0

    See CHANGELOG.md.

    Release v13.3.5

    See CHANGELOG.md.

    Changelog

    Sourced from faker's changelog.

    v13.6.0 - 2022-04-27

    v13.5.0 - 2022-04-27

    v13.4.0 - 2022-04-22

    v13.3.5 - 2022-04-20

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 2
  • Bump platformdirs from 2.5.2 to 2.5.4

    Bump platformdirs from 2.5.2 to 2.5.4

    Bumps platformdirs from 2.5.2 to 2.5.4.

    Release notes

    Sourced from platformdirs's releases.

    2.5.4

    Full Changelog: https://github.com/platformdirs/platformdirs/compare/2.5.3...2.5.4

    2.5.3

    What's Changed

    New Contributors

    Full Changelog: https://github.com/platformdirs/platformdirs/compare/2.5.2...2.5.3

    Changelog

    Sourced from platformdirs's changelog.

    platformdirs 2.5.4 (2022-11-12)

    • Fix licesing metadata

    platformdirs 2.5.3 (2022-11-06)

    • Support 3.11
    • Bump dependencies
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 1
  • Bump pip-tools from 6.8.0 to 6.9.0

    Bump pip-tools from 6.8.0 to 6.9.0

    Bumps pip-tools from 6.8.0 to 6.9.0.

    Release notes

    Sourced from pip-tools's releases.

    6.9.0

    Features:

    Bug Fixes:

    Other Changes:

    • Add pyproject.toml & modern packaging to introduction. (#1668). Thanks @​hynek
    Changelog

    Sourced from pip-tools's changelog.

    6.9.0 (2022-10-05)

    Features:

    Bug Fixes:

    Other Changes:

    • Add pyproject.toml & modern packaging to introduction. (#1668). Thanks @​hynek
    Commits
    • 906bf36 Update changelog for 6.9.0 release (#1693)
    • 221dd4c Refactor Resolver._get_install_requirements() (#1664)
    • 5242ab8 Add --all-extras flag to pip-compile (#1630)
    • a659e55 Merge pull request #1692 from webknjaz/testing/gha-codecov-flags
    • 5164b43 Merge branch 'master' into testing/gha-codecov-flags
    • b5a1847 Readability fix
    • e19cc32 Merge pull request #1691 from webknjaz/testing/gha-colored-output
    • 9992385 Send env-specific flags to Coverage from GHA
    • 4764cb4 Colorize GHA terminal output globally
    • 2807b13 Merge pull request #1690 from webknjaz/testing/gha-actions-update-oct-04-2022
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 1
  • Bump faker from 15.0.0 to 15.1.1

    Bump faker from 15.0.0 to 15.1.1

    Bumps faker from 15.0.0 to 15.1.1.

    Release notes

    Sourced from faker's releases.

    Release v15.1.1

    See CHANGELOG.md.

    Release v15.1.0

    See CHANGELOG.md.

    Changelog

    Sourced from faker's changelog.

    v15.1.1 - 2022-10-13

    v15.1.0 - 2022-10-11

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 1
  • Bump charset-normalizer from 2.1.1 to 3.0.0

    Bump charset-normalizer from 2.1.1 to 3.0.0

    Bumps charset-normalizer from 2.1.1 to 3.0.0.

    Release notes

    Sourced from charset-normalizer's releases.

    Version 3.0.0

    3.0.0 (2022-10-20)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio
    • normalizer --version now specify if the current version provides extra speedup (meaning mypyc compilation whl)

    Changed

    • Build with static metadata (not pyproject.toml yet)
    • Make language detection stricter
    • Optional: Module md.py can be compiled using Mypyc to provide an extra speedup up to 4x faster than v2.1

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha characters have been fed to it
    • Sphinx warnings when generating the documentation

    Removed

    • Coherence detector no longer returns 'Simple English' instead returns 'English'
    • Coherence detector no longer returns 'Classical Chinese' instead returns 'Chinese'
    • Breaking: Method first() and best() from CharsetMatch
    • UTF-7 will no longer appear as "detected" without a recognized SIG/mark (is unreliable/conflicts with ASCII)
    • Breaking: Class aliases CharsetDetector, CharsetDoctor, CharsetNormalizerMatch and CharsetNormalizerMatches
    • Breaking: Top-level function normalize
    • Breaking: Properties chaos_secondary_pass, coherence_non_latin and w_counter from CharsetMatch
    • Support for the backport unicodedata2

    This is the last version (3.0.x) to support Python 3.6 We plan to drop it for 3.1.x

    Version 3.0.0rc1

    This is the last pre-release. If everything goes well, I will publish the stable tag.

    3.0.0rc1 (2022-10-18)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio

    Changed

    • Build with static metadata using 'build' frontend
    • Make language detection stricter

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha characters have been fed to it

    Removed

    ... (truncated)

    Changelog

    Sourced from charset-normalizer's changelog.

    3.0.0 (2022-10-20)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio
    • normalizer --version now specify if current version provide extra speedup (meaning mypyc compilation whl)

    Changed

    • Build with static metadata using 'build' frontend
    • Make the language detection stricter
    • Optional: Module md.py can be compiled using Mypyc to provide an extra speedup up to 4x faster than v2.1

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha character have been fed to it
    • Sphinx warnings when generating the documentation

    Removed

    • Coherence detector no longer return 'Simple English' instead return 'English'
    • Coherence detector no longer return 'Classical Chinese' instead return 'Chinese'
    • Breaking: Method first() and best() from CharsetMatch
    • UTF-7 will no longer appear as "detected" without a recognized SIG/mark (is unreliable/conflict with ASCII)
    • Breaking: Class aliases CharsetDetector, CharsetDoctor, CharsetNormalizerMatch and CharsetNormalizerMatches
    • Breaking: Top-level function normalize
    • Breaking: Properties chaos_secondary_pass, coherence_non_latin and w_counter from CharsetMatch
    • Support for the backport unicodedata2

    3.0.0rc1 (2022-10-18)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio

    Changed

    • Build with static metadata using 'build' frontend
    • Make the language detection stricter

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha character have been fed to it

    Removed

    • Coherence detector no longer return 'Simple English' instead return 'English'
    • Coherence detector no longer return 'Classical Chinese' instead return 'Chinese'

    3.0.0b2 (2022-08-21)

    Added

    ... (truncated)

    Upgrade guide

    Sourced from charset-normalizer's upgrade guide.

    Guide to upgrade your code from v1 to v2

    • If you are using the legacy detect function, that is it. You have nothing to do.

    Detection

    Before

    from charset_normalizer import CharsetNormalizerMatches
    

    results = CharsetNormalizerMatches.from_bytes( '我没有埋怨,磋砣的只是一些时间。'.encode('utf_32') )

    After

    from charset_normalizer import from_bytes
    

    results = from_bytes( '我没有埋怨,磋砣的只是一些时间。'.encode('utf_32') )

    Methods that once were staticmethods of the class CharsetNormalizerMatches are now basic functions. from_fp, from_bytes, from_fp and `` are concerned.

    Staticmethods scheduled to be removed in version 3.0

    Commits
    • 0ec52ef Version 3.0.0 (#223)
    • db134f3 Update python-publish.yml
    • 690f74c :wrench: pass --no-isolation through CIBW_CONFIG_SETTINGS --build-option
    • 20996c3 :arrow_up: cibuildwheel v2.11.1 (fix-tag)
    • 24f366c :arrow_up: cibuildwheel v2.11.1
    • 33b7327 :wrench: update universal-wheel stage (missing build pkg)
    • 544595d Merge pull request #209 from Ousret/3.0
    • 6367d53 :pencil: Missing CHANGELOG entry and add language_threshold to docs::advanced...
    • b15f416 :pencil: Update CHANGELOG.md
    • f8e1153 :pencil: Adjust speedup docs section
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 1
  • Bump packaging from 21.3 to 22.0

    Bump packaging from 21.3 to 22.0

    Bumps packaging from 21.3 to 22.0.

    Release notes

    Sourced from packaging's releases.

    22.0

    What's Changed

    ... (truncated)

    Changelog

    Sourced from packaging's changelog.

    22.0 - 2022-12-07

    
    * Explicitly declare support for Python 3.11 (:issue:`587`)
    * Remove support for Python 3.6 (:issue:`500`)
    * Remove ``LegacySpecifier`` and ``LegacyVersion`` (:issue:`407`)
    * Add ``__hash__`` and ``__eq__`` to ``Requirement`` (:issue:`499`)
    * Add a ``cpNNN-none-any`` tag (:issue:`541`)
    * Adhere to :pep:`685` when evaluating markers with extras (:issue:`545`)
    * Allow accepting locally installed prereleases with ``SpecifierSet``  (:issue:`515`)
    * Allow pre-release versions in marker evaluation (:issue:`523`)
    * Correctly parse ELF for musllinux on Big Endian (:issue:`538`)
    * Document ``packaging.utils.NormalizedName`` (:issue:`565`)
    * Document exceptions raised by functions in ``packaging.utils`` (:issue:`544`)
    * Fix compatible version specifier incorrectly strip trailing ``0`` (:issue:`493`)
    * Fix macOS platform tags with old macOS SDK (:issue:`513`)
    * Forbid prefix version matching on pre-release/post-release segments (:issue:`563`)
    * Normalize specifier version for prefix matching (:issue:`561`)
    * Improve documentation for ``packaging.specifiers`` and ``packaging.version``. (:issue:`572`)
    * ``Marker.evaluate`` will now assume evaluation environment with empty ``extra``.
      Evaluating markers like ``"extra == 'xyz'"`` without passing any extra in the
      ``environment`` will no longer raise an exception (:issue:`550`)
    * Remove dependency on ``pyparsing``, by replacing it with a hand-written parser.
      This package now has no runtime dependencies (:issue:`468`)
    * Update return type hint for ``Specifier.filter`` and ``SpecifierSet.filter``
      to use ``Iterator`` instead of ``Iterable`` (:issue:`584`)
    
    Commits
    • b6e9bbc Bump for release
    • 55bdc66 Bump version to 22.0
    • b997a48 Permit arbitrary whitespace around versions specifier in parenthesis
    • e7ce051 Fix a typo in an error message
    • cb09331 Enforce word boundaries in operators and names
    • b41326d Rename marker_expr to marker
    • 975cd32 Permit whitespace around marker_atom
    • 8cba45c Add ParserSyntaxError as the cause of Invalid{Requirement/Marker}
    • 7930b73 Improve error message for bad version specifiers in Requirement
    • 258d252 Rewrite test suite for requirements parsing
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 0
  • Bump urllib3 from 1.26.12 to 1.26.13

    Bump urllib3 from 1.26.12 to 1.26.13

    Bumps urllib3 from 1.26.12 to 1.26.13.

    Release notes

    Sourced from urllib3's releases.

    1.26.13

    • Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
    • Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
    • Fixed a deprecation warning when using cryptography v39.0.0.
    • Removed the <4 in the Requires-Python packaging metadata field.
    Changelog

    Sourced from urllib3's changelog.

    1.26.13 (2022-11-23)

    • Deprecated the HTTPResponse.getheaders() and HTTPResponse.getheader() methods.
    • Fixed an issue where parsing a URL with leading zeroes in the port would be rejected even when the port number after removing the zeroes was valid.
    • Fixed a deprecation warning when using cryptography v39.0.0.
    • Removed the <4 in the Requires-Python packaging metadata field.
    Commits
    • 64b7f79 Release 1.26.13
    • 977b843 Update publish workflow on 1.26.x to match main
    • 64a3767 Bump cryptography to fix docs build
    • 455960b Support cryptography 39
    • 955da4d [1.26] Strip leading zeros from ports
    • b8c5d45 [1.26] Deprecate HTTPResponse.getheaders() and .getheader() methods
    • 8b8e4b5 Temporary fix for SLSA generator
    • cc9b0dc [1.26] Fix logo URL in README
    • eb47444 [1.26] Fix CI by switching to macOS 11
    • 34d7348 Remove "<4" upper bound from python_requires
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 0
  • Bump pathspec from 0.10.2 to 0.10.3

    Bump pathspec from 0.10.2 to 0.10.3

    Bumps pathspec from 0.10.2 to 0.10.3.

    Release notes

    Sourced from pathspec's releases.

    v0.10.3

    Release v0.10.3. See CHANGES.rst.

    Changelog

    Sourced from pathspec's changelog.

    0.10.3 (2022-12-09)

    New features:

    • Added utility function pathspec.util.append_dir_sep() to aid in distinguishing between directories and files on the file-system. See Issue [#65](https://github.com/cpburnz/python-pathspec/issues/65)_.

    Bug fixes:

    • Issue [#66](https://github.com/cpburnz/python-pathspec/issues/66)/Pull [#67](https://github.com/cpburnz/python-pathspec/issues/67): Package not marked as py.typed.
    • Issue [#68](https://github.com/cpburnz/python-pathspec/issues/68)_: Exports are considered private.
    • Issue [#70](https://github.com/cpburnz/python-pathspec/issues/70)/Pull [#71](https://github.com/cpburnz/python-pathspec/issues/71): 'Self' string literal type is Unknown in pyright.

    Improvements:

    • Issue [#65](https://github.com/cpburnz/python-pathspec/issues/65)_: Checking directories via match_file() does not work on Path objects.

    .. _Issue [#65](https://github.com/cpburnz/python-pathspec/issues/65): cpburnz/python-pathspec#65 .. _Issue [#66](https://github.com/cpburnz/python-pathspec/issues/66): cpburnz/python-pathspec#66 .. _Pull [#67](https://github.com/cpburnz/python-pathspec/issues/67): cpburnz/python-pathspec#67 .. _Issue [#68](https://github.com/cpburnz/python-pathspec/issues/68): cpburnz/python-pathspec#68 .. _Issue [#70](https://github.com/cpburnz/python-pathspec/issues/70): cpburnz/python-pathspec#70 .. _Pull [#71](https://github.com/cpburnz/python-pathspec/issues/71): cpburnz/python-pathspec#71

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 0
  • Bump exceptiongroup from 1.0.4 to 1.1.0

    Bump exceptiongroup from 1.0.4 to 1.1.0

    Bumps exceptiongroup from 1.0.4 to 1.1.0.

    Changelog

    Sourced from exceptiongroup's changelog.

    Version history

    This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

    1.1.0

    • Backported upstream fix for gh-99553 (custom subclasses of BaseExceptionGroup that also inherit from Exception should not be able to wrap base exceptions)
    • Moved all initialization code to __new__() (thus matching Python 3.11 behavior)

    1.0.4

    • Fixed regression introduced in v1.0.3 where the code computing the suggestions would assume that both the obj attribute of AttributeError is always available, even though this is only true from Python 3.10 onwards (#43; PR by Carl Friedrich Bolz-Tereick)

    1.0.3

    • Fixed monkey patching breaking suggestions (on a NameError or AttributeError) on Python 3.10 (#41; PR by Carl Friedrich Bolz-Tereick)

    1.0.2

    • Updated type annotations to match the ones in typeshed

    1.0.1

    • Fixed formatted traceback missing exceptions beyond 2 nesting levels of __context__ or __cause__

    1.0.0

    • Fixed AttributeError: 'PatchedTracebackException' object has no attribute '__cause__' on Python 3.10 (only) when a traceback is printed from an exception where an exception group is set as the cause (#33)
    • Fixed a loop in exception groups being rendered incorrectly (#35)
    • Fixed the patched formatting functions (format_exception()etc.) not passing the compact=True flag on Python 3.10 like the original functions do

    1.0.0rc9

    • Added custom versions of several traceback functions that work with exception groups even if monkey patching was disabled or blocked

    1.0.0rc8

    • Don't monkey patch anything if sys.excepthook has been altered

    ... (truncated)

    Commits
    • d6a0c30 Added the release version
    • a359629 Use new() only for initialization (#52)
    • 1bfa48a [pre-commit.ci] pre-commit autoupdate (#54)
    • 6e0f331 Backported upstream fix for gh-99553 (#51)
    • f32faa2 Added a better fix for the coveralls <-> coverage compatibility issue
    • 34bcf19 Worked around coveralls's allergy of coverage 7
    • a50b5d8 [pre-commit.ci] pre-commit autoupdate
    • 6abcee5 Updated tox configuration
    • 6ed0363 [pre-commit.ci] pre-commit autoupdate
    • 3fb346b [pre-commit.ci] pre-commit autoupdate (#47)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 0
  • [Snyk] Security upgrade setuptools from 39.0.1 to 65.5.1

    [Snyk] Security upgrade setuptools from 39.0.1 to 65.5.1

    This PR was automatically created by Snyk using the credentials of a real user.


    Snyk has created this PR to fix one or more vulnerable packages in the `pip` dependencies of this project.

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • requirements-dev.txt

    Vulnerabilities that will be fixed

    By pinning:

    Severity | Priority Score (*) | Issue | Upgrade | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 551/1000
    Why? Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
    SNYK-PYTHON-SETUPTOOLS-3180412 | setuptools:
    39.0.1 -> 65.5.1
    | No | No Known Exploit

    (*) Note that the real score may have changed since the PR was raised.

    Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

    Check the changes in this PR to ensure they won't cause issues with your project.


    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic


    Learn how to fix vulnerabilities with free interactive lessons:

    🦉 Regular Expression Denial of Service (ReDoS)

    opened by w0rmr1d3r 0
  • Bump charset-normalizer from 2.1.1 to 3.0.1

    Bump charset-normalizer from 2.1.1 to 3.0.1

    Bumps charset-normalizer from 2.1.1 to 3.0.1.

    Release notes

    Sourced from charset-normalizer's releases.

    Version 3.0.1

    3.0.1 (2022-11-18)

    Fixed

    • Multi-bytes cutter/chunk generator did not always cut correctly (PR #233)

    Changed

    • Speedup provided using mypy/c 0.990 on Python >= 3.7

    Version 3.0.0

    3.0.0 (2022-10-20)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio
    • normalizer --version now specify if the current version provides extra speedup (meaning mypyc compilation whl)

    Changed

    • Build with static metadata (not pyproject.toml yet)
    • Make language detection stricter
    • Optional: Module md.py can be compiled using Mypyc to provide an extra speedup up to 4x faster than v2.1

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha characters have been fed to it
    • Sphinx warnings when generating the documentation

    Removed

    • Coherence detector no longer returns 'Simple English' instead returns 'English'
    • Coherence detector no longer returns 'Classical Chinese' instead returns 'Chinese'
    • Breaking: Method first() and best() from CharsetMatch
    • UTF-7 will no longer appear as "detected" without a recognized SIG/mark (is unreliable/conflicts with ASCII)
    • Breaking: Class aliases CharsetDetector, CharsetDoctor, CharsetNormalizerMatch and CharsetNormalizerMatches
    • Breaking: Top-level function normalize
    • Breaking: Properties chaos_secondary_pass, coherence_non_latin and w_counter from CharsetMatch
    • Support for the backport unicodedata2

    This is the last version (3.0.x) to support Python 3.6 We plan to drop it for 3.1.x

    Version 3.0.0rc1

    This is the last pre-release. If everything goes well, I will publish the stable tag.

    3.0.0rc1 (2022-10-18)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio

    ... (truncated)

    Changelog

    Sourced from charset-normalizer's changelog.

    3.0.1 (2022-11-18)

    Fixed

    • Multi-bytes cutter/chunk generator did not always cut correctly (PR #233)

    Changed

    • Speedup provided by mypy/c 0.990 on Python >= 3.7

    3.0.0 (2022-10-20)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio
    • normalizer --version now specify if current version provide extra speedup (meaning mypyc compilation whl)

    Changed

    • Build with static metadata using 'build' frontend
    • Make the language detection stricter
    • Optional: Module md.py can be compiled using Mypyc to provide an extra speedup up to 4x faster than v2.1

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha character have been fed to it
    • Sphinx warnings when generating the documentation

    Removed

    • Coherence detector no longer return 'Simple English' instead return 'English'
    • Coherence detector no longer return 'Classical Chinese' instead return 'Chinese'
    • Breaking: Method first() and best() from CharsetMatch
    • UTF-7 will no longer appear as "detected" without a recognized SIG/mark (is unreliable/conflict with ASCII)
    • Breaking: Class aliases CharsetDetector, CharsetDoctor, CharsetNormalizerMatch and CharsetNormalizerMatches
    • Breaking: Top-level function normalize
    • Breaking: Properties chaos_secondary_pass, coherence_non_latin and w_counter from CharsetMatch
    • Support for the backport unicodedata2

    3.0.0rc1 (2022-10-18)

    Added

    • Extend the capability of explain=True when cp_isolation contains at most two entries (min one), will log in details of the Mess-detector results
    • Support for alternative language frequency set in charset_normalizer.assets.FREQUENCIES
    • Add parameter language_threshold in from_bytes, from_path and from_fp to adjust the minimum expected coherence ratio

    Changed

    • Build with static metadata using 'build' frontend
    • Make the language detection stricter

    Fixed

    • CLI with opt --normalize fail when using full path for files
    • TooManyAccentuatedPlugin induce false positive on the mess detection when too few alpha character have been fed to it

    ... (truncated)

    Upgrade guide

    Sourced from charset-normalizer's upgrade guide.

    Guide to upgrade your code from v1 to v2

    • If you are using the legacy detect function, that is it. You have nothing to do.

    Detection

    Before

    from charset_normalizer import CharsetNormalizerMatches
    

    results = CharsetNormalizerMatches.from_bytes( '我没有埋怨,磋砣的只是一些时间。'.encode('utf_32') )

    After

    from charset_normalizer import from_bytes
    

    results = from_bytes( '我没有埋怨,磋砣的只是一些时间。'.encode('utf_32') )

    Methods that once were staticmethods of the class CharsetNormalizerMatches are now basic functions. from_fp, from_bytes, from_fp and `` are concerned.

    Staticmethods scheduled to be removed in version 3.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    bump 
    opened by dependabot[bot] 0
Releases(1.4.0)
  • 1.4.0(Dec 9, 2022)

    What's Changed

    • Support for Python 3.11 by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/99

    Security bumps

    • [Snyk] Security upgrade wheel from 0.37.1 to 0.38.0 by @snyk-bot in https://github.com/w0rmr1d3r/cloner/pull/88
    • [Snyk] Security upgrade setuptools from 39.0.1 to 65.5.1 by @snyk-bot in https://github.com/w0rmr1d3r/cloner/pull/90

    Other bumps

    • Bump faker from 15.0.0 to 15.3.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/89
    • Bump pytest from 7.1.3 to 7.2.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/87
    • Bump pip-tools from 6.8.0 to 6.10.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/91
    • Bump responses from 0.21.0 to 0.22.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/84
    • Bump certifi from 2022.9.24 to 2022.12.7 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/97
    • Bump pathspec from 0.10.1 to 0.10.2 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/94
    • Bump platformdirs from 2.5.2 to 2.6.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/98
    • Bump black from 22.8.0 to 22.10.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/95

    New Contributors

    • @snyk-bot made their first contribution in https://github.com/w0rmr1d3r/cloner/pull/88

    Full Changelog: https://github.com/w0rmr1d3r/cloner/compare/1.3.0...1.4.0

    Source code(tar.gz)
    Source code(zip)
  • 1.3.0(Oct 4, 2022)

    What's Changed

    • Supporting Python3.9 and Python3.10 by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/82
    • Development status is now 5 - Production/Stable

    Full Changelog: https://github.com/w0rmr1d3r/cloner/compare/1.2.0...1.3.0

    Source code(tar.gz)
    Source code(zip)
  • 1.2.0(Oct 3, 2022)

    What's Changed

    • Update setup.cfg by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/58
    • Bump coverage from 6.4.1 to 6.4.2 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/60
    • Bump pep517 from 0.12.0 to 0.13.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/61
    • Bump faker from 13.14.0 to 13.15.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/62
    • Bump coverage from 6.4.2 to 6.4.3 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/65
    • Bump flake8 from 4.0.1 to 5.0.4 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/66
    • Bump pycodestyle from 2.8.0 to 2.9.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/63
    • Bump faker from 13.15.1 to 14.1.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/67
    • Bump attrs from 21.4.0 to 22.1.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/71
    • Bump coverage from 6.4.3 to 6.4.4 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/70
    • Bump pathspec from 0.9.0 to 0.10.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/75
    • Bump black from 22.6.0 to 22.8.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/74
    • Bump faker from 14.1.0 to 15.0.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/76
    • Bump certifi from 2022.6.15 to 2022.9.24 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/78
    • Bump pytest from 7.1.2 to 7.1.3 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/79
    • Bump idna from 3.3 to 3.4 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/77
    • Bump charset-normalizer from 2.0.12 to 2.1.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/68
    • Bump urllib3 from 1.26.9 to 1.26.12 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/69
    • Add PyPi monthly downloads by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/81
    • Bump coverage from 6.4.4 to 6.5.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/80

    Full Changelog: https://github.com/w0rmr1d3r/cloner/compare/1.1.0...1.2.0

    Source code(tar.gz)
    Source code(zip)
  • 1.1.0(Jul 1, 2022)

    What's Changed

    • Bump pip-tools from 6.6.0 to 6.6.2 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/44
    • Bump pyparsing from 3.0.8 to 3.0.9 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/47
    • Bump coverage from 6.3.2 to 6.4 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/45
    • Delete SonarCloud by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/53
    • Bump actions/setup-python from 3 to 4 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/48
    • Bump black from 22.3.0 to 22.6.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/49
    • Bump responses from 0.20.0 to 0.21.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/50
    • Bump faker from 13.7.0 to 13.14.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/54
    • Bump coverage from 6.4 to 6.4.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/55
    • Bump pip-tools from 6.6.2 to 6.8.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/56
    • Bump requests from 2.27.1 to 2.28.1 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/51
    • Bump certifi from 2021.10.8 to 2022.6.15 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/52

    Full Changelog: https://github.com/w0rmr1d3r/cloner/compare/1.0.0...1.1.0

    Source code(tar.gz)
    Source code(zip)
  • 1.0.0(May 13, 2022)

  • 0.0.2-alpha(May 6, 2022)

    What's Changed

    • Update documentation by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/25
    • Added tests for cloner_process.py by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/26
    • Add treeware by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/27
    • Fix License by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/28
    • Fix tree badge by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/29
    • Move to sonarcloud by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/30
    • update readme by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/32
    • Update star section by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/33
    • Bump pip-tools from 6.5.1 to 6.6.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/34
    • Bump pytest from 7.1.1 to 7.1.2 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/36
    • Bump pyparsing from 3.0.7 to 3.0.8 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/37
    • Bump platformdirs from 2.5.1 to 2.5.2 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/39
    • Bump faker from 13.3.4 to 13.7.0 by @dependabot in https://github.com/w0rmr1d3r/cloner/pull/38
    • Introduce coverage by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/41
    • Add better classifiers by @w0rmr1d3r in https://github.com/w0rmr1d3r/cloner/pull/40

    Full Changelog: https://github.com/w0rmr1d3r/cloner/compare/0.0.1-alpha...0.0.2-alpha

    Source code(tar.gz)
    Source code(zip)
  • 0.0.1-alpha(Apr 15, 2022)

Owner
Ramon
Security, is a must :)
Ramon
Repository tracking all OpenStack repositories as submodules. Mirror of code maintained at opendev.org.

OpenStack OpenStack is a collection of interoperable components that can be deployed to provide computing, networking and storage resources. Those inf

Mirrors of opendev.org/openstack 4.6k Dec 28, 2022
Dockerized service to backup all running database containers

Docker Database Backup Dockerized service to automatically backup all of your database containers. Docker Image Tags: docker.io/jandi/database-backup

Jan Dittrich 16 Dec 31, 2022
A Blazing fast Security Auditing tool for Kubernetes

A Blazing fast Security Auditing tool for kubernetes!! Basic Overview Kubestriker performs numerous in depth checks on kubernetes infra to identify th

Vasant Chinnipilli 934 Jan 4, 2023
A tool to convert AWS EC2 instances back and forth between On-Demand and Spot billing models.

ec2-spot-converter This tool converts existing AWS EC2 instances back and forth between On-Demand and 'persistent' Spot billing models while preservin

jcjorel 152 Dec 29, 2022
Ganeti is a virtual machine cluster management tool built on top of existing virtualization technologies such as Xen or KVM and other open source software.

Ganeti 3.0 =========== For installation instructions, read the INSTALL and the doc/install.rst files. For a brief introduction, read the ganeti(7) m

null 395 Jan 4, 2023
A cron monitoring tool written in Python & Django

Healthchecks Healthchecks is a cron job monitoring service. It listens for HTTP requests and email messages ("pings") from your cron jobs and schedule

Healthchecks 5.8k Jan 2, 2023
IP address management (IPAM) and data center infrastructure management (DCIM) tool.

NetBox is an IP address management (IPAM) and data center infrastructure management (DCIM) tool. Initially conceived by the network engineering team a

NetBox Community 11.8k Jan 7, 2023
Oncall is a calendar tool designed for scheduling and managing on-call shifts. It can be used as source of dynamic ownership info for paging systems like http://iris.claims.

Oncall See admin docs for information on how to run and manage Oncall. Development setup Prerequisites Debian/Ubuntu - sudo apt-get install libsasl2-d

LinkedIn 928 Dec 22, 2022
A declarative Kubeflow Management Tool inspired by Terraform

?? KRSH is Alpha version, so many bugs can be reported. If you find a bug, please write an Issue and grow the project together! A declarative Kubeflow

Riiid! 128 Oct 18, 2022
Convenient tool to manage multiple VMs at once using libvirt

Convenient tool to manage multiple VMs at once using libvirt Installing To install the tool and its dependencies: pip install -e . Getting completion

Cedric Bosdonnat 13 Nov 11, 2022
CTF infrastructure deployment automation tool.

CTF infrastructure deployment automation tool. Focus on the challenges. Mirrored from

Fake News 1 Apr 12, 2022
Caboto, the Kubernetes semantic analysis tool

Caboto Caboto, the Kubernetes semantic analysis toolkit. It contains a lightweight Python library for semantic analysis of plain Kubernetes manifests

Michael Schilonka 8 Nov 26, 2022
MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations.

MagTape is a Policy-as-Code tool for Kubernetes that allows for evaluating Kubernetes resources against a set of defined policies to inform and enforce best practice configurations. MagTape includes variable policy enforcement, notifications, and targeted metrics.

T-Mobile 143 Dec 27, 2022
strava-offline is a tool to keep a local mirror of Strava activities for further analysis/processing:

strava-offline Overview strava-offline is a tool to keep a local mirror of Strava activities for further analysis/processing: synchronizes metadata ab

Tomáš Janoušek 29 Dec 14, 2022
Helperpod - A CLI tool to run a Kubernetes utility pod with pre-installed tools that can be used for debugging/testing purposes inside a Kubernetes cluster

Helperpod is a CLI tool to run a Kubernetes utility pod with pre-installed tools that can be used for debugging/testing purposes inside a Kubernetes cluster.

Atakan Tatlı 2 Feb 5, 2022
This is a tool to develop, build and test PHP extensions in Docker containers.

Develop, Build and Test PHP Extensions This is a tool to develop, build and test PHP extensions in Docker containers. Installation Clone this reposito

Suora GmbH 10 Oct 22, 2022
More than 130 check plugins for Icinga and other Nagios-compatible monitoring applications. Each plugin is a standalone command line tool (written in Python) that provides a specific type of check.

Python-based Monitoring Check Plugins Collection This Enterprise Class Check Plugin Collection offers a package of more than 130 Python-based, Nagios-

Linuxfabrik 119 Dec 27, 2022
Repo-cloner - Script takes user public liked repos and clone it to a local folder

Liked repos cloner Script takes user public liked repos and clone it to a local

Aleksei 2 Jun 18, 2022
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

Eslam Akl 45 Dec 28, 2022