From 97052bbe45553e61824b91ec6ddc188dc9e469d1 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 12 Aug 2024 23:56:49 +0200 Subject: [PATCH] chore(deps): update dependency gunicorn to v23 (#37) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [gunicorn](https://github.com/benoitc/gunicorn) ([changelog](https://docs.gunicorn.org/en/stable/news.html)) | `==22.0.0` -> `==23.0.0` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/gunicorn/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/gunicorn/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/gunicorn/22.0.0/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/gunicorn/22.0.0/23.0.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
benoitc/gunicorn (gunicorn) ### [`v23.0.0`](https://github.com/benoitc/gunicorn/releases/tag/23.0.0) [Compare Source](https://github.com/benoitc/gunicorn/compare/22.0.0...23.0.0) Gunicorn 23.0.0 has been released. This version improve HTTP 1.1. support and which improve safety You're invited to upgrade asap your own installation. # 23.0.0 - 2024-08-10 - minor docs fixes (:pr:`3217`, :pr:`3089`, :pr:`3167`) - worker_class parameter accepts a class (:pr:`3079`) - fix deadlock if request terminated during chunked parsing (:pr:`2688`) - permit receiving Transfer-Encodings: compress, deflate, gzip (:pr:`3261`) - permit Transfer-Encoding headers specifying multiple encodings. note: no parameters, still (:pr:`3261`) - sdist generation now explicitly excludes sphinx build folder (:pr:`3257`) - decode bytes-typed status (as can be passed by gevent) as utf-8 instead of raising `TypeError` (:pr:`2336`) - raise correct Exception when encounting invalid chunked requests (:pr:`3258`) - the SCRIPT_NAME and PATH_INFO headers, when received from allowed forwarders, are no longer restricted for containing an underscore (:pr:`3192`) - include IPv6 loopback address `[::1]` in default for :ref:`forwarded-allow-ips` and :ref:`proxy-allow-ips` (:pr:`3192`) \*\* NOTE \*\* - The SCRIPT_NAME change mitigates a regression that appeared first in the 22.0.0 release - Review your :ref:`forwarded-allow-ips` setting if you are still not seeing the SCRIPT_NAME transmitted - Review your :ref:`forwarder-headers` setting if you are missing headers after upgrading from a version prior to 22.0.0 \*\* Breaking changes \*\* - refuse requests where the uri field is empty (:pr:`3255`) - refuse requests with invalid CR/LR/NUL in heade field values (:pr:`3253`) - remove temporary `--tolerate-dangerous-framing` switch from 22.0 (:pr:`3260`) - If any of the breaking changes affect you, be aware that now refused requests can post a security problem, especially so in setups involving request pipe-lining and/or proxies. Fix CVE-2024-1135
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://git.mgrote.net/container-images/python-api-server/pulls/37 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index ec18d55..a4b3ea9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ Flask==3.0.3 Flask-Cors==4.0.1 -gunicorn==22.0.0 +gunicorn==23.0.0 requests==2.32.3 flasgger==0.9.7.1