Upgrade to release 8.5:
Breaking changes:
- The option --lcov-test-name doesn't accept values with spaces
anymore.
- The option --lcov-format-1.x is deprecated and mapped to
--lcov-format-version=1.x.
- Changes to HTML templates.
New features and notable changes:
- Due to added support for LLVM source based code coverage format
some configuration file keys got changed. The old gcov named
options are still supported but they also affect the LLVM
toolchain.
Bug fixes and small improvements:
- Fix coveralls report if there are several coverage elements per
line.
- Fix not excluded conditions if branches are excluded by comments.
- Fix reported excluded branches in LCOV report.
- Fix exclusion filter --gcov-exclude.
- Add --json-trace-data-source to include the trace data source in
the JSON report independent from --verbose.
- Remove generated gcov files on error and catch additional gcov
error message.
- Change default HTML theme excluded line color.
- Move theme colors to a separate CSS file so they can be overridden
with a simple --html-template-dir directory with only the
style.colors.css file.
- Fix regular expression for detecting a version mismatch between
gcc and gcov.
- Improve logging messages for GCOV execution errors to not print
information twice and add trace messages for gcov execution.
- Fix handling of lines after function specialization.
- Improve performance by changing logging messages (level and lazy
interpolation).
- Fix text report for covered decisions.
- Fix runtime problem introduced with 8.4.
- Fix wrong entries in data source attribute of JSON report.
- Fix nested HTML report without coverage data.
- Add warning if coverage data is empty.
- Add warning if function lines are missing in external generated
GCOV files.
- Extend support for zipped reports. If last suffix is .xz then
LZMA is used to compress the report.
- Fix function exclusion in report generation.
- Do not ignore lines without functions, e.g. from inlined code.
- Ignore all whitespaces instead of only spaces for detection of
noncode lines.
- Add support for temporary merging line coverage objects without
modifying the data model.
- Change internal behavior of --exclude-function-lines to exclude
the line of function definition instead of removing it completely.
- Ensure that all functions have a line coverage element in LCOV
report.
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.3.0:
- Add arguments validation for schemas and validation methods (by
validation contexts)
- Add custom XPath parser for find/findall/iterfind APIs on schemas
for match singleton sequence also if position is a number greater
than 1 in predicate expression
- Improve build of XSD elements and groups, using a three-state
built flag for components
- Extend and fix memory tests (Python 3.14+ seems to consume more
memory)
- Drop support for Python 3.9 and add development support for
Python 3.15
License-Update: Update years
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 2025.12.0:
- fsspec.parquet to support filters and multiple files
- passing withdirs in aync _glob()
- fix _rm_file/_rm redirection in async
- allow arrowFile to be seekable
- add size attribute to arrowFile
- support py3.14 and drop 3.9
- avoid ruff warning
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.21.1:
- Fix escaping in help text when rich is installed but not used.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.3.0:
- Add support for italic
- can_colorize: Expect fileno() to raise OSError, as documented
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.0.3:
- Fix inference of IfExp (ternary expression) nodes to avoid
prematurely narrowing results in the face of inference ambiguity.
- Fix base class inference for dataclasses using the PEP 695
typing syntax.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.12.1:
- Changed all functions currently raising the private
NoCurrentAsyncBackend exception (since v4.12.0) to instead raise
the public NoEventLoopError exception
- Fixed anyio.functools.lru_cache not working with instance methods
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.0.221:
- Cancel l2cap connection result future on abort
- Implement extended advertising emulation
- Rust: Fix cargo-all-features to 1.11.0
- L2CAP Enhanced Retransmission mode
- Add some docs about Android and Hardware
- bump pdl dependencies versions
- android-netsim transport enhancements
- Upgrade GitHub Actions for Node 24 compatibility
- Upgrade GitHub Actions to latest versions
- GATT: fix redefinition of GATT_CONTENT_CONTROL_ID_CHARACTERISTIC
- Remove unused imports
- Fix missing type hints on Device.notify_subscribers()
- L2CAP: Enhanced Credit-based Flow Control Mode
- use ruff for linting and import sorting
- hot fix: remove unused import
- Ruff: Add and fix UP rules
- add support for multiple concurrent broadcasts
- Add EATT Support
- Fix some typos and annotations
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.128.0:
- Drop support for pydantic.v1
- Run performance tests only on Pydantic v2
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.6.1:
API Changes
- Add spectral bipartition community finding and greedy bipartition
using node swaps
Enhancements
- Nodelists for from_biadjacency_matrix
- Add spectral bipartition community finding and greedy bipartition
using node swaps
- Fix draw_networkx_nodes with list node_shape and add regression
test
Bug Fixes
- Fix: allow graph subclasses to have additional arguments
Documentation
- DOC: Improve benchmarking readme
- DOC: More details re: RC releases in the release process devdocs
- DOC: clarify difference between G.nodes/G.nodes() and
G.edges/G.edges() in tutorial
- DOC: Add blurb to contributor guide about drawing tests
- DOC: Fix underline lens in docstrings
- Rolling back shortest paths links
Maintenance
- MAINT: Replace string literal with comment
- Bump actions/checkout from 5 to 6 in the actions group
- pin python 3.14 to be version 3.14.0 until dataclasses are fixed
- Blocklist Python 3.14.1
Other
- TST: add tests for unsupported graph types in MST algorithms
- TST: clean up isomorphism tests
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.6.6:
- Disable setuptools-scm: Too many side-effects
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Contains fix for CVE-2025-68131
Changelog:
- Added readahead buffering to C decoder for improved performance.
The decoder now uses a 4 KB buffer by default to reduce the number
of read calls. Benchmarks show 20-140% performance improvements for
decoding operations.
- Fixed Python decoder not preserving share index when decoding array
items containing nested shareable tags, causing shared references to
resolve to wrong objects
- Reset shared reference state at the start of each top-level encode/decode
operation
Ptests passed:
...
PASS: tests/test_tool.py:test_dtypes_from_file
PASS: tests/test_tool.py:test_ignore_tag
PASS: tests/test_types.py:test_frozendict
============================================================================
Testsuite summary
DURATION: 4
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.20.2:
- Support Unix systems without O_NOFOLLOW
- [pre-commit.ci] pre-commit autoupdate
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch to Pypi fetcher
Switch to PEP-517 build backend
Fixes
WARNING: python3-wrapt-2.0.1-r0 do_check_backend: QA Issue: inherits setuptools3 but has pyproject.toml with setuptools.build_meta, use the correct class [pep517-backend]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The default python:pymongo CPE fails to match related CVE entries, because
they are tracked using mongodb:pymongo CPE. Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%pymongo%';
CVE-2024-5629|mongodb|pymongo|||4.6.3|<|0
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The default python:orjson CPE fails to match related CVEs, because NVD
tracks them using ijl:orjson CPE. Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%orjson%';
CVE-2024-27454|ijl|orjson|||3.9.15|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The default python:python_multipart CPE doesn't match relevant CVE entries,
because NVD tracks the related CVEs with fastapiexpect:python-multipart CPE,
and Mitre uses kludex:python-multipart for others.
Set the CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%python%multipart%';
CVE-2024-24762|fastapiexpert|python-multipart|||0.0.7|<
CVE-2024-24762|fastapiexpert|python-multipart|||0.0.7|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Set the correct CVE_PRODUCT value, the default python: ecdsa doesn't
match relevant entries.
The correct values were taken from the CVE db, by checking which CVEs
are relevant.
See CVE db query:
sqlite> select * from products where product like '%ecdsa%';
CVE-2019-14853|python-ecdsa_project|python-ecdsa|||0.13.3|<
CVE-2019-14859|python-ecdsa_project|python-ecdsa|||0.13.3|<
CVE-2020-12607|antonkueltz|fastecdsa|||2.1.2|<
CVE-2021-43568|starkbank|elixir_ecdsa|1.0.0|=||
CVE-2021-43569|starkbank|ecdsa-dotnet|1.3.2|=||
CVE-2021-43570|starkbank|ecdsa-java|1.0.0|=||
CVE-2021-43571|starkbank|ecdsa-node|1.1.2|=||
CVE-2021-43572|starkbank|ecdsa-python|||2.0.1|<
CVE-2022-24884|ecdsautils_project|ecdsautils|||0.4.1|<
CVE-2024-21502|antonkueltz|fastecdsa|||2.3.2|<
CVE-2024-23342|tlsfuzzer|ecdsa|||0.18.0|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Relevant CVEs are tracked with gevent:gevent CPE, and the default
python:gevent CPE doesn't match relevant entries. Set CVE_PRODUCT
accordingly.
See CVE db query:
sqlite> select * from products where product like '%gevent%';
CVE-2023-41419|gevent|gevent|||23.9.0|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The related CVEs are tracked using dnspython:dnspython CPE, and the
default python:dnspython CPE doesn't match relevant entries.
Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%dnspython%';
CVE-2023-29483|dnspython|dnspython|||2.6.0|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The relevant CVE entries are tracked with encode:starlette CPE, and
the default python:starlette CPE doesn't match relevant entries.
Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%starlette%';
CVE-2023-29159|encode|starlette|0.13.5|>=|0.27.0|<
CVE-2023-30798|encode|starlette|||0.25.0|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The related CVE entries are tracked with executablebooks:markdown-it-py CPE
value, and the default python:markdown-it-py CPE doesn't match relevant
entries. Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%markdown-it-py%';
CVE-2023-26302|executablebooks|markdown-it-py|||2.2.0|<
CVE-2023-26303|executablebooks|markdown-it-py|||2.2.0|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The related CVEs are tracked with configobj_peroject:configobj CPE in the
database, and the default python:configobj CPE doesn't match relevant entries.
Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%configobj%';
CVE-2023-26112|configobj_project|configobj|-|||
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The related CVEs are tracked with py7zr_project:py7zr CPE in the database,
and the default python:py7zr CPE doesn't match relevant entries.
Set CVE_PRODUCT accordingly.
See CVE db query:
sqlite> select * from products where product like '%py7zr%';
CVE-2022-44900|py7zr_project|py7zr|||0.20.1|<
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
