mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-02-03 22:50:33 +00:00
Code Issues Projects Releases Wiki Activity
36,982 Commits 63 Branches 0 Tags
d415b1429eaab414bfafb19ed5d99d0efeabe074
Commit Graph

9501 Commits

Author SHA1 Message Date
Khem Raj
f680189461 python3-orjson: Upgrade to 3.11.5 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-02-02 20:01:15 -08:00
Gyorgy Sarvari
cb55b7921c python3-pyjwt: upgrade 2.10.1 -> 2.11.0 
Changelog: https://github.com/jpadilla/pyjwt/releases/tag/2.11.0
- Fixed type error in comment
- Make note of use of leeway with nbf
- Validate key against allowed types for Algorithm family
- Add iterator for PyJWKSet
- Add iss, issuer type checks
- Improve typing/logic for options in decode, decode_complete; Improve docs
- Map algorithm=None to "none"
- Correct PyJWKClient.get_signing_key_from_jwt annotation
- Fixed doc string typo in _validate_jti() function
- Update SECURITY.md
- Typing fix: use float instead of int for lifespan and timeout
- Fix TYP header documentation
- doc: Document claims sub and jti
- Resolve package build warnings
- Support Python 3.14, and test against PyPy 3.10+
- Fix a SyntaxWarning caused by invalid escape sequences
- Standardize CHANGELOG links to PRs
- Migrate from pep517, which is deprecated, to build
- Fix incorrectly-named test suite function
- Fix Read the Docs builds
- Escalate test suite warnings to errors
- Add pyupgrade as a pre-commit hook
- Simplify the test suite decorators
- Improve coverage config and eliminate unused test suite code
- Build a shared wheel once in the test suite
- Thoroughly test type annotations, and resolve errors
- Fix leeway value in usage documentation

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-02-02 19:54:41 -08:00
Gyorgy Sarvari
ad17a49df1 python3-pyjwt: ignore CVE-2025-45768 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-45768

The CVE is disputed: though the vulnerability is there, but it comes
from incorrect configuration of the library by the main application.

Due to this, ignore this CVE.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-02-02 19:54:40 -08:00
Peter Marko
5eab3aebe2 python3-protobuf: upgrade 6.33.4 -> 6.33.5 
Solves CVE-2026-0994.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-02-02 00:23:13 -08:00
Liu Yiding
785336405d python3-sqlalchemy: upgrade 2.0.45 -> 2.0.46 
1.Changelog:
https://github.com/sqlalchemy/sqlalchemy/releases/tag/rel_2_0_46

2.LICENSE checksum has changed as Copyright year changed:
997cdf9cad

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-31 00:13:43 -08:00
Liu Yiding
6605c61301 python3-pywbem: 1.7.3 -> 1.9.0 
Changelog:
  https://pywbem.readthedocs.io/en/1.9.0/changes.html

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-31 00:13:42 -08:00
Wang Mingyu
c8e0deb564 python3-ukkonen: upgrade 1.0.1 -> 1.1.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:09 -08:00
Wang Mingyu
702b08355b python3-python-multipart: upgrade 0.0.21 -> 0.0.22 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:09 -08:00
Wang Mingyu
ccc5fd9e78 python3-pytest-html: upgrade 4.1.1 -> 4.2.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:09 -08:00
Wang Mingyu
e86ca5c544 python3-multidict: upgrade 6.7.0 -> 6.7.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:09 -08:00
Wang Mingyu
9d39ccf76a python3-marshmallow: upgrade 4.2.0 -> 4.2.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:09 -08:00
Wang Mingyu
95e2afb5e0 python3-icecream: upgrade 2.1.9 -> 2.1.10 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:09 -08:00
Wang Mingyu
a0f8399ae6 python3-httplib2: upgrade 0.31.1 -> 0.31.2 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:08 -08:00
Wang Mingyu
38d438b403 python3-gunicorn: upgrade 23.0.0 -> 24.1.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:08 -08:00
Wang Mingyu
b9f1c502bd python3-greenlet: upgrade 3.3.0 -> 3.3.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:08 -08:00
Wang Mingyu
5e043092ac python3-elementpath: upgrade 5.1.0 -> 5.1.1 
License-Update: Copyright year updated to 2026

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:08 -08:00
Wang Mingyu
b62af48a2d python3-dill: upgrade 0.4.0 -> 0.4.1 
License-Update: Copyright year updated to 2026

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:08 -08:00
Wang Mingyu
b13522054b python3-coverage: upgrade 7.13.1 -> 7.13.2 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:08 -08:00
Wang Mingyu
23f7bc3344 python3-cachetools: upgrade 6.2.4 -> 6.2.5 
Licensse-Update: copyright year updated to 2026

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:07 -08:00
Wang Mingyu
7ad9ca5fd8 python3-bandit: upgrade 1.9.2 -> 1.9.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:07 -08:00
Leon Anavi
112b473a7f python3-path: Upgrade 17.1.0 -> 17.1.1 
Upgrade to release 17.1.1:

- Feed the hobgoblins (delint)
- Supply the types, irrespective of platform
- Ignore the arg type

License-Update: Update years

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:05 -08:00
Leon Anavi
71285e9807 python3-jmespath: Upgrade 1.0.1 -> 1.1.0 
Upgrade to release 1.1.0:

- Fix concurrency issue with cache
- Added support for Python 3.12-3.14
- Removed support for Python 3.7-3.8

License-Update: Use file LICENSE

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:05 -08:00
Leon Anavi
48dd13d374 python3-pandas: Upgrade 2.2.3 -> 3.0.0 
Upgrade to release 3.0.0:

- Dedicated string data type by default
- Consistent copy/view behaviour with Copy-on-Write (CoW) (a.k.a.
  getting rid of the SettingWithCopyWarning)
- New default resolution for datetime-like data
- Initial support for the new pd.col syntax

License-Update: Update license year to 2026

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:04 -08:00
Leon Anavi
9769266642 python3-rich: Upgrade 14.2.0 -> 14.3.1 
Upgrade to release 14.3.1:

- Fixed characters out of unicode range reporting a cell size if 0

From release 14.3.0:

- IPython now respects when a Console instance is passed to
  pretty.install
- Fixed extraneous blank line on non-interactive disabled Progress
- Fixed extra padding on first cell in columns
- Fixed trailing whitespace removed when soft_wrap=True
- Fixed style new-lines when soft_wrap = True and a print style
  is set

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-30 23:59:04 -08:00
Trevor Gamblin
6d9c1d30e7 python3-geojson: fix build with python 3.14 
Backport parts of an upstream PR that enables 3.14 in setup.py.

ptests look OK:

|============================================================================
|Testsuite summary
|# TOTAL: 68
|# PASS: 68
|# SKIP: 0
|# XFAIL: 0
|# FAIL: 0
|# XPASS: 0
|# ERROR: 0
|DURATION: 0
|END: /usr/lib/python3-geojson/ptest
|2026-01-23T18:03
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-27 11:58:28 -08:00
Leon Anavi
fb974db2c4 python3-pydantic: Upgrade 2.12.4 -> 2.12.5 
Upgrade to release 2.12.5:

- Fix pickle error when using model_construct() on a model with
  MISSING as a default value
- Several updates to the documentation

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-27 11:58:27 -08:00
Leon Anavi
5d40ca9cdf python3-reportlab: Upgrade 4.4.5 -> 4.4.9 
Upgrade to release 4.4.9:

- Remove unwanted debug

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-27 11:58:27 -08:00
Wang Mingyu
68a249df75 python3-xmlschema: upgrade 4.3.0 -> 4.3.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:03 -08:00
Wang Mingyu
e288070514 python3-types-psutil: upgrade 7.2.1.20251231 -> 7.2.1.20260116 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:02 -08:00
Wang Mingyu
fa3ce8c42a python3-starlette: upgrade 0.51.0 -> 0.52.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:02 -08:00
Wang Mingyu
f84f881351 python3-soupsieve: upgrade 2.8.1 -> 2.8.2 
License-Update: Copyright year updted to 2026.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:02 -08:00
Wang Mingyu
b9bd8426db python3-regex: upgrade 2025.11.3 -> 2026.1.15 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:02 -08:00
Wang Mingyu
65c850da4f python3-pymisp: upgrade 2.5.17 -> 2.5.32 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:02 -08:00
Wang Mingyu
0ee36e8e5a python3-py7zr: upgrade 1.1.0 -> 1.1.2 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:02 -08:00
Wang Mingyu
a462432b6a python3-protobuf: upgrade 6.33.2 -> 6.33.4 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:01 -08:00
Wang Mingyu
2a8b4c695e python3-moteus: upgrade 0.3.97 -> 0.3.98 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:01 -08:00
Wang Mingyu
da80db34b6 python3-identify: upgrade 2.6.15 -> 2.6.16 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:01 -08:00
Wang Mingyu
2746a0ad19 python3-httplib2: upgrade 0.31.0 -> 0.31.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:01 -08:00
Wang Mingyu
70b10d77bb python3-alembic: upgrade 1.18.0 -> 1.18.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-22 22:01:01 -08:00
Leon Anavi
7476295bea python3-wsproto: Upgrade 1.2.0 -> 1.3.2 
Upgrade to release 1.3.2:

- Fix type hints to allow BytesMessage to accept bytes again, as
  well as bytearray.

Release 1.3.1:

- Add additional license identifier to pyproject.toml.
- Use Python 3.13 to build the docs to match ReadTheDocs build
  environment.

Release 1.3.0:

- Require h11>=0.16 dependency.
- Fix "Upgrade" header value to match RFC.
- Add reason "Switching Protocols" to handshake response.
- Add docs for wsproto.Connection
- Add support for Python 3.12, 3.13, and 3.14.
- Drop support for Python 3.7, 3.8, and 3.9.
- Improve Python typing, specifically bytes vs. bytearray.
- Various linting, styling, and packaging improvements.

Fixes:

WARNING: python3-wsproto-1.3.2-r0 do_check_backend: QA Issue:
inherits setuptools3 but has pyproject.toml with
setuptools.build_meta, use the correct class [pep517-backend]

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-21 15:31:08 -08:00
Leon Anavi
a25b352d19 python3-pyperclip: Upgrade 1.9.0 -> 1.11.0 
Upgrade to release 1.11.0:

- Mention Wayland in error message
- Update __init__.py

License-Update: Use LICENSE.txt

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-21 15:31:07 -08:00
Leon Anavi
61f918dbbf python3-bumble: Upgrade 0.0.221 -> 0.0.223 
Upgrade to release 0.0.223:

- Add annotation for Heart Rate and Battery Service
- Add test for Heart Rate and Battery Service
- Add support for RTL8761CU
- feat: Add filtering options for usb probe
- Fix GATT TemplateSerivce annotations
- Improve Address type annotations
- Replace send_pdu() with write()
- GATT: Support Multiple Requests
- Correct ATT_MTU in enhanced bearers
- Add HCI Packets annotations and send_sco_sdu
- Return 'invalid handle' for malformed read by type request

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-21 15:31:07 -08:00
Khem Raj
d2539548d0 python3-backports-zstd: Delete 
It conflicts with standard library with python 3.14+

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:44:21 -08:00
Leon Anavi
36d480b9e1 python3-icecream: Upgrade 2.1.8 -> 2.1.9 
Upgrade to release 2.1.9:

- Removed support for Python 3.8.
- Fixed issues to improve lists output.

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:14 -08:00
Leon Anavi
6c439b75a9 python3-tomlkit: Upgrade 0.13.3 -> 0.14.0 
Upgrade to release 0.14.0:

- fix: Add DottedKey to a super table gives wrong output
- feat: enhance custom encoders to accept _parent and _sort_keys
  parameters

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:14 -08:00
Leon Anavi
e102cccecf python3-pynacl: Upgrade 1.5.0 -> 1.6.2 
Upgrade to release 1.6.2:

- Updated libsodium to 1.0.20-stable (2025-12-31 build) to resolve
  CVE-2025-69277.

From 1.6.1:

- The MAKE environment variable can now be used to specify the make
  binary that should be used in the build process.

From 1.6.0:

- BACKWARDS INCOMPATIBLE: Removed support for Python 3.6 and 3.7.
- Added support for the low level AEAD AES bindings.
- Added support for crypto_core_ed25519_from_uniform.
- Update libsodium to 1.0.20-stable (2025-08-27 build).
- Added support for free-threaded Python 3.14.
- Added support for Windows on ARM wheels.

Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:14 -08:00
Khem Raj
4350c04949 python3-html5lib: Fix build with python 3.14 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:13 -08:00
Gyorgy Sarvari
498b49d2a4 python3-lief: mark CVE-2025-15504 patched 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-15504

The vulnerability is patched in v0.17.2, however NVD is currently tracking
the CVE without any version info (or more like with out any CPE info)

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:13 -08:00
Gyorgy Sarvari
cc4aa9b9d0 python3-lief: upgrade 0.17.1 -> 0.17.2 
Contains fix for CVE-2025-15504

Changelog:
- Differentiate Mach-O FAT magic bytes and Java class
- Fix MinGW compilation for some configuration
- Fix alignment issue when rebuilding PE relocations
- Fix infinite loop when processing v2 dynamic relocation
- Ensure that added DYN ELF sections are properly aligned
- Fix GnuHash null dereference
- Fix strong performance issue when parsing certain Mach-O

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:13 -08:00
Gyorgy Sarvari
91f6b85b36 python3-py: ignore CVE-2022-42969 
Details: https://nvd.nist.gov/vuln/detail/CVE-2022-42969

Upstream could not reproduce the issue.
The vulnerability has currently the "disputed" flag in the NVD database,
and Github has revoked their related advisory[1].

Ignore this CVE due to this.

[1]: https://github.com/advisories/GHSA-w596-4wvx-j9j6

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2026-01-20 08:27:13 -08:00