Thanks to visit codestin.com
Credit goes to github.com

Skip to content

chore(deps-dev): bump ijson from 3.3.0 to 3.4.0 #6631

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 8, 2025
Merged

chore(deps-dev): bump ijson from 3.3.0 to 3.4.0 #6631

merged 2 commits into from
May 8, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 8, 2025

Bumps ijson from 3.3.0 to 3.4.0.

Changelog

Sourced from ijson's changelog.

[3.4.0]

  • Added support for PEP 489 multi-phase initialisation and per-module state for our C extension, allowing us to support sub-interpreters with per-interpreter GIL.
  • Advertise support for free-threading python mode.
  • Removed support for Python < 3.9.
  • Enhanced generators so they yield all possible results to users before errors are raised (#123).
  • Added ijson.ALL_BACKENDS constant listing all supported backends (which might or not be available at runtime).
  • Added a capabilities constant to each backend describing which capabilities it supports.
  • Exposing backend's name under <backend>.backend_name, and default backend's name under ijson.backend_name. This is similar to the already existing name constant, only slightly better named to hopefully avoid confusion.
  • Restructured source code so all code lives under src/, and the ijson.backends._yajl2 extension under src/ijson/backends/ext/_yajl2. This allows C backend tests to actually run on cibuildwheel.
  • Improved performance of parse routine in C backend by ~4%.
  • Fixed several potential stability issues in C backend around correct error handling.
  • Fixed corner-case wrong behaviour of yajl2_c backend, which didn't work correctly with user-provided event names.
  • Pointing to our own fork of yajl (for when we build it ourselves) that contains fixes for all known CVEs (#126).
  • Removed leftover compatibility bits in the C backend.
  • Fixed potential issue with yajl and yajl2 backends where crashes could occur at interpreter shutdown.
  • Removed tox.
  • Moved static project metadata to pyproject.toml.
Commits
  • 36701be Release ijson 3.4.0
  • cfb044a Modernize packaging (#138)
  • 044cf9b Bump pypa/cibuildwheel from 2.23.2 to 2.23.3 (#140)
  • 81e24b4 Allow building embedded yajl with cmake 4.0
  • b3f9647 Bump pypa/cibuildwheel from 2.23.1 to 2.23.2 (#137)
  • d8fd6d2 Bump pypa/cibuildwheel from 2.23.0 to 2.23.1 (#134)
  • caebc6f Bump pypa/cibuildwheel from 2.22.0 to 2.23.0 (#133)
  • 698b114 Downgrade to ubuntu-22.04 to avoid gcc segfault
  • 9f28dc0 Allow certain branches to trigger a full CI build
  • 901fd3b Add custom event name interning to yajl2_c
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump ijson from 3.3.0 to 3.4.0
559f6f0 
Bumps [ijson](https://github.com/ICRAR/ijson) from 3.3.0 to 3.4.0.
- [Changelog](https://github.com/ICRAR/ijson/blob/master/CHANGELOG.md)
- [Commits](ICRAR/ijson@v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: ijson
  dependency-version: 3.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 8, 2025
@dependabot dependabot bot requested a review from a team as a code owner May 8, 2025 20:29
@dependabot dependabot bot requested a review from leandrodamascena May 8, 2025 20:29
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 8, 2025
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label May 8, 2025
@github-actions github-actions bot added the internal Maintenance changes label May 8, 2025
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented May 8, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@codecov Codecov
Copy link

codecov bot commented May 8, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.12%. Comparing base (24d6b4a) to head (5151976).
Report is 3 commits behind head on develop.

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop    #6631   +/-   ##
========================================
  Coverage    96.12%   96.12%           
========================================
  Files          253      253           
  Lines        12104    12104           
  Branches       902      902           
========================================
  Hits         11635    11635           
  Misses         369      369           
  Partials       100      100

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@anafalcao anafalcao merged commit 6f2888a into develop May 8, 2025
13 checks passed
@anafalcao anafalcao deleted the dependabot/pip/develop/ijson-3.4.0 branch May 8, 2025 21:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anafalcao anafalcao anafalcao approved these changes

@leandrodamascena leandrodamascena Awaiting requested review from leandrodamascena leandrodamascena is a code owner automatically assigned from aws-powertools/lambda-python-core

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file internal Maintenance changes python Pull requests that update Python code size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anafalcao