mongoaudit icon indicating copy to clipboard operation
mongoaudit copied to clipboard

Published 20 hours ago • verified publisher icon stampery

Bump pyinstaller from 3.2.1 to 3.6

Open dependabot[bot] opened this issue 1 year ago • 0 comments

Bumps pyinstaller from 3.2.1 to 3.6.

Release notes

Sourced from pyinstaller's releases.

v3.6

See https://pyinstaller.readthedocs.io/en/v3.6/CHANGES.html for Changelog.

v3.5

See https://pyinstaller.readthedocs.io/en/v3.5/CHANGES.html for Changelog.

v3.4

See https://pyinstaller.readthedocs.io/en/v3.4/CHANGES.html for Changelog.

v3.3.1

Hooks

  • Fix imports in hooks accessible_output and sound_lib (#2860).
  • Fix ImportError for sysconfig for 3.5.4 Conda (#3105, #3106).
  • Fix shapely hook for conda environments on Windows (#2838).
  • Add hook for unidecode.

Bootloader

  • (Windows) Pre-build bootloaders (and custom-build ones using MSVC) can be used on Windows XP again. Set minimum target OS to XP (#2974).

Bootloader build

PyInstaller Core

  • Usage: Add help-message clarifying use of options when a spec-file is provided (#3039).

  • Add printing infos on UnicodeDecodeError in exec_command(_all).

  • (win32) Issue an error message on errors loading the icon file (#2039).

  • (aarch64) Use correct bootloader for 64-bit ARM (#2873).

  • (OS X) Fix replacement of run-time search path keywords (@… ) (#3100).

  • Modulegraph

    • Fix recursion too deep errors cause by reimporting SWIG-like modules (#2911, #3040, #3061).
    • Keep order of imported identifiers.

Test-suite and Continuous Integration

  • In Continuous Integration tests: Enable flake8-diff linting. This will refuse all changed lines not following PEP 8.

  • Enable parallel testing on Windows,

  • Update requirements.

  • Add more test cases for modulegraph.

  • Fix a test-case for order of module import.

... (truncated)

Changelog

Sourced from pyinstaller's changelog.

Changelog for PyInstaller 3.0 – 3.6

3.6 (2020-01-09)

Important: This is the last release of PyInstaller supporting Python 2.7. Python 2 is end-of-life, many packages are about to drop support for Python 2.7 <https://python3statement.org/>_ - or already did it.

Security


* [SECURITY] (Win32) Fix CVE-2019-16784: Local Privilege Escalation caused by
  insecure directory permissions of sys._MEIPATH. This security fix effects all
  Windows software frozen by PyInstaller in "onefile" mode.
  While PyInstaller itself was not vulnerable, all Windows software frozen
  by PyInstaller in "onefile" mode is vulnerable.

If you are using PyInstaller to freeze Windows software using "onefile"
mode, you should upgrade PyInstaller and rebuild your software.


Features
  • (Windows): Applications built in windowed mode have their debug messages sent to any attached debugger or DebugView instead of message boxes. (:issue:4288)
  • Better error message when file exists at path we want to be dir. (:issue:4591)

Bugfix


* (Windows) Allow usage of `VSVersionInfo` as version argument to EXE again.
  (:issue:`4381`, :issue:`4539`)
* (Windows) Fix MSYS2 dll's are not found by modulegraph. (:issue:`4125`,
  :issue:`4417`)
* (Windows) The temporary copy of bootloader used add resources, icons, etc.
  is not created in --workpath instead of in  %TEMP%. This fixes issues on
  systems where the anti-virus cleans %TEMP% immediately. (:issue:`3869`)
* Do not fail the build when ``ldconfig`` is missing/inoperable.
  (:issue:`4261`)
* Fixed loading of IPython extensions. (:issue:`4271`)
* Fixed pre-find-module-path hook for `distutils` to be compatible with
  `virtualenv >= 16.3`. (:issue:`4064`, :issue:`4372`)
* Improve error reporting when the Python library can't be found.
</tr></table>

... (truncated)

Commits
  • 6d4cce1 Release 3.6.
  • 9649913 Doc: Rebuild man-pages for release 3.6.
  • 51bcee4 Update versions in README.
  • 3058682 Update CREDITS for release 3.6
  • 2232b5b Preparing release 3.6
  • 95ff39d pyproject.toml: Update config for towncrier.
  • 0d7ac32 Hooks: Fix numpy and scipy hooks to find dlls in extra locations.
  • 2c16311 Hooks: Add hook for sklearn.mixture.
  • 9882f87 Add more options to funding.yml.
  • ddec556 Tests/CI: Use new label in .pyup.yml.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Apr 17 '23 17:04 dependabot[bot]