Skip to content

build(deps): bump idna from 2.10 to 3.7 in /tests/opentelemetry-docker-tests/tests#4545

Merged
xrmx merged 1 commit intomainfrom
dependabot/pip/tests/opentelemetry-docker-tests/tests/idna-3.7
May 7, 2026
Merged

build(deps): bump idna from 2.10 to 3.7 in /tests/opentelemetry-docker-tests/tests#4545
xrmx merged 1 commit intomainfrom
dependabot/pip/tests/opentelemetry-docker-tests/tests/idna-3.7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 7, 2026
edited
Loading

Bumps idna from 2.10 to 3.7.

Release notes

Sourced from idna's releases.

v3.7

What's Changed

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

Full Changelog: kjd/idna@v3.6...v3.7

Changelog

Sourced from idna's changelog.

3.7 (2024-04-11) ++++++++++++++++

  • Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651]

Thanks to Guido Vranken for reporting the issue.

3.6 (2023-11-25) ++++++++++++++++

  • Fix regression to include tests in source distribution.

3.5 (2023-11-24) ++++++++++++++++

  • Update to Unicode 15.1.0
  • String codec name is now "idna2008" as overriding the system codec "idna" was not working.
  • Fix typing error for codec encoding
  • "setup.cfg" has been added for this release due to some downstream lack of adherence to PEP 517. Should be removed in a future release so please prepare accordingly.
  • Removed reliance on a symlink for the "idna-data" tool to comport with PEP 517 and the Python Packaging User Guide for sdist archives.
  • Added security reporting protocol for project

Thanks Jon Ribbens, Diogo Teles Sant'Anna, Wu Tingfeng for contributions to this release.

3.4 (2022-09-14) ++++++++++++++++

  • Update to Unicode 15.0.0
  • Migrate to pyproject.toml for build information (PEP 621)
  • Correct another instance where generic exception was raised instead of IDNAError for malformed input
  • Source distribution uses zeroized file ownership for improved reproducibility

Thanks to Seth Michael Larson for contributions to this release.

3.3 (2021-10-13) ++++++++++++++++

  • Update to Unicode 14.0.0
  • Update to in-line type annotations
  • Throw IDNAError exception correctly for some malformed input
  • Advertise support for Python 3.10
  • Improve testing regime on Github

... (truncated)

Commits
  • 1d365e1 Release v3.7
  • c1b3154 Merge pull request #172 from kjd/optimize-contextj
  • 0394ec7 Merge branch 'master' into optimize-contextj
  • cd58a23 Merge pull request #152 from elliotwutingfeng/dev
  • 5beb28b More efficient resolution of joiner contexts
  • 1b12148 Update ossf/scorecard-action to v2.3.1
  • d516b87 Update Github actions/checkout to v4
  • c095c75 Merge branch 'master' into dev
  • 60a0a4c Fix typo in GitHub Actions workflow key
  • 5918a0e Merge branch 'master' into dev
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 7, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 7, 2026 08:12
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 7, 2026
@dependabot dependabot Bot added the python Pull requests that update python code label May 7, 2026
@xrmx xrmx added the Skip Changelog PRs that do not require a CHANGELOG.md entry label May 7, 2026
@github-project-automation github-project-automation Bot moved this to Approved PRs in Python PR digest May 7, 2026
@xrmx xrmx moved this from Approved PRs to Ready for merge in Python PR digest May 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/tests/opentelemetry-docker-tests/tests/idna-3.7 branch 2 times, most recently from e8ebd75 to c09dcbd Compare May 7, 2026 08:32
@dependabot
build(deps): bump idna in /tests/opentelemetry-docker-tests/tests
cd67814 
Bumps [idna](https://github.com/kjd/idna) from 2.10 to 3.7.
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](kjd/idna@v2.10...v3.7)

---
updated-dependencies:
- dependency-name: idna
  dependency-version: '3.7'
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/tests/opentelemetry-docker-tests/tests/idna-3.7 branch from c09dcbd to cd67814 Compare May 7, 2026 08:39
@xrmx xrmx merged commit 59ed49c into main May 7, 2026
751 checks passed
@xrmx xrmx deleted the dependabot/pip/tests/opentelemetry-docker-tests/tests/idna-3.7 branch May 7, 2026 08:46
@github-project-automation github-project-automation Bot moved this from Ready for merge to Done in Python PR digest May 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xrmx xrmx xrmx approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code Skip Changelog PRs that do not require a CHANGELOG.md entry

Projects

Python PR digest
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@xrmx