Skip to content

chore(deps): bump the major-updates group across 1 directory with 3 updates#151

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/major-updates-481db7e865
Open

chore(deps): bump the major-updates group across 1 directory with 3 updates#151
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/pip/major-updates-481db7e865

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps the major-updates group with 3 updates in the / directory: django-health-check, gunicorn and django-debug-toolbar.

Updates django-health-check from 3.20.8 to 4.4.0

Release notes

Sourced from django-health-check's releases.

4.4.0

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.3.1...4.4.0

4.3.1

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.3.0...4.3.1

4.3.0

What's Changed

Full Changelog: codingjoe/django-health-check@4.2.2...4.3.0

4.2.2

What's Changed

New Contributors

Full Changelog: codingjoe/django-health-check@4.2.1...4.2.2

4.2.1

What's Changed

Full Changelog: codingjoe/django-health-check@4.2.0...4.2.1

4.2.0

What's Changed

... (truncated)

Commits
  • e480bc0 Resolve #724 -- Add public dataclass field as OpenMetric label (#725)
  • e56c871 Clean up storage probe files when validation fails (#717)
  • 3421a3c Update copilot review instructions
  • c674d2f Revert "Update celery requirement from >=5.0.0 to >=5.6.3"
  • 04a22e5 Revert "Update flit-core requirement from >=3.2 to >=3.12.0"
  • 4d47e8a Revert "Update aio-pika requirement from >=9.0.0 to >=9.6.2"
  • e0d4479 Revert "Update django requirement from >=5.2 to >=5.2.13"
  • 8994dcc Revert "Update confluent-kafka requirement from >=2.0.0 to >=2.14.0"
  • 1f31638 Ref #701 -- Add support for a custom executor for synchronous checks (#716)
  • b79e960 Bump actions/upload-pages-artifact from 4 to 5
  • Additional commits viewable in compare view

Updates gunicorn from 23.0.0 to 25.3.0

Release notes

Sourced from gunicorn's releases.

Gunicorn 25.3.0

Bug Fixes

  • HTTP/2 ASGI Body Duplication: Fix request body being received twice in HTTP/2 ASGI requests, causing JSON parsing errors with "Extra data" messages (#3558)

  • ASGI Chunked EOF Handling: Add finish() method to callback parser to handle chunked encoding edge case where connection closes before final CRLF after zero-chunk

  • HTTP/2 Documentation: Fix http_protocols examples to use comma-separated string instead of list syntax (#3561)

  • Chunked Encoding: Reject chunk extensions containing bare CR bytes per RFC 9112 (#3556)

  • Request Line Limit: Fix --limit-request-line 0 to mean unlimited as documented, instead of using default maximum. Works with both Python and fast C parser. (#3563)

Security

  • ASGI Parser Header Validation: Add security checks per RFC 9110/9112:
    • Reject duplicate Content-Length headers
    • Reject requests with both Content-Length and Transfer-Encoding
    • Reject chunked transfer encoding in HTTP/1.0
    • Reject stacked chunked encoding
    • Validate Transfer-Encoding values
    • Strict chunk size validation

Changes

  • Fast HTTP Parser: Update to gunicorn_h1c >= 0.6.3 for asgi_headers property and InvalidChunkExtension validation for bare CR rejection

  • ASGI PROXY Protocol: Add PROXY protocol v1/v2 support to callback parser

  • Docker Images: Update to Python 3.14

Gunicorn 25.2.0

New Features

  • Fast HTTP Parser (gunicorn_h1c 0.4.1): Integrate new exception types and limit parameters from gunicorn_h1c 0.4.1 for both WSGI and ASGI workers
    • Requires gunicorn_h1c >= 0.4.1 for http_parser='fast'
    • Falls back to Python parser in auto mode if version not met
    • Proper HTTP status codes for limit errors (414, 431)

Bug Fixes

  • uWSGI Async Workers: Fix InvalidUWSGIHeader: incomplete header error when using gevent or gthread workers with uwsgi protocol behind nginx. (#3552, [PR #3554](benoitc/gunicorn#3554))

... (truncated)

Commits
  • 9bce72c Update changelog with missing 25.3.0 changes
  • 2a15fdb Fix pylint isinstance-second-argument-not-valid-type warning
  • 8d08aaa Fix --limit-request-line 0 to mean unlimited
  • d40a374 Fix pytest-asyncio configuration and treq_asgi hex escapes
  • da8bd48 Remove unused AsyncRequest class
  • b00f125 Integrate gunicorn_h1c 0.6.3 with InvalidChunkExtension support
  • bdb2ebd Reject chunk extensions with bare CR bytes (RFC 9112)
  • 7057fc9 Fix http_protocols documentation to use string syntax
  • d43acb8 Update to gunicorn_h1c >= 0.6.2 for asgi_headers support
  • cbd27e8 Merge pull request #3559 from benleembruggen/fix/http2-asgi-body-duplication
  • Additional commits viewable in compare view

Updates django-debug-toolbar from 5.2.0 to 6.3.0

Release notes

Sourced from django-debug-toolbar's releases.

6.3.0

What's Changed

Changelog from docs:

  • Replaced requirements_dev.txt file for pyproject.toml support with dependency groups.
  • Updated ReadTheDocs Python version to 3.13.
  • Modernize some panel styles and colors.
  • Standardize use of time/duration units and labels across panels.
  • Added translations for Lithuanian, Turkish and Uzbek.
  • Update the translations.
  • Expose a py.typed marker file.
  • Updated RedirectsPanel to emit the deprecation warning when it’s used rather than on instantiation.
  • Highlighted the documentation about disabling the browser’s caching to ensure the latest static assets are used.
  • Fixed bug with CachePanel so the cache patching is only applied once.
  • Added debug_toolbar.store.CacheStore for storing toolbar data using Django’s cache framework. This provides persistence without requiring database migrations, and works with any cache backend (Memcached, Redis, database, file-based, etc.).
  • Added CACHE_BACKEND and CACHE_KEY_PREFIX settings to configure the CacheStore.

New Contributors

Full Changelog: django-commons/django-debug-toolbar@6.2.0...6.3.0

6.2.0

What's Changed

... (truncated)

Changelog

Sourced from django-debug-toolbar's changelog.

6.3.0 (2026-04-01)

  • Replaced requirements_dev.txt file for pyproject.toml support with dependency groups.
  • Updated ReadTheDocs Python version to 3.13.
  • Modernize some panel styles and colors.
  • Standardize use of time/duration units and labels across panels.
  • Added translations for Lithuanian, Turkish and Uzbek.
  • Update the translations.
  • Expose a py.typed marker file.
  • Updated RedirectsPanel to emit the deprecation warning when it's used rather than on instantiation.
  • Highlighted the documentation about disabling the browser's caching to ensure the latest static assets are used.
  • Fixed bug with CachePanel so the cache patching is only applied once.
  • Added debug_toolbar.store.CacheStore for storing toolbar data using Django's cache framework. This provides persistence without requiring database migrations, and works with any cache backend (Memcached, Redis, database, file-based, etc.).
  • Added CACHE_BACKEND and CACHE_KEY_PREFIX settings to configure the CacheStore.

6.2.0 (2026-01-20)

  • Deprecated RedirectsPanel in favor of HistoryPanel for viewing toolbar data from redirected requests.
  • Fixed support for generating code coverage comments in PRs.
  • Added Django 6.0 to the testing matrix. Removed Django 5.0 to save CI resources.
  • Show the cache backend alias and cache backend class name instead of the cache instance in the cache panel.
  • Dropped support for the Python 3.9, it has reached its end of life date.
  • Toggle tracking the toolbar's queries when using debug_toolbar.store.DatabaseStore with SKIP_TOOLBAR_QUERIES.
  • Fixed font family for code blocks and stack traces in the toolbar.
  • Added test to confirm Django's TestCase.assertNumQueries works.
  • Fixed string representation of values in settings panel.
  • Declared support for Django 6.0.

6.1.0 (2025-10-30)

  • Added support for async to timer panel.
  • Added a note about the default password in make example.
  • Removed logging about the toolbar failing to serialize a value into JSON.
  • Moved the the import statement of debug_toolbar.urls to within the if statement's scope on the installation documentation.

... (truncated)

Commits
  • b3f943b Version 6.3.0
  • 013631b [pre-commit.ci] pre-commit autoupdate
  • eeff5d1 Bump actions/cache from 5.0.3 to 5.0.4 in the github-actions group
  • 3a87785 Add store that uses cache framework
  • 0573846 [pre-commit.ci] pre-commit autoupdate
  • 7403bed Only patch the cache methods once.
  • 0d25b3a Bump actions/download-artifact in the github-actions group (#2333)
  • c89c8cf Bump zizmorcore/zizmor-action in the github-actions group
  • 7ae8fac [pre-commit.ci] pre-commit autoupdate (#2328)
  • 695cdb2 Highlighted docs on disabling browser caching. (#2302)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 16, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/major-updates-481db7e865 branch 2 times, most recently from ced5649 to 61ff035 Compare March 26, 2026 08:25
@dependabot dependabot Bot force-pushed the dependabot/pip/major-updates-481db7e865 branch 2 times, most recently from 4e9f9a6 to 5b5b77d Compare April 11, 2026 21:36
@dependabot
chore(deps): bump the major-updates group across 1 directory with 3 u…
28042f6 
…pdates

Bumps the major-updates group with 3 updates in the / directory: [django-health-check](https://github.com/codingjoe/django-health-check), [gunicorn](https://github.com/benoitc/gunicorn) and [django-debug-toolbar](https://github.com/django-commons/django-debug-toolbar).


Updates `django-health-check` from 3.20.8 to 4.4.0
- [Release notes](https://github.com/codingjoe/django-health-check/releases)
- [Commits](codingjoe/django-health-check@3.20.8...4.4.0)

Updates `gunicorn` from 23.0.0 to 25.3.0
- [Release notes](https://github.com/benoitc/gunicorn/releases)
- [Commits](benoitc/gunicorn@23.0.0...25.3.0)

Updates `django-debug-toolbar` from 5.2.0 to 6.3.0
- [Release notes](https://github.com/django-commons/django-debug-toolbar/releases)
- [Changelog](https://github.com/django-commons/django-debug-toolbar/blob/main/docs/changes.rst)
- [Commits](django-commons/django-debug-toolbar@5.2.0...6.3.0)

---
updated-dependencies:
- dependency-name: django-debug-toolbar
  dependency-version: 6.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: django-health-check
  dependency-version: 4.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major-updates
- dependency-name: gunicorn
  dependency-version: 25.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/major-updates-481db7e865 branch from 5b5b77d to 28042f6 Compare April 25, 2026 21:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants