)]}'
{
  "commit": "18d379e068339762a61dac8faf75ae3d1e11b282",
  "tree": "30b4dcbfb0d41a8fa9dc9790e2ce7c0bc0cbc391",
  "parents": [
    "5565bf6a45d61d25456cc689266c1d7a3f6a0422"
  ],
  "author": {
    "name": "dependabot[bot]",
    "email": "49699333+dependabot[bot]@users.noreply.github.com",
    "time": "Sun May 12 18:14:46 2024 +0900"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Sun May 12 09:14:46 2024 +0000"
  },
  "message": "build(deps): bump idna from 3.3 to 3.7 in /tests/integration/pip_repository_entry_points (#1846)\n\nBumps [idna](https://github.com/kjd/idna) from 3.3 to 3.7.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/kjd/idna/releases\"\u003eidna\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could take\nexceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/kjd/idna/compare/v3.6...v3.7\"\u003ehttps://github.com/kjd/idna/compare/v3.6...v3.7\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/kjd/idna/blob/master/HISTORY.rst\"\u003eidna\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e3.7 (2024-04-11)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix issue where specially crafted inputs to encode() could\ntake exceptionally long amount of time to process. [CVE-2024-3651]\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Guido Vranken for reporting the issue.\u003c/p\u003e\n\u003cp\u003e3.6 (2023-11-25)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression to include tests in source distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e3.5 (2023-11-24)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.1.0\u003c/li\u003e\n\u003cli\u003eString codec name is now \u0026quot;idna2008\u0026quot; as overriding the\nsystem codec\n\u0026quot;idna\u0026quot; was not working.\u003c/li\u003e\n\u003cli\u003eFix typing error for codec encoding\u003c/li\u003e\n\u003cli\u003e\u0026quot;setup.cfg\u0026quot; has been added for this release due to some\ndownstream\nlack of adherence to PEP 517. Should be removed in a future release\nso please prepare accordingly.\u003c/li\u003e\n\u003cli\u003eRemoved reliance on a symlink for the \u0026quot;idna-data\u0026quot; tool to\ncomport\nwith PEP 517 and the Python Packaging User Guide for sdist\narchives.\u003c/li\u003e\n\u003cli\u003eAdded security reporting protocol for project\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks Jon Ribbens, Diogo Teles Sant\u0027Anna, Wu Tingfeng for\ncontributions\nto this release.\u003c/p\u003e\n\u003cp\u003e3.4 (2022-09-14)\n++++++++++++++++\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to Unicode 15.0.0\u003c/li\u003e\n\u003cli\u003eMigrate to pyproject.toml for build information (PEP 621)\u003c/li\u003e\n\u003cli\u003eCorrect another instance where generic exception was raised instead\nof\nIDNAError for malformed input\u003c/li\u003e\n\u003cli\u003eSource distribution uses zeroized file ownership for improved\nreproducibility\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThanks to Seth Michael Larson for contributions to this release.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/1d365e17e10d72d0b7876316fc7b9ca0eebdd38d\"\u003e\u003ccode\u003e1d365e1\u003c/code\u003e\u003c/a\u003e\nRelease v3.7\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/c1b3154939907fab67c5754346afaebe165ce8e6\"\u003e\u003ccode\u003ec1b3154\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/kjd/idna/issues/172\"\u003e#172\u003c/a\u003e from\nkjd/optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/0394ec76ff022813e770ba1fd89658790ea35623\"\u003e\u003ccode\u003e0394ec7\u003c/code\u003e\u003c/a\u003e\nMerge branch \u0027master\u0027 into optimize-contextj\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/cd58a23173d2b0a40b95ee680baf3e59e8d33966\"\u003e\u003ccode\u003ecd58a23\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/kjd/idna/issues/152\"\u003e#152\u003c/a\u003e from\nelliotwutingfeng/dev\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7\"\u003e\u003ccode\u003e5beb28b\u003c/code\u003e\u003c/a\u003e\nMore efficient resolution of joiner contexts\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/1b121483ed04d9576a1291758f537e1318cddc8b\"\u003e\u003ccode\u003e1b12148\u003c/code\u003e\u003c/a\u003e\nUpdate ossf/scorecard-action to v2.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/d516b874c3388047934938a500c7488d52c4e067\"\u003e\u003ccode\u003ed516b87\u003c/code\u003e\u003c/a\u003e\nUpdate Github actions/checkout to v4\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/c095c75943413c75ebf8ac74179757031b7f80b7\"\u003e\u003ccode\u003ec095c75\u003c/code\u003e\u003c/a\u003e\nMerge branch \u0027master\u0027 into dev\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/60a0a4cb61ec6834d74306bd8a1fa46daac94c98\"\u003e\u003ccode\u003e60a0a4c\u003c/code\u003e\u003c/a\u003e\nFix typo in GitHub Actions workflow key\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kjd/idna/commit/5918a0ef8034379c2e409ae93ee11d24295bb201\"\u003e\u003ccode\u003e5918a0e\u003c/code\u003e\u003c/a\u003e\nMerge branch \u0027master\u0027 into dev\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/kjd/idna/compare/v3.3...v3.7\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003didna\u0026package-manager\u003dpip\u0026previous-version\u003d3.3\u0026new-version\u003d3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts\npage](https://github.com/bazelbuild/rules_python/network/alerts).\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "6885a26aa6cdb72571385860576d892b8f104304",
      "old_mode": 33188,
      "old_path": "tests/integration/pip_repository_entry_points/requirements_windows.txt",
      "new_id": "83f2daaf4d0833e703d454b186260b359440996f",
      "new_mode": 33188,
      "new_path": "tests/integration/pip_repository_entry_points/requirements_windows.txt"
    }
  ]
}