Sourced from configobj's releases.

5.0.9

What's Changed

• Address CVE-2023-26112 ReDoS by @​cdcadman in DiffSK/configobj#236
• Drop Python 2 support and compatibility code by @​jelmer in DiffSK/configobj#237
• Extra 2014 by @​jelmer in DiffSK/configobj#245
• setup.py: fix license tag by @​yegorich in DiffSK/configobj#241
• Update minimum python to 3.7 everywhere, and add 3.12 by @​jelmer in DiffSK/configobj#246

New Contributors

• @​cdcadman made their first contribution in DiffSK/configobj#236
• @​yegorich made their first contribution in DiffSK/configobj#241

Full Changelog: DiffSK/configobj@v5.0.8...v5.0.9

Sourced from configobj's changelog.

Changelog

Release 5.0.9 """""""""""""

• drop support for Python 2 and <3.7
• fix CVE-2023-26112, ReDoS attack

Release 5.0.8 """""""""""""

• fixing/test for a regression introduced in 5.0.7 that prevented import validate from working

Release 5.0.7 """""""""""""

• update testing to validate against python version 2.7 and 3.5-3.11
• update broken links / non-existent services and references

Older Releases """"""""""""""

• Release 5.0.6 improves error messages in certain edge cases
• Release 5.0.5 corrects a unicode-bug that still existed in writing files
• Release 5.0.4 corrects a unicode-bug that still existed in reading files after fixing lists of string in 5.0.3
• Release 5.0.3 corrects errors related to the incorrectly handling unicode encoding and writing out files
• Release 5.0.2 adds a specific error message when trying to install on Python versions older than 2.5
• Release 5.0.1 fixes a regression with unicode conversion not happening in certain cases PY2
• Release 5.0.0 updates the supported Python versions to 2.6, 2.7, 3.2, 3.3 and is otherwise unchanged
• Release 4.7.2 fixes several bugs in 4.7.1
• Release 4.7.1 fixes a bug with the deprecated options keyword in 4.7.0.
• Release 4.7.0 improves performance adds features for validation and fixes some bugs.

• 242dfd0 release 5.0.9
• 8857b08 Merge pull request #246 from DiffSK/python-version
• d6f7597 Update minimum python to 3.7 everywhere, and add 3.12
• 8ffcf0c Merge pull request #241 from yegorich/license
• 5e2f143 Merge pull request #245 from jelmer/extra-2014
• fdf3634 Drop extra '2014' in LICENSE file. Fixes #233
• 3480a6e Merge pull request #237 from jelmer/drop-python2
• 008165c Drop python 3.5 from GitHub action, since it now fails to download
• 861383c Drop support for Python < 3.5
• 7c618b0 Merge pull request #236 from cdcadman/cve_2023_26112
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)