Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump pyinstaller from 3.5 to 3.6 #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jul 22, 2023

Bumps pyinstaller from 3.5 to 3.6.

Release notes

Sourced from pyinstaller's releases.

v3.6

See https://pyinstaller.readthedocs.io/en/v3.6/CHANGES.html for Changelog.

Changelog

Sourced from pyinstaller's changelog.

Changelog for PyInstaller 3.0 – 3.6

3.6 (2020-01-09)

Important: This is the last release of PyInstaller supporting Python 2.7. Python 2 is end-of-life, many packages are about to drop support for Python 2.7 <https://python3statement.org/>_ - or already did it.

Security


* [SECURITY] (Win32) Fix CVE-2019-16784: Local Privilege Escalation caused by
  insecure directory permissions of sys._MEIPATH. This security fix effects all
  Windows software frozen by PyInstaller in "onefile" mode.
  While PyInstaller itself was not vulnerable, all Windows software frozen
  by PyInstaller in "onefile" mode is vulnerable.

If you are using PyInstaller to freeze Windows software using "onefile" mode, you should upgrade PyInstaller and rebuild your software.

Features

  • (Windows): Applications built in windowed mode have their debug messages sent to any attached debugger or DebugView instead of message boxes. (:issue:4288)
  • Better error message when file exists at path we want to be dir. (:issue:4591)

Bugfix


* (Windows) Allow usage of `VSVersionInfo` as version argument to EXE again.
  (:issue:`4381`, :issue:`4539`)
* (Windows) Fix MSYS2 dll's are not found by modulegraph. (:issue:`4125`,
  :issue:`4417`)
* (Windows) The temporary copy of bootloader used add resources, icons, etc.
  is not created in --workpath instead of in  %TEMP%. This fixes issues on
  systems where the anti-virus cleans %TEMP% immediately. (:issue:`3869`)
* Do not fail the build when ``ldconfig`` is missing/inoperable.
  (:issue:`4261`)
* Fixed loading of IPython extensions. (:issue:`4271`)
* Fixed pre-find-module-path hook for `distutils` to be compatible with
  `virtualenv >= 16.3`. (:issue:`4064`, :issue:`4372`)
* Improve error reporting when the Python library can't be found.
</tr></table> 

... (truncated)

Commits
  • 6d4cce1 Release 3.6.
  • 9649913 Doc: Rebuild man-pages for release 3.6.
  • 51bcee4 Update versions in README.
  • 3058682 Update CREDITS for release 3.6
  • 2232b5b Preparing release 3.6
  • 95ff39d pyproject.toml: Update config for towncrier.
  • 0d7ac32 Hooks: Fix numpy and scipy hooks to find dlls in extra locations.
  • 2c16311 Hooks: Add hook for sklearn.mixture.
  • 9882f87 Add more options to funding.yml.
  • ddec556 Tests/CI: Use new label in .pyup.yml.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 3.5 to 3.6.
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES-3.rst)
- [Commits](pyinstaller/pyinstaller@v3.5...v3.6)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants