Bump twisted from 20.3.0 to 24.7.0

Bumps twisted from 20.3.0 to 24.7.0.

Release notes

Sourced from twisted's releases.

Twisted 24.7.0 (2024-08-08)

24.7.0.rc2 fixed an unreleased regression caused by PR 12109. (#12279) No other changes since 24.7.0.rc2

Features

• twisted.protocols.ftp now supports the IPv6 extensions defined in RFC 2428. (#9645)
• twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972)
• twisted.python._shellcomp.ZshArgumentsGenerator was updated for Python 3.13. (#12065)
• twisted.web.wsgi request environment now contains the peer port number as REMOTE_PORT. (#12096)
• twisted.internet.defer.Deferred.callback() and twisted.internet.defer.Deferred.addCallbacks() no longer use assert to check the type of the arguments. You should now use type checking to validate your code. These changes were done to reduce the CPU usage. (#12122)
• Added two new methods, twisted.logger.Logger.failuresHandled and twisted.logger.Logger.failureHandler, which allow for more concise and convenient handling of exceptions when dispatching out to application code. The former can arbitrarily customize failure handling at the call site, and the latter can be used for performance-sensitive cases where no additional information needs to be logged. (#12188)
• twisted.internet.defer.Deferred.addCallback now runs about 10% faster. (#12223)
• twisted.internet.defer.Deferred error handling is now faster, taking 40% less time to run. (#12227)

Bugfixes

• Fixed unreleased regression caused by PR #12109. (#12279)
• twisted.internet.ssl.Certificate.repr can now handle certificates without a common name (CN) in the certificate itself or the signing CA. (#5851)
• Type annotations have been added to twisted.conch.interfaces.IKnownHostEntry and its implementations, twisted.conch.client.knownhosts.PlainHost and twisted.conch.client.knownhosts.HashedHost, correcting a variety of type confusion issues throughout the conch client code. (#9713)
• twisted.python.failure.Failure once again utilizes the custom pickling logic it used to in the past. (#12112)
• twisted.conch.client.knownhosts.KnownHostsFile.verifyHostKey no longer logs an exception when automatically adding an IP address host key, which means the interactive conch command-line no longer will either. (#12141)

Improved Documentation

• The IRC server example found in the documentation was updated for readability. (#12097)
• Remove contextvars from list of optional dependencies. (#12128)
• The documentation for installing Twisted was moved into a single page. (#12145)
• The project's compatibility policy now clearly indicates that the GitHub Actions test matrix defines the supported platforms. (#12167)
• Updated imap4client.py example, it no longer references Python 2. (#12252)

Deprecations and Removals

• twisted.internet.defer.returnValue has been deprecated. You can replace it with the standard return statement. (#9930)
• The twisted-iocpsupport is no longer a hard dependency on Windows. The IOCP support is now installed together with the other Windows soft dependencies via twisted[windows-platform]. (#11893)
• twisted.python.deprecate helper function will now always strip whitespaces from the docstrings. This is done to have the same behaviour as with Python 3.13. (#12063)
• twisted.conch.manhole.ManholeInterpreter.write, twisted.conch.manhole.ManholeInterpreter.addOutput, twisted.mail.imap4.IMAP4Server.sendUntaggedResponse async argument, deprecated since 18.9.0, has been removed. (#12130)
• twisted.web.soap was removed.

... (truncated)

Changelog

Sourced from twisted's changelog.

Twisted 24.7.0 (2024-08-08)

24.7.0.rc2 fixed an unreleased regression caused by PR 12109. (#12279) No other changes since 24.7.0.rc2

Security Advisories

• twisted.web.util.redirectTo now HTML-escapes the provided URL in the fallback response body it returns (GHSA-cf56-g6w6-pqq2, CVE-2024-41810). (#9839)
• The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure (CVE-2024-41671/GHSA-c8m8-j448-xjx7) (#12248)

Features

• twisted.protocols.ftp now supports the IPv6 extensions defined in RFC 2428. (#9645)
• twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972)
• twisted.python._shellcomp.ZshArgumentsGenerator was updated for Python 3.13. (#12065)
• twisted.web.wsgi request environment now contains the peer port number as REMOTE_PORT. (#12096)
• twisted.internet.defer.Deferred.callback() and twisted.internet.defer.Deferred.addCallbacks() no longer use assert to check the type of the arguments. You should now use type checking to validate your code. These changes were done to reduce the CPU usage. (#12122)
• Added two new methods, twisted.logger.Logger.failuresHandled and twisted.logger.Logger.failureHandler, which allow for more concise and convenient handling of exceptions when dispatching out to application code. The former can arbitrarily customize failure handling at the call site, and the latter can be used for performance-sensitive cases where no additional information needs to be logged. (#12188)
• twisted.internet.defer.Deferred.addCallback now runs about 10% faster. (#12223)
• twisted.internet.defer.Deferred error handling is now faster, taking 40% less time to run. (#12227)

Bugfixes

• twisted.internet.ssl.Certificate.repr can now handle certificates without a common name (CN) in the certificate itself or the signing CA. (#5851)
• Type annotations have been added to twisted.conch.interfaces.IKnownHostEntry and its implementations, twisted.conch.client.knownhosts.PlainHost and twisted.conch.client.knownhosts.HashedHost, correcting a variety of type confusion issues throughout the conch client code. (#9713)
• twisted.python.failure.Failure once again utilizes the custom pickling logic it used to in the past. (#12112)
• twisted.conch.client.knownhosts.KnownHostsFile.verifyHostKey no longer logs an exception when automatically adding an IP address host key, which means the interactive conch command-line no longer will either. (#12141)

Improved Documentation

• The IRC server example found in the documentation was updated for readability. (#12097)
• Remove contextvars from list of optional dependencies. (#12128)
• The documentation for installing Twisted was moved into a single page. (#12145)
• The project's compatibility policy now clearly indicates that the GitHub Actions test matrix defines the supported platforms. (#12167)
• Updated imap4client.py example, it no longer references Python 2. (#12252)

Deprecations and Removals

• twisted.internet.defer.returnValue has been deprecated. You can replace it with the standard return statement. (#9930)

... (truncated)

Commits

• 8cb7d2b python -m incremental.update Twisted --newversion 24.7.0
• 05b4a87 Update news.
• a30fcf6 Fix conflict.
• db61dbb tox -e towncrier
• 34dc72e python -m incremental.update Twisted --rc
• 4814526 Fix regression in CopiedFailure
• b51c186 Move securitu fixes to a separate security advisories.
• c0b035c Fix typos
• 6970f5c Fix typo.
• 6d157ca tox -e towncrier
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.