id,node_id,number,title,user,state,locked,assignee,milestone,comments,created_at,updated_at,closed_at,author_association,pull_request,body,repo,type,active_lock_reason,performed_via_github_app,reactions,draft,state_reason
596245802,MDExOlB1bGxSZXF1ZXN0NDAwNTc4OTc5,720,"Update beautifulsoup4 requirement from ~=4.8.1 to >=4.8.1,<4.10.0",27856297,closed,0,,,0,2020-04-08T01:24:38Z,2020-05-04T17:14:51Z,2020-05-04T17:14:46Z,CONTRIBUTOR,simonw/datasette/pulls/720,"Updates the requirements on [beautifulsoup4](http://www.crummy.com/software/BeautifulSoup/bs4/) to permit the latest version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

**Note:** This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking `Bump now` in your [Dependabot dashboard](https://app.dependabot.com).

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a ""Dependabot enabled"" badge to your readme

Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)



</details>",107914493,pull,,,"{""url"": ""https://api.github.com/repos/simonw/datasette/issues/720/reactions"", ""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",0,
596245923,MDExOlB1bGxSZXF1ZXN0NDAwNTc5MDc3,721,"Update pytest requirement from ~=5.2.2 to >=5.2.2,<5.5.0",27856297,closed,0,,,0,2020-04-08T01:25:04Z,2020-05-04T17:13:49Z,2020-05-04T17:13:41Z,CONTRIBUTOR,simonw/datasette/pulls/721,"Updates the requirements on [pytest](https://github.com/pytest-dev/pytest) to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href=""https://github.com/pytest-dev/pytest/releases"">pytest's releases</a>.</em></p>
<blockquote>
<h2>5.4.1</h2>
<h1>pytest 5.4.1 (2020-03-13)</h1>
<h2>Bug Fixes</h2>
<ul>
<li>
<p><a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6909"">#6909</a>: Revert the change introduced by <a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/pull/6330"">#6330</a>, which required all arguments to <code>@pytest.mark.parametrize</code> to be explicitly defined in the function signature.</p>
<p>The intention of the original change was to remove what was expected to be an unintended/surprising behavior, but it turns out many people relied on it, so the restriction has been reverted.</p>
</li>
<li>
<p><a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6910"">#6910</a>: Fix crash when plugins return an unknown stats while using the <code>--reportlog</code> option.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href=""https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst"">pytest's changelog</a>.</em></p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href=""https://github.com/pytest-dev/pytest/commit/3d0f3baa2bb89257dfff25ae6ebabd565287240e""><code>3d0f3ba</code></a> Preparing release version 5.4.1</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/b9e2cd0a81e043bdb409e7078db9af4c4d38da54""><code>b9e2cd0</code></a> Merge pull request <a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6914"">#6914</a> from nicoddemus/revert-6330</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/a84fcbf5b2fc007a1630a1ddd60b0a2438b61642""><code>a84fcbf</code></a> Revert &quot;[parametrize] enforce explicit argnames declaration (<a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6330"">#6330</a>)&quot;</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/59c1bfada7de3b3d239f5d7cfff04ce460c9aecd""><code>59c1bfa</code></a> Merge pull request <a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6913"">#6913</a> from nicoddemus/backport-6910</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/3267f64724085c8f4be4c8d6eee6726cd7b20c14""><code>3267f64</code></a> Merge pull request <a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6910"">#6910</a> from nicoddemus/resultlog-logreport</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/c9fd1bdbd6d25917d33b27511d8ebc2a65538899""><code>c9fd1bd</code></a> Preparing release version 5.4.0</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/93aa988e0152392c233acac1e24bf6db8a2772c7""><code>93aa988</code></a> Merge pull request <a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6901"">#6901</a> from RonnyPfannschmidt/regendoc-fix-simple</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/7996724f23760275a9cba9daad5af99c6da91f2c""><code>7996724</code></a> Merge pull request <a href=""https://github-redirect.dependabot.com/pytest-dev/pytest/issues/6902"">#6902</a> from RoyalTS/filterwarnings-docfix</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/90ee8a75995fb69bcfaae258afdb6694b3aa620d""><code>90ee8a7</code></a> docfix</li>
<li><a href=""https://github.com/pytest-dev/pytest/commit/378a75ddf602278fb2049a743b2ca3237722603d""><code>378a75d</code></a> run and fix tox -e regen to prepare 5.4</li>
<li>Additional commits viewable in <a href=""https://github.com/pytest-dev/pytest/compare/5.2.2...5.4.1"">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

**Note:** This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking `Bump now` in your [Dependabot dashboard](https://app.dependabot.com).

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a ""Dependabot enabled"" badge to your readme

Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)



</details>",107914493,pull,,,"{""url"": ""https://api.github.com/repos/simonw/datasette/issues/721/reactions"", ""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",0,
596246006,MDExOlB1bGxSZXF1ZXN0NDAwNTc5MTM2,722,"Update jinja2 requirement from ~=2.10.3 to >=2.10.3,<2.12.0",27856297,closed,0,,,0,2020-04-08T01:25:24Z,2020-05-04T17:13:26Z,2020-05-04T17:13:16Z,CONTRIBUTOR,simonw/datasette/pulls/722,"Updates the requirements on [jinja2](https://github.com/pallets/jinja) to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href=""https://github.com/pallets/jinja/releases"">jinja2's releases</a>.</em></p>
<blockquote>
<h2>2.11.1</h2>
<p>This fixes an issue in async environment when indexing the result of an attribute lookup, like <code>{{ data.items[1:] }}</code>.</p>
<ul>
<li>Changes: <a href=""https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1"">https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href=""https://github.com/pallets/jinja/blob/master/CHANGES.rst"">jinja2's changelog</a>.</em></p>
<blockquote>
<h1>Version 2.11.1</h1>
<p>Released 2020-01-30</p>
<ul>
<li>Fix a bug that prevented looking up a key after an attribute (<code>{{ data.items[1:] }}</code>) in an async template. 1141</li>
</ul>
<h1>Version 2.11.0</h1>
<p>Released 2020-01-27</p>
<ul>
<li>Drop support for Python 2.6, 3.3, and 3.4. This will be the last version to support Python 2.7 and 3.5.</li>
<li>Added a new <code>ChainableUndefined</code> class to support getitem and getattr on an undefined object. 977</li>
<li>Allow <code>{%+</code> syntax (with NOP behavior) when <code>lstrip_blocks</code> is disabled. 748</li>
<li>Added a <code>default</code> parameter for the <code>map</code> filter. 557</li>
<li>Exclude environment globals from meta.find_undeclared_variables. 931</li>
<li>Float literals can be written with scientific notation, like 2.56e-3. 912, 922</li>
<li>Int and float literals can be written with the '_' separator for legibility, like 12_345. 923</li>
<li>Fix a bug causing deadlocks in <code>LRUCache.setdefault</code>. 1000</li>
<li>The <code>trim</code> filter takes an optional string of characters to trim. 828</li>
<li>A new <code>jinja2.ext.debug</code> extension adds a <code>{% debug %}</code> tag to quickly dump the current context and available filters and tests. 174, 798, 983</li>
<li>Lexing templates with large amounts of whitespace is much faster. 857, 858</li>
<li>Parentheses around comparisons are preserved, so <code>{{ 2 * (3 &lt; 5) }}</code> outputs &quot;2&quot; instead of &quot;False&quot;. 755, 938</li>
<li>Add new <code>boolean</code>, <code>false</code>, <code>true</code>, <code>integer</code> and <code>float</code> tests. 824</li>
<li>The environment's <code>finalize</code> function is only applied to the output of expressions (constant or not), not static template data. 63</li>
<li>When providing multiple paths to <code>FileSystemLoader</code>, a template can have the same name as a directory. 821</li>
<li>Always return Undefined when omitting the <code>else</code> clause in a <code>{{ 'foo' if bar }}</code> expression, regardless of the environment's <code>undefined</code> class. Omitting the <code>else</code> clause is a valid shortcut and should not raise an error when using StrictUndefined. 710, 1079</li>
<li>Fix behavior of <code>loop</code> control variables such as <code>length</code> and <code>revindex0</code> when looping over a generator. 459, 751, 794, 993</li>
<li>Async support is only loaded the first time an environment enables it, in order to avoid a slow initial import. 765</li>
<li>In async environments, the <code>|map</code> filter will await the filter call if needed. 913</li>
<li>In for loops that access <code>loop</code> attributes, the iterator is not advanced ahead of the current iteration unless <code>length</code>, <code>revindex</code>, <code>nextitem</code>, or <code>last</code> are accessed. This makes it less likely to break <code>groupby</code> results. 555, 1101</li>
<li>In async environments, the <code>loop</code> attributes <code>length</code> and <code>revindex</code> work for async iterators. 1101</li>
<li>In async environments, values from attribute/property access will be awaited if needed. 1101</li>
<li>~loader.PackageLoader doesn't depend on setuptools or pkg_resources. 970</li>
<li><code>PackageLoader</code> has limited support for 420 namespace packages. 1097</li>
<li>Support os.PathLike objects in ~loader.FileSystemLoader and ~loader.ModuleLoader. 870</li>
<li>~nativetypes.NativeTemplate correctly handles quotes between expressions. <code>&quot;'{{ a }}', '{{ b }}'&quot;</code> renders as the tuple <code>('1', '2')</code> rather than the string <code>'1, 2'</code>. 1020</li>
<li>Creating a ~nativetypes.NativeTemplate directly creates a ~nativetypes.NativeEnvironment instead of a default Environment. 1091</li>
<li>After calling <code>LRUCache.copy()</code>, the copy's queue methods point to the correct queue. 843</li>
<li>Compiling templates always writes UTF-8 instead of defaulting to the system encoding. 889</li>
<li><code>|wordwrap</code> filter treats existing newlines as separate paragraphs to be wrapped individually, rather than creating short intermediate lines. 175</li>
<li>Add <code>break_on_hyphens</code> parameter to <code>|wordwrap</code> filter. 550</li>
<li>Cython compiled functions decorated as context functions will be passed the context. 1108</li>
<li>When chained comparisons of constants are evaluated at compile time, the result follows Python's behavior of returning <code>False</code> if any comparison returns <code>False</code>, rather than only the last one. 1102</li>
<li>Tracebacks for exceptions in templates show the correct line numbers and source for Python &gt;= 3.7. 1104</li>
<li>Tracebacks for template syntax errors in Python 3 no longer show internal compiler frames. 763</li>
<li>Add a <code>DerivedContextReference</code> node that can be used by extensions to get the current context and local variables such as <code>loop</code>. 860</li>
<li>Constant folding during compilation is applied to some node types that were previously overlooked. 733</li>
<li><code>TemplateSyntaxError.source</code> is not empty when raised from an included template. 457</li>
</ul>
</tr></table> ... (truncated)
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href=""https://github.com/pallets/jinja/commit/b85283e8464d56ef129fe8969f9abbb77be31be0""><code>b85283e</code></a> release version 2.11.1</li>
<li><a href=""https://github.com/pallets/jinja/commit/3d5bfc6109bcc682f5266b118180e8b5fb775ae9""><code>3d5bfc6</code></a> Merge pull request <a href=""https://github-redirect.dependabot.com/pallets/jinja/issues/1143"">#1143</a> from pallets/bugfix/attribute-access</li>
<li><a href=""https://github.com/pallets/jinja/commit/d61c1ea70bfc98eb6a0dc690e2f0a1527fd80f10""><code>d61c1ea</code></a> add changelog</li>
<li><a href=""https://github.com/pallets/jinja/commit/15d7e615f4dc81424ad15b852ca69d1d98129139""><code>15d7e61</code></a> Added regression test for slicing of attributes</li>
<li><a href=""https://github.com/pallets/jinja/commit/05dee9b87023930f8131cbc0815b56a23e973c3d""><code>05dee9b</code></a> Fix attribute access in async code. Fixes <a href=""https://github-redirect.dependabot.com/pallets/jinja/issues/1141"">#1141</a></li>
<li><a href=""https://github.com/pallets/jinja/commit/bbdafe33ce9f47e3cbfb9415619e354349f11243""><code>bbdafe3</code></a> release version 2.11.0</li>
<li><a href=""https://github.com/pallets/jinja/commit/9ff27f64a92171c912e403bd66c392ec1a70533a""><code>9ff27f6</code></a> add python 3.8 classifier, clean up changelog</li>
<li><a href=""https://github.com/pallets/jinja/commit/d312609ccd561498d2963d47f0330715e8f24982""><code>d312609</code></a> isolate bytecode cache tests</li>
<li><a href=""https://github.com/pallets/jinja/commit/984997913cc2eb1a00e1b8787c3d3ada5dd359c7""><code>9849979</code></a> import Markup from markupsafe, fix flake8 import warnings</li>
<li><a href=""https://github.com/pallets/jinja/commit/c6d864cf8975415bd4ffee17f29e37f95969c8c9""><code>c6d864c</code></a> increment bytecode cache version</li>
<li>Additional commits viewable in <a href=""https://github.com/pallets/jinja/compare/2.10.3...2.11.1"">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

**Note:** This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking `Bump now` in your [Dependabot dashboard](https://app.dependabot.com).

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a ""Dependabot enabled"" badge to your readme

Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)



</details>",107914493,pull,,,"{""url"": ""https://api.github.com/repos/simonw/datasette/issues/722/reactions"", ""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",0,