Title: ci(deps): bump idna from 3.11 to 3.15 by dependabot[bot] · Pull Request #1996 · commitizen-tools/commitizen · GitHub
Open Graph Title: ci(deps): bump idna from 3.11 to 3.15 by dependabot[bot] · Pull Request #1996 · commitizen-tools/commitizen
X Title: ci(deps): bump idna from 3.11 to 3.15 by dependabot[bot] · Pull Request #1996 · commitizen-tools/commitizen
Description: Bumps idna from 3.11 to 3.15.
Changelog
Sourced from idna's changelog.
3.15 (2026-05-12)
Enforce DNS-length cap on individual labels early in check_label,
short-circuiting contextual-rule processing for oversized input
while staying compatible with UTS 46 usage.
Tidy core helpers: hoist bidi category sets to module-level
frozensets (avoiding per-codepoint list construction), simplify
length checks, and reuse the shared _unicode_dots_re from
idna.core in the codec module.
Use raise ... from err for proper exception chaining and
switch internal string formatting to f-strings.
Allow flit_core 4.x in the build backend.
Expand the ruff lint set (flake8-bugbear, flake8-simplify,
pyupgrade, perflint) and apply the surfaced fixes; pin lint CI
to Python 3.14.
Add Dependabot configuration for GitHub Actions.
Convert README and HISTORY from reStructuredText to Markdown.
Reference CVE-2026-45409 for the 3.14 advisory in place of the
initial GHSA identifier.
Thanks to Felix Yan, Stan Ulbrych, and metsw24-max for
contributions to this release.
3.14 (2026-05-10)
Removed opportunity to process long inputs into quadratic
time by rejecting oversize inputs up-front. Closes a bypass
of the CVE-2024-3651 mitigation. [CVE-2026-45409]
Thanks to Stan Ulbrych for reporting the issue.
3.13 (2026-04-22)
Correct classification error for codepoint U+A7F1
3.12 (2026-04-21)
Update to Unicode 17.0.0.
Issue a deprecation warning for the transitional argument.
Added lazy-loading to provide some performance improvements.
Removed vestiges of code related to Python 2 support, including
segmentation of data structures specific to Jython.
Thanks to Rodrigo Nogueira for contributions to this release.
Commits
af30a09 Release 3.15
30314d4 Pre-release 3.15rc0
05d4b21 Merge pull request #237 from kjd/convert-docs-to-markdown
2987fdb Convert README and HISTORY from reStructuredText to Markdown
59fa800 Merge pull request #236 from kjd/dependabot/github_actions/actions-f3e34333ea
def6983 Merge branch 'master' into dependabot/github_actions/actions-f3e34333ea
bbd8004 Merge pull request #234 from StanFromIreland/patch-1
edd07c0 Bump github/codeql-action from 3.35.2 to 4.35.2 in the actions group
5557db0 Merge branch 'master' into patch-1
f11746c Merge pull request #235 from StanFromIreland/patch-2
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show
Open Graph Description: Bumps idna from 3.11 to 3.15. Changelog Sourced from idna's changelog. 3.15 (2026-05-12) Enforce DNS-length cap on individual labels early in check_label, short-circuiting contextual-rule pr...
X Description: Bumps idna from 3.11 to 3.15. Changelog Sourced from idna's changelog. 3.15 (2026-05-12) Enforce DNS-length cap on individual labels early in check_label, short-circuiting contextual-rul...
Opengraph URL: https://github.com/commitizen-tools/commitizen/pull/1996
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:cb5eeb5b-d51b-1599-89f0-7c01992cdb79 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | E0E6:9E5FA:1D769A4:2864BE2:6A4EBC16 |
| html-safe-nonce | 32d1c83c2284605b1c6fc9e67f7d3e78a12c3c97b20b3af9b580dc1e88303fa8 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFMEU2OjlFNUZBOjFENzY5QTQ6Mjg2NEJFMjo2QTRFQkMxNiIsInZpc2l0b3JfaWQiOiIzMTk4NTcyNzMzOTMyNjgyMjYyIiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0= |
| visitor-hmac | 236b2e2be381030d38c958e37f66c859ee1152aa26703622e88364ef6b60aafe |
| hovercard-subject-tag | pull_request:3712378427 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/commitizen-tools/commitizen/pull/1996/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps idna from 3.11 to 3.15. Changelog Sourced from idna's changelog. 3.15 (2026-05-12) Enforce DNS-length cap on individual labels early in check_label, short-circuiting contextual-rule pr... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 41b6ab3ba6d20a71766ac245b5a4a94c6fc672a9cd4da7d44c1b33ab8bf6a21c |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/commitizen-tools/commitizen git https://github.com/commitizen-tools/commitizen.git |
| octolytics-dimension-user_id | 62252524 |
| octolytics-dimension-user_login | commitizen-tools |
| octolytics-dimension-repository_id | 106127589 |
| octolytics-dimension-repository_nwo | commitizen-tools/commitizen |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 106127589 |
| octolytics-dimension-repository_network_root_nwo | commitizen-tools/commitizen |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | e6a744804e8e70f97b4d5a18a94dcc63db22f97a |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width