mirror of
https://github.com/servo/servo
synced 2026-04-25 17:15:48 +02:00
4dc82fe2c0
Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.2 to 1.3.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sqlalchemy/mako/releases">mako's releases</a>.</em></p> <blockquote> <h1>1.3.11</h1> <p>Released: Tue Apr 14 2026</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [template]</strong> Fixed issue in <code>TemplateLookup</code> where a URI with a double-slash prefix (e.g. <code>//../../</code>) could bypass the directory traversal check in <code>Template</code>, allowing reads of arbitrary files outside of the template directory. The issue was caused by an inconsistency in how leading slashes were stripped between <code>TemplateLookup.get_template()</code> and <code>Template</code> initialization.</p> <p>References: <a href="https://redirect.github.com/sqlalchemy/mako/issues/434">#434</a></p> </li> </ul> <h1>1.3.10</h1> <p>Released: Thu Apr 10 2025</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [lexer]</strong> Fix undefined variable errors when <code>strict_undefined=True</code> when using a nested list comprehension. Pull request courtesy Sébastien Granjoux.</p> <p>References: <a href="https://redirect.github.com/sqlalchemy/mako/issues/418">#418</a></p> </li> </ul> <h1>1.3.9</h1> <p>Released: Tue Feb 4 2025</p> <h2>bug</h2> <ul> <li> <p><strong>[bug] [tests]</strong> Fixed test suite to not rely upon ancient "future division" statement to test the <code>Template.future_imports</code> feature. The test is replaced with one that tests only the rendering, not the ultimate effect.</p> <p>References: <a href="https://redirect.github.com/sqlalchemy/mako/issues/408">#408</a></p> </li> </ul> <h1>1.3.8</h1> <p>Released: Sat Dec 7 2024</p> <h2>bug</h2> <ul> <li><strong>[bug] [lexer]</strong> Reverted the fix for <a href="https://redirect.github.com/sqlalchemy/mako/issues/140">#140</a> released in Mako 1.3.7 as it produced regressions in existing user code.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sqlalchemy/mako/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/servo/servo/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This directory contains various Python modules used to support servo development.
servo
servo-specific python code e.g. implementations of mach commands. This is the canonical repository for this code.
tidy
servo-tidy is used to check licenses, line lengths, whitespace, ruff on Python files, lock file versions, and more.
wpt
servo-wpt is a module with support scripts for running, importing, exporting, updating manifests, and updating expectations for WPT tests.