mirror of
https://github.com/evroon/bracket.git
synced 2026-02-02 02:21:15 -05:00
6b83168b22
Bumps [gunicorn](https://github.com/benoitc/gunicorn) from 23.0.0 to 24.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benoitc/gunicorn/releases">gunicorn's releases</a>.</em></p> <blockquote> <h2>24.1.1</h2> <h2>Bug Fixes</h2> <ul> <li>Fix <code>forwarded_allow_ips</code> and <code>proxy_allow_ips</code> to remain as strings for backward compatibility with external tools like uvicorn. Network validation now uses strict mode to detect invalid CIDR notation (e.g., <code>192.168.1.1/24</code> where host bits are set) (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3458">#3458</a>, [PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3459">#3459</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3459">benoitc/gunicorn#3459</a>))</li> </ul> <hr /> <p><strong>Full Changelog</strong>: <a href="https://github.com/benoitc/gunicorn/compare/24.1.0...24.1.1">https://github.com/benoitc/gunicorn/compare/24.1.0...24.1.1</a></p> <h2>Gunicorn 24.1.0</h2> <h2>New Features</h2> <ul> <li> <p><strong>Official Docker Image</strong>: Gunicorn now publishes official Docker images to GitHub Container Registry ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3454">#3454</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3454">benoitc/gunicorn#3454</a>))</p> <ul> <li>Available at <code>ghcr.io/benoitc/gunicorn</code></li> <li>Based on Python 3.12 slim image</li> <li>Uses recommended worker formula (2 × CPU + 1)</li> <li>Configurable via environment variables</li> </ul> </li> <li> <p><strong>PROXY Protocol v2 Support</strong>: Extended PROXY protocol implementation to support the binary v2 format in addition to the existing text-based v1 format ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3451">#3451</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3451">benoitc/gunicorn#3451</a>))</p> <ul> <li>New <code>--proxy-protocol</code> modes: <code>off</code>, <code>v1</code>, <code>v2</code>, <code>auto</code></li> <li><code>auto</code> mode (default when enabled) detects v1 or v2 automatically</li> <li>v2 binary format is more efficient and supports additional metadata</li> <li>Works with HAProxy, AWS NLB/ALB, and other PROXY protocol v2 sources</li> </ul> </li> <li> <p><strong>CIDR Network Support</strong>: <code>--forwarded-allow-ips</code> and <code>--proxy-allow-from</code> now accept CIDR notation (e.g., <code>192.168.0.0/16</code>) for specifying trusted networks ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3449">#3449</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3449">benoitc/gunicorn#3449</a>))</p> </li> <li> <p><strong>Socket Backlog Metric</strong>: New <code>gunicorn.socket.backlog</code> gauge metric reports the current socket backlog size on Linux systems ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3450">#3450</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3450">benoitc/gunicorn#3450</a>))</p> </li> <li> <p><strong>InotifyReloader Enhancement</strong>: The inotify-based reloader now watches newly imported modules, not just those loaded at startup ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3447">#3447</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3447">benoitc/gunicorn#3447</a>))</p> </li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix signal handling regression where SIGCLD alias caused "Unhandled signal: cld" errors on Linux when workers fail during boot (<a href="https://github.com/benoitc/gunicorn/discussions/3453">#3453</a>)</li> <li>Fix socket blocking mode on keepalive connections preventing SSL handshake failures with async workers ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3452">#3452</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3452">benoitc/gunicorn#3452</a>))</li> <li>Use smaller buffer size in <code>finish_body()</code> for faster timeout detection on slow or abandoned connections ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3453">#3453</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3453">benoitc/gunicorn#3453</a>))</li> <li>Handle <code>SSLWantReadError</code> in <code>finish_body()</code> to prevent worker hangs during SSL renegotiation ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3448">#3448</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3448">benoitc/gunicorn#3448</a>))</li> <li>Log SIGTERM as info level instead of warning to reduce noise in orchestrated environments ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3446">#3446</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3446">benoitc/gunicorn#3446</a>))</li> <li>Print exception details to stderr when worker fails to boot ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3443">#3443</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3443">benoitc/gunicorn#3443</a>))</li> <li>Fix <code>unreader.unread()</code> to prepend data to buffer instead of appending ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3442">#3442</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3442">benoitc/gunicorn#3442</a>))</li> <li>Prevent <code>RecursionError</code> when pickling Config objects ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3441">#3441</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3441">benoitc/gunicorn#3441</a>))</li> <li>Use proper exception chaining with <code>raise from</code> in glogging.py ([PR <a href="https://redirect.github.com/benoitc/gunicorn/issues/3440">#3440</a>](<a href="https://redirect.github.com/benoitc/gunicorn/pull/3440">benoitc/gunicorn#3440</a>))</li> </ul> <h2>Installation</h2> <pre lang="bash"><code>pip install gunicorn==24.1.0 </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="375e79e95b"><code>375e79e</code></a> release: bump version to 24.1.1</li> <li><a href="ad0c12de98"><code>ad0c12d</code></a> docs: add sponsors section to README</li> <li><a href="70200eef46"><code>70200ee</code></a> chore: add GitHub Sponsors funding configuration</li> <li><a href="6841804116"><code>6841804</code></a> docs: remove incorrect PR reference from Docker changelog entry</li> <li><a href="abce0ca9cb"><code>abce0ca</code></a> docs: add 24.1.1 changelog entry for forwarded_allow_ips fix</li> <li><a href="e9a3f30a0f"><code>e9a3f30</code></a> fix: keep forwarded_allow_ips as strings for backward compatibility (<a href="https://redirect.github.com/benoitc/gunicorn/issues/3459">#3459</a>)</li> <li><a href="d73ff4b1d8"><code>d73ff4b</code></a> docs: update main changelog with 24.1.0</li> <li><a href="53f2c31012"><code>53f2c31</code></a> ci: allow docs deploy on workflow_dispatch</li> <li><a href="eab5f0b1a5"><code>eab5f0b</code></a> ci: trigger Docker publish on tags with or without v prefix</li> <li><a href="a20d3fb220"><code>a20d3fb</code></a> docs: add Docker image to 24.1.0 changelog</li> <li>Additional commits viewable in <a href="https://github.com/benoitc/gunicorn/compare/23.0.0...24.1.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>