Bump psycopg[c] from 3.2.3 to 3.2.4

[dependabot]

Bumps psycopg[c] from 3.2.3 to 3.2.4.

Changelog

Sourced from psycopg[c]'s changelog.

.. currentmodule:: psycopg

.. index:: single: Release notes single: News

psycopg release notes

Future releases

Python 3.3.0 (unreleased) ^^^^^^^^^^^^^^^^^^^^^^^^^

• Drop support for Python 3.8.

Current release

Psycopg 3.2.4 ^^^^^^^^^^^^^

• Don't lose notifies received whilst the ~Connection.notifies() iterator is not running (:ticket:[#962](https://github.com/psycopg/psycopg/issues/962)).
• Make sure that the notifies callback is called during the use of the ~Connection.notifies() generator (:ticket:[#972](https://github.com/psycopg/psycopg/issues/972)).
• Raise the correct error returned by the database (such as !AdminShutdown or !IdleInTransactionSessionTimeout) instead of a generic OperationalError when a server error causes a client disconnection (:ticket:[#988](https://github.com/psycopg/psycopg/issues/988)).
• Build macOS dependencies from sources instead using the Homebrew versions in order to avoid problems with MACOSX_DEPLOYMENT_TARGET (:ticket:[#858](https://github.com/psycopg/psycopg/issues/858)).
• Bump libpq to 17.2 in Linux and macOS binary packages.
• Bump libpq to 16.4 in Windows binary packages, using the vcpkg library__ (:ticket:[#966](https://github.com/psycopg/psycopg/issues/966)).

.. __: https://vcpkg.io/en/package/libpq

Psycopg 3.2.3 ^^^^^^^^^^^^^

• Release binary packages including PostgreSQL 17 libpq (:ticket:[#852](https://github.com/psycopg/psycopg/issues/852)).

Psycopg 3.2.2 ^^^^^^^^^^^^^

... (truncated)

Commits

• c2c4ba2 chore: bump psycopg package version to 3.2.4
• d959f8d docs: mention the binary packages changes in news file
• 730c23c chore(binary): bump libpq to 17.2
• 5f9d196 chore(binary): bump OpenSSL to 3.4.0
• e9188ed Merge branch 'build-libpq-macos-3.2' into maint-3.2
• e19a258 ci(binary): less verbose libpq build
• 89f3f82 ci(macos): drop Python 3.8 build on macOS arm64
• bdba767 ci(macos): build libpq instead of using Homebrew libraries
• 06ae213 refactor: don't keep the notifiers backlog handler in the connection state
• 0f7005b Merge branch 'fix-clobbered-error-on-disconnect-3.2' into maint-3.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dryrunsecurity]

DryRun Security Summary

The code change involves updating the psycopg[c] library version in the requirements.txt file from 3.2.3 to 3.2.4, which is likely a routine dependency update for the DefectDojo application.

Expand for full summary

Summary:

The provided code change is a modification to the requirements.txt file, which lists the Python dependencies required for the DefectDojo application. The key change is an update to the version of the psycopg[c] library, a Python adapter for the PostgreSQL database, from version 3.2.3 to 3.2.4. This is likely a minor bug fix or security update.

From an application security perspective, the changes in this requirements.txt file are not particularly interesting, as the update to the psycopg library is a routine dependency update. However, it's important to review the entire set of dependencies and their versions to ensure that the application is using the latest stable and secure versions of all libraries. Outdated or vulnerable dependencies can introduce security risks, so it's crucial to keep the application's dependencies up-to-date. Additionally, it's a good practice to periodically review the entire requirements.txt file and compare it against the latest versions of the libraries to identify any potential security updates or improvements that can be made.

Files Changed:

• requirements.txt: This file has been updated to change the version of the psycopg[c] library from 3.2.3 to 3.2.4. This is likely a minor bug fix or security update to the PostgreSQL database adapter library.

Code Analysis

We ran 9 analyzers against 1 file and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	1 finding

View PR in the DryRun Dashboard.

[mtesauro]

@dependabot rebase

[mtesauro]

Approved