If no digest value is passed to make_signature and Exception was thrown.
Since digest is added to the signature headers if it is not None anyway, there is no need to assign the digest value before that check.
When signing a request _as the server_ for Mastodon's AUTHORIZED_FETCH there is no need to include a digest.
Why update:
iohttp: supports now more of http standard.
celery: supports redis > = 4.0.2 (the docker image uses redis 7.0.6
django-celery-beat: better Django 3.2 support, bump celery to 5.2, downgrade of dependencies for better celery support
django-compressor: official Django 3.2 support, updates requirements
django-model-utils: official django 3.2 support.
django-sass-processor: remove deprecated default_app_config, support of ManifestStaticFilesStorage (which might be needed in the future)
environs: bugfixes
libsass: removes deprecated cli
Pillow: bug fixing
psycopg2: Bugfixing
pycryptodome: bugfixes
python-dateutil: updated tzdata
requests: better json Handling, bugfixing
responses: bugfixes and more
pytz: python3 code generation, All the corect timezone behaviour!
boto3: Updsate all the S3 Handling
signtures.py update because of breaking change in pycryptodome
migration because uf updated timezones
With updated celery I have less 501 errors on my instance. updated psycopg2 has better performance.
I have NOT chekced opentelemetry packages.
Upgrading redis package wold need a deeper inspection of the code as some functions are dropped in newer versions.
When mastodon is in authorized fetch mode any request has to be signed
or it fails with 401. This adds the needed signature to the requests
made to discover the actor when receiving something from mastodon (such
as a follow request)