8000 chore(deps): bump binaryornot from 0.4.4 to 0.6.0 by dependabot[bot] · Pull Request #8767 · aws/aws-sam-cli · GitHub
[go: up one dir, main page]
Skip to content

chore(deps): bump binaryornot from 0.4.4 to 0.6.0#8767

Open
dependabot[bot] wants to merge 3 commits intodevelopfrom
dependabot/pip/develop/binaryornot-0.6.0
Open

chore(deps): bump binaryornot from 0.4.4 to 0.6.0#8767
dependabot[bot] wants to merge 3 commits intodevelopfrom
dependabot/pip/develop/binaryornot-0.6.0

Conversation

@dependabot
Copy link
Contributor
@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps binaryornot from 0.4.4 to 0.6.0.

Release notes

Sourced from binaryornot's releases.

BinaryOrNot 0.6.0: Three Layers of Detection

BinaryOrNot identifies binary files three ways: by extension, by file signature, and by content analysis. Pass it any file path and it tells you binary or text, accurately, across PNGs, PDFs, executables, archives, fonts, CJK-encoded text, and hundreds of other formats.

uv pip install --upgrade binaryornot

What's new

131 file types recognized by name. is_binary() checks the filename extension against a curated list of binary types (images, audio, video, archives, executables, fonts, documents, databases, 3D models, CAD files, scientific data formats, game ROMs) before reading any bytes. A .png or .mp4 is classified instantly with zero file I/O. The extension list ships as binary_extensions.csv and is easy to inspect or extend. (#648)

If you need pure content-based classification, pass check_extensions=False:

from binaryornot.check import is_binary
Extension says binary, but let's check the actual bytes
is_binary("mystery_file.pyc", check_extensions=False)

55 binary format signatures. The detector checks file headers against known magic bytes for PNG, JPEG, PDF, ZIP, ELF, Mach-O, WebAssembly, SQLite, Parquet, Arrow IPC, and 45 more formats. Files that match a known signature are classified as binary immediately, before the statistical model runs. The signature table ships as binary_formats.csv. (#647)

Type annotations on the public API. is_binary(), is_binary_string(), and get_starting_chunk() all have inline type annotations. Editors and type checkers know that is_binary() accepts str, bytes, or pathlib.Path and returns bool. Credit to @​smheidrich for the initial type stubs proposal (#627) and @​AlJohri for requesting pathlib.Path support (#628). (#643)

What's better

Completely retrained decision tree on 4x more data. The detector reads 512 bytes per file instead of 128, and the decision tree was rebuilt from scratch on those larger samples. A new feature, has_magic_signature, gives the tree a second path to the right answer when statistical features are ambiguous. Byte ratios and entropy calculations reflect actual file content rather than header artifacts. (#647)

Python 3.10+ compatibility. BinaryOrNot installs on Python 3.10 through 3.14, supporting Cookiecutter, cookieplone, and other tools that run on older interpreters. Thanks @​wesleybl for raising this. (#645)

Test fixtures ship in the sdist. .pyc and .DS_Store test fixtures are force-included in the source distribution so tests pass when run from the sdist. (#646)

What's fixed

PNGs with ambiguous headers are correctly classified. A 512x512 grayscale+alpha PNG has an IHDR chunk with enough null bytes that the first 128 bytes accidentally decode as UTF-16. Extension checking, signature matching, and the retrained tree each independently prevent this misclassification. Closes #642. (#647)

What's changed

is_binary() has a new keyword argument. check_extensions (default True) controls whether the extension check runs. Existing code that calls is_binary(path) gets the extension check automatically. Code that passes check_extensions=False gets the previous content-only behavior.

Contributors

@​audreyfeldroy (Audrey M. Roy Greenfeld) designed and built this release: the extension detection system, file signature matching, decision tree retraining, type annotations, Python 3.10 compatibility, and sdist fixes.

Thanks to @​smheidrich for the type stubs proposal, @​AlJohri for requesting pathlib.Path support, and @​wesleybl for raising Python 3.10 compatibility.

BinaryOrNot 0.5.0: Zero Dependencies, 128 Bytes, One Trained Classifier

This is the biggest release in BinaryOrNot's history. I rebuilt the detection engine from the ground up. The original used byte ratio heuristics with chardet as a second opinion for ambiguous files. I replaced all of that with a trained decision tree operating on 23 features, covering 49 binary formats and 37 text encodings, with zero external dependencies. It's backed by 211 tests and a training pipeline you can re-run yourself. If you've ever had BinaryOrNot misidentify a UTF-16 file, choke on a CJK-encoded document, or crash because chardet changed its API, this release is for you.

BinaryOrNot now has zero dependencies. The chardet library (2.1 MB installed) is gone, replaced by a decision tree that reads 128 bytes of a file and classifies it as binary or text using 23 features computed from those bytes alone. The API is unchanged: is_binary("file.png") still returns True.

... (truncated)

Commits
  • 9c979cd Release 0.6.0
  • fba3730 Merge pull request #648 from binaryornot/check-file-extensions
  • c375996 Document why bytes filenames matter
  • 17540bc Handle bytes filenames in extension check
  • bc069ff Classify 131 file types by extension before reading them
  • a1ff8d0 Merge pull request #647 from binaryornot/fix-png-misclassification
  • 7c1864b Cover 55 binary formats from plists to network captures
  • 2a31e62 Apply ruff formatting to slice expression
  • 5f6351a Teach the decision tree to use file signatures as evidence
  • feb38d8 Give the decision tree 4x more context per file
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump binaryornot from 0.4.4 to 0.6.0
92800b4 
Bumps [binaryornot](https://github.com/binaryornot/binaryornot) from 0.4.4 to 0.6.0.
- [Release notes](https://github.com/binaryornot/binaryornot/releases)
- [Commits](binaryornot/binaryornot@0.4.4...v0.6.0)

---
updated-dependencies:
- dependency-name: binaryornot
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 9, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 9, 2026 22:29
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 9, 2026
@roger-zhangg
Copy link
Member
roger-zhangg commented Mar 10, 2026

Interesting, seems this update dropped chardet

@roger-zhangg roger-zhangg mentioned this pull request Mar 10, 2026
Merged
@roger-zhangg
Copy link
Member
roger-zhangg commented Mar 10, 2026

should be grouped with #8763 together

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@roger-zhangg roger-zhangg roger-zhangg approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file pr/internal python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roger-zhangg @actions-user
0