Bump tox from 4.47.0 to 4.52.0

[dependabot]

Bumps tox from 4.47.0 to 4.52.0.

Release notes

Sourced from tox's releases.

v4.52.0

What's Changed

• remove unsupported --remote flag from gh repo fork by @​rahuldevikar in tox-dev/tox#3908
• ✨ feat(config): support escaped dots in -x override keys by @​gaborbernat in tox-dev/tox#3910
• 🐛 fix(docs): auto-generate manpage from CLI parser by @​gaborbernat in tox-dev/tox#3911
• ✨ feat(runner): add PEP 723 inline script metadata support by @​gaborbernat in tox-dev/tox#3912

Full Changelog: tox-dev/tox@4.51.0...4.52.0

v4.51.0

What's Changed

• 🔒 ci(workflows): add zizmor security auditing by @​gaborbernat in tox-dev/tox#3896
• Add base_python_file config option by @​rahuldevikar in tox-dev/tox#3899
• prevent machine ISA from overriding explicit env factors by @​rahuldevikar in tox-dev/tox#3904
• 🐛 fix(config): fix handling of env_list in nested contexts by @​Daverball in tox-dev/tox#3905
• fix: enable persist-credentials for release workflow by @​rahuldevikar in tox-dev/tox#3907

New Contributors

• @​Daverball made their first contribution in tox-dev/tox#3905

Full Changelog: tox-dev/tox@4.50.3...4.51.0

v4.50.3

What's Changed

• 🐛 fix(pkg): distinguish free-threaded Python in wheel build env by @​gaborbernat in tox-dev/tox#3891

Full Changelog: tox-dev/tox@4.50.2...4.50.3

v4.50.2

What's Changed

• fix(sdist): include docs/man/tox.1.rst by @​branchv in tox-dev/tox#3890

New Contributors

• @​branchv made their first contribution in tox-dev/tox#3890

Full Changelog: tox-dev/tox@4.50.1...4.50.2

v4.50.1

... (truncated)

Changelog

Sourced from tox's changelog.

Features - 4.52.0

• Add virtualenv-pep-723 runner that reads dependencies and Python version from :PEP:723 inline script metadata — no need to duplicate them in tox config - by :user:gaborbernat. (:issue:3897)
• Support escaped dots (\.) in -x/--override keys, allowing overrides to target environments with dots in their names such as py3.14 - by :user:gaborbernat. (:issue:3910)

Bug fixes - 4.52.0

• Auto-generate the manpage from the CLI argparse parser at wheel build time, fixing broken section headers and documenting all commands and options - by :user:gaborbernat. (:issue:3878)

Miscellaneous internal changes - 4.52.0

• Remove unsupported --remote flag from gh repo fork in the update-schemastore workflow, as recent versions of gh no longer accept it - by :user:rahuldevikar. (:issue:3908)

---

v4.51.0 (2026-03-27)

---

Features - 4.51.0

• Add base_python_file configuration option to read the base Python version from a file (e.g. .python-version), similar to GitHub Actions' python-version-file - by :user:rahuldevikar (:issue:3894)

Bug fixes - 4.51.0

• Prevent implicit machine ISA (e.g. arm64, x86_64) from overriding explicit architecture factors in environment names, fixing cross-architecture conflicts in multiline factor conditionals - by :user:rahuldevikar. (:issue:3903)
• Nested environment list configuration values are now properly parsed, validated and expanded by the TOML parser. This allows you to use generative environment lists in tox-gh via the TOML format. Previously this was only possible with the INI format. - by :user:Daverball (:issue:3905)

Miscellaneous internal changes - 4.51.0

• Enable persist-credentials: true in the actions/checkout step of the prepare-release workflow so that git push operations succeed during automated releases - by :user:rahuldevikar. (:issue:3907)

---

v4.50.3 (2026-03-20)

---

Bug fixes - 4.50.3

... (truncated)

Commits

• d83d577 release 4.52.0
• da0f890 ✨ feat(runner): add PEP 723 inline script metadata support (#3912)
• b232d2d 🐛 fix(docs): auto-generate manpage from CLI parser (#3911)
• 84958f7 [pre-commit.ci] pre-commit autoupdate (#3909)
• 15d9ac0 ✨ feat(config): support escaped dots in -x override keys (#3910)
• 0eda3a2 remove unsupported --remote flag from gh repo fork (#3908)
• 5f1ec1a release 4.51.0
• b5f9b13 fix: enable persist-credentials for release workflow (#3907)
• 8c9c199 🐛 fix(config): fix handling of env_list in nested contexts (#3905)
• 451aa9c prevent machine ISA from overriding explicit env factors (#3904)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.38%. Comparing base (4cff3e7) to head (0d3f03f).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1814   +/-   ##
=======================================
  Coverage   97.38%   97.38%           
=======================================
  Files         160      160           
  Lines       10951    10951           
=======================================
  Hits        10665    10665           
  Misses        286      286           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.