Skip to content

Bump the pip-dependencies group across 1 directory with 10 updates#356

Merged
chadlwilson merged 1 commit intomasterfrom
dependabot/pip/pip-dependencies-7fd4aa4b7b
Jun 10, 2024
Merged

Bump the pip-dependencies group across 1 directory with 10 updates#356
chadlwilson merged 1 commit intomasterfrom
dependabot/pip/pip-dependencies-7fd4aa4b7b

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 10, 2024

Bumps the pip-dependencies group with 10 updates in the / directory:

Package From To
certifi 2024.2.2 2024.6.2
keyring 25.2.0 25.2.1
more-itertools 10.2.0 10.3.0
pkginfo 1.10.0 1.11.1
pyfakefs 5.4.1 5.5.0
pygments 2.17.2 2.18.0
requests 2.32.0 2.32.3
setuptools 69.5.1 70.0.0
twine 5.0.0 5.1.0
zipp 3.18.1 3.19.2

Updates certifi from 2024.2.2 to 2024.6.2

Commits
  • 124f4ad 2024.06.02 (#291)
  • c2196ce --- (#290)
  • fefdeec Bump actions/checkout from 4.1.4 to 4.1.5 (#289)
  • 3c5fb15 Bump actions/download-artifact from 4.1.6 to 4.1.7 (#286)
  • 4a9569a Bump actions/checkout from 4.1.2 to 4.1.4 (#287)
  • 1fc8086 Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#288)
  • ad52dce Bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 (#283)
  • 651904f Bump actions/upload-artifact from 4.3.1 to 4.3.3 (#284)
  • 84fcfba Bump actions/download-artifact from 4.1.4 to 4.1.6 (#285)
  • 46b8057 Bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 (#282)
  • Additional commits viewable in compare view

Updates keyring from 25.2.0 to 25.2.1

Changelog

Sourced from keyring's changelog.

v25.2.1

Bugfixes

  • Fix typo in CLI creds mode. (#681)
Commits

Updates more-itertools from 10.2.0 to 10.3.0

Release notes

Sourced from more-itertools's releases.

Version 10.3.0

What's Changed

New Contributors

Full Changelog: more-itertools/more-itertools@v10.2.0...v10.3.0

Commits
  • 7e46c39 Merge pull request #851 from more-itertools/version-10.3.0
  • 94e4f88 Remove trailing comma
  • 9c5dbb5 Bring in unique()
  • 932859d Merge remote-tracking branch 'origin/add-unique-recipe' into version-10.3.0
  • b78815e Add README updates
  • 8ec0620 Docs for 10.3.0
  • 0b76d6c Bump version: 10.2.0 → 10.3.0
  • 9e10fa4 Add unique()
  • 6944752 Merge pull request #847 from more-itertools/issue-843-dft
  • acdbb80 Use fsum, Wikipedia link, and cmath.isclose
  • Additional commits viewable in compare view

Updates pkginfo from 1.10.0 to 1.11.1

Updates pyfakefs from 5.4.1 to 5.5.0

Release notes

Sourced from pyfakefs's releases.

pyfakefs release version 5.5.0

Deprecates the usage of the pathlib2 and scandir packages, minor bug fixes.

Changelog

Sourced from pyfakefs's changelog.

Version 5.5.0 (2024-05-12)

Deprecates the usage of pathlib2 and scandir.

Changes

  • The usage of the pathlib2 and scandir modules in pyfakefs is now deprecated. They will now cause deprecation warnings if still used. Support for patching these modules will be removed in pyfakefs 6.0.
  • PureWindowsPath and PurePosixPath now use filesystem-independent path separators, and their path-parsing behaviors are now consistent regardless of runtime platform and/or faked filesystem customization (see #1006).

Fixes

  • fixed handling of Windows pathlib paths under POSIX and vice verse (see #1006)
  • correctly use real open calls in pathlib for skipped modules (see #1012)
Commits
  • 353ad03 Release 5.5.0
  • 68ed3b9 Handle skipped pathlib.Path.open calls
  • 71044c9 Update pre-commit from 3.7.0 to 3.7.1
  • 4c9eae2 [pre-commit.ci] pre-commit autoupdate
  • d875151 Fix pure windows path behavior (#1011)
  • d11b848 Improve isolation of test suite executions
  • f9c8d25 Guarantee symlinks are cleaned up
  • b396e0f Align Python version testing in tox with CI
  • 719ba1f [pre-commit.ci] pre-commit autoupdate
  • 0479960 Exclude Python 3.7 from macOS tests
  • Additional commits viewable in compare view

Updates pygments from 2.17.2 to 2.18.0

Release notes

Sourced from pygments's releases.

2.18.0

  • New lexers:

  • Updated lexers:

    • Awk: recognize ternary operator (#2687)
    • Bash: add openrc alias (#2599, #2371)
    • Coq: add keywords, lex more vernacular command arguments, produce fewer tokens on heading comments (#2678)
    • DNS zone files: Fix comment parsing (#2595)
    • Hy: Support unicode literals (#1126)
    • Inform6: Update to Inform 6.42 (#2644)
    • lean: Fix name handling (#2614)
    • Logtalk: add uninstantiation keyword and recognize escape sequences (#2619)
    • Macaulay2: Update to 1.23 (#2655)
    • Python: fix highlighting of soft keywords before None/True/False
    • reStructuredText: use Token.Comment for comments instead of Comment.Preproc (#2598)
    • Rust: highlight :, :: and -> as Punctuation and whitespace as Whitespace, instead of Text in both cases (#2631)
    • Spice: Add keywords (#2621)
    • SQL Explain: allow negative numbers (#2610)
    • Swift: Support multiline strings (#2681)
    • ThingsDB: add constants and new functions; support template strings (#2624)
    • UL4: support nested <?doc?> and <?note?> tags (#2597)
    • VHDL: support multi-line comments of VHDL-2008 (#2622)
    • Wikitext: Remove kk-* in variant_langs (#2647)
    • Xtend: Add val and var (#2602)

  • New styles:

  • Make background colors in the image formatter work with Pillow 10.0 (#2623)

  • Require Python 3.8. As a result, the importlib-metadata package is no longer needed for fast plugin discovery on Python 3.7. The plugins extra (used as, e.g., pip install pygments[plugins])

... (truncated)

Changelog

Sourced from pygments's changelog.

Version 2.18.0

(released May 4th, 2024)

  • New lexers:

  • Updated lexers:

    • Awk: recognize ternary operator (#2687)
    • Bash: add openrc alias (#2599, #2371)
    • Coq: add keywords, lex more vernacular command arguments, produce fewer tokens on heading comments (#2678)
    • DNS zone files: Fix comment parsing (#2595)
    • Hy: Support unicode literals (#1126)
    • Inform6: Update to Inform 6.42 (#2644)
    • lean: Fix name handling (#2614)
    • Logtalk: add uninstantiation keyword and recognize escape sequences (#2619)
    • Macaulay2: Update to 1.23 (#2655)
    • Python: fix highlighting of soft keywords before None/True/False
    • reStructuredText: use Token.Comment for comments instead of Comment.Preproc (#2598)
    • Rust: highlight :, :: and -> as Punctuation and whitespace as Whitespace, instead of Text in both cases (#2631)
    • Spice: Add keywords (#2621)
    • SQL Explain: allow negative numbers (#2610)
    • Swift: Support multiline strings (#2681)
    • ThingsDB: add constants and new functions; support template strings (#2624)
    • UL4: support nested <?doc?> and <?note?> tags (#2597)
    • VHDL: support multi-line comments of VHDL-2008 (#2622)
    • Wikitext: Remove kk-* in variant_langs (#2647)
    • Xtend: Add val and var (#2602)

  • New styles:

  • Make background colors in the image formatter work with Pillow 10.0 (#2623)

... (truncated)

Commits

Updates requests from 2.32.0 to 2.32.3

Release notes

Sourced from requests's releases.

v2.32.3

2.32.3 (2024-05-29)

Bugfixes

  • Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
  • Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

v2.32.2

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.
Changelog

Sourced from requests's changelog.

2.32.3 (2024-05-29)

Bugfixes

  • Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716)
  • Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724)

2.32.2 (2024-05-21)

Deprecations

  • To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

    A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

  • Add missing test certs to the sdist distributed on PyPI.
Commits
  • 0e322af v2.32.3
  • e188799 Don't create default SSLContext if ssl module isn't present (#6724)
  • 145b539 Merge pull request #6716 from sigmavirus24/bug/6715
  • b1d73dd Don't use default SSLContext with custom poolmanager kwargs
  • 6badbac Update HISTORY.md
  • a62a2d3 Allow for overriding of specific pool key params
  • 88dce9d v2.32.2
  • c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
  • 92075b3 Add deprecation warning
  • aa1461b Move _get_connection to get_connection_with_tls_context
  • Additional commits viewable in compare view

Updates setuptools from 69.5.1 to 70.0.0

Changelog

Sourced from setuptools's changelog.

v70.0.0

Features

  • Emit a warning when [tools.setuptools] is present in pyproject.toml and will be ignored. -- by :user:SnoopJ (#4150)
  • Improved AttributeError error message if pkg_resources.EntryPoint.require is called without extras or distribution Gracefully "do nothing" when trying to activate a pkg_resources.Distribution with a None location, rather than raising a TypeError -- by :user:Avasam (#4262)
  • Typed the dynamically defined variables from pkg_resources -- by :user:Avasam (#4267)
  • Modernized and refactored VCS handling in package_index. (#4332)

Bugfixes

  • In install command, use super to call the superclass methods. Avoids race conditions when monkeypatching from _distutils_system_mod occurs late. (#4136)
  • Fix finder template for lenient editable installs of implicit nested namespaces constructed by using package_dir to reorganise directory structure. (#4278)
  • Fix an error with UnicodeDecodeError handling in pkg_resources when trying to read files in UTF-8 with a fallback -- by :user:Avasam (#4348)

Improved Documentation

  • Uses RST substitution to put badges in 1 line. (#4312)

Deprecations and Removals

  • Further adoption of UTF-8 in setuptools. This change regards mostly files produced and consumed during the build process (e.g. metadata files, script wrappers, automatically updated config files, etc..) Although precautions were taken to minimize disruptions, some edge cases might be subject to backwards incompatibility.

    Support for "locale" encoding is now deprecated. (#4309)

  • Remove setuptools.convert_path after long deprecation period. This function was never defined by setuptools itself, but rather a side-effect of an import for internal usage. (#4322)

  • Remove fallback for customisations of distutils' build.sub_command after long deprecated period. Users are advised to import build directly from setuptools.command.build. (#4322)

  • Removed typing_extensions from vendored dependencies -- by :user:Avasam (#4324)

  • Remove deprecated setuptools.dep_util. The provided alternative is setuptools.modified. (#4360)

... (truncated)

Commits
  • 5cbf12a Workaround for release error in v70
  • 9c1bcc3 Bump version: 69.5.1 → 70.0.0
  • 4dc0c31 Remove deprecated setuptools.dep_util (#4360)
  • 6c1ef57 Remove xfail now that test passes. Ref #4371.
  • d14fa01 Add all site-packages dirs when creating simulated environment for test_edita...
  • 6b7f7a1 Prevent bin folders to be taken as extern packages when vendoring (#4370)
  • 69141f6 Add doctest for vendorised bin folder
  • 2a53cc1 Prevent 'bin' folders to be taken as extern packages
  • 7208628 Replace call to deprecated validate_pyproject command (#4363)
  • 96d681a Remove call to deprecated validate_pyproject command
  • Additional commits viewable in compare view

Updates twine from 5.0.0 to 5.1.0

Changelog

Sourced from twine's changelog.

Twine 5.1.0 (2024-05-15)

Features ^^^^^^^^

  • Add the experimental --attestations flag. ([#1095](https://github.com/pypa/twine/issues/1095) <https://github.com/pypa/twine/issues/1095>_)

Twine 5.1.0 (2024-05-15)

Misc ^^^^

  • [#1104](https://github.com/pypa/twine/issues/1104) <https://github.com/pypa/twine/issues/1104>_
Commits
  • e9f70cf Merge pull request #1108 from pypa/fix-release-workflow
  • 1908be7 Fix release workflow
  • 6d7ffea Merge pull request #1107 from woodruffw-forks/release-5.1.0
  • bc91e57 Update changelog for 5.1.0
  • de39ade Merge pull request #1085 from pypa/feature/pep-621
  • 75de094 Merge pull request #1104 from ascheel/main
  • c512bbf Properly handle repository URLs with auth in them
  • e0ed808 Changelog entry
  • 72ee030 Change regex string to a raw string.
  • 04d7e27 Sanitize URLs for logging/display purposes.
  • Additional commits viewable in compare view

Updates zipp from 3.18.1 to 3.19.2

Changelog

Sourced from zipp's changelog.

v3.19.2

No significant changes.

v3.19.1

Bugfixes

  • Improved handling of malformed zip files. (#119)

v3.19.0

Features

  • Implement is_symlink. (#117)

v3.18.2

No significant changes.

Commits
  • c6a3339 Move Python compatibility concerns to the appropriate modules.
  • c24fc57 Finalize
  • 294a462 Ignore coverage misses in tests.compat.py39
  • aab60f4 🧎‍♀️ Genuflect to the types.
  • 59f852a Correct typo (incorrect letter used) when expacting alpharep root.
  • 2a7a5bc Add test capturing expectation that a Path is a Traversable.
  • 7d2b55b Update docstring to reference Traversable.
  • 6d1cb72 Finalize
  • fd604bd Merge pull request #120 from jaraco/bugfix/119-malformed-paths
  • c18417e Add news fragment.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-dependencies group across 1 directory with 10 updates
31f5ba2 
Bumps the pip-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2024.2.2` | `2024.6.2` |
| [keyring](https://github.com/jaraco/keyring) | `25.2.0` | `25.2.1` |
| [more-itertools](https://github.com/more-itertools/more-itertools) | `10.2.0` | `10.3.0` |
| [pkginfo](https://code.launchpad.net/~tseaver/pkginfo/trunk) | `1.10.0` | `1.11.1` |
| [pyfakefs](https://github.com/pytest-dev/pyfakefs) | `5.4.1` | `5.5.0` |
| [pygments](https://github.com/pygments/pygments) | `2.17.2` | `2.18.0` |
| [requests](https://github.com/psf/requests) | `2.32.0` | `2.32.3` |
| [setuptools](https://github.com/pypa/setuptools) | `69.5.1` | `70.0.0` |
| [twine](https://github.com/pypa/twine) | `5.0.0` | `5.1.0` |
| [zipp](https://github.com/jaraco/zipp) | `3.18.1` | `3.19.2` |



Updates `certifi` from 2024.2.2 to 2024.6.2
- [Commits](certifi/python-certifi@2024.02.02...2024.06.02)

Updates `keyring` from 25.2.0 to 25.2.1
- [Release notes](https://github.com/jaraco/keyring/releases)
- [Changelog](https://github.com/jaraco/keyring/blob/main/NEWS.rst)
- [Commits](jaraco/keyring@v25.2.0...v25.2.1)

Updates `more-itertools` from 10.2.0 to 10.3.0
- [Release notes](https://github.com/more-itertools/more-itertools/releases)
- [Commits](more-itertools/more-itertools@v10.2.0...v10.3.0)

Updates `pkginfo` from 1.10.0 to 1.11.1

Updates `pyfakefs` from 5.4.1 to 5.5.0
- [Release notes](https://github.com/pytest-dev/pyfakefs/releases)
- [Changelog](https://github.com/pytest-dev/pyfakefs/blob/main/CHANGES.md)
- [Commits](pytest-dev/pyfakefs@v5.4.1...v5.5.0)

Updates `pygments` from 2.17.2 to 2.18.0
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](pygments/pygments@2.17.2...2.18.0)

Updates `requests` from 2.32.0 to 2.32.3
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.0...v2.32.3)

Updates `setuptools` from 69.5.1 to 70.0.0
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v69.5.1...v70.0.0)

Updates `twine` from 5.0.0 to 5.1.0
- [Release notes](https://github.com/pypa/twine/releases)
- [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst)
- [Commits](pypa/twine@5.0.0...5.1.0)

Updates `zipp` from 3.18.1 to 3.19.2
- [Release notes](https://github.com/jaraco/zipp/releases)
- [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst)
- [Commits](jaraco/zipp@v3.18.1...v3.19.2)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: keyring
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: more-itertools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: pkginfo
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: pyfakefs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: pygments
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: requests
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: setuptools
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: pip-dependencies
- dependency-name: twine
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: zipp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 10, 2024
@chadlwilson chadlwilson merged commit 17ea642 into master Jun 10, 2024
@chadlwilson chadlwilson deleted the dependabot/pip/pip-dependencies-7fd4aa4b7b branch June 10, 2024 16:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chadlwilson chadlwilson chadlwilson approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chadlwilson