Skip to content

⬆️ Bump the lockfile-dev group across 1 directory with 6 updates #1311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 22, 2025
Merged

⬆️ Bump the lockfile-dev group across 1 directory with 6 updates #1311

merged 1 commit into from
Feb 22, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 22, 2025
edited
Loading

Bumps the lockfile-dev group with 5 updates in the / directory:

Package From To
poetry 2.0.1 2.1.1
ruff 0.9.6 0.9.7
identify 2.6.7 2.6.8
pkginfo 1.12.1.1 1.12.1.2
starlette 0.45.3 0.46.0

Updates poetry from 2.0.1 to 2.1.1

Release notes

Sourced from poetry's releases.

2.1.1

Fixed

  • Fix an issue where poetry env use python does not choose the Python from the PATH (#10187).

poetry-core (2.1.1)

  • Fix an issue where simplifying a python_version marker resulted in an invalid marker (#838).

2.1.0

Added

  • Make build command build-system agnostic (#10059, #10092).
  • Add a --config-settings option to poetry build (#10059).
  • Add support for defining config-settings when building dependencies (#10129).
  • Add (experimental) commands to manage Python installations (#10112).
  • Use findpython to find the Python interpreters (#10097).
  • Add a --no-truncate option to poetry show (#9580).
  • Re-add support for passwords with empty usernames (#10088).
  • Add better error messages (#10053, #10065, #10126, #10127, #10132).

Changed

  • poetry new defaults to "src" layout by default (#10135).
  • Improve performance of locking dependencies (#10111, #10114, #10138, #10146).
  • Deprecate adding sources without specifying --priority (#10134).

Fixed

  • Fix an issue where global options were not handled correctly when positioned after command options (#10021, #10067, #10128).
  • Fix an issue where building a dependency from source failed because of a conflict between build-system dependencies that were not required for the target environment (#10048).
  • Fix an issue where poetry init was not able to find a package on PyPI while adding dependencies interactively (#10055).
  • Fix an issue where the @latest descriptor was incorrectly passed to the core requirement parser (#10069).
  • Fix an issue where Boolean environment variables set to True (in contrast to true) were interpreted as false (#10080).
  • Fix an issue where poetry env activate reported a misleading error message (#10087).
  • Fix an issue where adding an optional dependency with poetry add --optional would not correctly update the lock file (#10076).
  • Fix an issue where pip was not installed/updated before other dependencies resulting in a race condition (#10102).
  • Fix an issue where Poetry freezes when multiple threads attempt to unlock the keyring simultaneously (#10062).
  • Fix an issue where markers with extras were not locked correctly (#10119).
  • Fix an issue where self-referential extras were not resolved correctly (#10106).
  • Fix an issue where Poetry could not be run from a zipapp (#10074).
  • Fix an issue where installation failed with a permission error when using the system environment as a user without write access to system site packages (#9014).
  • Fix an issue where a version of a dependency that is not compatible with the project's python constraint was locked. (#10141).
  • Fix an issue where Poetry wrongly reported that the current project's supported Python range is not compatible with some of the required packages Python requirement (#10157).
  • Fix an issue where the requested extras of a dependency were ignored if the same dependency (with same extras) was specified in multiple groups (#10158).

Docs

  • Sort commands by name in the CLI reference (#10035).
  • Add missing documentation for env commands (#10027).

... (truncated)

Changelog

Sourced from poetry's changelog.

[2.1.1] - 2025-02-16

Fixed

  • Fix an issue where poetry env use python does not choose the Python from the PATH (#10187).

poetry-core (2.1.1)

  • Fix an issue where simplifying a python_version marker resulted in an invalid marker (#838).

[2.1.0] - 2025-02-15

Added

  • Make build command build-system agnostic (#10059, #10092).
  • Add a --config-settings option to poetry build (#10059).
  • Add support for defining config-settings when building dependencies (#10129).
  • Add (experimental) commands to manage Python installations (#10112).
  • Use findpython to find the Python interpreters (#10097).
  • Add a --no-truncate option to poetry show (#9580).
  • Re-add support for passwords with empty usernames (#10088).
  • Add better error messages (#10053, #10065, #10126, #10127, #10132).

Changed

  • poetry new defaults to "src" layout by default (#10135).
  • Improve performance of locking dependencies (#10111, #10114, #10138, #10146).
  • Deprecate adding sources without specifying --priority (#10134).

Fixed

  • Fix an issue where global options were not handled correctly when positioned after command options (#10021, #10067, #10128).
  • Fix an issue where building a dependency from source failed because of a conflict between build-system dependencies that were not required for the target environment (#10048).
  • Fix an issue where poetry init was not able to find a package on PyPI while adding dependencies interactively (#10055).
  • Fix an issue where the @latest descriptor was incorrectly passed to the core requirement parser (#10069).
  • Fix an issue where Boolean environment variables set to True (in contrast to true) were interpreted as false (#10080).
  • Fix an issue where poetry env activate reported a misleading error message (#10087).
  • Fix an issue where adding an optional dependency with poetry add --optional would not correctly update the lock file (#10076).
  • Fix an issue where pip was not installed/updated before other dependencies resulting in a race condition (#10102).

... (truncated)

Commits

Updates ruff from 0.9.6 to 0.9.7

Release notes

Sourced from ruff's releases.

0.9.7

Release Notes

Preview features

  • Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
  • [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
  • [refurb] Manual timezone monkeypatching (FURB162) (#16113)
  • [ruff] Implicit class variable in dataclass (RUF045) (#14349)
  • [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
  • [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

  • [flake8-comprehensions]: Handle trailing comma in C403 fix (#16110)
  • [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
  • [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
  • [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
  • [pylint] Do not offer fix for raw strings (PLE251) (#16132)
  • [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
  • [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
  • [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
  • [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)
  • [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
  • [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

  • Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

  • Fix handling of requests received after shutdown message (#16262)
  • Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
  • Include document specific debug info for ruff.printDebugInformation (#16215)
  • Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

  • Warn on invalid noqa even when there are no diagnostics (#16178)
  • Better error messages while loading configuration extends (#15658)

Bug fixes

  • [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)

Documentation

  • Add FAQ entry for source.* code actions in Notebook (#16212)
  • Add SECURITY.md (#16224)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.7

Preview features

  • Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
  • [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
  • [refurb] Manual timezone monkeypatching (FURB162) (#16113)
  • [ruff] Implicit class variable in dataclass (RUF045) (#14349)
  • [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
  • [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

  • [flake8-comprehensions]: Handle trailing comma in C403 fix (#16110)
  • [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
  • [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
  • [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
  • [pylint] Do not offer fix for raw strings (PLE251) (#16132)
  • [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
  • [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
  • [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
  • [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)
  • [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
  • [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

  • Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

  • Fix handling of requests received after shutdown message (#16262)
  • Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
  • Include document specific debug info for ruff.printDebugInformation (#16215)
  • Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

  • Warn on invalid noqa even when there are no diagnostics (#16178)
  • Better error messages while loading configuration extends (#15658)

Bug fixes

  • [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)

Documentation

  • Add FAQ entry for source.* code actions in Notebook (#16212)
  • Add SECURITY.md (#16224)
Commits
  • 54fccb3 Bump version to 0.9.7 (#16271)
  • 8198668 [red-knot] MDTest: Use custom class names instead of builtins (#16269)
  • fc6b03c Handle requests received after shutdown message (#16262)
  • fb09d63 [red-knot] Prefix Type::call and dunder_call with try (#16261)
  • 16d0625 Improve internal docs for various string-node APIs (#16256)
  • 25920fe Rename ExprStringLiteral::as_unconcatenated_string() to `ExprStringLiteral:...
  • 97d0659 Pass ParserOptions to the parser (#16220)
  • cfc6941 [red-knot] Resolve references in eager nested scopes eagerly (#16079)
  • f50849a Add text_len() methods to more *Prefix enums in ruff_python_ast (#16254)
  • 55ea094 [red-knot] Allow any Ranged argument for report_lint and `report_diagnost...
  • Additional commits viewable in compare view

Updates identify from 2.6.7 to 2.6.8

Commits
  • f905a2e v2.6.8
  • 6d9a7b6 Merge pull request #511 from cidlik/main
  • 9f16bfa Merge pull request #510 from jodood/feature/sas
  • c100631 extensions: Introduce wsdl
  • 4de539a feat: Register sas as an extension
  • 3b17031 Merge pull request #509 from pre-commit/pre-commit-ci-update-config
  • 20eb272 [pre-commit.ci] pre-commit autoupdate
  • 9ae7182 Merge pull request #507 from pre-commit/pre-commit-ci-update-config
  • ce5c8d9 [pre-commit.ci] pre-commit autoupdate
  • See full diff in compare view

Updates pkginfo from 1.12.1.1 to 1.12.1.2

Updates poetry-core from 2.0.1 to 2.1.1

Release notes

Sourced from poetry-core's releases.

2.1.1

Fixed

  • Fix an issue where simplifying a python_version marker resulted in an invalid marker (#838).

2.1.0

Added

  • Pass a local version label to the build backend interface (#814).
  • Expose build-system dependencies via the poetry instance (#319).
  • Add has_upper_bound method to VersionConstraint (#833).

Changed

  • Improve performance of calculating intersections and unions of extra markers (#818).
  • Improve performance of calculating intersections and unions of complex markers (#821, #832).
  • Improve performance of marker operations by simplifying python_version markers (#826).
  • Improve performance by caching parsed requirements (#828).
  • Improve error message when a referenced license file is missing (#827).

Fixed

  • Fix an issue where inclusive ordering with post releases was inconsistent with PEP 440 (#379).
  • Fix an issue where invalid URI tokens in PEP 508 requirement strings were silently discarded (#817).
  • Fix an issue where wrong markers were calculated when removing parts covered by the project's python constraint (#824).
  • Fix an issue where optional dependencies that are not part of an extra were included in the wheel metadata (#830).
  • Fix an issue where the __pycache__ directory and *.pyc files were included in sdists and wheels (#835).
Changelog

Sourced from poetry-core's changelog.

[2.1.1] - 2025-02-16

Fixed

  • Fix an issue where simplifying a python_version marker resulted in an invalid marker (#838).

[2.1.0] - 2025-02-15

Added

  • Pass a local version label to the build backend interface (#814).
  • Expose build-system dependencies via the poetry instance (#319).
  • Add has_upper_bound method to VersionConstraint (#833).

Changed

  • Improve performance of calculating intersections and unions of extra markers (#818).
  • Improve performance of calculating intersections and unions of complex markers (#821, #832).
  • Improve performance of marker operations by simplifying python_version markers (#826).
  • Improve performance by caching parsed requirements (#828).
  • Improve error message when a referenced license file is missing (#827).

Fixed

  • Fix an issue where inclusive ordering with post releases was inconsistent with PEP 440 (#379).
  • Fix an issue where invalid URI tokens in PEP 508 requirement strings were silently discarded (#817).
  • Fix an issue where wrong markers were calculated when removing parts covered by the project's python constraint (#824).
  • Fix an issue where optional dependencies that are not part of an extra were included in the wheel metadata (#830).
  • Fix an issue where the __pycache__ directory and *.pyc files were included in sdists and wheels (#835).
Commits
  • eee84d7 release: bump version to 2.1.1
  • a225083 fix simplification of python_version markers to AnyMarker (#838)
  • 895d49c release: bump version to 2.1.0
  • 261c23f [pre-commit.ci] pre-commit autoupdate (#822)
  • 2da7df0 chore: update dev dependencies and gh actions (#836)
  • 1a86585 fix: do not include pycache and .pyc files in sdist and wheel
  • 91542fc add has_upper_bound method to VersionConstraint
  • 7ace184 fix endless recursion introduced in #821
  • c24ac7b Cleanup json schema validation (#819)
  • f4f327c fix(metadata): ignore optional deps not part of an extra
  • Additional commits viewable in compare view

Updates starlette from 0.45.3 to 0.46.0

Release notes

Sourced from starlette's releases.

Version 0.46.0

Added

  • GZipMiddleware: Make sure Vary header is always added if a response can be compressed #2865.

Fixed

  • Raise exception from background task on BaseHTTPMiddleware #2812.
  • GZipMiddleware: Don't compress on server sent events #2871.

Changed

  • MultiPartParser: Rename max_file_size to spool_max_size #2780.

Deprecated

  • Add deprecated warning to TestClient(timeout=...) #2840.

New Contributors

Full Changelog: encode/starlette@0.45.3...0.46.0

Changelog

Sourced from starlette's changelog.

0.46.0 (February 22, 2025)

Added

  • GZipMiddleware: Make sure Vary header is always added if a response can be compressed #2865.

Fixed

  • Raise exception from background task on BaseHTTPMiddleware #2812.
  • GZipMiddleware: Don't compress on server sent events #2871.

Changed

  • MultiPartParser: Rename max_file_size to spool_max_size #2780.

Deprecated

  • Add deprecated warning to TestClient(timeout=...) #2840.
Commits
  • a404872 Version 0.46.0 (#2883)
  • 9a8e929 Document how to resize the threadpool (#2881)
  • 5cc4ddf Raise exception from background task on BaseHTTPMiddleware (#2812)
  • f13d354 fix(gzip): Make sure Vary header is always added if a response can be compres...
  • abe3554 Add notes about the GZip middleware (#2880)
  • a9a8dab Don't compress on server sent events (#2871)
  • 4ae3213 Rename max_file_size to spool_max_size (#2780)
  • 4e1c3c2 Document HTTPException for WebSockets Denial Response (#2879)
  • 53aef69 Add Discord as chat instead of Gitter (#2878)
  • 135e3af Add deprecated warnings to TestClient on use of timeout argument (#2840)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @edgarrmondragon.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
⬆️ Bump the lockfile-dev group across 1 directory with 6 updates
a836160 
Bumps the lockfile-dev group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [poetry](https://github.com/python-poetry/poetry) | `2.0.1` | `2.1.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.9.6` | `0.9.7` |
| [identify](https://github.com/pre-commit/identify) | `2.6.7` | `2.6.8` |
| [pkginfo](https://code.launchpad.net/~tseaver/pkginfo/trunk) | `1.12.1.1` | `1.12.1.2` |
| [starlette](https://github.com/encode/starlette) | `0.45.3` | `0.46.0` |



Updates `poetry` from 2.0.1 to 2.1.1
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.0.1...2.1.1)

Updates `ruff` from 0.9.6 to 0.9.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.9.6...0.9.7)

Updates `identify` from 2.6.7 to 2.6.8
- [Commits](pre-commit/identify@v2.6.7...v2.6.8)

Updates `pkginfo` from 1.12.1.1 to 1.12.1.2

Updates `poetry-core` from 2.0.1 to 2.1.1
- [Release notes](https://github.com/python-poetry/poetry-core/releases)
- [Changelog](https://github.com/python-poetry/poetry-core/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry-core@2.0.1...2.1.1)

Updates `starlette` from 0.45.3 to 0.46.0
- [Release notes](https://github.com/encode/starlette/releases)
- [Changelog](https://github.com/encode/starlette/blob/master/docs/release-notes.md)
- [Commits](encode/starlette@0.45.3...0.46.0)

---
updated-dependencies:
- dependency-name: poetry
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: lockfile-dev
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: lockfile-dev
- dependency-name: identify
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: lockfile-dev
- dependency-name: pkginfo
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: lockfile-dev
- dependency-name: poetry-core
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: lockfile-dev
- dependency-name: starlette
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: lockfile-dev
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 22, 2025
@edgarrmondragon edgarrmondragon self-assigned this Feb 22, 2025
edgarrmondragon
edgarrmondragon approved these changes Feb 22, 2025
View reviewed changes
Copy link
Collaborator

@edgarrmondragon edgarrmondragon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot dependabot bot merged commit af0c06b into main Feb 22, 2025
18 checks passed
@dependabot dependabot bot deleted the dependabot/pip/lockfile-dev-c3028c24da branch February 22, 2025 19:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@edgarrmondragon edgarrmondragon edgarrmondragon approved these changes

Assignees

@edgarrmondragon edgarrmondragon

Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@edgarrmondragon