Bump sphinx from 6.2.1 to 7.1.1 #6334

dependabot · 2023-07-31T12:40:15Z

Bumps sphinx from 6.2.1 to 7.1.1.

Release notes

Sphinx 7.1.1

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 7.1.0

Changelog: https://www.sphinx-doc.org/en/master/changes.html

v7.0.1

Changelog: https://www.sphinx-doc.org/en/master/changes.html

v7.0.0

Changelog: https://www.sphinx-doc.org/en/master/changes.html

v7.0.0rc1

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Changelog

Sourced from sphinx's changelog.

Release 7.1.1 (released Jul 27, 2023)

Bugs fixed

#11514: Fix SOURCE_DATE_EPOCH in multi-line copyright footer. Patch by Bénédikt Tran.

Release 7.1.0 (released Jul 24, 2023)

Incompatible changes

Releases are no longer signed, given the change in PyPI policy_.

.. _change in PyPI policy: https://blog.pypi.org/posts/2023-05-23-removing-pgp/

Deprecated

#11412: Emit warnings on using a deprecated Python-specific index entry type (namely, module, keyword, operator, object, exception, statement, and builtin) in the :rst:dir:index directive, and set the removal version to Sphinx 9. Patch by Adam Turner.

Features added

#11415: Add a checksum to JavaScript and CSS asset URIs included within generated HTML, using the CRC32 algorithm.

:meth:~sphinx.application.Sphinx.require_sphinx now allows the version requirement to be specified as (major, minor).

#11011: Allow configuring a line-length limit for object signatures, via :confval:maximum_signature_line_length and the domain-specific variants. If the length of the signature (in characters) is greater than the configured limit, each parameter in the signature will be split to its own logical line. This behaviour may also be controlled by options on object description directives, for example :rst:dir:py:function:single-line-parameter-list. Patch by Thomas Louf, Adam Turner, and Jean-François B.

#10983: Support for multiline copyright statements in the footer block. Patch by Stefanie Molin

sphinx.util.display.status_iterator now clears the current line with ANSI control codes, rather than overprinting with space characters.

#11431: linkcheck: Treat SSL failures as broken links. Patch by Bénédikt Tran

#11157: Keep the translated attribute on translated nodes.

#11451: Improve the traceback displayed when using :option:sphinx-build -T in parallel builds. Patch by Bénédikt Tran

... (truncated)

Commits

d8d73c1 Bump to 7.1.1 final
a54e630 [internationalisation] Update message catalogues
8452300 Fix multi-line copyright when SOURCE_DATE_EPOCH is set (#11524)
fe08cec bump version
e560f63 Bump to 7.1.0 final
066e0fa Add translation progress information (#11509)
0882914 Target PyPI in create-release.yml
21fbee5 Fix OIDC token payload
1a403e4 Add informational log messaging
258b0ea Revert "Switch to using github.request"
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 6.2.1 to 7.1.1. - [Release notes](https://github.com/sphinx-doc/sphinx/releases) - [Changelog](https://github.com/sphinx-doc/sphinx/blob/master/CHANGES) - [Commits](sphinx-doc/sphinx@v6.2.1...v7.1.1) --- updated-dependencies: - dependency-name: sphinx dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>

inmantaci · 2023-07-31T14:08:12Z

Processing this pull request

inmantaci · 2023-07-31T14:08:16Z

Merged into branches iso6 in 7d90cff

Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 6.2.1 to 7.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sphinx-doc/sphinx/releases">sphinx's releases</a>.</em></p> <blockquote> <h2>Sphinx 7.1.1</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> <h2>Sphinx 7.1.0</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> <h2>v7.0.1</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> <h2>v7.0.0</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> <h2>v7.0.0rc1</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sphinx-doc/sphinx/blob/master/CHANGES">sphinx's changelog</a>.</em></p> <blockquote> <h1>Release 7.1.1 (released Jul 27, 2023)</h1> <h2>Bugs fixed</h2> <ul> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11514">#11514</a>: Fix <code>SOURCE_DATE_EPOCH</code> in multi-line copyright footer. Patch by Bénédikt Tran.</li> </ul> <h1>Release 7.1.0 (released Jul 24, 2023)</h1> <h2>Incompatible changes</h2> <ul> <li> <p>Releases are no longer signed, given the <code>change in PyPI policy</code>_.</p> <p>.. _change in PyPI policy: <a href="https://blog.pypi.org/posts/2023-05-23-removing-pgp/">https://blog.pypi.org/posts/2023-05-23-removing-pgp/</a></p> </li> </ul> <h2>Deprecated</h2> <ul> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11412">#11412</a>: Emit warnings on using a deprecated Python-specific index entry type (namely, <code>module</code>, <code>keyword</code>, <code>operator</code>, <code>object</code>, <code>exception</code>, <code>statement</code>, and <code>builtin</code>) in the :rst:dir:<code>index</code> directive, and set the removal version to Sphinx 9. Patch by Adam Turner.</li> </ul> <h2>Features added</h2> <ul> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11415">#11415</a>: Add a checksum to JavaScript and CSS asset URIs included within generated HTML, using the CRC32 algorithm.</li> <li>:meth:<code>~sphinx.application.Sphinx.require_sphinx</code> now allows the version requirement to be specified as <code>(major, minor)</code>.</li> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11011">#11011</a>: Allow configuring a line-length limit for object signatures, via :confval:<code>maximum_signature_line_length</code> and the domain-specific variants. If the length of the signature (in characters) is greater than the configured limit, each parameter in the signature will be split to its own logical line. This behaviour may also be controlled by options on object description directives, for example :rst:dir:<code>py:function:single-line-parameter-list</code>. Patch by Thomas Louf, Adam Turner, and Jean-François B.</li> <li><a href="https://github.com/sphinx-doc/sphinx/issues/10983">#10983</a>: Support for multiline copyright statements in the footer block. Patch by Stefanie Molin</li> <li><code>sphinx.util.display.status_iterator</code> now clears the current line with ANSI control codes, rather than overprinting with space characters.</li> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11431">#11431</a>: linkcheck: Treat SSL failures as broken links. Patch by Bénédikt Tran</li> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11157">#11157</a>: Keep the <code>translated</code> attribute on translated nodes.</li> <li><a href="https://github.com/sphinx-doc/sphinx/issues/11451">#11451</a>: Improve the traceback displayed when using :option:<code>sphinx-build -T</code> in parallel builds. Patch by Bénédikt Tran</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sphinx-doc/sphinx/commit/d8d73c16b8b86df8f1a32698229a2b818fea2e98"><code>d8d73c1</code></a> Bump to 7.1.1 final</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/a54e630a21a6d9b7e80a22e969e3a86e35678d2d"><code>a54e630</code></a> [internationalisation] Update message catalogues</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/8452300d54dce2da751941d9547dd54dc03e69bf"><code>8452300</code></a> Fix multi-line copyright when <code>SOURCE_DATE_EPOCH</code> is set (<a href="https://github.com/sphinx-doc/sphinx/issues/11524">#11524</a>)</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/fe08cec019c52c15b7f7365013134e3f3d1b3739"><code>fe08cec</code></a> bump version</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/e560f6334aa87af07304415e6aeaf42d03d1c525"><code>e560f63</code></a> Bump to 7.1.0 final</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/066e0fabc60c55072b3f75876637a44fdcb51332"><code>066e0fa</code></a> Add translation progress information (<a href="https://github.com/sphinx-doc/sphinx/issues/11509">#11509</a>)</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/0882914d5c5057ad3cec280c0142cfe5f6965844"><code>0882914</code></a> Target PyPI in create-release.yml</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/21fbee5e83a3e9d34e589d06c66d928f3a67923c"><code>21fbee5</code></a> Fix OIDC token payload</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/1a403e4f9ad4d8d7a3e4c7c34f55d9a45ed600bd"><code>1a403e4</code></a> Add informational log messaging</li> <li><a href="https://github.com/sphinx-doc/sphinx/commit/258b0ea9fcdd05221ebead5e5c162a7ad37c4412"><code>258b0ea</code></a> Revert "Switch to using <code>github.request</code>"</li> <li>Additional commits viewable in <a href="https://github.com/sphinx-doc/sphinx/compare/v6.2.1...v7.1.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sphinx&package-manager=pip&previous-version=6.2.1&new-version=7.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

dependabot · 2023-07-31T14:08:23Z

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Bumps [pip](https://github.com/pypa/pip) from 25.2 to 25.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>25.3 (2025-10-24)</h1> <h2>Deprecations and Removals</h2> <ul> <li> <p>Remove support for the legacy <code>setup.py develop</code> editable method in setuptools editable installs; setuptools >= 64 is now required. (<code>[#11457](pypa/pip#11457) <https://github.com/pypa/pip/issues/11457></code>_)</p> </li> <li> <p>Remove the deprecated <code>--global-option</code> and <code>--build-option</code>. <code>--config-setting</code> is now the only way to pass options to the build backend. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</p> </li> <li> <p>Deprecate the <code>PIP_CONSTRAINT</code> environment variable for specifying build constraints.</p> <p>Use the <code>--build-constraint</code> option or the <code>PIP_BUILD_CONSTRAINT</code> environment variable instead. When build constraints are used, <code>PIP_CONSTRAINT</code> no longer affects isolated build environments. To enable this behavior without specifying any build constraints, use <code>--use-feature=build-constraint</code>. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</p> </li> <li> <p>Remove support for non-standard legacy wheel filenames. (<code>[#13581](pypa/pip#13581) <https://github.com/pypa/pip/issues/13581></code>_)</p> </li> <li> <p>Remove support for the deprecated <code>setup.py bdist_wheel</code> mechanism. Consequently, <code>--use-pep517</code> is now always on, and <code>--no-use-pep517</code> has been removed. (<code>[#6334](pypa/pip#6334) <https://github.com/pypa/pip/issues/6334></code>_)</p> </li> </ul> <h2>Features</h2> <ul> <li>When :pep:<code>658</code> metadata is available, full distribution files are no longer downloaded when using <code>pip lock</code> or <code>pip install --dry-run</code>. (<code>[#12603](pypa/pip#12603) <https://github.com/pypa/pip/issues/12603></code>_)</li> <li>Add support for installing an editable requirement written as a Direct URL (<code>PackageName @ URL</code>). (<code>[#13495](pypa/pip#13495) <https://github.com/pypa/pip/issues/13495></code>_)</li> <li>Add support for build constraints via the <code>--build-constraint</code> option. This allows constraining the versions of packages used during the build process (e.g., setuptools) without affecting the final installation. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</li> <li>On <code>ResolutionImpossible</code> errors, include a note about causes with no candidates. (<code>[#13588](pypa/pip#13588) <https://github.com/pypa/pip/issues/13588></code>_)</li> <li>Building pip itself from source now uses flit-core instead of setuptools. This does not affect how pip installs or builds packages you use. (<code>[#13473](pypa/pip#13473) <https://github.com/pypa/pip/issues/13473></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Handle malformed <code>Version</code> metadata entries and show a sensible error message instead of crashing. (<code>[#13443](pypa/pip#13443) <https://github.com/pypa/pip/issues/13443></code>_)</li> <li>Permit spaces between a filepath and extras in an install requirement. (<code>[#13523](pypa/pip#13523) <https://github.com/pypa/pip/issues/13523></code>_)</li> <li>Ensure the self-check files in the cache have the same permissions as the rest of the cache. (<code>[#13528](pypa/pip#13528) <https://github.com/pypa/pip/issues/13528></code>_)</li> <li>Avoid concurrency issues and improve performance when caching locally built wheels, especially when the temporary build directory is on a different filesystem than the cache. The wheel directory passed to the build backend is now a temporary subdirectory inside the cache directory. (<code>[#13540](pypa/pip#13540) <https://github.com/pypa/pip/issues/13540></code>_)</li> <li>Include relevant user-supplied constraints in logs when reporting dependency conflicts. (<code>[#13545](pypa/pip#13545) <https://github.com/pypa/pip/issues/13545></code>_)</li> <li>Fix a regression in configuration parsing that was turning a single value into a list and thus leading to a validation error. (<code>[#13548](pypa/pip#13548) <https://github.com/pypa/pip/issues/13548></code>_)</li> <li>For Python versions that do not support :pep:<code>706</code>, pip will now raise an installation error for a source distribution when it includes a symlink that points outside the source distribution archive. (<code>[#13550](pypa/pip#13550) <https://github.com/pypa/pip/issues/13550></code>_)</li> <li>Prevent <code>--user</code> installs if <code>site.ENABLE_USER_SITE</code> is set to <code>False</code>. (<code>[#8794](pypa/pip#8794) <https://github.com/pypa/pip/issues/8794></code>_)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/a52069365063ea813fe3a3f8bac90397c9426d35"><code>a520693</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/0f2973eded07de7fcfe90d494763821172bc2c5f"><code>0f2973e</code></a> Fix up authors by adding entry to <code>.mailmap</code></li> <li><a href="https://github.com/pypa/pip/commit/87828dc11b18b657d95fed4dc4ed996ba032e4f8"><code>87828dc</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/ce6a38ce06886f1f711226600a5b002df1b70453"><code>ce6a38c</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13628">#13628</a> from sbidoul/imp-doc-pep517-sbi</li> <li><a href="https://github.com/pypa/pip/commit/ee16c815eb52190a3ffa6d9e19e7dac78a0a0c3e"><code>ee16c81</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13629">#13629</a> from notatallshaw/bump-gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/3e227aafbfe5c464ce9f2fb72c446e29692ea6c2"><code>3e227aa</code></a> Bump gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/4ad18287837da0bc52feb8dce03f604809395e3b"><code>4ad1828</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13495">#13495</a> from ichard26/feat/direct-editables</li> <li><a href="https://github.com/pypa/pip/commit/66ded3b043ae3e25d761ee092c1add0d98c9e4bf"><code>66ded3b</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13570">#13570</a> from ShubhamNagure/fix-constraint-reporting-13545</li> <li><a href="https://github.com/pypa/pip/commit/67e8ac2fc9002bfec8d371ecbe1a8813c64b68e9"><code>67e8ac2</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13588">#13588</a> from notatallshaw/hint-on-resolution-impossible-whe...</li> <li><a href="https://github.com/pypa/pip/commit/990ca8a45149ea8980bd82699471fbabeeeec18c"><code>990ca8a</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/8796">#8796</a> from pelson/honour_user_site</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.2...25.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.2&new-version=25.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

Bumps [pip](https://github.com/pypa/pip) from 25.2 to 25.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>25.3 (2025-10-24)</h1> <h2>Deprecations and Removals</h2> <ul> <li> <p>Remove support for the legacy <code>setup.py develop</code> editable method in setuptools editable installs; setuptools >= 64 is now required. (<code>[#11457](pypa/pip#11457) <https://github.com/pypa/pip/issues/11457></code>_)</p> </li> <li> <p>Remove the deprecated <code>--global-option</code> and <code>--build-option</code>. <code>--config-setting</code> is now the only way to pass options to the build backend. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</p> </li> <li> <p>Deprecate the <code>PIP_CONSTRAINT</code> environment variable for specifying build constraints.</p> <p>Use the <code>--build-constraint</code> option or the <code>PIP_BUILD_CONSTRAINT</code> environment variable instead. When build constraints are used, <code>PIP_CONSTRAINT</code> no longer affects isolated build environments. To enable this behavior without specifying any build constraints, use <code>--use-feature=build-constraint</code>. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</p> </li> <li> <p>Remove support for non-standard legacy wheel filenames. (<code>[#13581](pypa/pip#13581) <https://github.com/pypa/pip/issues/13581></code>_)</p> </li> <li> <p>Remove support for the deprecated <code>setup.py bdist_wheel</code> mechanism. Consequently, <code>--use-pep517</code> is now always on, and <code>--no-use-pep517</code> has been removed. (<code>[#6334](pypa/pip#6334) <https://github.com/pypa/pip/issues/6334></code>_)</p> </li> </ul> <h2>Features</h2> <ul> <li>When :pep:<code>658</code> metadata is available, full distribution files are no longer downloaded when using <code>pip lock</code> or <code>pip install --dry-run</code>. (<code>[#12603](pypa/pip#12603) <https://github.com/pypa/pip/issues/12603></code>_)</li> <li>Add support for installing an editable requirement written as a Direct URL (<code>PackageName @ URL</code>). (<code>[#13495](pypa/pip#13495) <https://github.com/pypa/pip/issues/13495></code>_)</li> <li>Add support for build constraints via the <code>--build-constraint</code> option. This allows constraining the versions of packages used during the build process (e.g., setuptools) without affecting the final installation. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</li> <li>On <code>ResolutionImpossible</code> errors, include a note about causes with no candidates. (<code>[#13588](pypa/pip#13588) <https://github.com/pypa/pip/issues/13588></code>_)</li> <li>Building pip itself from source now uses flit-core instead of setuptools. This does not affect how pip installs or builds packages you use. (<code>[#13473](pypa/pip#13473) <https://github.com/pypa/pip/issues/13473></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Handle malformed <code>Version</code> metadata entries and show a sensible error message instead of crashing. (<code>[#13443](pypa/pip#13443) <https://github.com/pypa/pip/issues/13443></code>_)</li> <li>Permit spaces between a filepath and extras in an install requirement. (<code>[#13523](pypa/pip#13523) <https://github.com/pypa/pip/issues/13523></code>_)</li> <li>Ensure the self-check files in the cache have the same permissions as the rest of the cache. (<code>[#13528](pypa/pip#13528) <https://github.com/pypa/pip/issues/13528></code>_)</li> <li>Avoid concurrency issues and improve performance when caching locally built wheels, especially when the temporary build directory is on a different filesystem than the cache. The wheel directory passed to the build backend is now a temporary subdirectory inside the cache directory. (<code>[#13540](pypa/pip#13540) <https://github.com/pypa/pip/issues/13540></code>_)</li> <li>Include relevant user-supplied constraints in logs when reporting dependency conflicts. (<code>[#13545](pypa/pip#13545) <https://github.com/pypa/pip/issues/13545></code>_)</li> <li>Fix a regression in configuration parsing that was turning a single value into a list and thus leading to a validation error. (<code>[#13548](pypa/pip#13548) <https://github.com/pypa/pip/issues/13548></code>_)</li> <li>For Python versions that do not support :pep:<code>706</code>, pip will now raise an installation error for a source distribution when it includes a symlink that points outside the source distribution archive. (<code>[#13550](pypa/pip#13550) <https://github.com/pypa/pip/issues/13550></code>_)</li> <li>Prevent <code>--user</code> installs if <code>site.ENABLE_USER_SITE</code> is set to <code>False</code>. (<code>[#8794](pypa/pip#8794) <https://github.com/pypa/pip/issues/8794></code>_)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/a52069365063ea813fe3a3f8bac90397c9426d35"><code>a520693</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/0f2973eded07de7fcfe90d494763821172bc2c5f"><code>0f2973e</code></a> Fix up authors by adding entry to <code>.mailmap</code></li> <li><a href="https://github.com/pypa/pip/commit/87828dc11b18b657d95fed4dc4ed996ba032e4f8"><code>87828dc</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/ce6a38ce06886f1f711226600a5b002df1b70453"><code>ce6a38c</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13628">#13628</a> from sbidoul/imp-doc-pep517-sbi</li> <li><a href="https://github.com/pypa/pip/commit/ee16c815eb52190a3ffa6d9e19e7dac78a0a0c3e"><code>ee16c81</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13629">#13629</a> from notatallshaw/bump-gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/3e227aafbfe5c464ce9f2fb72c446e29692ea6c2"><code>3e227aa</code></a> Bump gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/4ad18287837da0bc52feb8dce03f604809395e3b"><code>4ad1828</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13495">#13495</a> from ichard26/feat/direct-editables</li> <li><a href="https://github.com/pypa/pip/commit/66ded3b043ae3e25d761ee092c1add0d98c9e4bf"><code>66ded3b</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13570">#13570</a> from ShubhamNagure/fix-constraint-reporting-13545</li> <li><a href="https://github.com/pypa/pip/commit/67e8ac2fc9002bfec8d371ecbe1a8813c64b68e9"><code>67e8ac2</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13588">#13588</a> from notatallshaw/hint-on-resolution-impossible-whe...</li> <li><a href="https://github.com/pypa/pip/commit/990ca8a45149ea8980bd82699471fbabeeeec18c"><code>990ca8a</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/8796">#8796</a> from pelson/honour_user_site</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.2...25.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.2&new-version=25.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/inmanta/inmanta-core/network/alerts). </details>

Bumps [pip](https://github.com/pypa/pip) from 25.2 to 25.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>25.3 (2025-10-24)</h1> <h2>Deprecations and Removals</h2> <ul> <li> <p>Remove support for the legacy <code>setup.py develop</code> editable method in setuptools editable installs; setuptools >= 64 is now required. (<code>[#11457](pypa/pip#11457) <https://github.com/pypa/pip/issues/11457></code>_)</p> </li> <li> <p>Remove the deprecated <code>--global-option</code> and <code>--build-option</code>. <code>--config-setting</code> is now the only way to pass options to the build backend. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</p> </li> <li> <p>Deprecate the <code>PIP_CONSTRAINT</code> environment variable for specifying build constraints.</p> <p>Use the <code>--build-constraint</code> option or the <code>PIP_BUILD_CONSTRAINT</code> environment variable instead. When build constraints are used, <code>PIP_CONSTRAINT</code> no longer affects isolated build environments. To enable this behavior without specifying any build constraints, use <code>--use-feature=build-constraint</code>. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</p> </li> <li> <p>Remove support for non-standard legacy wheel filenames. (<code>[#13581](pypa/pip#13581) <https://github.com/pypa/pip/issues/13581></code>_)</p> </li> <li> <p>Remove support for the deprecated <code>setup.py bdist_wheel</code> mechanism. Consequently, <code>--use-pep517</code> is now always on, and <code>--no-use-pep517</code> has been removed. (<code>[#6334](pypa/pip#6334) <https://github.com/pypa/pip/issues/6334></code>_)</p> </li> </ul> <h2>Features</h2> <ul> <li>When :pep:<code>658</code> metadata is available, full distribution files are no longer downloaded when using <code>pip lock</code> or <code>pip install --dry-run</code>. (<code>[#12603](pypa/pip#12603) <https://github.com/pypa/pip/issues/12603></code>_)</li> <li>Add support for installing an editable requirement written as a Direct URL (<code>PackageName @ URL</code>). (<code>[#13495](pypa/pip#13495) <https://github.com/pypa/pip/issues/13495></code>_)</li> <li>Add support for build constraints via the <code>--build-constraint</code> option. This allows constraining the versions of packages used during the build process (e.g., setuptools) without affecting the final installation. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</li> <li>On <code>ResolutionImpossible</code> errors, include a note about causes with no candidates. (<code>[#13588](pypa/pip#13588) <https://github.com/pypa/pip/issues/13588></code>_)</li> <li>Building pip itself from source now uses flit-core instead of setuptools. This does not affect how pip installs or builds packages you use. (<code>[#13473](pypa/pip#13473) <https://github.com/pypa/pip/issues/13473></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Handle malformed <code>Version</code> metadata entries and show a sensible error message instead of crashing. (<code>[#13443](pypa/pip#13443) <https://github.com/pypa/pip/issues/13443></code>_)</li> <li>Permit spaces between a filepath and extras in an install requirement. (<code>[#13523](pypa/pip#13523) <https://github.com/pypa/pip/issues/13523></code>_)</li> <li>Ensure the self-check files in the cache have the same permissions as the rest of the cache. (<code>[#13528](pypa/pip#13528) <https://github.com/pypa/pip/issues/13528></code>_)</li> <li>Avoid concurrency issues and improve performance when caching locally built wheels, especially when the temporary build directory is on a different filesystem than the cache. The wheel directory passed to the build backend is now a temporary subdirectory inside the cache directory. (<code>[#13540](pypa/pip#13540) <https://github.com/pypa/pip/issues/13540></code>_)</li> <li>Include relevant user-supplied constraints in logs when reporting dependency conflicts. (<code>[#13545](pypa/pip#13545) <https://github.com/pypa/pip/issues/13545></code>_)</li> <li>Fix a regression in configuration parsing that was turning a single value into a list and thus leading to a validation error. (<code>[#13548](pypa/pip#13548) <https://github.com/pypa/pip/issues/13548></code>_)</li> <li>For Python versions that do not support :pep:<code>706</code>, pip will now raise an installation error for a source distribution when it includes a symlink that points outside the source distribution archive. (<code>[#13550](pypa/pip#13550) <https://github.com/pypa/pip/issues/13550></code>_)</li> <li>Prevent <code>--user</code> installs if <code>site.ENABLE_USER_SITE</code> is set to <code>False</code>. (<code>[#8794](pypa/pip#8794) <https://github.com/pypa/pip/issues/8794></code>_)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/a52069365063ea813fe3a3f8bac90397c9426d35"><code>a520693</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/0f2973eded07de7fcfe90d494763821172bc2c5f"><code>0f2973e</code></a> Fix up authors by adding entry to <code>.mailmap</code></li> <li><a href="https://github.com/pypa/pip/commit/87828dc11b18b657d95fed4dc4ed996ba032e4f8"><code>87828dc</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/ce6a38ce06886f1f711226600a5b002df1b70453"><code>ce6a38c</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13628">#13628</a> from sbidoul/imp-doc-pep517-sbi</li> <li><a href="https://github.com/pypa/pip/commit/ee16c815eb52190a3ffa6d9e19e7dac78a0a0c3e"><code>ee16c81</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13629">#13629</a> from notatallshaw/bump-gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/3e227aafbfe5c464ce9f2fb72c446e29692ea6c2"><code>3e227aa</code></a> Bump gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/4ad18287837da0bc52feb8dce03f604809395e3b"><code>4ad1828</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13495">#13495</a> from ichard26/feat/direct-editables</li> <li><a href="https://github.com/pypa/pip/commit/66ded3b043ae3e25d761ee092c1add0d98c9e4bf"><code>66ded3b</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13570">#13570</a> from ShubhamNagure/fix-constraint-reporting-13545</li> <li><a href="https://github.com/pypa/pip/commit/67e8ac2fc9002bfec8d371ecbe1a8813c64b68e9"><code>67e8ac2</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13588">#13588</a> from notatallshaw/hint-on-resolution-impossible-whe...</li> <li><a href="https://github.com/pypa/pip/commit/990ca8a45149ea8980bd82699471fbabeeeec18c"><code>990ca8a</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/8796">#8796</a> from pelson/honour_user_site</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.2...25.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=25.2&new-version=25.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

dependabot bot added the dependencies Pull requests that update a dependency file label Jul 31, 2023

dependabot bot force-pushed the dependabot/pip/iso6/sphinx-7.1.1 branch from c079644 to 7b7559b Compare July 31, 2023 12:40

dependabot bot force-pushed the dependabot/pip/iso6/sphinx-7.1.1 branch from 7b7559b to fa23315 Compare July 31, 2023 12:51

inmantaci approved these changes Jul 31, 2023

View reviewed changes

Added change entry

eda363b

inmantaci added the merge-tool-ready This ticket is ready to be merged in label Jul 31, 2023

inmantaci closed this Jul 31, 2023

inmantaci deleted the dependabot/pip/iso6/sphinx-7.1.1 branch July 31, 2023 14:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump sphinx from 6.2.1 to 7.1.1 #6334

Bump sphinx from 6.2.1 to 7.1.1 #6334

Uh oh!

dependabot bot commented on behalf of github Jul 31, 2023 •

edited

Loading

Uh oh!

inmantaci commented Jul 31, 2023

Uh oh!

inmantaci commented Jul 31, 2023

Uh oh!

dependabot bot commented on behalf of github Jul 31, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump sphinx from 6.2.1 to 7.1.1 #6334

Bump sphinx from 6.2.1 to 7.1.1 #6334

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 31, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Sphinx 7.1.1

Sphinx 7.1.0

v7.0.1

v7.0.0

v7.0.0rc1

Release 7.1.1 (released Jul 27, 2023)

Bugs fixed

Release 7.1.0 (released Jul 24, 2023)

Incompatible changes

Deprecated

Features added

Uh oh!

inmantaci commented Jul 31, 2023

Uh oh!

inmantaci commented Jul 31, 2023

Uh oh!

dependabot bot commented on behalf of github Jul 31, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Jul 31, 2023 •

edited

Loading