[pull] master from aio-libs:master #196
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…utes (#11688) Co-authored-by: J. Nick Koston <[email protected]>
…utes (#11687) Co-authored-by: J. Nick Koston <[email protected]>
Bumps [iniconfig](https://github.com/pytest-dev/iniconfig) from 2.1.0 to 2.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/iniconfig/releases">iniconfig's releases</a>.</em></p> <blockquote> <h2>Version 2.3.0</h2> <h2>What's Changed</h2> <ul> <li>Add IniConfig.parse() with inline comment stripping and Unicode whitespace handling by <a href="https://github.com/RonnyPfannschmidt"><code>@RonnyPfannschmidt</code></a> in <a href="https://github.com/pytest-dev/iniconfig/pull/70">pytest-dev/iniconfig#70</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pytest-dev/iniconfig/compare/v2.2.0...v2.3.0">https://github.com/pytest-dev/iniconfig/compare/v2.2.0...v2.3.0</a></p> <h2>Version 2.2.0</h2> <p>No release notes provided.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/iniconfig/blob/main/CHANGELOG">iniconfig's changelog</a>.</em></p> <blockquote> <h1>2.3.0</h1> <ul> <li>add IniConfig.parse() classmethod with strip_inline_comments parameter (fixes <a href="https://github.com/pytest-dev/iniconfig/issues/55">#55</a>) <ul> <li>by default (strip_inline_comments=True), inline comments are properly stripped from values</li> <li>set strip_inline_comments=False to preserve old behavior if needed</li> </ul> </li> <li>IniConfig() constructor maintains backward compatibility (does not strip inline comments)</li> <li>users should migrate to IniConfig.parse() for correct comment handling</li> <li>add strip_section_whitespace parameter to IniConfig.parse() (regarding <a href="https://github.com/pytest-dev/iniconfig/issues/4">#4</a>) <ul> <li>opt-in parameter to strip Unicode whitespace from section names</li> <li>when True, strips Unicode whitespace (U+00A0, U+2000, U+3000, etc.) from section names</li> <li>when False (default), preserves existing behavior for backward compatibility</li> </ul> </li> <li>clarify Unicode whitespace handling (regarding <a href="https://github.com/pytest-dev/iniconfig/issues/4">#4</a>) <ul> <li>since iniconfig 2.0.0 (Python 3 only), all strings are Unicode by default</li> <li>Python 3's str.strip() has handled Unicode whitespace since Python 3.0 (2008)</li> <li>iniconfig automatically benefits from this in all supported versions (Python >= 3.10)</li> <li>key names and values have Unicode whitespace properly stripped using Python's built-in methods</li> </ul> </li> </ul> <h1>2.2.0</h1> <ul> <li>drop Python 3.8 and 3.9 support (now requires Python >= 3.10)</li> <li>add Python 3.14 classifier</li> <li>migrate from hatchling to setuptools 77 with setuptools_scm</li> <li>adopt PEP 639 license specifiers and PEP 740 build attestations</li> <li>migrate from black + pyupgrade to ruff</li> <li>migrate CI to uv and unified test workflow</li> <li>automate GitHub releases and PyPI publishing via Trusted Publishing</li> <li>include tests in sdist</li> <li>modernize code for Python 3.10+ (remove <strong>future</strong> annotations, TYPE_CHECKING guards)</li> <li>rename _ParsedLine to ParsedLine</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pytest-dev/iniconfig/commit/7faed13ae50bad7c5da3f5782f254a8a7736bb84"><code>7faed13</code></a> Merge pull request <a href="https://github.com/pytest-dev/iniconfig/issues/70">#70</a> from RonnyPfannschmidt/comments</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/58c08691bbb86aee8efbf73e37293dd6d65b68b4"><code>58c0869</code></a> Refactor: Simplify IniConfig constructor and parse() method</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/6d0af4529e4375e49dc871aa3d5ce17fe1791afe"><code>6d0af45</code></a> Add strip_section_whitespace parameter to address issue <a href="https://github.com/pytest-dev/iniconfig/issues/4">#4</a></li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/e2d89f5283cbeb4b4ca55fe88b1c353c343b4972"><code>e2d89f5</code></a> Add IniConfig.parse() classmethod to fix inline comment handling</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/57b7ed9c7a5950f9c57b2cfbe641ff4cc04baf1c"><code>57b7ed9</code></a> Merge pull request <a href="https://github.com/pytest-dev/iniconfig/issues/66">#66</a> from killiandesse/pep639</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/27ac49f56794db397ecb017414663a81e701dfdc"><code>27ac49f</code></a> Merge pull request <a href="https://github.com/pytest-dev/iniconfig/issues/69">#69</a> from RonnyPfannschmidt/limit-attestation</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/3402322097aa7b6eba9a68c96faddc780e04b085"><code>3402322</code></a> Disable build attestations for PRs from forks</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/27e6a7b4a7b24f7f8a5e5492b071ab16eff36f95"><code>27e6a7b</code></a> Merge branch 'main' into pep639</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/65228817674f099d48cab0f0974000ea0e3031c1"><code>6522881</code></a> Merge pull request <a href="https://github.com/pytest-dev/iniconfig/issues/68">#68</a> from pytest-dev/fix-build</li> <li><a href="https://github.com/pytest-dev/iniconfig/commit/8b2bccb3b6be37c9bf70a4fbe0cda4c92c70355f"><code>8b2bccb</code></a> Update CHANGELOG and automate releases</li> <li>Additional commits viewable in <a href="https://github.com/pytest-dev/iniconfig/compare/v2.1.0...v2.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.2 to 2.12.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/releases">pydantic's releases</a>.</em></p> <blockquote> <h2>v2.12.3 2025-10-17</h2> <h2>v2.12.3 (2025-10-17)</h2> <h3>What's Changed</h3> <p>This is the third 2.13 patch release, fixing issues related to the <code>FieldInfo</code> class, and reverting a change to the supported <a href="https://docs.pydantic.dev/latest/concepts/validators/#model-validators"><em>after</em> model validator</a> function signatures.</p> <ul> <li>Raise a warning when an invalid after model validator function signature is raised by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/pydantic/pydantic/pull/12414">#12414</a>. Starting in 2.12.0, using class methods for <em>after</em> model validators raised an error, but the error wasn't raised concistently. We decided to emit a deprecation warning instead.</li> <li>Add <a href="https://docs.pydantic.dev/latest/api/fields/#pydantic.fields.FieldInfo.asdict"><code>FieldInfo.asdict()</code></a> method, improve documentation around <code>FieldInfo</code> by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/pydantic/pydantic/pull/12411">#12411</a>. This also adds back support for mutations on <code>FieldInfo</code> classes, that are reused as <code>Annotated</code> metadata. <strong>However</strong>, note that this is still <em>not</em> a supported pattern. Instead, please refer to the <a href="https://docs.pydantic.dev/latest/examples/dynamic_models/">added example</a> in the documentation.</li> </ul> <p>The <a href="https://pydantic.dev/articles/pydantic-v2-12-release#changes">blog post</a> section on changes was also updated to document the changes related to <code>serialize_as_any</code>.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.12.2...v2.12.3">https://github.com/pydantic/pydantic/compare/v2.12.2...v2.12.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's changelog</a>.</em></p> <blockquote> <h2>v2.12.3 (2025-10-17)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.12.3">GitHub release</a></p> <h3>What's Changed</h3> <p>This is the third 2.13 patch release, fixing issues related to the <code>FieldInfo</code> class, and reverting a change to the supported <a href="https://docs.pydantic.dev/latest/concepts/validators/#model-validators"><em>after</em> model validator</a> function signatures.</p> <ul> <li>Raise a warning when an invalid after model validator function signature is raised by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/pydantic/pydantic/pull/12414">#12414</a>. Starting in 2.12.0, using class methods for <em>after</em> model validators raised an error, but the error wasn't raised concistently. We decided to emit a deprecation warning instead.</li> <li>Add <a href="https://docs.pydantic.dev/latest/api/fields/#pydantic.fields.FieldInfo.asdict"><code>FieldInfo.asdict()</code></a> method, improve documentation around <code>FieldInfo</code> by <a href="https://github.com/Viicos"><code>@Viicos</code></a> in <a href="https://github.com/pydantic/pydantic/pull/12411">#12411</a>. This also add back support for mutations on <code>FieldInfo</code> classes, that are reused as <code>Annotated</code> metadata. <strong>However</strong>, note that this is still <em>not</em> a supported pattern. Instead, please refer to the <a href="https://docs.pydantic.dev/latest/examples/dynamic_models/">added example</a> in the documentation.</li> </ul> <p>The <a href="https://pydantic.dev/articles/pydantic-v2-12-release#changes">blog post</a> section on changes was also updated to document the changes related to <code>serialize_as_any</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pydantic/pydantic/commit/1a8850d101e67d2744ba8c6286e1172d7cd89d0b"><code>1a8850d</code></a> Prepare release 2.12.3</li> <li><a href="https://github.com/pydantic/pydantic/commit/09dbcf29c73c3fd7fd3ef1edfebe357e807cc9ca"><code>09dbcf2</code></a> Add <code>FieldInfo.asdict()</code> method, improve documentation around <code>FieldInfo</code></li> <li><a href="https://github.com/pydantic/pydantic/commit/5da43310ec61a7b9b3017b2b9f388e778398a1bc"><code>5da4331</code></a> Improve documentation about serialize as any behavior</li> <li><a href="https://github.com/pydantic/pydantic/commit/9c863245ad3799ab331f33b52e2d7441e9c1191e"><code>9c86324</code></a> Raise a warning when an invalid after model validator function signature is r...</li> <li><a href="https://github.com/pydantic/pydantic/commit/36a73c6ed53df7f1cad3343bc811e1dd3f52d26f"><code>36a73c6</code></a> Update <code>pydantic-extra-types</code> dependency to version <code>>=2.10.6</code></li> <li>See full diff in <a href="https://github.com/pydantic/pydantic/compare/v2.12.2...v2.12.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [cython](https://github.com/cython/cython) from 3.1.4 to 3.1.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cython/cython/releases">cython's releases</a>.</em></p> <blockquote> <h1>3.1.5 (2025-10-19)</h1> <h2>Bugs fixed</h2> <ul> <li> <p>Conversion from C++ strings longer than <code>PY_SSIZE_T_MAX</code> did not validate the length.</p> </li> <li> <p>Some non-Limited API code was incorrectly used in generated header files. (Github issue :issue:<code>7157</code>)</p> </li> <li> <p>Optimised unpacking of Python integers in expressions uses a slightly safer scheme. (Github issue :issue:<code>7134</code>)</p> </li> <li> <p>Empty return statements were not always reported when tracing. (Github issue :issue:<code>7022</code>)</p> </li> <li> <p>Value conversion errors when tracing C return statements no longer fail the trace but fall back to reporting <code>None</code> returns instead. (Github issue :issue:<code>6503</code>)</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/cython/cython/blob/master/CHANGES.rst">cython's changelog</a>.</em></p> <blockquote> <h1>3.1.5 (2025-10-20)</h1> <h2>Bugs fixed</h2> <ul> <li> <p>Conversion from C++ strings longer than <code>PY_SSIZE_T_MAX</code> did not validate the length.</p> </li> <li> <p>Some non-Limited API code was incorrectly used in generated header files. (Github issue :issue:<code>7157</code>)</p> </li> <li> <p>Optimised unpacking of Python integers in expressions uses a slightly safer scheme. (Github issue :issue:<code>7134</code>)</p> </li> <li> <p>Empty return statements were not always reported when tracing. (Github issue :issue:<code>7022</code>)</p> </li> <li> <p>Value conversion errors when tracing C return statements no longer fail the trace but fall back to reporting <code>None</code> returns instead. (Github issue :issue:<code>6503</code>)</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cython/cython/commit/24eb0d558efe0a92ba87bb7ebed45c14ed4a713e"><code>24eb0d5</code></a> Build: Move release step to separate job to enforce complete releases and cut...</li> <li><a href="https://github.com/cython/cython/commit/2dc58ee83b604fd1d66093026501fc23620c839f"><code>2dc58ee</code></a> Update changelog.</li> <li><a href="https://github.com/cython/cython/commit/5f1fa053f1e77b9eb7c5eaf84a46926fd1f5d072"><code>5f1fa05</code></a> Fix CI for Python 3.14.0 (<a href="https://github.com/cython/cython/issues/7197">GH-7197</a>)</li> <li><a href="https://github.com/cython/cython/commit/acc3d7c7d88d9fa49e19661121e3ea6fcd4bb356"><code>acc3d7c</code></a> Adapt some tests to different error messages in Py3.15.</li> <li><a href="https://github.com/cython/cython/commit/9143822ee7a24dd336b805e98771c0bcfc1e8590"><code>9143822</code></a> Replace outdated "codecs.open()" usage with just "open()".</li> <li><a href="https://github.com/cython/cython/commit/bbe48384586be9c4becda826d8ae8de781fa5d53"><code>bbe4838</code></a> Prepare release of 3.1.5.</li> <li><a href="https://github.com/cython/cython/commit/3bc285ddf68023ac25c542c421ff09171cf88146"><code>3bc285d</code></a> Upgrade cibuildwheel to latest 3.2.1.</li> <li><a href="https://github.com/cython/cython/commit/729dd6c80ed3a0512081c66438699d8245ea87c8"><code>729dd6c</code></a> Update changelog.</li> <li><a href="https://github.com/cython/cython/commit/c4da583e3aef95ebcd4cd0f761d8520413c67c14"><code>c4da583</code></a> Allow TraceReturnCValue conversion to fail in non-monitoring (<a href="https://github.com/cython/cython/issues/7064">#7064</a>)</li> <li><a href="https://github.com/cython/cython/commit/dd664381c39579b49c81592e3887cce216b40266"><code>dd66438</code></a> Fix tracing of empty return statements (<a href="https://github.com/cython/cython/issues/7067">GH-7067</a>)</li> <li>Additional commits viewable in <a href="https://github.com/cython/cython/compare/3.1.4...3.1.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.0.1 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <p><code>gh-action-sigstore-python</code> is now compatible with <a href="https://blog.sigstore.dev/rekor-v2-ga/">Rekor v2</a> transparency log (but produced signature bundles still contain Rekor v1 entries by default).</p> <h3>Changed</h3> <ul> <li>The action now uses sigstore-python 4.1. All other dependencies are also updated (<a href="https://github.com/sigstore/gh-action-sigstore-python/pull/220">#220</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed incompatibility with Python 3.14 by upgrading dependencies (<a href="https://github.com/sigstore/gh-action-sigstore-python/pull/225">#225</a>)</li> </ul> <h3>Added</h3> <ul> <li><code>rekor-version</code> argument was added to control the Rekor transparency log version when signing. The default version in the gh-action-sigstore-python 3.x series will remain 1 (except when using <code>staging: true</code>). (<a href="https://github.com/sigstore/gh-action-sigstore-python/pull/228">#228</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h2>[3.1.0]</h2> <p><code>gh-action-sigstore-python</code> is now compatible with <a href="https://blog.sigstore.dev/rekor-v2-ga/">Rekor v2</a> transparency log (but produced signature bundles still contain Rekor v1 entries by default).</p> <h3>Changed</h3> <ul> <li>The action now uses sigstore-python 4.1. All other dependencies are also updated (<a href="https://github.com/sigstore/gh-action-sigstore-python/pull/220">#220</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed incompatibility with Python 3.14 by upgrading dependencies (<a href="https://github.com/sigstore/gh-action-sigstore-python/pull/225">#225</a>)</li> </ul> <h3>Added</h3> <ul> <li><code>rekor-version</code> argument was added to control the Rekor transparency log version when signing. The default version in the gh-action-sigstore-python 3.x series will remain 1 (except when using <code>staging: true</code>). (<a href="https://github.com/sigstore/gh-action-sigstore-python/pull/228">#228</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/f832326173235dcb00dd5d92cd3f353de3188e6c"><code>f832326</code></a> Prepare 3.1.0 release (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/230">#230</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/3385d3ad524c66915d8fcfa82f74b905058b2ad4"><code>3385d3a</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/232">#232</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/35fff1e5bf90fac1298692cee891e1f65fce1a93"><code>35fff1e</code></a> Add rekor-version argument (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/228">#228</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/be60bbea7f8770c9c9673a8fabafec00df7f458f"><code>be60bbe</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/231">#231</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/72e7431cf7415752b53e3e537861872efa4b59b1"><code>72e7431</code></a> Actually upgrade dependencies (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/225">#225</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ccdc279cc26afbb1ce2849748d6263f076b7e3e3"><code>ccdc279</code></a> ci, action: address zizmor findings, bump versions (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/222">#222</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/709f8a40efe9f4d3bf38feb831ffc930b9688c93"><code>709f8a4</code></a> build(deps): bump sigstore from 3.6.3 to 4.0.0 (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/220">#220</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/5ce4031dd209da1deb84a18c41259d0c46478e48"><code>5ce4031</code></a> requirements: Include main.in contents within dev.in (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/221">#221</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ea888adbde89b79cda7612fd09c99bdcc8b129b5"><code>ea888ad</code></a> build(deps): bump the actions group with 3 updates (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/218">#218</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/17565e2406fc237359e19a217a7b03242eb60c36"><code>17565e2</code></a> build(deps): bump the python-dependencies group with 6 updates (<a href="https://github.com/sigstore/gh-action-sigstore-python/issues/219">#219</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.0.1...v3.1.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2025.9.18 to 2025.10.23. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt">regex's changelog</a>.</em></p> <blockquote> <p>Version: 2025.10.23</p> <pre><code>'setup.py' was missing from the source distribution. </code></pre> <p>Version: 2025.10.22</p> <pre><code>Fixed test in main.yml. </code></pre> <p>Version: 2025.10.21</p> <pre><code>Moved tests into subfolder. </code></pre> <p>Version: 2025.10.20</p> <pre><code>Re-organised files. <p>Updated to Unicode 17.0.0.<br /> </code></pre></p> <p>Version: 2025.9.20</p> <pre><code>Enable free-threading support in cibuildwheel in another place. </code></pre> <p>Version: 2025.9.19</p> <pre><code>Enable free-threading support in cibuildwheel. </code></pre> <p>Version: 2025.9.18</p> <pre><code>Git issue 565: Support the free-threaded build of CPython 3.13 </code></pre> <p>Version: 2025.9.1</p> <pre><code>Git PR 585: Fix AttributeError: 'AnyAll' object has no attribute '_key' </code></pre> <p>Version: 2025.8.29</p> <pre><code>Git issue 584: AttributeError: 'AnyAll' object has no attribute 'positive' </code></pre> <p>Version: 2025.7.34</p> <pre><code>Git issue 575: Issues with ASCII/Unicode modifiers </code></pre> <p>Version: 2025.7.33</p> <pre><code>Updated main.yml and pyproject.toml. </code></pre> <p>Version: 2025.7.32</p> <pre><code>Git issue 580: Regression in v2025.7.31: \P{L} no longer matches in simple patterns </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mrabarnett/mrab-regex/commit/26454da3a67572197648032fe5e7f9a288fa4a0f"><code>26454da</code></a> 'setup.py' was missing from the source distribution.</li> <li><a href="https://github.com/mrabarnett/mrab-regex/commit/f2d31b0844789ec19123aa1b5eb19e070018a981"><code>f2d31b0</code></a> Fixed test in main.yml.</li> <li><a href="https://github.com/mrabarnett/mrab-regex/commit/2fd4dc061617b317d0f760f93756a6ae742f055f"><code>2fd4dc0</code></a> Moved tests into subfolder.</li> <li><a href="https://github.com/mrabarnett/mrab-regex/commit/54fa96c29247056b1e9a76eab9dafd929587bbfc"><code>54fa96c</code></a> Re-organised files.</li> <li><a href="https://github.com/mrabarnett/mrab-regex/commit/4359a6a565e6725a899a4e1179c75fdad09030ae"><code>4359a6a</code></a> Enable free-threading support in cibuildwheel in another place.</li> <li><a href="https://github.com/mrabarnett/mrab-regex/commit/2fe11390343743fb69afd5b43fb601a7f19255e0"><code>2fe1139</code></a> Enable free-threading support in cibuildwheel.</li> <li>See full diff in <a href="https://github.com/mrabarnett/mrab-regex/compare/2025.9.18...2025.10.23">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [cython](https://github.com/cython/cython) from 3.1.5 to 3.1.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/cython/cython/blob/master/CHANGES.rst">cython's changelog</a>.</em></p> <blockquote> <h1>3.1.6 (2025-10-23)</h1> <h2>Bugs fixed</h2> <ul> <li> <p>Unicode characters formatted from C integers with <code>f"{value:c}"</code> could result in invalid Python string objects since Cython 3.1.0. (Github issue :issue:<code>7240</code>)</p> </li> <li> <p><code>cythonize</code> (program and function) now uses <code>concurrent.futures.ProcessPoolExecutor</code> instead of <code>multiprocessing.Pool</code> to fix a hang on build failures in parallel builds. A possible work-around is to disable parallel builds. Patch by Sviatoslav Sydorenko. (Github issue :issue:<code>7183</code>)</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cython/cython/commit/b40c676a7396e3b8ca25974bd5ca4b5cef7f9908"><code>b40c676</code></a> Prepare release of 3.1.6.</li> <li><a href="https://github.com/cython/cython/commit/2c003320ea74b04ed28993cf048149b1046df260"><code>2c00332</code></a> Build: Clear "license-files" option in setup metadata due to</li> <li><a href="https://github.com/cython/cython/commit/6d0b9bd0879839ed9d2b06898d096441750751dc"><code>6d0b9bd</code></a> Build: Use twine to check the wheels before uploading them.</li> <li><a href="https://github.com/cython/cython/commit/fecd0e5a2b76a7d540bc6a7119f6638d8ea87d2d"><code>fecd0e5</code></a> Silence a C coercion warning in a test.</li> <li><a href="https://github.com/cython/cython/commit/2a68bbca81a3621d4b8a457e98a64a0391c02a09"><code>2a68bbc</code></a> Avoid back-and-forth between signed and unsigned index types in C array conve...</li> <li><a href="https://github.com/cython/cython/commit/18249752c95cffce9bf8383ee1c711accc4ee013"><code>1824975</code></a> Silence a C compiler warning about implicit signed/unsigned conversion.</li> <li><a href="https://github.com/cython/cython/commit/a583bc3cd0e779efd8e3db5a6caa6b2e6789ba8b"><code>a583bc3</code></a> Disable parallelism in <code>cythonize</code> command/function on <code>spawn</code> (<a href="https://github.com/cython/cython/issues/7183">GH-7183</a>)</li> <li><a href="https://github.com/cython/cython/commit/2ee0bc1f047849e840326ff2ebddb9009ef6891b"><code>2ee0bc1</code></a> Update changelog.</li> <li><a href="https://github.com/cython/cython/commit/b0f7b40f68d75815bf3c494f11cf58369e118880"><code>b0f7b40</code></a> Fix f-string joining when non-ASCII "{intvalue:c}" character formats are invo...</li> <li><a href="https://github.com/cython/cython/commit/67351ba379626aaeff3865071ccae3e649a96430"><code>67351ba</code></a> Adapt release date of 3.1.5 to PyPI release time.</li> <li>Additional commits viewable in <a href="https://github.com/cython/cython/compare/3.1.5...3.1.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pytest-codspeed](https://github.com/CodSpeedHQ/pytest-codspeed) from 4.1.1 to 4.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/CodSpeedHQ/pytest-codspeed/releases">pytest-codspeed's releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>Support python 3.14 by <a href="https://github.com/adriencaccia"><code>@adriencaccia</code></a> in <a href="https://github.com/CodSpeedHQ/pytest-codspeed/pull/91">CodSpeedHQ/pytest-codspeed#91</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.1.1...v4.2.0">https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.1.1...v4.2.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/CodSpeedHQ/pytest-codspeed/blob/master/CHANGELOG.md">pytest-codspeed's changelog</a>.</em></p> <blockquote> <h2>[4.2.0] - 2025-10-24</h2> <h3><!-- raw HTML omitted -->🚀 Features</h3> <ul> <li>Support python 3.14 by <a href="https://github.com/adriencaccia"><code>@adriencaccia</code></a> in <a href="https://github.com/CodSpeedHQ/pytest-codspeed/pull/91">#91</a></li> </ul> <h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3> <ul> <li>Throw error when instrument hooks failed to initialize under codspeed env by <a href="https://github.com/adriencaccia"><code>@adriencaccia</code></a></li> </ul> <h3><!-- raw HTML omitted -->⚙️ Internals</h3> <ul> <li>Bump mypy by <a href="https://github.com/adriencaccia"><code>@adriencaccia</code></a></li> <li>Bump python to 3.14 in the ci by <a href="https://github.com/adriencaccia"><code>@adriencaccia</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/3b0649bab359708a396eeb7ce190ba17b57b172a"><code>3b0649b</code></a> Release v4.2.0 🚀</li> <li><a href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/1af439929c49615ec57dbec4aa935986a0352ada"><code>1af4399</code></a> feat: support python 3.14</li> <li><a href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/2e8a7a8cad72d3bcc6309f7a6f781b29120a73ba"><code>2e8a7a8</code></a> fix(valgrind): throw error when instrument hooks failed to initialize under c...</li> <li><a href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/bf30b24c47bbfe3f16b0c4ebd1f9e8bd5eb33e18"><code>bf30b24</code></a> chore: bump mypy</li> <li><a href="https://github.com/CodSpeedHQ/pytest-codspeed/commit/f1e42e4143eaaf414a0b7eb9d81952160a0c0b29"><code>f1e42e4</code></a> chore(ci): bump python to 3.14 in the ci</li> <li>See full diff in <a href="https://github.com/CodSpeedHQ/pytest-codspeed/compare/v4.1.1...v4.2.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [python-on-whales](https://github.com/gabrieldemarmiesse/python-on-whales) from 0.78.0 to 0.79.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gabrieldemarmiesse/python-on-whales/releases">python-on-whales's releases</a>.</em></p> <blockquote> <h2>v0.79.0</h2> <h2>What's Changed</h2> <ul> <li>feat : Add support for Docker service networks in ComposeService by <a href="https://github.com/R3gardless"><code>@R3gardless</code></a> in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/683">gabrieldemarmiesse/python-on-whales#683</a></li> <li>[Docs] Enable Syntax Highlighting by <a href="https://github.com/lgeiger"><code>@lgeiger</code></a> in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/686">gabrieldemarmiesse/python-on-whales#686</a></li> <li>Improve typing of <code>run</code> by using <code>@overload</code> by <a href="https://github.com/patrick91"><code>@patrick91</code></a> in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/685">gabrieldemarmiesse/python-on-whales#685</a></li> <li>Add metadata_file opt-in for buildx builds by <a href="https://github.com/K-dash"><code>@K-dash</code></a> in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/689">gabrieldemarmiesse/python-on-whales#689</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/R3gardless"><code>@R3gardless</code></a> made their first contribution in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/683">gabrieldemarmiesse/python-on-whales#683</a></li> <li><a href="https://github.com/lgeiger"><code>@lgeiger</code></a> made their first contribution in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/686">gabrieldemarmiesse/python-on-whales#686</a></li> <li><a href="https://github.com/patrick91"><code>@patrick91</code></a> made their first contribution in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/685">gabrieldemarmiesse/python-on-whales#685</a></li> <li><a href="https://github.com/K-dash"><code>@K-dash</code></a> made their first contribution in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/pull/689">gabrieldemarmiesse/python-on-whales#689</a></li> </ul> <p>Thank you for your contributions! This makes me very happy to see new faces!</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/gabrieldemarmiesse/python-on-whales/compare/v0.78.0...v0.79.0">https://github.com/gabrieldemarmiesse/python-on-whales/compare/v0.78.0...v0.79.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gabrieldemarmiesse/python-on-whales/commit/497852485e34c2d32ae0590be5907e2a5a8855fc"><code>4978524</code></a> Bump python-on-whales version to 0.79.0</li> <li><a href="https://github.com/gabrieldemarmiesse/python-on-whales/commit/d39aaeeb57990b05a516c0772deb48af3d8a9930"><code>d39aaee</code></a> Add metadata_file opt-in for buildx builds (<a href="https://github.com/gabrieldemarmiesse/python-on-whales/issues/689">#689</a>)</li> <li><a href="https://github.com/gabrieldemarmiesse/python-on-whales/commit/b694f852a046a62ccbf2341c1a946f4c72d32bb3"><code>b694f85</code></a> Improve typing of <code>run</code> by using <code>@overload</code> (<a href="https://github.com/gabrieldemarmiesse/python-on-whales/issues/685">#685</a>)</li> <li><a href="https://github.com/gabrieldemarmiesse/python-on-whales/commit/488ab4a2be87d6a54588979b4364ae14baf97b3a"><code>488ab4a</code></a> [Docs] Enable Syntax Highlighting (<a href="https://github.com/gabrieldemarmiesse/python-on-whales/issues/686">#686</a>)</li> <li><a href="https://github.com/gabrieldemarmiesse/python-on-whales/commit/88eae6739915ad0583a0bcf7dec9a31004ecce1c"><code>88eae67</code></a> feat : Add support for Docker service networks in ComposeService (<a href="https://github.com/gabrieldemarmiesse/python-on-whales/issues/683">#683</a>)</li> <li>See full diff in <a href="https://github.com/gabrieldemarmiesse/python-on-whales/compare/v0.78.0...v0.79.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README for download-artifact v5 changes by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://github.com/actions/download-artifact/pull/417">actions/download-artifact#417</a></li> <li>Update README with artifact extraction details by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://github.com/actions/download-artifact/pull/424">actions/download-artifact#424</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v6.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://github.com/actions/download-artifact/pull/438">actions/download-artifact#438</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v5...v6.0.0">https://github.com/actions/download-artifact/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53"><code>018cc2c</code></a> Merge pull request <a href="https://github.com/actions/download-artifact/issues/438">#438</a> from actions/danwkennedy/prepare-6.0.0</li> <li><a href="https://github.com/actions/download-artifact/commit/815651c680ffe1c95719d0ed08aba1a2f9d5c177"><code>815651c</code></a> Revert "Remove <code>github.dep.yml</code>"</li> <li><a href="https://github.com/actions/download-artifact/commit/bb3a066a8babc8ed7b3e4218896c548fe34e7115"><code>bb3a066</code></a> Remove <code>github.dep.yml</code></li> <li><a href="https://github.com/actions/download-artifact/commit/fa1ce46bbd11b8387539af12741055a76dfdf804"><code>fa1ce46</code></a> Prepare <code>v6.0.0</code></li> <li><a href="https://github.com/actions/download-artifact/commit/4a24838f3d5601fd639834081e118c2995d51e1c"><code>4a24838</code></a> Merge pull request <a href="https://github.com/actions/download-artifact/issues/431">#431</a> from danwkennedy/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/5e3251c4ff5a32e4cf8dd4adaee0e692365237ae"><code>5e3251c</code></a> Readme: spell out the first use of GHES</li> <li><a href="https://github.com/actions/download-artifact/commit/abefc31eafcfbdf6c5336127c1346fdae79ff41c"><code>abefc31</code></a> Merge pull request <a href="https://github.com/actions/download-artifact/issues/424">#424</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/ac43a6070aa7db8a41e756e7a2846221edca7027"><code>ac43a60</code></a> Update README with artifact extraction details</li> <li><a href="https://github.com/actions/download-artifact/commit/de96f4613b77ec03b5cf633e7c350c32bd3c5660"><code>de96f46</code></a> Merge pull request <a href="https://github.com/actions/download-artifact/issues/417">#417</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/7993cb44e9052f2f08f9b828ae5ef3ecca7d2ac7"><code>7993cb4</code></a> Remove migration guide for artifact download changes</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/v5...v6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pip](https://github.com/pypa/pip) from 25.2 to 25.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's changelog</a>.</em></p> <blockquote> <h1>25.3 (2025-10-24)</h1> <h2>Deprecations and Removals</h2> <ul> <li> <p>Remove support for the legacy <code>setup.py develop</code> editable method in setuptools editable installs; setuptools >= 64 is now required. (<code>[#11457](pypa/pip#11457) <https://github.com/pypa/pip/issues/11457></code>_)</p> </li> <li> <p>Remove the deprecated <code>--global-option</code> and <code>--build-option</code>. <code>--config-setting</code> is now the only way to pass options to the build backend. (<code>[#11859](pypa/pip#11859) <https://github.com/pypa/pip/issues/11859></code>_)</p> </li> <li> <p>Deprecate the <code>PIP_CONSTRAINT</code> environment variable for specifying build constraints.</p> <p>Use the <code>--build-constraint</code> option or the <code>PIP_BUILD_CONSTRAINT</code> environment variable instead. When build constraints are used, <code>PIP_CONSTRAINT</code> no longer affects isolated build environments. To enable this behavior without specifying any build constraints, use <code>--use-feature=build-constraint</code>. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</p> </li> <li> <p>Remove support for non-standard legacy wheel filenames. (<code>[#13581](pypa/pip#13581) <https://github.com/pypa/pip/issues/13581></code>_)</p> </li> <li> <p>Remove support for the deprecated <code>setup.py bdist_wheel</code> mechanism. Consequently, <code>--use-pep517</code> is now always on, and <code>--no-use-pep517</code> has been removed. (<code>[#6334](pypa/pip#6334) <https://github.com/pypa/pip/issues/6334></code>_)</p> </li> </ul> <h2>Features</h2> <ul> <li>When :pep:<code>658</code> metadata is available, full distribution files are no longer downloaded when using <code>pip lock</code> or <code>pip install --dry-run</code>. (<code>[#12603](pypa/pip#12603) <https://github.com/pypa/pip/issues/12603></code>_)</li> <li>Add support for installing an editable requirement written as a Direct URL (<code>PackageName @ URL</code>). (<code>[#13495](pypa/pip#13495) <https://github.com/pypa/pip/issues/13495></code>_)</li> <li>Add support for build constraints via the <code>--build-constraint</code> option. This allows constraining the versions of packages used during the build process (e.g., setuptools) without affecting the final installation. (<code>[#13534](pypa/pip#13534) <https://github.com/pypa/pip/issues/13534></code>_)</li> <li>On <code>ResolutionImpossible</code> errors, include a note about causes with no candidates. (<code>[#13588](pypa/pip#13588) <https://github.com/pypa/pip/issues/13588></code>_)</li> <li>Building pip itself from source now uses flit-core instead of setuptools. This does not affect how pip installs or builds packages you use. (<code>[#13473](pypa/pip#13473) <https://github.com/pypa/pip/issues/13473></code>_)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Handle malformed <code>Version</code> metadata entries and show a sensible error message instead of crashing. (<code>[#13443](pypa/pip#13443) <https://github.com/pypa/pip/issues/13443></code>_)</li> <li>Permit spaces between a filepath and extras in an install requirement. (<code>[#13523](pypa/pip#13523) <https://github.com/pypa/pip/issues/13523></code>_)</li> <li>Ensure the self-check files in the cache have the same permissions as the rest of the cache. (<code>[#13528](pypa/pip#13528) <https://github.com/pypa/pip/issues/13528></code>_)</li> <li>Avoid concurrency issues and improve performance when caching locally built wheels, especially when the temporary build directory is on a different filesystem than the cache. The wheel directory passed to the build backend is now a temporary subdirectory inside the cache directory. (<code>[#13540](pypa/pip#13540) <https://github.com/pypa/pip/issues/13540></code>_)</li> <li>Include relevant user-supplied constraints in logs when reporting dependency conflicts. (<code>[#13545](pypa/pip#13545) <https://github.com/pypa/pip/issues/13545></code>_)</li> <li>Fix a regression in configuration parsing that was turning a single value into a list and thus leading to a validation error. (<code>[#13548](pypa/pip#13548) <https://github.com/pypa/pip/issues/13548></code>_)</li> <li>For Python versions that do not support :pep:<code>706</code>, pip will now raise an installation error for a source distribution when it includes a symlink that points outside the source distribution archive. (<code>[#13550](pypa/pip#13550) <https://github.com/pypa/pip/issues/13550></code>_)</li> <li>Prevent <code>--user</code> installs if <code>site.ENABLE_USER_SITE</code> is set to <code>False</code>. (<code>[#8794](pypa/pip#8794) <https://github.com/pypa/pip/issues/8794></code>_)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/pip/commit/a52069365063ea813fe3a3f8bac90397c9426d35"><code>a520693</code></a> Bump for release</li> <li><a href="https://github.com/pypa/pip/commit/0f2973eded07de7fcfe90d494763821172bc2c5f"><code>0f2973e</code></a> Fix up authors by adding entry to <code>.mailmap</code></li> <li><a href="https://github.com/pypa/pip/commit/87828dc11b18b657d95fed4dc4ed996ba032e4f8"><code>87828dc</code></a> Update AUTHORS.txt</li> <li><a href="https://github.com/pypa/pip/commit/ce6a38ce06886f1f711226600a5b002df1b70453"><code>ce6a38c</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13628">#13628</a> from sbidoul/imp-doc-pep517-sbi</li> <li><a href="https://github.com/pypa/pip/commit/ee16c815eb52190a3ffa6d9e19e7dac78a0a0c3e"><code>ee16c81</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13629">#13629</a> from notatallshaw/bump-gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/3e227aafbfe5c464ce9f2fb72c446e29692ea6c2"><code>3e227aa</code></a> Bump gone_in="25.3"</li> <li><a href="https://github.com/pypa/pip/commit/4ad18287837da0bc52feb8dce03f604809395e3b"><code>4ad1828</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13495">#13495</a> from ichard26/feat/direct-editables</li> <li><a href="https://github.com/pypa/pip/commit/66ded3b043ae3e25d761ee092c1add0d98c9e4bf"><code>66ded3b</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13570">#13570</a> from ShubhamNagure/fix-constraint-reporting-13545</li> <li><a href="https://github.com/pypa/pip/commit/67e8ac2fc9002bfec8d371ecbe1a8813c64b68e9"><code>67e8ac2</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/13588">#13588</a> from notatallshaw/hint-on-resolution-impossible-whe...</li> <li><a href="https://github.com/pypa/pip/commit/990ca8a45149ea8980bd82699471fbabeeeec18c"><code>990ca8a</code></a> Merge pull request <a href="https://github.com/pypa/pip/issues/8796">#8796</a> from pelson/honour_user_site</li> <li>Additional commits viewable in <a href="https://github.com/pypa/pip/compare/25.2...25.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…var is not set (#11728) Co-authored-by: J. Nick Koston <[email protected]> Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <[email protected]> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> fixes #11713
…var is not set (#11727) Co-authored-by: J. Nick Koston <[email protected]> Co-authored-by: 🇺🇦 Sviatoslav Sydorenko (Святослав Сидоренко) <[email protected]> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> fixes #11713
…fter a malformed cookie (#11730)
…fter a malformed cookie (#11729)
…be cancellation safe (#11732)
…be cancellation safe (#11731)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )