Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the dev-dependencies group across 1 directory with 5 updates #131

Merged
merged 1 commit into from
Oct 28, 2024
Merged

Bump the dev-dependencies group across 1 directory with 5 updates #131

merged 1 commit into from
Oct 28, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 28, 2024

Bumps the dev-dependencies group with 5 updates in the / directory:

Package From To
bandit 1.7.9 1.7.10
mypy 1.11.2 1.13.0
pre-commit-hooks 4.6.0 5.0.0
safety 3.2.7 3.2.9
typeguard 4.3.0 4.4.0

Updates bandit from 1.7.9 to 1.7.10

Release notes

Sourced from bandit's releases.

1.7.10

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.7.9...1.7.10

Commits
  • 36fd650 Pytorch Load / Save Plugin (#1114)
  • 4ac55df Use consistent file naming of docs (#1170)
  • 68022aa Bump docker/build-push-action from 6.6.1 to 6.7.0 (#1168)
  • 77566a0 Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 (#1165)
  • 221ced6 Bump docker/build-push-action from 6.5.0 to 6.6.1 (#1166)
  • 701b7d5 Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 (#1163)
  • 320495c Bump docker/build-push-action from 6.3.0 to 6.5.0 (#1160)
  • 90490c7 Bump docker/login-action from 3.2.0 to 3.3.0 (#1159)
  • 708ab74 Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 (#1158)
  • 89d2345 Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 (#1156)
  • Additional commits viewable in compare view

Updates mypy from 1.11.2 to 1.13.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.13

We’ve just uploaded mypy 1.13 to the Python Package Index (PyPI). Mypy is a static type checker for Python. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Note that unlike typical releases, Mypy 1.13 does not have any changes to type checking semantics from 1.12.1.

Improved performance

Mypy 1.13 contains several performance improvements. Users can expect mypy to be 5-20% faster. In environments with long search paths (such as environments using many editable installs), mypy can be significantly faster, e.g. 2.2x faster in the use case targeted by these improvements.

Mypy 1.13 allows use of the orjson library for handling the cache instead of the stdlib json, for improved performance. You can ensure the presence of orjson using the faster-cache extra:

python3 -m pip install -U mypy[faster-cache]

Mypy may depend on orjson by default in the future.

These improvements were contributed by Shantanu.

List of changes:

  • Significantly speed up file handling error paths (Shantanu, PR 17920)
  • Use fast path in modulefinder more often (Shantanu, PR 17950)
  • Let mypyc optimise os.path.join (Shantanu, PR 17949)
  • Make is_sub_path faster (Shantanu, PR 17962)
  • Speed up stubs suggestions (Shantanu, PR 17965)
  • Use sha1 for hashing (Shantanu, PR 17953)
  • Use orjson instead of json, when available (Shantanu, PR 17955)
  • Add faster-cache extra, test in CI (Shantanu, PR 17978)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • Shantanu Jain
  • Jukka Lehtosalo

Mypy 1.12

We’ve just uploaded mypy 1.12 to the Python Package Index (PyPI). Mypy is a static type

... (truncated)

Commits

Updates pre-commit-hooks from 4.6.0 to 5.0.0

Release notes

Sourced from pre-commit-hooks's releases.

pre-commit-hooks v5.0.0

Features

Fixes

  • destroyed-symlinks: set stages to [pre-commit, pre-push, manual]

Migrating

  • pre-commit-hooks now requires pre-commit>=3.2.0.
  • use non-deprecated names for stages.
Changelog

Sourced from pre-commit-hooks's changelog.

5.0.0 - 2024-10-05

Features

Fixes

  • destroyed-symlinks: set stages to [pre-commit, pre-push, manual]

Migrating

  • pre-commit-hooks now requires pre-commit>=3.2.0.
  • use non-deprecated names for stages.
Commits
  • cef0300 v5.0.0
  • f47ab2f Merge pull request #1049 from Jeffrey-Lim/main
  • fd01124 Extend check for illegal Windows filenames
  • 515e8b3 Merge pull request #1085 from AdrianDC/destroyed-symlinks
  • c7d1e85 set stages for destroyed-symlinks
  • 5b5b46d Merge pull request #1093 from pre-commit/non-deprecated-stages-names
  • 003dfa5 update stages names to the non-deprecated names
  • ed71474 Merge pull request #1088 from pre-commit/pre-commit-ci-update-config
  • 6553d02 remove types-all
  • 6952eeb [pre-commit.ci] pre-commit autoupdate
  • Additional commits viewable in compare view

Updates safety from 3.2.7 to 3.2.9

Changelog

Sourced from safety's changelog.

[3.2.9] - 2024-10-23

  • chore: deprection-message-for-license-command (4149b70)
  • feat: add-pull-request-template (#604) (61b2fe2)
  • fix: devcontainer fix (be42d8e)
  • fix: safety error when scan is run without being authed (5ec80dd)
  • feat: add-devcontainers-support (0591838)
  • fix: internal-server-error (04d7efb)
  • fix: clarify-vulnerabilities-found/ Fixed the issue where the vulnerabilities (07bc5b7)
  • chore: added check arg depreciation warning (78109e5)
  • feature: release-script: add release script (#602) (cc49542)

[3.2.8] - 2024-09-27

  • feat: enhance version comparison logic for check-updates command (#605)
  • docs: add demo Jupyter Notebook (#601)
  • feat: add script to generate CONTRIBUTORS.md with Shields.io badges based on merged PRs (#600)
  • chore: fix CLI help text by removing rich formatting for cleaner output (#599)
  • chore: hide system scan from help text (#598)
  • chore: add LICENSES.md file to document dependency licenses (#597)
  • docs: add SECURITY.md file with security policy and bug bounty details (#593)
Commits
  • d77fec0 Merge pull request #617 from pyupio/chore/release-3.2.9
  • 2d6631c chore/release-3.2.9
  • 57023e0 Merge pull request #622 from pyupio/fix-new-parse-for-test
  • 5a8c181 fix: basic policy file test
  • 7b21f3a Merge pull request #616 from pyupio/fix/version-test
  • ba929db fix/removes hardcoded safety release version from
  • 212318c Merge pull request #614 from pyupio/chore/deprecation-message-for-license-com...
  • 4149b70 chore/deprection-message-for-license-command
  • 61b2fe2 feat/add-pull-request-template (#604)
  • e2a5224 Merge pull request #611 from pyupio/fix-dev-container
  • Additional commits viewable in compare view

Updates typeguard from 4.3.0 to 4.4.0

Release notes

Sourced from typeguard's releases.

4.4.0

  • Added proper checking for method signatures in protocol checks (#465)
  • Fixed basic support for intersection protocols (#490; PR by @​antonagestam)
  • Fixed protocol checks running against the class of an instance and not the instance itself (this produced wrong results for non-method member checks)
Changelog

Sourced from typeguard's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <https://semver.org/#semantic-versioning-200>_.

4.4.0 (2024-10-27)

  • Added proper checking for method signatures in protocol checks ([#465](https://github.com/agronholm/typeguard/issues/465) <https://github.com/agronholm/typeguard/pull/465>_)
  • Fixed basic support for intersection protocols ([#490](https://github.com/agronholm/typeguard/issues/490) <https://github.com/agronholm/typeguard/pull/490>_; PR by @​antonagestam)
  • Fixed protocol checks running against the class of an instance and not the instance itself (this produced wrong results for non-method member checks)

4.3.0 (2024-05-27)

  • Added support for checking against static protocols
  • Fixed some compatibility problems when running on Python 3.13 ([#460](https://github.com/agronholm/typeguard/issues/460) <https://github.com/agronholm/typeguard/issues/460>_; PR by @​JelleZijlstra)
  • Fixed test suite incompatibility with pytest 8.2 ([#461](https://github.com/agronholm/typeguard/issues/461) <https://github.com/agronholm/typeguard/issues/461>_)
  • Fixed pytest plugin crashing on pytest version older than v7.0.0 (even if it's just present) ([#343](https://github.com/agronholm/typeguard/issues/343) <https://github.com/agronholm/typeguard/issues/343>_)

4.2.1 (2023-03-24)

  • Fixed missing typing_extensions dependency for Python 3.12 ([#444](https://github.com/agronholm/typeguard/issues/444) <https://github.com/agronholm/typeguard/issues/444>_)
  • Fixed deprecation warning in the test suite on Python 3.13 ([#444](https://github.com/agronholm/typeguard/issues/444) <https://github.com/agronholm/typeguard/issues/444>_)

4.2.0 (2023-03-23)

  • Added support for specifying options for the pytest plugin via pytest config files ([#440](https://github.com/agronholm/typeguard/issues/440) <https://github.com/agronholm/typeguard/issues/440>_)
  • Avoid creating reference cycles when type checking unions (PR by Shantanu)
  • Fixed Optional[...] being removed from the AST if it was located within a subscript ([#442](https://github.com/agronholm/typeguard/issues/442) <https://github.com/agronholm/typeguard/issues/442>_)
  • Fixed TypedDict from typing_extensions not being recognized as one ([#443](https://github.com/agronholm/typeguard/issues/443) <https://github.com/agronholm/typeguard/issues/443>_)
  • Fixed typing types (dict[str, int], List[str], etc.) not passing checks against type or Type ([#432](https://github.com/agronholm/typeguard/issues/432) <https://github.com/agronholm/typeguard/issues/432>_, PR by Yongxin Wang)
  • Fixed detection of optional fields (NotRequired[...]) in TypedDict when using forward references ([#424](https://github.com/agronholm/typeguard/issues/424) <https://github.com/agronholm/typeguard/issues/424>_)
  • Fixed mapping checks against Django's MultiValueDict ([#419](https://github.com/agronholm/typeguard/issues/419) <https://github.com/agronholm/typeguard/issues/419>_)

4.1.5 (2023-09-11)

... (truncated)

Commits
  • efa1166 Added release date
  • b72794d Added proper Protocol method signature checking (#496)
  • afad2c7 Sorted the Ruff rules alphabetically
  • d812f2e Migrated to native tox TOML configuration
  • 0c50de6 Declared Python 3.13 support
  • cf25d56 Fixed annotation for typeguard_ignore() to match one for typing.no_type_check...
  • 604b08d Use get_protocol_members in protocol checking (#490)
  • c72b675 [pre-commit.ci] pre-commit autoupdate (#471)
  • ac7ac34 Fixed the documentation build
  • 2c035b3 Assume that typing_extensions is always installed (#487)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dev-dependencies group across 1 directory with 5 updates
5b9df7c 
Bumps the dev-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [bandit](https://github.com/PyCQA/bandit) | `1.7.9` | `1.7.10` |
| [mypy](https://github.com/python/mypy) | `1.11.2` | `1.13.0` |
| [pre-commit-hooks](https://github.com/pre-commit/pre-commit-hooks) | `4.6.0` | `5.0.0` |
| [safety](https://github.com/pyupio/safety) | `3.2.7` | `3.2.9` |
| [typeguard](https://github.com/agronholm/typeguard) | `4.3.0` | `4.4.0` |



Updates `bandit` from 1.7.9 to 1.7.10
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](PyCQA/bandit@1.7.9...1.7.10)

Updates `mypy` from 1.11.2 to 1.13.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.11.2...v1.13.0)

Updates `pre-commit-hooks` from 4.6.0 to 5.0.0
- [Release notes](https://github.com/pre-commit/pre-commit-hooks/releases)
- [Changelog](https://github.com/pre-commit/pre-commit-hooks/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit-hooks@v4.6.0...v5.0.0)

Updates `safety` from 3.2.7 to 3.2.9
- [Release notes](https://github.com/pyupio/safety/releases)
- [Changelog](https://github.com/pyupio/safety/blob/main/CHANGELOG.md)
- [Commits](pyupio/safety@3.2.7...3.2.9)

Updates `typeguard` from 4.3.0 to 4.4.0
- [Release notes](https://github.com/agronholm/typeguard/releases)
- [Changelog](https://github.com/agronholm/typeguard/blob/master/docs/versionhistory.rst)
- [Commits](agronholm/typeguard@4.3.0...4.4.0)

---
updated-dependencies:
- dependency-name: bandit
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: mypy
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: pre-commit-hooks
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: safety
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: typeguard
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 28, 2024
@foarsitter foarsitter merged commit 6c29505 into main Oct 28, 2024
16 of 18 checks passed
@dependabot dependabot bot deleted the dependabot/pip/dev-dependencies-714a228ee6 branch October 28, 2024 07:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@foarsitter