Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the allpip group across 1 directory with 9 updates #470

Closed
wants to merge 1 commit into from
Closed

Bump the allpip group across 1 directory with 9 updates #470

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 15, 2025
edited
Loading

Bumps the allpip group with 9 updates in the / directory:

Package From To
pydantic 2.10.4 2.10.5
fastapi-csrf-protect 0.3.7 1.0.0
sqlalchemy 2.0.36 2.0.37
poetry 2.0.0 2.0.1
pytest-asyncio 0.25.1 0.25.2
vcrpy 6.0.2 7.0.0
ruff 0.8.6 0.9.1
pyright 1.1.391 1.1.392.post0
setuptools 75.7.0 75.8.0

Updates pydantic from 2.10.4 to 2.10.5

Release notes

Sourced from pydantic's releases.

v2.10.5 2024-12-18

v2.10.5 (2025-01-08)

What's Changed

Changelog

Sourced from pydantic's changelog.

v2.10.5 (2025-01-08)

GitHub release

What's Changed

Commits

Updates fastapi-csrf-protect from 0.3.7 to 1.0.0

Commits

Updates sqlalchemy from 2.0.36 to 2.0.37

Release notes

Sourced from sqlalchemy's releases.

2.0.37

Released: January 9, 2025

orm

  • [orm] [bug] Fixed issue regarding Union types that would be present in the _orm.registry.type_annotation_map of a _orm.registry or declarative base class, where a Mapped element that included one of the subtypes present in that Union would be matched to that entry, potentially ignoring other entries that matched exactly. The correct behavior now takes place such that an entry should only match in _orm.registry.type_annotation_map exactly, as a Union type is a self-contained type. For example, an attribute with Mapped[float] would previously match to a _orm.registry.type_annotation_map entry Union[float, Decimal]; this will no longer match and will now only match to an entry that states float. Pull request courtesy Frazer McLean.

    References: #11370

  • [orm] [bug] Fixed bug in how type unions were handled within _orm.registry.type_annotation_map as well as _orm.Mapped that made the lookup behavior of a | b different from that of Union[a, b].

    References: #11944

  • [orm] [bug] Consistently handle TypeAliasType (defined in PEP 695) obtained with the type X = int syntax introduced in python 3.12. Now in all cases one such alias must be explicitly added to the type map for it to be usable inside Mapped. This change also revises the approach added in #11305, now requiring the TypeAliasType to be added to the type map. Documentation on how unions and type alias types are handled by SQLAlchemy has been added in the orm_declarative_mapped_column_type_map section of the documentation.

    References: #11955

  • [orm] [bug] Fixed regression caused by an internal code change in response to recent Mypy releases that caused the very unusual case of a list of ORM-mapped attribute expressions passed to ColumnOperators.in_() to no longer be accepted.

    References: #12019

  • [orm] [bug] Fixed issues in type handling within the _orm.registry.type_annotation_map feature which prevented the use of unions, using either pep-604 or Union syntaxes under future

... (truncated)

Commits

Updates poetry from 2.0.0 to 2.0.1

Release notes

Sourced from poetry's releases.

2.0.1

Added

  • Add support for poetry search in legacy sources (#9949).
  • Add a message in the poetry source show output when PyPI is implicitly enabled (#9974).

Changed

  • Improve performance for merging markers from overrides at the end of dependency resolution (#10018).

Fixed

  • Fix an issue where poetry sync did not remove packages that were not requested (#9946).
  • Fix an issue where poetry check failed even though there were just warnings and add a --strict option to fail on warnings (#9983).
  • Fix an issue where poetry update, poetry add and poetry remove with --only uninstalled packages from other groups (#10014).
  • Fix an issue where poetry update, poetry add and poetry remove uninstalled all extra packages (#10016).
  • Fix an issue where poetry self update did not recognize Poetry's own environment (#9995).
  • Fix an issue where read-only system site-packages were not considered when loading an environment with system site-packages (#9942).
  • Fix an issue where an error message in poetry install started with Warning: instead of Error: (#9945).
  • Fix an issue where Command.set_poetry, which is used by plugins, was removed (#9981).
  • Fix an issue where the help text of poetry build --clean showed a malformed short option instead of the description (#9994).

Docs

  • Add a FAQ entry for the migration from Poetry-specific fields to the project section (#9996).
  • Fix examples for project.readme and project.urls (#9948).
  • Add a warning that package sources are a Poetry-specific feature that is not included in core metadata (#9935).
  • Replace poetry install --sync with poetry sync in the section about synchronizing dependencies (#9944).
  • Replace poetry shell with poetry env activate in the basic usage section (#9963).
  • Mention that project.name is always required when the project section is used (#9989).
  • Fix the constraint of poetry-plugin-export in the section about poetry export (#9954).

poetry-core (2.0.1)

  • Replace the deprecated core metadata field Home-page with Project-URL: Homepage (#807).
  • Fix an issue where includes from tool.poetry.packages without a specified format were not initialized with the default value resulting in a KeyError (#805).
  • Fix an issue where some project.urls entries were not processed correctly resulting in a KeyError (#807).
  • Fix an issue where dynamic project.dependencies via tool.poetry.dependencies were ignored if project.optional-dependencies were defined (#811).
Changelog

Sourced from poetry's changelog.

[2.0.1] - 2025-01-11

Added

  • Add support for poetry search in legacy sources (#9949).
  • Add a message in the poetry source show output when PyPI is implicitly enabled (#9974).

Changed

  • Improve performance for merging markers from overrides at the end of dependency resolution (#10018).

Fixed

  • Fix an issue where poetry sync did not remove packages that were not requested (#9946).
  • Fix an issue where poetry check failed even though there were just warnings and add a --strict option to fail on warnings (#9983).
  • Fix an issue where poetry update, poetry add and poetry remove with --only uninstalled packages from other groups (#10014).
  • Fix an issue where poetry update, poetry add and poetry remove uninstalled all extra packages (#10016).
  • Fix an issue where poetry self update did not recognize Poetry's own environment (#9995).
  • Fix an issue where read-only system site-packages were not considered when loading an environment with system site-packages (#9942).
  • Fix an issue where an error message in poetry install started with Warning: instead of Error: (#9945).
  • Fix an issue where Command.set_poetry, which is used by plugins, was removed (#9981).
  • Fix an issue where the help text of poetry build --clean showed a malformed short option instead of the description (#9994).

Docs

  • Add a FAQ entry for the migration from Poetry-specific fields to the project section (#9996).
  • Fix examples for project.readme and project.urls (#9948).
  • Add a warning that package sources are a Poetry-specific feature that is not included in core metadata (#9935).
  • Replace poetry install --sync with poetry sync in the section about synchronizing dependencies (#9944).
  • Replace poetry shell with poetry env activate in the basic usage section (#9963).
  • Mention that project.name is always required when the project section is used (#9989).
  • Fix the constraint of poetry-plugin-export in the section about poetry export (#9954).

poetry-core (2.0.1)

  • Replace the deprecated core metadata field Home-page with Project-URL: Homepage (#807).
  • Fix an issue where includes from tool.poetry.packages without a specified format were not initialized with the default value resulting in a KeyError (#805).
  • Fix an issue where some project.urls entries were not processed correctly resulting in a KeyError (#807).
  • Fix an issue where dynamic project.dependencies via tool.poetry.dependencies were ignored if project.optional-dependencies were defined (#811).
Commits
  • bd500dd release: bump version to 2.0.1
  • 0ac2c1a fix: update, add and remove shall not uninstall extra dependencies
  • 32ec5cb chore(test): update tests to expect PEP 753 compliant urls
  • 61f43e8 improve performance for merging markers from overrides
  • 30fe6c7 fix: update, add and remove with --only shall not uninstall dependenc...
  • d6dbe8c feat(source/show): notify when PyPI is implicit
  • 0e4f0e7 test: fix test due to changes in poetry-core
  • 1a9132c chore(gh): use collapsible blocks in bug report
  • 2d7d173 doc(faq): add entry for PEP 621 migration
  • ff40baa chore(test): remove duplicated code
  • Additional commits viewable in compare view

Updates pytest-asyncio from 0.25.1 to 0.25.2

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 0.25.2

  • Call loop.shutdown_asyncgens() before closing the event loop to ensure async generators are closed in the same manner as asyncio.run does #1034
Commits
  • 2188cdb build: Prepare release of v0.25.2.
  • c3ad634 fix: Shutdown generators before closing event loops.
  • e8ffb10 [pre-commit.ci] pre-commit autoupdate
  • aae43d4 Build(deps): Bump hypothesis in /dependencies/default
  • 941e8b5 Build(deps): Bump pygments from 2.18.0 to 2.19.1 in /dependencies/docs
  • See full diff in compare view

Updates vcrpy from 6.0.2 to 7.0.0

Release notes

Sourced from vcrpy's releases.

v7.0.0

What's Changed

- Drop support for python 3.8 (major version bump) - thanks @jairhenrique
- Various linting and test fixes - thanks @jairhenrique
- Bugfix for urllib2>=2.3.0 - missing version_string ([#888](https://github.com/kevin1024/vcrpy/issues/888))
- Bugfix for asyncio.run - thanks @alekeik1

New Contributors

Changelog

Sourced from vcrpy's changelog.

Changelog

For a full list of triaged issues, bugs and PRs and what release they are targeted for please see the following link.

ROADMAP MILESTONES <https://github.com/kevin1024/vcrpy/milestones>_

All help in providing PRs to close out bug issues is appreciated. Even if that is providing a repo that fully replicates issues. We have very generous contributors that have added these to bug issues which meant another contributor picked up the bug and closed it out.

  • 7.0.0

  • 6.0.2

  • 6.0.1

    • Bugfix with to Tornado cassette generator (thanks @​graingert)

  • 6.0.0

    • BREAKING: Fix issue with httpx support (thanks @​parkerhancock) in #784. NOTE: You may have to recreate some of your cassettes produced in previous releases due to the binary format being saved incorrectly in previous releases
    • BREAKING: Drop support for boto (vcrpy still supports boto3, but is dropping the deprecated boto support in this release. (thanks @​jairhenrique)
    • Fix compatibility issue with Python 3.12 (thanks @​hartwork)
    • Drop simplejson (fixes some compatibility issues) (thanks @​jairhenrique)
    • Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @​mgorny)
    • Various linting and docs improvements (thanks @​jairhenrique)
    • Tornado fixes (thanks @​graingert)

  • 5.1.0

  • 5.0.0

    • BREAKING CHANGE: Drop support for Python 3.7. 3.7 is EOL as of 6/27/23 Thanks @​jairhenrique
    • BREAKING CHANGE: Custom Cassette persisters no longer catch ValueError. If you have implemented a custom persister (has anyone implemented a custom persister? Let us know!) then you will need to throw a CassetteNotFoundError when unable to find a cassette. See #681 for discussion and reason for this change. Thanks @​amosjyng for the PR and the review from @​hartwork

  • 4.4.0

    • HUGE thanks to @​hartwork for all the work done on this release!
    • Bring vcr/unittest in to vcrpy as a full feature of vcr instead of a separate library. Big thanks to @​hartwork for doing this and to @​agriffis for originally creating the library
    • Make decompression robust towards already decompressed input (thanks @​hartwork)

... (truncated)

Commits
  • 3278619 Release v7.0.0
  • 3fb62e0 fix: correctly handle asyncio.run when loop exists
  • 8197865 build(deps): update sphinx requirement from <8 to <9
  • be651bd pre-commit: Autoupdate
  • a6698ed Fix aiohttp tests
  • 48d0a2e Fixed missing version_string attribute when used with urllib3>=2.3.0
  • 5b858b1 Fix lint
  • c8d99a9 Fix ruff configuration
  • ce27c63 Merge pull request #736 from kevin1024/drop-python38
  • ab8944d Drop python 3.8 support
  • Additional commits viewable in compare view

Updates ruff from 0.8.6 to 0.9.1

Release notes

Sourced from ruff's releases.

0.9.1

Release Notes

Preview features

  • [pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
  • [ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

  • [flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

  • Preserve trailing end-of line comments for the last string literal in implicitly concatenated strings (#15378)

Server

  • Fix a bug where the server and client notebooks were out of sync after reordering cells (#15398)

Bug fixes

  • [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
  • [pyupgrade] Handle comments and multiline expressions correctly (UP037) (#15337)

Contributors

Install ruff 0.9.1

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.9.1/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/ruff/releases/download/0.9.1/ruff-installer.ps1 | iex"

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.1

Preview features

  • [pycodestyle] Run too-many-newlines-at-end-of-file on each cell in notebooks (W391) (#15308)
  • [ruff] Omit diagnostic for shadowed private function parameters in used-dummy-variable (RUF052) (#15376)

Rule changes

  • [flake8-bugbear] Improve assert-raises-exception message (B017) (#15389)

Formatter

  • Preserve trailing end-of line comments for the last string literal in implicitly concatenated strings (#15378)

Server

  • Fix a bug where the server and client notebooks were out of sync after reordering cells (#15398)

Bug fixes

  • [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
  • [pyupgrade] Handle comments and multiline expressions correctly (UP037) (#15337)

0.9.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

Ruff now formats your code according to the 2025 style guide. As a result, your code might now get formatted differently. See the formatter section for a detailed list of changes.

This release doesn’t remove or remap any existing stable rules.

Stabilization

The following rules have been stabilized and are no longer in preview:

The following behaviors have been stabilized:

... (truncated)

Commits
  • 12f86f3 Ruff 0.9.1 (#15407)
  • 2b28d56 Associate a trailing end-of-line comment in a parenthesized implicit concaten...
  • adca7bd Remove pygments pin (#15404)
  • 6b98a26 [red-knot] Support assert_type (#15194)
  • c874638 [red-knot] Move tuple-containing-Never tests to Markdown (#15402)
  • c364b58 [flake8-pie] Correctly remove wrapping parentheses (PIE800) (#15394)
  • 73d424e Fix outdated doc for handling the default file types with the pre-commit hook...
  • 6e9ff44 Insert the cells from the start position (#15398)
  • f2c3ddc [red-knot] Move intersection type tests to Markdown (#15396)
  • b861551 Remove unnecessary backticks (#15393)
  • Additional commits viewable in compare view

Updates pyright from 1.1.391 to 1.1.392.post0

Commits

Updates setuptools from 75.7.0 to 75.8.0

Changelog

Sourced from setuptools's changelog.

v75.8.0

Features

  • Implemented Dynamic field for core metadata (as introduced in PEP 643). The existing implementation is currently experimental and the exact approach may change in future releases. (#4698)
Commits
  • 5c9d980 Bump version: 75.7.0 → 75.8.0
  • 72c4222 Avoid using Any in function
  • 1c61d47 Add news fragments for PEP 643
  • f285d01 Implement PEP 643 (Dynamic field for core metadata) (#4698)
  • a50f6e2 Fix _static.Dict.ior for Python 3.8
  • b055895 Add extra tests for static/dynamic metadata
  • 770b4fc Remove test workaround for unmarked static values from pyproject.toml
  • 8b22d73 Mark values from pyproject.toml as static
  • f699fd8 Fix spelling error
  • 8b4c8a3 Add tests for static 'attr' directive
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the allpip group across 1 directory with 9 updates
8913ec0 
Bumps the allpip group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [pydantic](https://github.com/pydantic/pydantic) | `2.10.4` | `2.10.5` |
| [fastapi-csrf-protect](https://github.com/aekasitt/fastapi-csrf-protect) | `0.3.7` | `1.0.0` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.36` | `2.0.37` |
| [poetry](https://github.com/python-poetry/poetry) | `2.0.0` | `2.0.1` |
| [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) | `0.25.1` | `0.25.2` |
| [vcrpy](https://github.com/kevin1024/vcrpy) | `6.0.2` | `7.0.0` |
| [ruff](https://github.com/astral-sh/ruff) | `0.8.6` | `0.9.1` |
| [pyright](https://github.com/RobertCraigie/pyright-python) | `1.1.391` | `1.1.392.post0` |
| [setuptools](https://github.com/pypa/setuptools) | `75.7.0` | `75.8.0` |



Updates `pydantic` from 2.10.4 to 2.10.5
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.10.4...v2.10.5)

Updates `fastapi-csrf-protect` from 0.3.7 to 1.0.0
- [Commits](https://github.com/aekasitt/fastapi-csrf-protect/commits)

Updates `sqlalchemy` from 2.0.36 to 2.0.37
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `poetry` from 2.0.0 to 2.0.1
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.0.0...2.0.1)

Updates `pytest-asyncio` from 0.25.1 to 0.25.2
- [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases)
- [Commits](pytest-dev/pytest-asyncio@v0.25.1...v0.25.2)

Updates `vcrpy` from 6.0.2 to 7.0.0
- [Release notes](https://github.com/kevin1024/vcrpy/releases)
- [Changelog](https://github.com/kevin1024/vcrpy/blob/master/docs/changelog.rst)
- [Commits](kevin1024/vcrpy@v6.0.2...v7.0.0)

Updates `ruff` from 0.8.6 to 0.9.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.8.6...0.9.1)

Updates `pyright` from 1.1.391 to 1.1.392.post0
- [Release notes](https://github.com/RobertCraigie/pyright-python/releases)
- [Commits](RobertCraigie/pyright-python@v1.1.391...v1.1.392.post0)

Updates `setuptools` from 75.7.0 to 75.8.0
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v75.7.0...v75.8.0)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: allpip
- dependency-name: fastapi-csrf-protect
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: allpip
- dependency-name: sqlalchemy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: allpip
- dependency-name: poetry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: allpip
- dependency-name: pytest-asyncio
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: allpip
- dependency-name: vcrpy
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: allpip
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: allpip
- dependency-name: pyright
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: allpip
- dependency-name: setuptools
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: allpip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Dependancy issue label Jan 15, 2025
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 20, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 20, 2025
@dependabot dependabot bot deleted the dependabot/pip/allpip-89c2a1b81b branch January 20, 2025 08:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Dependancy issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants