build(deps): bump the dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the dependencies group with 5 updates in the / directory:

Package	From	To
cryptography	42.0.8	43.0.0
ruff	0.5.1	0.5.6
mypy	1.10.1	1.11.1
tox	4.1.2	4.16.0
coverage	7.5.4	7.6.1

Updates cryptography from 42.0.8 to 43.0.0

Changelog

Sourced from cryptography's changelog.

43.0.0 - 2024-07-20

* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1e has been
  removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.8.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
* Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
  now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still
  considered insecure, users should generally use a key size of 2048-bits.
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`
  now emits ASN.1 that more closely follows the recommendations in :rfc:`2315`.
* Added new :doc:`/hazmat/decrepit/index` module which contains outdated and
  insecure cryptographic primitives.
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish`, which were
  deprecated in 37.0.0, have been added to this module. They will be removed
  from the ``cipher`` module in 45.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES`
  and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ARC4` into
  :doc:`/hazmat/decrepit/index` and deprecated them in the ``cipher`` module.
  They will be removed from the ``cipher`` module in 48.0.0.
* Added support for deterministic
  :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` (:rfc:`6979`)
* Added support for client certificate verification to the
  :mod:`X.509 path validation <cryptography.x509.verification>` APIs in the
  form of :class:`~cryptography.x509.verification.ClientVerifier`,
  :class:`~cryptography.x509.verification.VerifiedClient`, and
  ``PolicyBuilder``
  :meth:`~cryptography.x509.verification.PolicyBuilder.build_client_verifier`.
* Added Certificate
  :attr:`~cryptography.x509.Certificate.public_key_algorithm_oid`
  and Certificate Signing Request
  :attr:`~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid`
  to determine the :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
  Object Identifier of the public key found inside the certificate.
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_date_utc`, a
  timezone-aware alternative to the naïve ``datetime`` attribute
  :attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
* Added support for parsing empty DN string in
  :meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added the following properties that return timezone-aware ``datetime`` objects:
  :meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_time_utc`,
</tr></table> 

... (truncated)

Commits

• ebf14f2 bump for 43.0.0 and update changelog (#11311)
• 42788a0 Fix exchange with keys that had Q automatically computed (#11309)
• 2dbdfb8 don't assign unused name (#11310)
• ccc66e6 Bump openssl from 0.10.64 to 0.10.65 in /src/rust (#11308)
• 4310c87 Bump sphinxcontrib-qthelp from 1.0.7 to 1.0.8 (#11307)
• f66a9c4 Bump sphinxcontrib-htmlhelp from 2.0.5 to 2.0.6 (#11306)
• a8fcf18 Bump openssl-sys from 0.9.102 to 0.9.103 in /src/rust (#11305)
• 2fe32b2 Bump mypy from 1.10.1 to 1.11.0 (#11303)
• ee24e82 Bump setuptools from 71.0.3 to 71.0.4 in /.github/requirements (#11304)
• 7249ccd Bump portable-atomic from 1.6.0 to 1.7.0 in /src/rust (#11302)
• Additional commits viewable in compare view

Updates ruff from 0.5.1 to 0.5.6

Release notes

Sourced from ruff's releases.

0.5.6

Release Notes

Ruff 0.5.6 automatically enables linting and formatting of notebooks in preview mode. You can opt-out of this behavior by adding *.ipynb to the extend-exclude setting.

[tool.ruff]
extend-exclude = ["*.ipynb"]

Preview features

• Enable notebooks by default in preview mode (#12621)
• [flake8-builtins] Implement import, lambda, and module shadowing (#12546)
• [pydoclint] Add docstring-missing-returns (DOC201) and docstring-extraneous-returns (DOC202) (#12485)

Rule changes

• [flake8-return] Exempt cached properties and other property-like decorators from explicit return rule (RET501) (#12563)

Server

• Make server panic hook more error resilient (#12610)
• Use $/logTrace for server trace logs in Zed and VS Code (#12564)
• Keep track of deleted cells for reorder change request (#12575)

Configuration

• [flake8-implicit-str-concat] Always allow explicit multi-line concatenations when implicit concatenations are banned (#12532)

Bug fixes

• [flake8-async] Avoid flagging asyncio.timeouts as unused when the context manager includes asyncio.TaskGroup (#12605)
• [flake8-slots] Avoid recommending __slots__ for classes that inherit from more than namedtuple (#12531)
• [isort] Avoid marking required imports as unused (#12537)
• [isort] Preserve trailing inline comments on import-from statements (#12498)
• [pycodestyle] Add newlines before comments (E305) (#12606)
• [pycodestyle] Don't attach comments with mismatched indents (#12604)
• [pyflakes] Fix preview-mode bugs in F401 when attempting to autofix unused first-party submodule imports in an __init__.py file (#12569)
• [pylint] Respect start index in unnecessary-list-index-lookup (#12603)
• [pyupgrade] Avoid recommending no-argument super in slots=True dataclasses (#12530)
• [pyupgrade] Use colon rather than dot formatting for integer-only types (#12534)
• Fix NFKC normalization bug when removing unused imports (#12571)

Other changes

• Consider more stdlib decorators to be property-like (#12583)
• Improve handling of metaclasses in various linter rules (#12579)
• Improve consistency between linter rules in determining whether a function is property (#12581)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.5.6

Ruff 0.5.6 automatically enables linting and formatting of notebooks in preview mode. You can opt-out of this behavior by adding *.ipynb to the extend-exclude setting.

[tool.ruff]
extend-exclude = ["*.ipynb"]

Preview features

• Enable notebooks by default in preview mode (#12621)
• [flake8-builtins] Implement import, lambda, and module shadowing (#12546)
• [pydoclint] Add docstring-missing-returns (DOC201) and docstring-extraneous-returns (DOC202) (#12485)

Rule changes

• [flake8-return] Exempt cached properties and other property-like decorators from explicit return rule (RET501) (#12563)

Server

• Make server panic hook more error resilient (#12610)
• Use $/logTrace for server trace logs in Zed and VS Code (#12564)
• Keep track of deleted cells for reorder change request (#12575)

Configuration

• [flake8-implicit-str-concat] Always allow explicit multi-line concatenations when implicit concatenations are banned (#12532)

Bug fixes

• [flake8-async] Avoid flagging asyncio.timeouts as unused when the context manager includes asyncio.TaskGroup (#12605)
• [flake8-slots] Avoid recommending __slots__ for classes that inherit from more than namedtuple (#12531)
• [isort] Avoid marking required imports as unused (#12537)
• [isort] Preserve trailing inline comments on import-from statements (#12498)
• [pycodestyle] Add newlines before comments (E305) (#12606)
• [pycodestyle] Don't attach comments with mismatched indents (#12604)
• [pyflakes] Fix preview-mode bugs in F401 when attempting to autofix unused first-party submodule imports in an __init__.py file (#12569)
• [pylint] Respect start index in unnecessary-list-index-lookup (#12603)
• [pyupgrade] Avoid recommending no-argument super in slots=True dataclasses (#12530)
• [pyupgrade] Use colon rather than dot formatting for integer-only types (#12534)
• Fix NFKC normalization bug when removing unused imports (#12571)

Other changes

• Consider more stdlib decorators to be property-like (#12583)
• Improve handling of metaclasses in various linter rules (#12579)
• Improve consistency between linter rules in determining whether a function is property (#12581)

... (truncated)

Commits

• da824ba Release Ruff 0.5.6 (#12629)
• 012198a Enable notebooks by default in preview mode (#12621)
• fbab04f [red-knot] Allow multiple site-packages search paths (#12609)
• 9aa43d5 Separate red_knot into CLI and red_knot_workspace crates (#12623)
• 966563c Add tests for hard and soft links (#12590)
• 27edade Make server panic hook more error resilient (#12610)
• 2e2b1b4 Fix a typo in docs/editors/settings.md (#12614)
• a3e67ab Add newlines before comments in E305 (#12606)
• ee0518e [red-knot] implement attribute of union (#12601)
• d774a3b Avoid unused async when context manager includes TaskGroup (#12605)
• Additional commits viewable in compare view

Updates mypy from 1.10.1 to 1.11.1

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.11

We’ve just uploaded mypy 1.11 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support Python 3.12 Syntax for Generics (PEP 695)

Mypy now supports the new type parameter syntax introduced in Python 3.12 (PEP 695). This feature is still experimental and must be enabled with the --enable-incomplete-feature=NewGenericSyntax flag, or with enable_incomplete_feature = NewGenericSyntax in the mypy configuration file. We plan to enable this by default in the next mypy feature release.

This example demonstrates the new syntax:

# Generic function
def f[T](https://github.com/python/mypy/blob/master/x: T) -> T: ...
reveal_type(f(1))  # Revealed type is 'int'
Generic class
class C[T]:
def init(self, x: T) -> None:
self.x = x
c = C('a')
reveal_type(c.x)  # Revealed type is 'str'
Type alias
type A[T] = C[list[T]]

This feature was contributed by Jukka Lehtosalo.

Support for functools.partial

Mypy now type checks uses of functools.partial. Previously mypy would accept arbitrary arguments.

This example will now produce an error:

from functools import partial
</tr></table> 

... (truncated)

Commits

• 570b90a Bump version to 1.11
• b3a102e Fix RawExpressionType.accept crash with --cache-fine-grained (#17588)
• aec04c7 Fix PEP 604 isinstance caching (#17563)
• cb44e4d Fix typing.TypeAliasType being undefined on python < 3.12 (#17558)
• 6cf9180 Fix types.GenericAlias lookup crash (#17543)
• 64c1ebf Bump version to 1.11.1+dev
• dbd5f5c Remove +dev from version for 1.11 release
• f0a8c69 Update CHANGELOG for mypy 1.11 (#17540)
• 371f780 CHANGELOG.md update for 1.11 (#17539)
• 2563da0 Fix daemon crash on invalid type in TypedDict (#17495)
• Additional commits viewable in compare view

Updates tox from 4.1.2 to 4.16.0

Release notes

Sourced from tox's releases.

4.16.0

What's Changed

• Fix two small documentation issues by @​srenfo in tox-dev/tox#3297
• Fix tests after new setuptools by @​gaborbernat in tox-dev/tox#3299
• Add windir to the default list of pass_env variables on Windows by @​kurtmckee in tox-dev/tox#3303

New Contributors

• @​srenfo made their first contribution in tox-dev/tox#3297

Full Changelog: tox-dev/tox@4.15.1...4.16.0

4.15.1

What's Changed

• fix skip with package = wheel by @​MarcinKonowalczyk in tox-dev/tox#3269
• Fixed typo in user guide. by @​carltongibson in tox-dev/tox#3277
• Fix broad build privileges @ GHA release workflow by @​webknjaz in tox-dev/tox#3281
• Allow ConfigSet.add_config to receive parameterized generics for of_type. by @​ssbarnea in tox-dev/tox#3288
• Fix section substitution with setenv by @​JJLLWW in tox-dev/tox#3289

New Contributors

• @​MarcinKonowalczyk made their first contribution in tox-dev/tox#3269
• @​carltongibson made their first contribution in tox-dev/tox#3277
• @​JJLLWW made their first contribution in tox-dev/tox#3289

Full Changelog: tox-dev/tox@4.15.0...4.15.1

4.15.0

What's Changed

• Remove duplicated and misleading configuration section by @​jugmac00 in tox-dev/tox#3251
• Fix dropped leading characters c from constraints' packages by @​jugmac00 in tox-dev/tox#3250
• Fix type-checking by @​stefanor in tox-dev/tox#3260
• Update installation.rst by @​shenxianpeng in tox-dev/tox#3257
• Allow appending to deps with the command line by @​stefanor in tox-dev/tox#3259
• Support multiple override appends by @​amitschang in tox-dev/tox#3261
• Add bang to invert exit code by @​sillydan1 in tox-dev/tox#3271
• fix(parser): Fix --discover parsed incorrectly from env by @​mimre25 in tox-dev/tox#3274

New Contributors

• @​shenxianpeng made their first contribution in tox-dev/tox#3257
• @​amitschang made their first contribution in tox-dev/tox#3261
• @​sillydan1 made their first contribution in tox-dev/tox#3271
• @​mimre25 made their first contribution in tox-dev/tox#3274

Full Changelog: tox-dev/tox@4.14.2...4.15.0

... (truncated)

Changelog

Sourced from tox's changelog.

v4.16.0 (2024-07-02)

Bugfixes - 4.16.0

- - Add ``windir`` to the default list of Windows ``pass_env`` environment variables. - by :user:`kurtmckee` (:issue:`3302`)
Improved Documentation - 4.16.0

• • Fix typo in configuration example and fix broken link to code style guide. - by :user:srenfo (:issue:3297)

v4.15.1 (2024-06-05)

Features - 4.15.1

- Fix ``skip_missing_interpreters`` option for ``package = wheel`` (:issue:`3269`)
Bugfixes - 4.15.1

• Fix section substitution with setenv. (:issue:3262)
• Allow ConfigSet.add_config to receive parameterized generics for of_type. (:issue:3288)

v4.15.0 (2024-04-26)

Features - 4.15.0

- Add support for multiple appending override options (-x, --override) on command line - by :user:`amitschang`. (:issue:`3261`)
- Add support for inverting exit code success criteria using bang (!) (:issue:`3271`)
Bugfixes - 4.15.0

• Fix issue that the leading character c was dropped from packages in constraints files - by :user:jugmac00. (:issue:3247)
• Allow appending to deps with --override testenv.deps+=foo - by :user:stefanor. (:issue:3256)
• Fix non-existing branch rewrite in the documentation to main. (:issue:3257)
• Update test typing for build 1.2.0, which has an explicit Distribution type - by :user:stefanor. (:issue:3260)
• Fix broken input parsing for --discover flag. - by :user:mimre25 (:issue:3272)

Improved Documentation - 4.15.0

- Rephrase ``--discover`` flag's description to avoid confusion between paths and executables. - by :user:`mimre25` (:issue:`3274`)
v4.14.2 (2024-03-22)
Bugfixes - 4.14.2
- Add provision arguments to ToxParser to fix crash when provisioning new tox environment without list-dependencies by :user:`seyidaniels` (:issue:`3190`)
</tr></table>

</code></pre>

</blockquote>

<p>... (truncated)</p>

</details>

<details>

<summary>Commits</summary>
<ul>

<li><a href="https://github.com/tox-dev/tox/commit/5646274f1a3cb681b70c1eb8470bbadc871ee3fc&quot;&gt;&lt;code&gt;5646274&lt;/code&gt;&lt;/a> release 4.16.0</li>

<li><a href="https://github.com/tox-dev/tox/commit/b12fa626520aa581e53deca76f622f547cfb3ff0&quot;&gt;&lt;code&gt;b12fa62&lt;/code&gt;&lt;/a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/tox/issues/3300&quot;&gt;#3300&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/264d44f3e2c97d6ed5cf194cb78a8bde5f80998c&quot;&gt;&lt;code&gt;264d44f&lt;/code&gt;&lt;/a> Add <code>windir</code> to the default list of <code>pass_env</code> variables on Windows (<a href="https://redirect.github.com/tox-dev/tox/issues/3303&quot;&gt;#3303&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/698f1dd6634c0df9fc56d14be2292e5f0764f15c&quot;&gt;&lt;code&gt;698f1dd&lt;/code&gt;&lt;/a> Fix tests after new setuptools (<a href="https://redirect.github.com/tox-dev/tox/issues/3299&quot;&gt;#3299&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/cf8db09e22a8cad11cc42c78216d4cc74fb63c6a&quot;&gt;&lt;code&gt;cf8db09&lt;/code&gt;&lt;/a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/tox/issues/3286&quot;&gt;#3286&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/a261614f34f1b1831b986e06af28170b43224537&quot;&gt;&lt;code&gt;a261614&lt;/code&gt;&lt;/a> Fix two small documentation issues (<a href="https://redirect.github.com/tox-dev/tox/issues/3297&quot;&gt;#3297&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/8bf2fbd0ff2da126783049d8f8e23255ed75b375&quot;&gt;&lt;code&gt;8bf2fbd&lt;/code&gt;&lt;/a> Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (<a href="https://redirect.github.com/tox-dev/tox/issues/3295&quot;&gt;#3295&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/079000fe80bb9baa3eb0e7f8f53f932810942d14&quot;&gt;&lt;code&gt;079000f&lt;/code&gt;&lt;/a> release 4.15.1</li>

<li><a href="https://github.com/tox-dev/tox/commit/489ad821e5b9c6d5aff500e1b3abc4292f52a2dc&quot;&gt;&lt;code&gt;489ad82&lt;/code&gt;&lt;/a> Fix section substitution with setenv (<a href="https://redirect.github.com/tox-dev/tox/issues/3289&quot;&gt;#3289&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/7317225d179a7bd70cbe409f5273d6aa3ffac488&quot;&gt;&lt;code&gt;7317225&lt;/code&gt;&lt;/a> Allow <code>ConfigSet.add_config</code> to receive parameterized generics for <code>of_type</code>....</li>

<li>Additional commits viewable in <a href="https://github.com/tox-dev/tox/compare/4.1.2...4.16.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates coverage from 7.5.4 to 7.6.1

Changelog
Sourced from coverage's changelog.

Version 7.6.1 — 2024-08-04


Fix: coverage used to fail when measuring code using :func:runpy.run_path <python:runpy.run_path> with a :class:Path <python:pathlib.Path> argument.
This is now fixed, thanks to Ask Hjorth Larsen <pull 1819_>_.


Fix: backslashes preceding a multi-line backslashed string could confuse the
HTML report.  This is now fixed, thanks to LiuYinCarl <pull 1828_>_.


Now we publish wheels for Python 3.13, both regular and free-threaded.


.. _pull 1819: nedbat/coveragepy#1819
.. _pull 1828: nedbat/coveragepy#1828
.. _changes_7-6-0:
Version 7.6.0 — 2024-07-11


Exclusion patterns can now be multi-line, thanks to Daniel Diniz <pull 1807_>.  This enables many interesting exclusion use-cases, including those
requested in issues 118 <issue 118_> (entire files), 996 <issue 996_>_ (multiple lines only when appearing together), 1741 <issue 1741_>_ (remainder of a function), and 1803 <issue 1803_>_
(arbitrary sequence of marked lines).  See the :ref:multi_line_exclude
section of the docs for more details and examples.


The JSON report now includes per-function and per-class coverage information.
Thanks to Daniel Diniz <pull 1809_>_ for getting the work started. This
closes issue 1793_ and issue 1532_.


Fixed an incorrect calculation of "(no class)" lines in the HTML classes
report.


Python 3.13.0b3 is supported.


.. _issue 118: nedbat/coveragepy#118
.. _issue 996: nedbat/coveragepy#996
.. _issue 1532: nedbat/coveragepy#1532
.. _issue 1741: nedbat/coveragepy#1741
.. _issue 1793: nedbat/coveragepy#1793
.. _issue 1803: nedbat/coveragepy#1803
.. _pull 1807: nedbat/coveragepy#1807
.. _pull 1809: nedbat/coveragepy#1809
.. _changes_7-5-4:



Commits

29f5898 docs: sample HTML for 7.6.1
9b829f1 docs: prep for 7.6.1
ebbb6a2 build: wheels for 3.13rc1
3872525 chore: make upgrade
7a27f40 test: fix a test on free-threading, use abiflags to get site-packages path co...
2b53664 build: include gil/nogil in the version banner
da1682f docs: changelog and contributor for #1828
dc819ff test: two tests for #1828
9aaa404 fix: properly handle backslash before multi-line string (#1828)
9c50270 chore: make upgrade
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.