build(deps): bump the general group with 3 updates

[dependabot]

Bumps the general group with 3 updates: bottle, pyparsing and pywin32.

Updates bottle from 0.13.1 to 0.13.2

Release notes

Sourced from bottle's releases.

0.13.2

What's Changed

Full Changelog: bottlepy/bottle@0.13.1...0.13.2

Commits

• ab49e0c Release of 0.13.2
• 7528311 fix: depr() should return DeprecationWarning
• 66d96a9 change: Deprecate bottle.py script install
• 1df15b7 docs: Added deprecation note for Python 2.x to release notes.
• See full diff in compare view

Updates pyparsing from 3.1.4 to 3.2.0

Changelog

Sourced from pyparsing's changelog.

Version 3.2.0 - October, 2024

• Discontinued support for Python 3.6, 3.7, and 3.8. Adopted new Python features from Python versions 3.7-3.9:

  • Updated type annotations to use built-in container types instead of names imported from the typing module (e.g., list[str] vs List[str]).
  • Reworked portions of the packrat cache to leverage insertion-preserving ordering in dicts (including removal of uses of OrderedDict).
  • Changed pdb.set_trace() call in ParserElement.set_break() to breakpoint().
  • Converted typing.NamedTuple to dataclasses.dataclass in railroad diagramming code.
  • Added from __future__ import annotations to clean up some type annotations. (with assistance from ISyncWithFoo, issue #535, thanks for the help!)

• POSSIBLE BREAKING CHANGES

  The following bugfixes may result in subtle changes in the results returned or exceptions raised by pyparsing.

  • Fixed code in ParseElementEnhance subclasses that replaced detailed exception messages raised in contained expressions with a less-specific and less-informative generic exception message and location.

    If your code has conditional logic based on the message content in raised ParseExceptions, this bugfix may require changes in your code.

  • Fixed bug in transform_string() where whitespace in the input string was not properly preserved in the output string.

    If your code uses transform_string, this bugfix may require changes in your code.

  • Fixed bug where an IndexError raised in a parse action was incorrectly handled as an IndexError raised as part of the ParserElement parsing methods, and reraised as a ParseException. Now an IndexError that raises inside a parse action will properly propagate out as an IndexError. (Issue #573, reported by August Karlstedt, thanks!)

    If your code raises IndexErrors in parse actions, this bugfix may require changes in your code.

• FIXES AND NEW FEATURES

  • Added type annotations to remainder of pyparsing package, and added mypy run to tox.ini, so that type annotations are now run as part of pyparsing's CI. Addresses Issue #373, raised by Iwan Aucamp, thanks!

  • Exception message format can now be customized, by overriding ParseBaseException.format_message:

... (truncated)

Commits

• 36fc04b Fix docstring with invalid esc sequence
• a46066d Prep for 3.2.0 release
• a0c219b Docs cleanup; added new whats_new_* docs for 3.1 and 3.2
• d9b1f14 Rewrite _collapse_string_to_ranges to use _GroupConsecutive class instead of ...
• 0d3c2d7 Fix minor internal bug in one_of building regex when all choices are single c...
• 2165ab2 Cleanup ambiguous "contains" vs "in" usage in mongodb_query_expression.py
• 25ddb02 Prep for dev before final release
• 08846ae Prep for release
• 9ee042b Remove deprecated utcnow()
• a2b2f25 Final cleanup on mongodb_query_expression.py and mongodb_query_expression_ste...
• Additional commits viewable in compare view

Updates pywin32 from 307 to 308

Release notes

Sourced from pywin32's releases.

Release 308

A release with a few bugfixes, specifically:

• Fix error running pywin32_postinstall.py
• Fix Pythonwin displaying syntax errors in Python 3.13

All changes

Installed with pip:

pip install pywin32 --upgrade

More details in the README

There are no .exe installers for this release - you must use pip.

Changelog

Sourced from pywin32's changelog.

Build 308, released 2024-10-12

• Fix Pythonwin displaying syntax errors in Python 3.13 (#2393)
• Allowed installs from source w/o having pywin32 pre-installed (for instance, from GitHub) (#2349, @​Avasam)
• Restored version stamping of installed DLLs (#2349, @​Avasam)
• Fixed a circular import between win32comext.axscript.client.framework and win32comext.axscript.client.error (#2381, @​Avasam)
• Remove long-deprecated win32com.server.dispatcher.DispatcherWin32dbg (#2382, @​Avasam)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

requirements.txt

Package	Version	License	Issue Type
pywin32	308	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/bottle	0.13.2	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 1 Found 5/30 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pyparsing	3.2.0	🟢 6.6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/28 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/pywin32	308	🟢 4.6	Details Check Score Reason Code-Review 🟢 8 Found 25/28 approved changesets -- score normalized to 8 Maintained 🟢 10 15 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected License ⚠️ 0 license file not detected Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 8 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed

Scanned Manifest Files

requirements.txt

• [email protected]
• [email protected]
• pywin32@308
• [email protected]
• [email protected]
• pywin32@307

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud