⬆️(dependencies) update python dependencies #241
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==1.7.5
->==1.8.0
==23.9.1
->==24.10.0
==2.4.1
->==2.5.1
==4.2.0
->==4.6.0
==2022.8.0
->==2024.4.2
==3.3.0
->==3.3.1
==6.1.0
->==7.1.1
==21.2.0
->==23.0.0
==8.15.0
->==8.31.0
==5.12.0
->==5.13.2
==4.9.3
->==5.3.0
==1.0.7
->==1.1.0
==2.2.0
->==2.2.6
==2.9.8
->==2.9.10
==2.17.6
->==3.3.2
==2.5.3
->==2.6.1
==7.4.2
->==8.3.4
==4.1.0
->==6.0.0
==4.5.2
->==4.9.0
==2023.3.post1
->==2024.2
==0.23.3
->==0.25.3
==1.31.0
->==2.19.2
==2.13.0
->==2.16.0
==4.0.2
->==6.0.1
Release Notes
PyCQA/bandit (bandit)
v1.8.0
Compare Source
What's Changed
Full Changelog: PyCQA/bandit@1.7.10...1.8.0
v1.7.10
Compare Source
What's Changed
httpx
inB113
by @mkniewallner in https://github.com/PyCQA/bandit/pull/1060New Contributors
Full Changelog: PyCQA/bandit@1.7.9...1.7.10
v1.7.9
Compare Source
What's Changed
configfile
in.bandit
file by @bersbersbers in https://github.com/PyCQA/bandit/pull/1052New Contributors
Full Changelog: PyCQA/bandit@1.7.8...1.7.9
v1.7.8
Compare Source
What's Changed
New Contributors
Full Changelog: PyCQA/bandit@1.7.7...1.7.8
v1.7.7
Compare Source
What's Changed
New Contributors
Full Changelog: PyCQA/bandit@1.7.6...1.7.7
v1.7.6
Compare Source
What's Changed
pip install
commands in the pythonpackage.yml workflow by @mportesdev in https://github.com/PyCQA/bandit/pull/1021random.Random
to B311 checks by @shiftinv in https://github.com/PyCQA/bandit/pull/940wrap_file_object
by @mportesdev in https://github.com/PyCQA/bandit/pull/1037RawSQL
by @kevinmarsh in https://github.com/PyCQA/bandit/pull/765importlib-metadata
fallback by @mkniewallner in https://github.com/PyCQA/bandit/pull/1066New Contributors
Full Changelog: PyCQA/bandit@1.7.5...1.7.6
psf/black (black)
v24.10.0
Compare Source
Highlights
mypyc-compiled wheels. (#4436) (#4449)
safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please
use Python 3.12.6 or Python 3.12.4 instead. (#4447)
Stable style
X | Y
style unions.(#4453)
%%
magic (#4462)Preview style
def fn(*args: *tuple[*Ts, T]) -> None: pass
) (#4440)Caching
--unstable
(#4466)Packaging
blackd
now requires a newer version of aiohttp. (#4451)Output
v24.8.0
Compare Source
Stable style
# fmt: off
is used before a closing parenthesis or bracket. (#4363)Packaging
linked. This improves the PyPI listing for Black. (#4345)
Parser
multiline string (#4339)
(#4401)
\{
inside f-strings very well (#4422)(#4423)
Performance
.gitignore
(#4415)Blackd
v24.4.2
Compare Source
This is a bugfix release to fix two regressions in the new f-string parser introduced in
24.4.1.
Parser
Performance
v24.4.1
Compare Source
Highlights
Stable style
Parser
by PEP 696 (#4327)
Integrations
git archive
is skipped (#4313)v24.4.0
Compare Source
Stable style
Preview style
if
guards incase
blocks are now wrapped in parentheses when the line is too long.(#4269)
Integrations
use_pyproject
to the GitHub Actionpsf/black
. This will read theBlack version from
pyproject.toml
. (#4294)v24.3.0
Compare Source
Highlights
This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
CVE-2024-21503.
This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.
Stable style
of Black would incorrectly format the contents of certain unusual f-strings containing
nested strings with the same quote type. Now, Black will crash on such strings until
support for the new f-string syntax is implemented. (#4270)
(#4273)
Performance
characters. This fixes
CVE-2024-21503.
(#4278)
Documentation
--check
is used with--quiet
(#4236)v24.2.0
Compare Source
Stable style
(#4218)
Preview style
hug_parens_with_braces_and_square_brackets
feature to the unstable styledue to an outstanding crash and proposed formatting tweaks (#4198)
expression (#4154)
(#4185)
case
statementif
guards (#4214).Configuration
pyproject.toml
that is missing atool.black
section whendiscovering project root and configuration. Since Black continues to use version
control as an indicator of project root, this is expected to primarily change behavior
for users in a monorepo setup (desirably). If you wish to preserve previous behavior,
simply add an empty
[tool.black]
to the previously discoveredpyproject.toml
(#4204)
Output
SyntaxWarning
s orDeprecationWarning
s produced by theast
module when performing equivalence checks (#4189)
Integrations
v24.1.1
Compare Source
Bugfix release to fix a bug that made Black unusable on certain file systems with strict
limits on path length.
Preview style
Configuration
do not support long paths (#4176)
v24.1.0
Compare Source
Highlights
This release introduces the new 2024 stable style (#4106), stabilizing the following
changes:
if
-else
expressions (#2278)...
are formatted morecompactly (#3796)
(#3368)
with
statement(#3489)
Configuration
📅 Schedule: Branch creation - "before 7am on monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.