chore: bump the development-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the development-dependencies group with 3 updates in the / directory: sphinx, myst-parser and black.

Updates sphinx from 7.4.7 to 8.0.2

Release notes

Sourced from sphinx's releases.

Sphinx 8.0.2

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 8.0.1

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Sphinx 8.0.0

Changelog: https://www.sphinx-doc.org/en/master/changes.html

Dependencies

• #12633: Drop Python 3.9 support.

Incompatible changes

• Remove deprecated functions from sphinx.util:

  • Removed sphinx.util.path_stabilize (use sphinx.util.osutil.path_stabilize).
  • Removed sphinx.util.display_chunk (use sphinx.util.display.display_chunk).
  • Removed sphinx.util.status_iterator (use sphinx.util.display.status_iterator).
  • Removed sphinx.util.SkipProgressMessage (use sphinx.util.display.SkipProgressMessage).
  • Removed sphinx.util.progress_message (use sphinx.util.display.progress_message).
  • Removed sphinx.util.epoch_to_rfc1123 (use sphinx.http_date.epoch_to_rfc1123).
  • Removed sphinx.util.rfc1123_to_epoch (use sphinx.http_date.rfc1123_to_epoch).
  • Removed sphinx.util.save_traceback (use sphinx.exceptions.save_traceback).
  • Removed sphinx.util.format_exception_cut_frames (use sphinx.exceptions.format_exception_cut_frames).
  • Removed sphinx.util.xmlname_checker (use sphinx.builders.epub3._XML_NAME_PATTERN).

  Patch by Adam Turner.

• Removed sphinx.util.osutil.cd (use contextlib.chdir). Patch by Adam Turner.

• Removed sphinx.util.typing.stringify (use sphinx.util.typing.stringify_annotation). Patch by Adam Turner.

• #12593: Raise an error for invalid html_sidebars values. Patch by Adam Turner.

• #12593: Raise an error in Theme.get_config for invalid sections.

... (truncated)

Changelog

Sourced from sphinx's changelog.

Release 8.0.2 (released Jul 30, 2024)

Bugs fixed

• Fix the pygments.Formatter.__class_getitem__ patch. Patch by Adam Turner.

Release 8.0.1 (released Jul 30, 2024)

Bugs fixed

• Patch pygments.Formatter.__class_getitem__ in Pygments 2.17. Patch by Adam Turner.

Release 8.0.0 (released Jul 29, 2024)

Dependencies

• #12633: Drop Python 3.9 support.

Incompatible changes

.. rst-class:: compact

• Remove deprecated functions from sphinx.util:

  • Removed sphinx.util.path_stabilize (use sphinx.util.osutil.path_stabilize).
  • Removed sphinx.util.display_chunk (use sphinx.util.display.display_chunk).
  • Removed sphinx.util.status_iterator (use sphinx.util.display.status_iterator).
  • Removed sphinx.util.SkipProgressMessage (use sphinx.util.display.SkipProgressMessage).
  • Removed sphinx.util.progress_message (use sphinx.util.display.progress_message).
  • Removed sphinx.util.epoch_to_rfc1123 (use sphinx.http_date.epoch_to_rfc1123).
  • Removed sphinx.util.rfc1123_to_epoch (use sphinx.http_date.rfc1123_to_epoch).
  • Removed sphinx.util.save_traceback (use sphinx.exceptions.save_traceback).
  • Removed sphinx.util.format_exception_cut_frames

... (truncated)

Commits

• 043750e Bump to 8.0.2 final
• cee9efc Use classmethod for a class method
• 16fed35 Bump version
• d9bda77 Bump to 8.0.1 final
• 006a6a7 Fix Flake8
• d0915ab Fix mypy
• 865b513 Patch pygments.Formatter.__class_getitem__ in Pygments 2.17
• f1d3c3f Bump version
• 0e8a638 Bump to 8.0.0 final
• 5750d0e [bot]: Update message catalogues (#12641)
• Additional commits viewable in compare view

Updates myst-parser from 3.0.1 to 4.0.0

Release notes

Sourced from myst-parser's releases.

v4.0.0

What's Changed

• ⬆️ Support python>=3.10, sphinx >=7,=0.19,<0.22 by @​chrisjsewell in executablebooks/MyST-Parser#952
• 👌 Improve footnote def/ref warnings and translations by @​chrisjsewell in executablebooks/MyST-Parser#931
• 📚 Fix typo by @​meli-lewis in executablebooks/MyST-Parser#940

New Contributors

• @​meli-lewis made their first contribution in executablebooks/MyST-Parser#940

Full Changelog: executablebooks/MyST-Parser@v3.0.1...v4.0.0

Changelog

Sourced from myst-parser's changelog.

4.0.0 - 2024-08-05

This release bumps the supported versions of:

• Python to 3.10 and greater
• Sphinx to >=7,<9
• Docutils to >=0.19,<0.22

Additionally, footnotes are now parsed similar to the corresponding reStructuredText, in that resolution (between definitions and references) and ordering is now deferred to transforms on the doctree (in gh-pr:931).

This allows for the proper interaction with other docutils/sphinx transforms, including those that perform translations, and logging of warnings for duplicate/unreferenced footnote definitions and also for footnote references with no definitions.

See the footnotes guide for more information.

Full Changelog: v3.0.1...v4.0.0

Commits

• ce37be5 🚀 Release v4.0.0 (#954)
• 850f7c9 👌 Improve footnote def/ref warnings and translations (#931)
• 401e08c ⬆️ Support python>=3.10, sphinx >=7,<9, docutils>=0.19,<0.22 (#952)
• d3d7fbb 🔧 pre-commit autoupdate (#946)
• ad0f24f 🔧 test fixes for sphinx 7.4 (#945)
• d448abf 📚 Fix typo (#940)
• See full diff in compare view

Updates black from 24.4.2 to 24.8.0

Release notes

Sourced from black's releases.

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
• Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
• Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
• Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
• Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

• Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

• Fix blackd (and all extras installs) for docker container (#4357)

Changelog

Sourced from black's changelog.

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
• Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
• Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
• Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
• Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

• Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

• Fix blackd (and all extras installs) for docker container (#4357)

Commits

• b965c2a Prepare release 24.8.0 (#4426)
• 9ccf279 Document find_project_root ignoring pyproject.toml without [tool.black]...
• 14b6e61 fix: Enhace black efficiently to skip directories listed in .gitignore (#4415)
• b1c4dd9 fix: respect braces better in f-string parsing (#4422)
• 4b4ae43 Fix incorrect linenos on fstring tokens with escaped newlines (#4423)
• 7fa1faf docs: fix the installation command of extra for blackd (#4413)
• 8827acc Bump sphinx from 7.3.7 to 7.4.0 in /docs (#4404)
• b0da11d Bump furo from 2024.5.6 to 2024.7.18 in /docs (#4409)
• 721dff5 fix: avoid formatting backslash strings inside f-strings (#4401)
• 7e2afc9 Update actions/checkout to v4 to stop node deprecation warnings (#4379)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/alabaster	1.0.0	Unknown	Unknown
pip/babel	2.16.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 6 Found 16/26 approved changesets -- score normalized to 6 Maintained 🟢 10 22 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/black	24.8.0	🟢 6.5	Details Check Score Reason Code-Review 🟢 7 Found 16/21 approved changesets -- score normalized to 7 Maintained 🟢 10 20 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected
pip/myst-parser	4.0.0	🟢 5.1	Details Check Score Reason Code-Review 🟢 3 Found 9/27 approved changesets -- score normalized to 3 Maintained 🟢 10 8 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pyyaml	6.0.2	🟢 6.4	Details Check Score Reason Code-Review ⚠️ 2 Found 7/30 approved changesets -- score normalized to 2 Maintained 🟢 10 3 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/sphinx	8.0.2	🟢 5.9	Details Check Score Reason Code-Review 🟢 4 Found 14/30 approved changesets -- score normalized to 4 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

Pipfile.lock

• alabaster@1.0.0
• babel@2.16.0
• black@24.8.0
• myst-parser@4.0.0
• pyyaml@6.0.2
• sphinx@8.0.2
• alabaster@0.7.16
• babel@2.15.0
• black@24.4.2
• myst-parser@3.0.1
• pyyaml@6.0.1
• sphinx@7.4.7