Bump the dependencies group in /.config with 10 updates

[dependabot]

Bumps the dependencies group in /.config with 10 updates:

Package	From	To
packaging	23.2	24.0
referencing	0.33.0	0.34.0
coverage	7.4.3	7.4.4
griffe	0.41.3	0.42.1
license-expression	30.2.0	30.3.0
markdown	3.5.2	3.6
mkdocs-material	9.5.13	9.5.14
mkdocstrings-python	1.8.0	1.9.0
types-jsonschema	4.21.0.20240118	4.21.0.20240311
types-pyyaml	6.0.12.12	6.0.12.20240311

Updates packaging from 23.2 to 24.0

Release notes

Sourced from packaging's releases.

24.0

What's Changed

• Fix specifier matching when the specifier is long and has an epoch by @​SpecLad in pypa/packaging#712
• Clarify version split/join usage by @​uranusjr in pypa/packaging#725
• Default optional metadata values to None by @​dstufft in pypa/packaging#734
• Stop using deprecated/removed keys by @​dstufft in pypa/packaging#739
• Correctly use the ExceptionGroup shim only when needed by @​dstufft in pypa/packaging#736
• Update CHANGELOG entry about validate kwarg by @​pradyunsg in pypa/packaging#731
• Support --disable-gil builds (PEP 703) in packaging.tags by @​colesbury in pypa/packaging#728
• Skip test_glibc_version_string_ctypes_raise_oserror if ctypes is unavailable by @​kevinchang96 in pypa/packaging#741
• Enable CodeQL by @​joycebrum in pypa/packaging#743
• PEP 703: Rename Py_NOGIL to Py_GIL_DISABLED by @​hugovk in pypa/packaging#747
• Replace PEP references with PUG links by @​jeanas in pypa/packaging#750
• Remove coverage ignore for non-existent file by @​shenanigansd in pypa/packaging#752
• Update URLs by @​DimitriPapadopoulos in pypa/packaging#764
• Configure dependabot by @​joycebrum in pypa/packaging#757
• Hash pin github actions by @​joycebrum in pypa/packaging#758
• Apply some refurb suggestions by @​DimitriPapadopoulos in pypa/packaging#763
• Appply some bugbear suggestions by @​DimitriPapadopoulos in pypa/packaging#761
• Apply some ruff suggestions by @​DimitriPapadopoulos in pypa/packaging#772
• Add riscv64 as a supported manylinux architecture by @​markdryan in pypa/packaging#751

New Contributors

• @​colesbury made their first contribution in pypa/packaging#728
• @​kevinchang96 made their first contribution in pypa/packaging#741
• @​jeanas made their first contribution in pypa/packaging#750
• @​shenanigansd made their first contribution in pypa/packaging#752
• @​markdryan made their first contribution in pypa/packaging#751

Full Changelog: pypa/packaging@23.2...24.0

Changelog

Sourced from packaging's changelog.

24.0 - 2024-03-10

* Do specifier matching correctly when the specifier contains an epoch number
  and has more components than the version (:issue:`683`)
* Support the experimental ``--disable-gil`` builds in packaging.tags
  (:issue:`727`)
* BREAKING: Make optional ``metadata.Metadata`` attributes default to ``None`` (:issue:`733`)
* Fix errors when trying to access the ``description_content_type``, ``keywords``,
  and ``requires_python`` attributes on ``metadata.Metadata`` when those values
  have not been provided (:issue:`733`)
* Fix a bug preventing the use of the built in ``ExceptionGroup`` on versions of
  Python that support it (:issue:`725`)

Commits

• 7a983f7 Bump for release
• 4d85340 Add riscv64 as a supported manylinux architecture (#751)
• 4dce761 Apply some ruff suggestions (#772)
• 57a6a7f Appply some bugbear suggestions (#761)
• 7bcd6d8 Apply some refurb suggestions (#763)
• d0067e9 [StepSecurity] ci: Harden GitHub Actions (#1) (#758)
• eae70dd feat: Create dependabot.yml (#757)
• 241bb35 Update URLs (#764)
• 7698237 Remove coverage ignore for non-existent file (#752)
• b271d2b Replace PEP references with PUG links (#750)
• Additional commits viewable in compare view

Updates referencing from 0.33.0 to 0.34.0

Release notes

Sourced from referencing's releases.

v0.34.0

What's Changed

• Also look inside definitions keywords even on newer dialects. The specification recommends doing so regardless of the rename to $defs.
• Ensure non-blocking mypy compatibility by @​jamescw19 in python-jsonschema/referencing#130

New Contributors

• @​jamescw19 made their first contribution in python-jsonschema/referencing#130

Full Changelog: python-jsonschema/referencing@v0.33.0...v0.34.0

Changelog

Sourced from referencing's changelog.

v0.34.0

• Also look inside definitions keywords even on newer dialects. The specification recommends doing so regardless of the rename to $defs.

Commits

• 499e67e Update pre-commit hooks.
• 022d43a Disallow pyright==1.1.354 until microsoft/pyright#7489 is fixed.
• 685e34c Look for subschemas in definitions, even in newer dialects.
• 55a1ccf Mark the normalization tests xfailed so we can update the suite.
• 320e852 Merge pull request #135 from python-jsonschema/dependabot/github_actions/soft...
• dbb9a6f Merge pull request #136 from python-jsonschema/pre-commit-ci-update-config
• 23e2a7e [pre-commit.ci] pre-commit autoupdate
• 51858ea Bump softprops/action-gh-release from 1 to 2
• 542e4d3 Minor workflow tweak, enabling caching and saving a double build.
• ce1fb3f Merge pull request #132 from python-jsonschema/dependabot/github_actions/wntr...
• Additional commits viewable in compare view

Updates coverage from 7.4.3 to 7.4.4

Changelog

Sourced from coverage's changelog.

Version 7.4.4 — 2024-03-14

• Fix: in some cases, even with [run] relative_files=True, a data file could be created with absolute path names. When combined with other relative data files, it was random whether the absolute file names would be made relative or not. If they weren't, then a file would be listed twice in reports, as detailed in issue 1752_. This is now fixed: absolute file names are always made relative when combining. Thanks to Bruno Rodrigues dos Santos for support.

• Fix: the last case of a match/case statement had an incorrect message if the branch was missed. It said the pattern never matched, when actually the branch is missed if the last case always matched.

• Fix: clicking a line number in the HTML report now positions more accurately.

• Fix: the report:format setting was defined as a boolean, but should be a string. Thanks, Tanaydin Sirin <pull 1754_>_. It is also now documented on the :ref:configuration page <config_report_format>.

.. _issue 1752: nedbat/coveragepy#1752 .. _pull 1754: nedbat/coveragepy#1754

.. _changes_7-4-3:

Commits

• bc5e2d7 docs: sample HTML for 7.4.4
• 9b0008b docs: prep for 7.4.4
• a536161 docs: thanks, Bruno Rodrigues dos Santos
• e06e4f9 chore: make doc_upgrade
• f30818e chore: make upgrade
• 1b19799 fix: ensure absolute paths are relative when combined #1752
• 1ef020d build: more cheats for convenient URLs
• 3d57a07 docs: document the report:format setting
• 8e30221 fix: correct the type of report:format in config.py (#1754)
• 6289be8 refactor: use dataclasses, no namedtuple
• Additional commits viewable in compare view

Updates griffe from 0.41.3 to 0.42.1

Release notes

Sourced from griffe's releases.

0.42.1

0.42.1 - 2024-03-19

Compare with 0.42.0

Bug Fixes

• Don't return class variables as parameters of dataclasses (2729c22 by Hassan Kibirige). PR-253
• Don't turn items annotated as InitVar into dataclass members (6835ea3 by Hassan Kibirige). PR-252

0.42.0

0.42.0 - 2024-03-11

Compare with 0.41.3

Features

• Better support for dataclasses (82a9d57 by Timothée Mazzucotelli). Issue-33, Issue-34, Issue-38, Issue-39, PR-240

Bug Fixes

• Don't return properties as parameters of dataclasses (again) (8c48397 by Hassan Kibirige). Issue-232, PR-248
• Fix getting return type from parent property when parsing Sphinx docstrings (f314957 by Timothée Mazzucotelli). Issue-125

Code Refactoring

• Warn (debug) when a submodule shadows a member with the same name (cdc9e1c by Timothée Mazzucotelli). Issue-124

Changelog

Sourced from griffe's changelog.

0.42.1 - 2024-03-19

Compare with 0.42.0

Bug Fixes

• Don't return class variables as parameters of dataclasses (2729c22 by Hassan Kibirige). PR-253
• Don't turn items annotated as InitVar into dataclass members (6835ea3 by Hassan Kibirige). PR-252

0.42.0 - 2024-03-11

Compare with 0.41.3

Features

• Better support for dataclasses (82a9d57 by Timothée Mazzucotelli). Issue-33, Issue-34, Issue-38, Issue-39, PR-240

Bug Fixes

• Don't return properties as parameters of dataclasses (again) (8c48397 by Hassan Kibirige). Issue-232, PR-248
• Fix getting return type from parent property when parsing Sphinx docstrings (f314957 by Timothée Mazzucotelli). Issue-125

Code Refactoring

• Warn (debug) when a submodule shadows a member with the same name (cdc9e1c by Timothée Mazzucotelli). Issue-124

Commits

• 01da648 chore: Prepare release 0.42.1
• 4d31eff style: Format
• c29585a chore: Switch to Copier UV template
• e1216aa chore: Template upgrade
• 2729c22 fix: Don't return class variables as parameters of dataclasses
• 6835ea3 fix: Don't turn items annotated as InitVar into dataclass members
• c88b484 chore: Prepare release 0.42.0
• a265a9d docs: Rework sections in docstrings docs
• cdc9e1c refactor: Warn (debug) when a submodule shadows a member with the same name
• 781437e docs: Document best practices
• Additional commits viewable in compare view

Updates license-expression from 30.2.0 to 30.3.0

Release notes

Sourced from license-expression's releases.

v30.3.0

This is a minor release without API changes:

• Use latest skeleton
• Update license list to latest ScanCode and SPDX 3.23
• Drop support for Python 3.7

What's Changed

• Release prep v30.3.0 by @​AyanSinhaMahapatra in nexB/license-expression#92

Full Changelog: nexB/license-expression@v30.2.0...v30.3.0

Changelog

Sourced from license-expression's changelog.

v30.3.0 - 2024-03-18

This is a minor release without API changes:

• Use latest skeleton
• Update license list to latest ScanCode and SPDX 3.23
• Drop support for Python 3.7

Commits

• c20b3f6 Merge pull request #92 from nexB/release-prep-v30.2.1
• 3bf21b1 Bump version to v30.3.0
• 3d55bc6 Update llgpl license as exception
• bf47b14 Merge remote-tracking branch 'skeleton/main' into release-prep-v30.2.1
• 4241ab9 Bump version to v30.2.1
• 3fea7b4 Update licenses from scancode-licensedb
• acf94b3 Merge pull request #87 from nexB/update-macos-runners
• 008d521 Update CI runners and python version
• 0071028 Merge pull request #85 from nexB/84-widen-rtd-page
• 7d74b8a Fix top padding for rst content
• Additional commits viewable in compare view

Updates markdown from 3.5.2 to 3.6

Release notes

Sourced from markdown's releases.

Release 3.6

Changed

Refactor TOC Sanitation

• All postprocessors are now run on heading content.
• Footnote references are now stripped from heading content. Fixes #660.
• A more robust striptags is provided to convert headings to plain text. Unlike, the markupsafe implementation, HTML entities are not unescaped.
• The plain text name, rich html, and unescaped raw data-toc-label are saved to toc_tokens, allowing users to access the full rich text content of the headings directly from toc_tokens.
• The value of data-toc-label is sanitized separate from heading content before being written to name. This fixes a bug which allowed markup through in certain circumstances. To access the raw unsanitized data, retrieve the value from token['data-toc-label'] directly.
• An html.unescape call is made just prior to calling slugify so that slugify only operates on Unicode characters. Note that html.unescape is not run on name, html, or data-toc-label.
• The functions get_name and stashedHTML2text defined in the toc extension are both deprecated. Instead, third party extensions should use some combination of the new functions run_postprocessors, render_inner_html and striptags.

Fixed

• Include scripts/*.py in the generated source tarballs (#1430).
• Ensure lines after heading in loose list are properly detabbed (#1443).
• Give smarty tree processor higher priority than toc (#1440).
• Permit carets (^) and square brackets (]) but explicitly exclude backslashes (\) from abbreviations (#1444).
• In attribute lists (attr_list, fenced_code), quoted attribute values are now allowed to contain curly braces (}) (#1414).

Changelog

Sourced from markdown's changelog.

[3.6] -- 2024-03-14

Changed

Refactor TOC Sanitation

• All postprocessors are now run on heading content.
• Footnote references are now stripped from heading content. Fixes #660.
• A more robust striptags is provided to convert headings to plain text. Unlike, the markupsafe implementation, HTML entities are not unescaped.
• The plain text name, rich html, and unescaped raw data-toc-label are saved to toc_tokens, allowing users to access the full rich text content of the headings directly from toc_tokens.
• The value of data-toc-label is sanitized separate from heading content before being written to name. This fixes a bug which allowed markup through in certain circumstances. To access the raw unsanitized data, retrieve the value from token['data-toc-label'] directly.
• An html.unescape call is made just prior to calling slugify so that slugify only operates on Unicode characters. Note that html.unescape is not run on name, html, or data-toc-label.
• The functions get_name and stashedHTML2text defined in the toc extension are both deprecated. Instead, third party extensions should use some combination of the new functions run_postprocessors, render_inner_html and striptags.

Fixed

• Include scripts/*.py in the generated source tarballs (#1430).
• Ensure lines after heading in loose list are properly detabbed (#1443).
• Give smarty tree processor higher priority than toc (#1440).
• Permit carets (^) and square brackets (]) but explicitly exclude backslashes (\) from abbreviations (#1444).
• In attribute lists (attr_list, fenced_code), quoted attribute values are now allowed to contain curly braces (}) (#1414).

Commits

• e524b8f Bump version to 3.6
• 3d8afc6 Allow attr_list quoted values to contain curly braces
• 9edba85 Refactor abbr escaping
• e4ab4a6 Refactor TOC sanitation
• a18765c Explicitly omit carot and backslash from abbr
• 421f1e8 Give smarty tree processor higher priority than toc
• c334a3e Ensure lines after heading in loose list are properly detabbed
• ea92856 Update the license template so GitHub can detect it
• a2effd6 Disable mkdocstrings show_symbol_type_toc option to work around searching iss...
• 91f9a12 Restore Attribute symbol type in mkdocstrings template
• Additional commits viewable in compare view

Updates mkdocs-material from 9.5.13 to 9.5.14

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.14

• Added support for hiding versions from selector when using mike
• Added init system to improve signal handling in Docker image
• Fixed edge cases in exclusion logic of info plugin
• Fixed inability to reset pipeline in search plugin
• Fixed syntax error in Finnish translations
• Fixed #6917: UTF-8 encoding problems in blog plugin on Windows
• Fixed #6889: Transparent iframes get background color

Thanks to @​kamilkrzyskow, @​yubiuser and @​todeveni for their contributions

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.14 (2024-03-18)

• Added support for hiding versions from selector when using mike
• Added init system to improve signal handling in Docker image
• Fixed edge cases in exclusion logic of info plugin
• Fixed inability to reset pipeline in search plugin
• Fixed syntax error in Finnish translations
• Fixed #6917: UTF-8 encoding problems in blog plugin on Windows
• Fixed #6889: Transparent iframes get background color

mkdocs-material-9.5.13+insiders-4.53.1 (2024-03-06)

• Fixed #6877: Projects plugin computes incorrect path to assets
• Fixed #6869: Blog plugin should emit warning on invalid related link

mkdocs-material-9.5.13 (2024-03-06)

• Updated Slovak translations
• Improved info plugin interop with projects plugin
• Improved info plugin inclusion/exclusion logic
• Fixed info plugin not gathering files recursively
• Fixed #6750: Ensure info plugin packs up all necessary files

mkdocs-material-9.5.12 (2024-02-29)

• Fixed #6846: Some meta tags removed on instant navigation (9.4.2 regression)
• Fixed #6823: KaTex not rendering on instant navigation (9.5.5 regression)
• Fixed #6821: Privacy plugin doesn't handle URLs with encoded characters

mkdocs-material-9.5.11+insiders-4.53.0 (2024-02-24)

• Added support for automatic instant previews
• Added support for pinned blog posts

mkdocs-material-9.5.11 (2024-02-19)

• Updated Finnish translation

mkdocs-material-9.5.10+insiders-4.52.3 (2024-02-21)

• Fixed resolution of URLs in instant previews
• Fixed instant previews not mounting for same-page links

mkdocs-material-9.5.10 (2024-02-19)

• Updated Bahasa Malaysia translations
• Fixed #6783: Hide continue reading link for blog posts without separators
• Fixed #6779: Incorrect positioning of integrated table of contents

mkdocs-material-9.5.9 (2024-02-10)

... (truncated)

Commits

• cc78979 Updated Insiders changelog
• c51eb2f Prepare 9.5.14 release
• 3311a61 Updated dependencies
• 022f14c Fixed UTF-8 with BOM encoding support
• 2f1b2e9 Added support for hiding versions from selector
• babc995 Formatting
• 7e27f4d Merge branch 'master' of github.com:squidfunk/mkdocs-material
• dc97a56 Updated dependencies
• 2d39824 Fixed info plugin's exclusion logic (#6874)
• f325238 Fixed inability to reset search pipeline
• Additional commits viewable in compare view

Updates mkdocstrings-python from 1.8.0 to 1.9.0

Release notes

Sourced from mkdocstrings-python's releases.

1.9.0

1.9.0 - 2024-03-13

Compare with 1.8.0

Dependencies

• Add upper bound on Python-Markdown 3.6 to temporarily prevent breaking changes (cd93ee3 by Timothée Mazzucotelli).

Features

• Add show_labels option to show/hide labels (eaf9b82 by Viicos). [Issue #120](mkdocstrings/python#120), [PR #130](mkdocstrings/python#130)
• Add option to search for stubs packages (0c6aa32 by Romain). [PR #128](mkdocstrings/python#128), PR griffe#221: : mkdocstrings/griffe#221

Code Refactoring

• Mark all Jinja blocks as scoped (548bdad by Timothée Mazzucotelli).

Changelog

Sourced from mkdocstrings-python's changelog.

1.9.0 - 2024-03-13

Compare with 1.8.0

Dependencies

• Add upper bound on Python-Markdown 3.6 to temporarily prevent breaking changes (cd93ee3 by Timothée Mazzucotelli).

Features

• Add show_labels option to show/hide labels (eaf9b82 by Viicos). [Issue #120](mkdocstrings/python#120), [PR #130](mkdocstrings/python#130)
• Add option to search for stubs packages (0c6aa32 by Romain). [PR #128](mkdocstrings/python#128), PR griffe#221: : mkdocstrings/griffe#221

Code Refactoring

• Mark all Jinja blocks as scoped (548bdad by Timothée Mazzucotelli).

Commits

• e639c8b chore: Prepare release 1.9.0
• fad391f Merge branch 'main' of github.com:mkdocstrings/python
• ddf32c6 docs: Enable inline syntax highlight
• cd93ee3 deps: Add upper bound on Python-Markdown 3.6 to temporarily prevent breaking ...
• 2062325 chore: Template upgrade
• 0dd0b79 chore: Use mkdocstrings' handler-template
• 6364fbc chore: Template upgrade
• eaf9b82 feat: Add show_labels option to show/hide labels
• 8e86778 docs: Add default value for find_stubs_package docs
• 0c6aa32 feat: Add option to search for stubs packages
• Additional commits viewable in compare view

Updates types-jsonschema from 4.21.0.20240118 to 4.21.0.20240311

Commits

• See full diff in compare view

Updates types-pyyaml from 6.0.12.12 to 6.0.12.20240311

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.