Deps: Bump the python-packages group with 5 updates #544

dependabot · 2023-10-02T04:39:28Z

Bumps the python-packages group with 5 updates:

Package	From	To
packaging	`23.1`	`23.2`
rope	`1.9.0`	`1.10.0`
pontos	`23.9.0`	`23.9.2`
astroid	`2.15.7`	`3.0.0`
rich	`13.5.3`	`13.6.0`

Updates packaging from 23.1 to 23.2

Release notes

Sourced from packaging's releases.

23.2

What's Changed

parse_marker should consume the entire source string by @mwerschy in pypa/packaging#687

Create a Security Policy file by @joycebrum in pypa/packaging#695

Add python 3.12 to CI by @mayeut in pypa/packaging#689

Remove URL validation from requirement parsing by @uranusjr in pypa/packaging#684

Add types for packaging.version._Version by @hauntsaninja in pypa/packaging#665

Add PyPy 3.10 to CI by @mayeut in pypa/packaging#699

Remove unused argument in _manylinux._is_compatible by @mayeut in pypa/packaging#700

Canonicalize names for requirements comparison by @astrojuanlu in pypa/packaging#696

Add platform tag support for LoongArch by @loongson-zn in pypa/packaging#693

Ability to install armv7l manylinux/musllinux wheels on armv8l by @mayeut in pypa/packaging#690

Include CHANGELOG.rst in sdist by @astrojuanlu in pypa/packaging#704

Update pyupgrade to Python 3.7+ by @fangchenli in pypa/packaging#580

Fix version pattern pre-releases by @deathaxe in pypa/packaging#705

Fix typos found by codespell by @DimitriPapadopoulos in pypa/packaging#706

Support enriched metadata by @brettcannon in pypa/packaging#686

Correct rST syntax in CHANGELOG.rst by @atugushev in pypa/packaging#709

fix: platform tag for GraalPy by @mayeut in pypa/packaging#711

Document that this library uses a calendar-based versioning scheme by @faph in pypa/packaging#717

fix: Update copyright date for docs by @garrypolley in pypa/packaging#713

Bump pip version to avoid known vulnerabilities by @joycebrum in pypa/packaging#720

Typing annotations fixed in version.py by @jolaf in pypa/packaging#723

parse_{sdist,wheel}_filename: don't raise InvalidVersion by @SpecLad in pypa/packaging#721

Fix code blocks in CHANGELOG.md by @edmorley in pypa/packaging#724

New Contributors

@mwerschy made their first contribution in pypa/packaging#687

@joycebrum made their first contribution in pypa/packaging#695

@astrojuanlu made their first contribution in pypa/packaging#696

@loongson-zn made their first contribution in pypa/packaging#693

@fangchenli made their first contribution in pypa/packaging#580

@deathaxe made their first contribution in pypa/packaging#705

@DimitriPapadopoulos made their first contribution in pypa/packaging#706

@atugushev made their first contribution in pypa/packaging#709

@faph made their first contribution in pypa/packaging#717

@garrypolley made their first contribution in pypa/packaging#713

@jolaf made their first contribution in pypa/packaging#723

@SpecLad made their first contribution in pypa/packaging#721

@edmorley made their first contribution in pypa/packaging#724

Full Changelog: pypa/packaging@23.1...23.2

Changelog

Sourced from packaging's changelog.

23.2 - 2023-10-01


* Document calendar-based versioning scheme (:issue:`716`)
* Enforce that the entire marker string is parsed (:issue:`687`)
* Requirement parsing no longer automatically validates the URL (:issue:`120`)
* Canonicalize names for requirements comparison (:issue:`644`)
* Introduce ``metadata.Metadata`` (along with ``metadata.ExceptionGroup`` and ``metadata.InvalidMetadata``; :issue:`570`)
* Introduce the ``validate`` keyword parameter to ``utils.validate_name()`` (:issue:`570`)
* Introduce ``utils.is_normalized_name()`` (:issue:`570`)
* Make ``utils.parse_sdist_filename()`` and ``utils.parse_wheel_filename()``
  raise ``InvalidSdistFilename`` and ``InvalidWheelFilename``, respectively,
  when the version component of the name is invalid

Commits

b3a5d7d Bump for release
d7ce40d Fix code blocks in CHANGELOG.md (#724)
524b701 parse_{sdist,wheel}_filename: don't raise InvalidVersion (#721)
b509bef Typing annotations fixed (#723)
0206c39 Bump pip version to avoid known vulnerabilities (#720)
7023537 fix: Update copyright date for docs (#713)
39786bb Document use of calendar-based versioning scheme (#717)
c1346df fix: Detect when a platform is 32-bit more accurately (#711)
7e68d82 Correct rST syntax in CHANGELOG.rst (#709)
61e6efb Support enriched metadata in packaging.metadata (#686)
Additional commits viewable in compare view

Updates rope from 1.9.0 to 1.10.0

Changelog

Sourced from rope's changelog.

Release 1.10.0

#708, #709 Add support for Python 3.12

Commits

a5fa15b Update CHANGELOG.md
0bee51e Bump version
ef3613b Black
00e937c Add build.os key to .readthedocs.yaml
3049f35 Update .readthedocs.yaml to use build.tools.python key
68630e3 Update readthedocs to use Python 3.11
cd34ac5 Update current year to 2023
11316ec Replace pkg_resources to use importlib
c4c77d5 Fix deprecation warnings
677111a Merge pull request #709 from python-rope/lieryan-py312
Additional commits viewable in compare view

Updates pontos from 23.9.0 to 23.9.2

Release notes

Sourced from pontos's releases.

pontos 23.9.2

23.9.2 - 2023-09-28

Added

Add simple GitHub script to show and update repo topics c2a9948

Add GitHub API for updating repository topics c9328eb

Add GitHub API for getting repository topics cf5f21e

Changed

Update java version command with config file (#886) fd7af60

pontos 23.9.1

23.9.1 - 2023-09-27

Added

Add repo model property for enabled dependabot security updates a31ae3c

Changed

Improve error message when a model value can't be set c3d18b8

Group PRs from Dependabot (#879) 36fdead

Bug Fixes

Mark repo model properties for security and analysis as optional 0ad99e9

Dependencies

Bump the dependencies group with 3 updates (#882) 580cec1

Bump the dependencies group with 3 updates (#881) 4907641

Bump the dependencies group with 4 updates (#880) 67d3482

Bump coverage from 7.3.0 to 7.3.1 (#878) 0da4a0d

Bump black from 23.7.0 to 23.9.1 (#876) cb44928

Bump ruff from 0.0.286 to 0.0.287 (#869) d8e3b41

Bump sphinx from 7.2.4 to 7.2.5 (#868) 6d58fa4

Commits

1bdd114 Automatic release to 23.9.2
fd7af60 Change: Update java version command with config file (#886)
c2a9948 Add: Add simple GitHub script to show and update repo topics
c9328eb Add: Add GitHub API for updating repository topics
cf5f21e Add: Add GitHub API for getting repository topics
167ef3a Automatic adjustments after release
96b297a Automatic release to 23.9.1
c3d18b8 Change: Improve error message when a model value can't be set
a31ae3c Add: Add repo model property for enabled dependabot security updates
0ad99e9 Fix: Mark repo model properties for security and analysis as optional
Additional commits viewable in compare view

Updates astroid from 2.15.7 to 3.0.0

Changelog

Sourced from astroid's changelog.

What's New in astroid 3.0.0?

Release date: 2023-09-25

Add support for Python 3.12, including PEP 695 type parameter syntax.

Closes #2201

Remove support for Python 3.7.

Refs #2137

Use the global inference cache when inferring, even without an explicit InferenceContext. This is a significant performance improvement given how often methods default to None for the context argument. (Linting astroid itself now takes ~5% less time on Python 3.12; other projects requiring more complex inference calculations will see greater speedups.)

Refs #529

Following a deprecation period starting in astroid 2.7.0, the astroid.node_classes and astroid.scoped_nodes modules have been removed in favor of astroid.nodes.node_classes and astroid.nodes.scoped_nodes.

Closes #1072

Following a deprecation period starting in astroid 2.12.0, the astroid.mixins module has been removed in favor of astroid.nodes._base_nodes (private).

Refs #1633

Return all existing arguments when calling Arguments.arguments(). This also means find_argname will now use the whole list of arguments for its search.

Closes #2213

Exclude class attributes from the __members__ container of an Enum class when they are nodes.AnnAssign nodes with no assigned value.

Refs pylint-dev/pylint#7402

Remove @cached and @cachedproperty decorator (just use @cached_property from the stdlib).

Closes #1780 Refs #2140

Remove the inference module. Node inference methods are now in the module defining the node, rather than being associated to the node afterward.

Closes #679

... (truncated)

Commits

2891daf Bump astroid to 3.0.0, update changelog
d637bdf Revert "Add boilerplate for documenting an upgrade guide (#1873)"
5c8a248 Merge maintenance/2.15.x following 2.15.8 release
c633af2 Bump astroid to 2.15.8, update changelog
584b1fd False positive unsubscriptable-object (#2307) (#2309)
1f0f2f8 False positive unsubscriptable-object (#2307)
2380f6f Merge pull request #2308 from pylint-dev/pre-commit-ci-update-config
7581348 [pre-commit.ci] pre-commit autoupdate
1113d49 Merge pull request #2306 from pylint-dev/dependabot/github_actions/actions/ch...
9c0e642 Bump actions/checkout from 4.0.0 to 4.1.0
Additional commits viewable in compare view

Updates rich from 13.5.3 to 13.6.0

Release notes

Sourced from rich's releases.

The Python 3.12 release

Mostly a meta update in readiness for the release of Python3.12

[13.6.0] - 2023-09-30

Added

Added Python 3.12 to classifiers.

Changelog

Sourced from rich's changelog.

[13.6.0] - 2023-09-30

Added

Added Python 3.12 to classifiers.

Commits

e9f75c9 Merge branch 'py312'
35b64f1 Merge pull request #3139 from Textualize/py312
c8ff546 version bump
3f8c4af tests for 3.12
ef90daf enable py312
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-packages group with 5 updates: | Package | From | To | | --- | --- | --- | | [packaging](https://github.com/pypa/packaging) | `23.1` | `23.2` | | [rope](https://github.com/python-rope/rope) | `1.9.0` | `1.10.0` | | [pontos](https://github.com/greenbone/pontos) | `23.9.0` | `23.9.2` | | [astroid](https://github.com/pylint-dev/astroid) | `2.15.7` | `3.0.0` | | [rich](https://github.com/Textualize/rich) | `13.5.3` | `13.6.0` | Updates `packaging` from 23.1 to 23.2 - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@23.1...23.2) Updates `rope` from 1.9.0 to 1.10.0 - [Changelog](https://github.com/python-rope/rope/blob/master/CHANGELOG.md) - [Commits](python-rope/rope@1.9.0...1.10.0) Updates `pontos` from 23.9.0 to 23.9.2 - [Release notes](https://github.com/greenbone/pontos/releases) - [Commits](greenbone/pontos@v23.9.0...v23.9.2) Updates `astroid` from 2.15.7 to 3.0.0 - [Release notes](https://github.com/pylint-dev/astroid/releases) - [Changelog](https://github.com/pylint-dev/astroid/blob/main/ChangeLog) - [Commits](pylint-dev/astroid@v2.15.7...v3.0.0) Updates `rich` from 13.5.3 to 13.6.0 - [Release notes](https://github.com/Textualize/rich/releases) - [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md) - [Commits](Textualize/rich@v13.5.3...v13.6.0) --- updated-dependencies: - dependency-name: packaging dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-packages - dependency-name: rope dependency-type: direct:development update-type: version-update:semver-minor dependency-group: python-packages - dependency-name: pontos dependency-type: direct:development update-type: version-update:semver-patch dependency-group: python-packages - dependency-name: astroid dependency-type: indirect update-type: version-update:semver-major dependency-group: python-packages - dependency-name: rich dependency-type: indirect update-type: version-update:semver-minor dependency-group: python-packages ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from a team as a code owner October 2, 2023 04:39

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 2, 2023

ArnoStiefvater approved these changes Oct 5, 2023

View reviewed changes

ArnoStiefvater merged commit 021f388 into main Oct 5, 2023
11 of 12 checks passed

ArnoStiefvater deleted the dependabot/pip/python-packages-c8a204a086 branch October 5, 2023 12:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deps: Bump the python-packages group with 5 updates #544

Deps: Bump the python-packages group with 5 updates #544

dependabot bot commented on behalf of github Oct 2, 2023

Deps: Bump the python-packages group with 5 updates #544

Deps: Bump the python-packages group with 5 updates #544

Conversation

dependabot bot commented on behalf of github Oct 2, 2023

23.2

What's Changed

New Contributors

Release 1.10.0

pontos 23.9.2

23.9.2 - 2023-09-28

Added

Changed

pontos 23.9.1

23.9.1 - 2023-09-27

Added

Changed

Bug Fixes

Dependencies

What's New in astroid 3.0.0?

The Python 3.12 release

[13.6.0] - 2023-09-30

Added

[13.6.0] - 2023-09-30

Added