Deps: Bump the python-packages group with 6 updates

[dependabot]

Bumps the python-packages group with 6 updates:

Package	From	To
coverage	7.4.4	7.5.0
black	24.4.0	24.4.2
furo	2024.1.29	2024.4.27
docutils	0.21.1	0.21.2
platformdirs	4.2.0	4.2.1
ruff	0.4.1	0.4.2

Updates coverage from 7.4.4 to 7.5.0

Changelog

Sourced from coverage's changelog.

Version 7.5.0 — 2024-04-23

• Added initial support for function and class reporting in the HTML report. There are now three index pages which link to each other: files, functions, and classes. Other reports don't yet have this information, but it will be added in the future where it makes sense. Feedback gladly accepted! Finishes issue 780_.

• Other HTML report improvements:

  • There is now a "hide covered" checkbox to filter out 100% files, finishing issue 1384_.

  • The index page is always sorted by one of its columns, with clearer indications of the sorting.

  • The "previous file" shortcut key didn't work on the index page, but now it does, fixing issue 1765_.

• The debug output showing which configuration files were tried now shows absolute paths to help diagnose problems where settings aren't taking effect, and is renamed from "attempted_config_files" to the more logical "config_files_attempted."

• Python 3.13.0a6 is supported.

.. _issue 780: nedbat/coveragepy#780 .. _issue 1384: nedbat/coveragepy#1384 .. _issue 1765: nedbat/coveragepy#1765

.. _changes_7-4-4:

Commits

• 5f4e034 docs: sample HTML for 7.5.0
• ed97cfb docs: prep for 7.5.0
• 41e01d3 build: use macos 13 for 3.8 and 3.9 while GitHub rolls out macos 14
• 583f0c0 test: add a test for skipping covered functions
• b115ed3 refactor: keep Analysis private
• 40a052e docs: document CodeRegion and its plugin methods
• 2ff9933 docs: remove comment that now explains nothing.
• a6ba1c8 fix: html report pages fully validate
• 74c87a8 fix: previous page shortcut works in index page. #1765
• e016967 feat: main index page links to other index pages
• Additional commits viewable in compare view

Updates black from 24.4.0 to 24.4.2

Release notes

Sourced from black's releases.

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

• Fix regression where certain complex f-strings failed to parse (#4332)

Performance

• Fix bad performance on certain complex string literals (#4331)

24.4.1

Highlights

• Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

• Fix crash involving indented dummy functions containing newlines (#4318)

Parser

• Add support for type parameter defaults, a new syntactic feature added to Python 3.13 by PEP 696 (#4327)

Integrations

• Github Action now works even when git archive is skipped (#4313)

Changelog

Sourced from black's changelog.

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

• Fix regression where certain complex f-strings failed to parse (#4332)

Performance

• Fix bad performance on certain complex string literals (#4331)

24.4.1

Highlights

• Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

• Fix crash involving indented dummy functions containing newlines (#4318)

Parser

• Add support for type parameter defaults, a new syntactic feature added to Python 3.13 by PEP 696 (#4327)

Integrations

• Github Action now works even when git archive is skipped (#4313)

Commits

• 3702ba2 Prepare release 24.4.2 (#4335)
• e4aaa8a Fix incorrect f-string tokenization (#4332)
• ba88fc3 Simplify string tokenization regexes (#4331)
• 5683242 New release template
• e7fb048 Prepare release 24.4.1 (#4328)
• 3f0f8f1 Support PEP 696 (#4327)
• 2f88085 Github Action: Directly install from repo if export-subst is skipped (#4313)
• 12ce3db Move changelog entry to right section (#4326)
• 1354be2 Add support to style function definitions with newlines before function stubs...
• f4b644b Prevent wrapping of multiline fstrings in parens (#4325)
• Additional commits viewable in compare view

Updates furo from 2024.1.29 to 2024.4.27

Changelog

Sourced from furo's changelog.

Changelog

2024.04.27 -- Bold Burgundy

• Add a skip to content link.
• Add --font-stack--headings.
• Add :visited colour and enforce uniform contrast between light/dark.
• Add an offset of :target to reduce back-to-top overlap.
• Improve dark mode colours.
• Fix outstanding colour contrast warnings on Firefox.
• Fix bad indent in footnotes.
• Tweak handling of default configuration options in a more resilient manner.
• Tweak length and sizing of API source links.
• Stop search engine indexing on search page.

2024.01.29 -- Amazing Amethyst

• Fix canonical url when building with dirhtml.
• Relicense the demo module.

2023.09.10 -- Zesty Zaffre

• Make asset hash injection idempotent, fixing Sphinx 6 compatibility.
• Fix the check for HTML builders, fixing non-HTML Read the Docs builds.

2023.08.19 -- Xenolithic Xanadu

• Fix missing search context with Sphinx 7.2, for dirhtml builds.
• Drop support for Python 3.7.
• Present configuration errors in a better format -- thanks @​AA-Turner!
• Bump require_sphinx() to Sphinx 6.0, in line with dependency changes in Unassuming Ultramarine.

2023.08.17 -- Wonderous White

• Fix compatiblity with Sphinx 7.2.0 and 7.2.1.

2023.07.26 -- Vigilant Volt

• Fix compatiblity with Sphinx 7.1.

... (truncated)

Commits

• 750fcd7 Prepare release: 2024.04.27
• c0cb020 Update changelog
• 3787a7c Patch app.config in a more resilient manner (#783)
• 6a3afab Indent all children of aside.footnote (#788)
• 035b276 fix: no index content on search page (#784)
• 151f523 [pre-commit.ci] pre-commit autoupdate (#771)
• 2eb75aa Bump the github-actions group with 1 update (#777)
• df6f65c Bump the npm group with 6 updates (#778)
• 0b51a5e Add space after period in ToC warning (#776)
• 0188705 Bump the npm group with 5 updates (#770)
• Additional commits viewable in compare view

Updates docutils from 0.21.1 to 0.21.2

Updates platformdirs from 4.2.0 to 4.2.1

Release notes

Sourced from platformdirs's releases.

4.2.1

What's Changed

• Switch to ruff for formatting and use codespell and docformatter by @​gaborbernat in platformdirs/platformdirs#261
• Use hatch over tox by @​gaborbernat in platformdirs/platformdirs#262
• chore: various minor fixes by @​deronnax in platformdirs/platformdirs#263
• chore: update dead Microsoft's known folders documentation link by @​deronnax in platformdirs/platformdirs#267
• Allow working without ctypes by @​youknowone in platformdirs/platformdirs#275

New Contributors

• @​deronnax made their first contribution in platformdirs/platformdirs#263
• @​youknowone made their first contribution in platformdirs/platformdirs#275

Full Changelog: platformdirs/platformdirs@4.2.0...4.2.1

Commits

• 9781f05 [pre-commit.ci] pre-commit autoupdate (#276)
• b44d57d Allow working without ctypes (#275)
• 89b6b2b [pre-commit.ci] pre-commit autoupdate (#274)
• f211ab4 [pre-commit.ci] pre-commit autoupdate (#273)
• 077e11e [pre-commit.ci] pre-commit autoupdate (#272)
• c8870a1 [pre-commit.ci] pre-commit autoupdate (#271)
• 7039c66 Bump pypa/gh-action-pypi-publish from 1.8.11 to 1.8.14 (#270)
• 16f93e2 [pre-commit.ci] pre-commit autoupdate (#266)
• f9b9d6d chore: update dead Microsoft's known folders documentation link (#267)
• 1aece7e chore: various minor fixes (#263)
• Additional commits viewable in compare view

Updates ruff from 0.4.1 to 0.4.2

Release notes

Sourced from ruff's releases.

v0.4.2

Changes

Rule changes

• [flake8-pyi] Allow for overloaded __exit__ and __aexit__ definitions (PYI036) (#11057)
• [pyupgrade] Catch usages of "%s" % var and provide an unsafe fix (UP031) (#11019)
• [refurb] Implement new rule that suggests min/max over sorted() (FURB192) (#10868)

Server

• Fix an issue with missing diagnostics for Neovim and Helix (#11092)
• Implement hover documentation for noqa codes (#11096)
• Introduce common Ruff configuration options with new server settings (#11062)

Bug fixes

• Use macos-12 for building release wheels to enable macOS 11 compatibility (#11146)
• [flake8-blind-expect] Allow raise from in BLE001 (#11131)
• [flake8-pyi] Allow simple assignments to None in enum class scopes (PYI026) (#11128)
• [flake8-simplify] Avoid raising SIM911 for non-zip attribute calls (#11126)
• [refurb] Avoid operator.itemgetter suggestion for single-item tuple (#11095)
• [ruff] Respect per-file-ignores for RUF100 with no other diagnostics (#11058)
• [ruff] Fix async comprehension false positive (RUF029) (#11070)

Documentation

• [flake8-bugbear] Document explicitly disabling strict zip (B905) (#11040)
• [flake8-type-checking] Mention lint.typing-modules in TCH001, TCH002, and TCH003 (#11144)
• [isort] Improve documentation around custom isort sections (#11050)
• [pylint] Fix documentation oversight for invalid-X-returns (#11094)

Performance

• Use matchit to resolve per-file settings (#11111)

Contributors

• @​AlexWaygood
• @​JonathanPlasse
• @​KPCOFGS
• @​KotlinIsland
• @​MichaReiser
• @​augustelalande
• @​autinerd
• @​bersbersbers
• @​carljm
• @​charliermarsh
• @​dhruvmanila
• @​ibraheemdev
• @​jfrost-mo

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.2

Rule changes

• [flake8-pyi] Allow for overloaded __exit__ and __aexit__ definitions (PYI036) (#11057)
• [pyupgrade] Catch usages of "%s" % var and provide an unsafe fix (UP031) (#11019)
• [refurb] Implement new rule that suggests min/max over sorted() (FURB192) (#10868)

Server

• Fix an issue with missing diagnostics for Neovim and Helix (#11092)
• Implement hover documentation for noqa codes (#11096)
• Introduce common Ruff configuration options with new server settings (#11062)

Bug fixes

• Use macos-12 for building release wheels to enable macOS 11 compatibility (#11146)
• [flake8-blind-expect] Allow raise from in BLE001 (#11131)
• [flake8-pyi] Allow simple assignments to None in enum class scopes (PYI026) (#11128)
• [flake8-simplify] Avoid raising SIM911 for non-zip attribute calls (#11126)
• [refurb] Avoid operator.itemgetter suggestion for single-item tuple (#11095)
• [ruff] Respect per-file-ignores for RUF100 with no other diagnostics (#11058)
• [ruff] Fix async comprehension false positive (RUF029) (#11070)

Documentation

• [flake8-bugbear] Document explicitly disabling strict zip (B905) (#11040)
• [flake8-type-checking] Mention lint.typing-modules in TCH001, TCH002, and TCH003 (#11144)
• [isort] Improve documentation around custom isort sections (#11050)
• [pylint] Fix documentation oversight for invalid-X-returns (#11094)

Performance

• Use matchit to resolve per-file settings (#11111)

Commits

• 77c93fd Bump version to 0.4.2 (#11151)
• 1c9f5e3 Display the AST even with syntax errors (#11147)
• 263a0d2 Use macos-12 to build release wheels (#11146)
• 4738e19 Remove unused lexical error types (#11145)
• f428bd5 Docs: mention lint.typing-modules in TCH001, TCH002, TCH003 (#11144)
• 4690890 ruff server: In 'publish diagnostics' mode, document diagnostics are cleare...
• 19baabb README: add Apache Superset to project list (#11136)
• cee38f3 [flake8-blind-expect] Allow raise from in BLE001 (#11131)
• e3fde28 [flake8-pyi] Allow overloaded __exit__ and __aexit__ definitions (`PYI0...
• 1c8849f Use Matchit to Resolve Per-File Settings (#11111)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 6470e42.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

poetry.lock

Package	Version	License	Issue Type
docutils	0.21.2	Null	Unknown License

Allowed Licenses: 0BSD, AGPL-3.0-or-later, GPL-3.0-or-later, LGPL-2.1, EPL-2.0, Python-2.0, GPL-2.0-or-later, GPL-2.0-only, GPL-3.0-or-later AND LGPL-2.1-only, GPL-3.0-or-later AND LGPL-3.0 AND LGPL-3.0-only, GPL-2.0 AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-or-later, MIT, ISC, Unlicense, Apache-2.0, BSD-3-Clause, BSD-2-Clause, BSD-2-Clause AND MIT, MPL-2.0, CC-BY-4.0, CC-BY-3.0, CC-BY-SA-4.0, CC0-1.0, BSD-2-Clause AND BSD-3-Clause, BSD-3-Clause AND BSD-3-Clause-Clear, MIT OR Apache-2.0, MIT AND Python-2.0, (Apache-2.0 AND BSD-3-Clause) OR (Apache-2.0 AND MIT), (MIT OR Apache-2.0) AND Unicode-DFS-2016, OFL-1.1, Apache-2.0 AND BSD-3-Clause AND MIT AND OFL-1.1, BlueOak-1.0.0, BSL-1.0, Python-2.0.1, MIT AND PSF-2.0, CAL-1.0

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/black	24.4.2	🟢 6.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 18/26 approved changesets -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/coverage	7.5.0	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices 🟢 5 badge detected: Passing License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected SAST 🟢 10 SAST tool detected: CodeQL Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1
pip/docutils	0.21.2	Unknown	Unknown
pip/furo	2024.4.27	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 1 Found 2/17 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Packaging ⚠️ -1 packaging workflow not detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/platformdirs	4.2.1	🟢 6.8	Details Check Score Reason Maintained 🟢 10 15 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/ruff	0.4.2	Unknown	Unknown
pip/black	24.4.0	🟢 6.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 18/26 approved changesets -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/coverage	7.4.4	🟢 8.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices 🟢 5 badge detected: Passing License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected SAST 🟢 10 SAST tool detected: CodeQL Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1
pip/docutils	0.21.1	Unknown	Unknown
pip/furo	2024.1.29	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 1 Found 2/17 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Packaging ⚠️ -1 packaging workflow not detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/platformdirs	4.2.0	🟢 6.8	Details Check Score Reason Maintained 🟢 10 15 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/ruff	0.4.1	Unknown	Unknown

Scanned Manifest Files

poetry.lock

• black@24.4.2
• coverage@7.5.0
• docutils@0.21.2
• furo@2024.4.27
• platformdirs@4.2.1
• ruff@0.4.2
• black@24.4.0
• coverage@7.4.4
• docutils@0.21.1
• furo@2024.1.29
• platformdirs@4.2.0
• ruff@0.4.1

[github-actions]

Conventional Commits Report

Type	Number
Dependencies	1

🚀 Conventional commits found.