Skip to content

Bump build from 1.4.0 to 1.4.4#220

Merged
Aegdesil merged 1 commit intomasterfrom
dependabot/pip/build-1.4.4
Apr 27, 2026
Merged

Bump build from 1.4.0 to 1.4.4#220
Aegdesil merged 1 commit intomasterfrom
dependabot/pip/build-1.4.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Bumps build from 1.4.0 to 1.4.4.

Release notes

Sourced from build's releases.

1.4.4

What's Changed

Full Changelog: pypa/build@1.4.3...1.4.4

1.4.3

What's Changed

New Contributors

Full Changelog: pypa/build@1.4.2...1.4.3

1.4.2

What's Changed

... (truncated)

Changelog

Sourced from build's changelog.

#################### 1.4.4 (2026-04-22) ####################

Bugfixes

  • Fix release pipeline generating CHANGELOG.rst entries with inconsistent heading levels, which broke sphinx -W and pinned Read the Docs stable at 1.4.0 - by :user:gaborbernat. (:issue:1031)
  • Revert :pr:1039 from build 1.4.3, no longer check direct_url (for now) - by :user:henryiii (:issue:1039)
  • Add --ignore-installed to pip install command to prevent issues with packages already present in the isolated build environment - by :user:henryiii (:issue:1037) (:issue:1040)
  • Partial revert of :pr:973, keeping log messages in one entry, multiple lines. (:issue:1044)

Miscellaneous

  • :issue:1048, :issue:1049

#################### 1.4.3 (2026-04-10) ####################

Features

  • Add kind parameter to log messages to separate semantic and representation - by :user:abitrolly (:issue:973)

Bugfixes

  • Strip PYTHONPATH from the environment during isolated builds to prevent host packages from leaking into the build
    • by :user:gaborbernat (:issue:405)
  • Pass --no-input to pip to prevent hidden credential prompts that cause hangs, and automatically set PIP_KEYRING_PROVIDER=subprocess (or UV_KEYRING_PROVIDER=subprocess for the uv installer) when the keyring CLI is on PATH -- by :user:gaborbernat (:issue:409)
  • check_dependency now reports URL requirements as unmet instead of silently accepting them when a package with the same name is installed - by :user:gaborbernat (:issue:860)
  • Fix misleading missing dependency error display where transitive dependency chains showed the top-level package on a separate line, making it appear as if the top-level package itself was missing - by :user:gaborbernat (:issue:875)
  • Fix towncrier template to generate changelog categories in definition order - by :user:gaborbernat (:issue:1007)
  • Resolve thread-safety races in the build API - by :user:gaborbernat (:issue:1015)
  • Validate backend-path entries exist on disk with a clear error - by :user:gaborbernat (:issue:1016)

Miscellaneous

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 27, 2026
@dependabot dependabot Bot mentioned this pull request Apr 27, 2026
Closed
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 27, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (3d4707a) to head (be0f578).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff            @@
##            master      #220   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           76        76           
  Lines         1311      1311           
  Branches       120       120           
=========================================
  Hits          1311      1311

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@Aegdesil Aegdesil enabled auto-merge April 27, 2026 07:13
@dependabot
Bump build from 1.4.0 to 1.4.4
be0f578 
Bumps [build](https://github.com/pypa/build) from 1.4.0 to 1.4.4.
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](pypa/build@1.4.0...1.4.4)

---
updated-dependencies:
- dependency-name: build
  dependency-version: 1.4.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/build-1.4.4 branch from a1ce8b8 to be0f578 Compare April 27, 2026 07:14
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 27, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Aegdesil Aegdesil merged commit 6e65f5d into master Apr 27, 2026
15 checks passed
@Aegdesil Aegdesil deleted the dependabot/pip/build-1.4.4 branch April 27, 2026 07:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Aegdesil