build(deps): bump the dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the dependencies group with 6 updates in the / directory:

Package	From	To
cffi	1.16.0	1.17.0
cryptography	42.0.8	43.0.0
coverage	7.5.4	7.6.1
tox	4.1.2	4.18.0
ruff	0.5.1	0.6.1
mypy	1.10.1	1.11.1

Updates cffi from 1.16.0 to 1.17.0

Release notes

Sourced from cffi's releases.

v1.17.0

• Add support for Python 3.13.
  • Free-threaded CPython builds (i.e. python3.13t and the 3.13t ABI) are not currently supported.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a <cdata 'C-function-type'>. Before version 1.17 you could only call such objects. You could write ffi.addressof(lib, "myfunc") in order to get a real <cdata> object, based on the idea that in these cases in C you'd usually write &myfunc instead of myfunc. In version 1.17, the special object lib.myfunc can now be passed in many places where CFFI expects a regular <cdata> object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.

Full Changelog: python-cffi/cffi@v1.16.0...v1.17.0

v1.17.0rc1

• Add support for Python 3.13.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.
• Build wheels for musllinux aarch64.

Commits

• 74731f9 Release 1.17.0 (#108)
• 181fa00 1.17.0rc1 release (#80)
• 772528e Add 3.13 to trove classifiers (#72)
• e36042d 1.17.0b1 prep (#79)
• 39bdab2 avoid null-pointer-subtraction error (#78)
• d7f750b Mention the systemd issue with old-style callbacks (#74)
• 56f7609 Build aarch64 musllinux wheel (#69)
• e59ec8f Win32: pass the flags from dlopen() to LoadLibraryEx() (#65)
• 0619e5e remove binary cruft (#63)
• 640e89f rearrange code to make PyPy testing happier (#59)
• Additional commits viewable in compare view

Updates cryptography from 42.0.8 to 43.0.0

Changelog

Sourced from cryptography's changelog.

43.0.0 - 2024-07-20

* **BACKWARDS INCOMPATIBLE:** Support for OpenSSL less than 1.1.1e has been
  removed.  Users on older version of OpenSSL will need to upgrade.
* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.8.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.3.1.
* Updated the minimum supported Rust version (MSRV) to 1.65.0, from 1.63.0.
* :func:`~cryptography.hazmat.primitives.asymmetric.rsa.generate_private_key`
  now enforces a minimum RSA key size of 1024-bit. Note that 1024-bit is still
  considered insecure, users should generally use a key size of 2048-bits.
* :func:`~cryptography.hazmat.primitives.serialization.pkcs7.serialize_certificates`
  now emits ASN.1 that more closely follows the recommendations in :rfc:`2315`.
* Added new :doc:`/hazmat/decrepit/index` module which contains outdated and
  insecure cryptographic primitives.
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.CAST5`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.SEED`,
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.IDEA`, and
  :class:`~cryptography.hazmat.primitives.ciphers.algorithms.Blowfish`, which were
  deprecated in 37.0.0, have been added to this module. They will be removed
  from the ``cipher`` module in 45.0.0.
* Moved :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES`
  and :class:`~cryptography.hazmat.primitives.ciphers.algorithms.ARC4` into
  :doc:`/hazmat/decrepit/index` and deprecated them in the ``cipher`` module.
  They will be removed from the ``cipher`` module in 48.0.0.
* Added support for deterministic
  :class:`~cryptography.hazmat.primitives.asymmetric.ec.ECDSA` (:rfc:`6979`)
* Added support for client certificate verification to the
  :mod:`X.509 path validation <cryptography.x509.verification>` APIs in the
  form of :class:`~cryptography.x509.verification.ClientVerifier`,
  :class:`~cryptography.x509.verification.VerifiedClient`, and
  ``PolicyBuilder``
  :meth:`~cryptography.x509.verification.PolicyBuilder.build_client_verifier`.
* Added Certificate
  :attr:`~cryptography.x509.Certificate.public_key_algorithm_oid`
  and Certificate Signing Request
  :attr:`~cryptography.x509.CertificateSigningRequest.public_key_algorithm_oid`
  to determine the :class:`~cryptography.hazmat._oid.PublicKeyAlgorithmOID`
  Object Identifier of the public key found inside the certificate.
* Added :attr:`~cryptography.x509.InvalidityDate.invalidity_date_utc`, a
  timezone-aware alternative to the naïve ``datetime`` attribute
  :attr:`~cryptography.x509.InvalidityDate.invalidity_date`.
* Added support for parsing empty DN string in
  :meth:`~cryptography.x509.Name.from_rfc4514_string`.
* Added the following properties that return timezone-aware ``datetime`` objects:
  :meth:`~cryptography.x509.ocsp.OCSPResponse.produced_at_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.revocation_time_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.this_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPResponse.next_update_utc`,
  :meth:`~cryptography.x509.ocsp.OCSPSingleResponse.revocation_time_utc`,
</tr></table> 

... (truncated)

Commits

• ebf14f2 bump for 43.0.0 and update changelog (#11311)
• 42788a0 Fix exchange with keys that had Q automatically computed (#11309)
• 2dbdfb8 don't assign unused name (#11310)
• ccc66e6 Bump openssl from 0.10.64 to 0.10.65 in /src/rust (#11308)
• 4310c87 Bump sphinxcontrib-qthelp from 1.0.7 to 1.0.8 (#11307)
• f66a9c4 Bump sphinxcontrib-htmlhelp from 2.0.5 to 2.0.6 (#11306)
• a8fcf18 Bump openssl-sys from 0.9.102 to 0.9.103 in /src/rust (#11305)
• 2fe32b2 Bump mypy from 1.10.1 to 1.11.0 (#11303)
• ee24e82 Bump setuptools from 71.0.3 to 71.0.4 in /.github/requirements (#11304)
• 7249ccd Bump portable-atomic from 1.6.0 to 1.7.0 in /src/rust (#11302)
• Additional commits viewable in compare view

Updates coverage from 7.5.4 to 7.6.1

Changelog

Sourced from coverage's changelog.

Version 7.6.1 — 2024-08-04

• Fix: coverage used to fail when measuring code using :func:runpy.run_path <python:runpy.run_path> with a :class:Path <python:pathlib.Path> argument. This is now fixed, thanks to Ask Hjorth Larsen <pull 1819_>_.

• Fix: backslashes preceding a multi-line backslashed string could confuse the HTML report. This is now fixed, thanks to LiuYinCarl <pull 1828_>_.

• Now we publish wheels for Python 3.13, both regular and free-threaded.

.. _pull 1819: nedbat/coveragepy#1819 .. _pull 1828: nedbat/coveragepy#1828

.. _changes_7-6-0:

Version 7.6.0 — 2024-07-11

• Exclusion patterns can now be multi-line, thanks to Daniel Diniz <pull 1807_>. This enables many interesting exclusion use-cases, including those requested in issues 118 <issue 118_> (entire files), 996 <issue 996_>_ (multiple lines only when appearing together), 1741 <issue 1741_>_ (remainder of a function), and 1803 <issue 1803_>_ (arbitrary sequence of marked lines). See the :ref:multi_line_exclude section of the docs for more details and examples.

• The JSON report now includes per-function and per-class coverage information. Thanks to Daniel Diniz <pull 1809_>_ for getting the work started. This closes issue 1793_ and issue 1532_.

• Fixed an incorrect calculation of "(no class)" lines in the HTML classes report.

• Python 3.13.0b3 is supported.

.. _issue 118: nedbat/coveragepy#118 .. _issue 996: nedbat/coveragepy#996 .. _issue 1532: nedbat/coveragepy#1532 .. _issue 1741: nedbat/coveragepy#1741 .. _issue 1793: nedbat/coveragepy#1793 .. _issue 1803: nedbat/coveragepy#1803 .. _pull 1807: nedbat/coveragepy#1807 .. _pull 1809: nedbat/coveragepy#1809

.. _changes_7-5-4:

Commits

• 29f5898 docs: sample HTML for 7.6.1
• 9b829f1 docs: prep for 7.6.1
• ebbb6a2 build: wheels for 3.13rc1
• 3872525 chore: make upgrade
• 7a27f40 test: fix a test on free-threading, use abiflags to get site-packages path co...
• 2b53664 build: include gil/nogil in the version banner
• da1682f docs: changelog and contributor for #1828
• dc819ff test: two tests for #1828
• 9aaa404 fix: properly handle backslash before multi-line string (#1828)
• 9c50270 chore: make upgrade
• Additional commits viewable in compare view

Updates tox from 4.1.2 to 4.18.0

Release notes

Sourced from tox's releases.

4.18.0

What's Changed

• Fix #3278 - Boost temporary directories cleanup in tests by @​ziima in tox-dev/tox#3323
• Fix absolute base python paths conflicting by @​gaborbernat in tox-dev/tox#3325
• Fix #3318 - Suppress spinner in parallel runs in CI by @​ziima in tox-dev/tox#3321

Full Changelog: tox-dev/tox@4.17.1...4.18.0

4.17.1

What's Changed

• Restore limited <major>.<minor> environment name support by @​gaborbernat in tox-dev/tox#3319
• fix(tox_env.python): do not process absolute paths to interpreter as PythonSpec by @​paveldikov in tox-dev/tox#3311

New Contributors

• @​paveldikov made their first contribution in tox-dev/tox#3311

Full Changelog: tox-dev/tox@4.17.0...4.17.1

4.17.0

What's Changed

• Fix user guide system overview so nodes don't overlap. by @​Tom01098 in tox-dev/tox#3307
• Table with list of default env vars per OS by @​seyidaniels in tox-dev/tox#3291
• Add GraalPy and test both GraalPy and Jython env identifiers by @​timfel in tox-dev/tox#3312
• Add on platform constat to core by @​gaborbernat in tox-dev/tox#3315

New Contributors

• @​Tom01098 made their first contribution in tox-dev/tox#3307
• @​timfel made their first contribution in tox-dev/tox#3312

Full Changelog: tox-dev/tox@4.16.0...4.17.0

4.16.0

What's Changed

• Fix two small documentation issues by @​srenfo in tox-dev/tox#3297
• Fix tests after new setuptools by @​gaborbernat in tox-dev/tox#3299
• Add windir to the default list of pass_env variables on Windows by @​kurtmckee in tox-dev/tox#3303

New Contributors

• @​srenfo made their first contribution in tox-dev/tox#3297

Full Changelog: tox-dev/tox@4.15.1...4.16.0

... (truncated)

Changelog

Sourced from tox's changelog.

v4.18.0 (2024-08-13)

Features - 4.18.0

- Suppress spinner in parallel runs in CI - by :user:`ziima`. (:issue:`3318`)
Bugfixes - 4.18.0

• Boost temporary directories cleanup in tests - by :user:ziima. (:issue:3278)
• Fix absolute base python paths conflicting - by :user:gaborbernat. (:issue:3325)

v4.17.1 (2024-08-07)

Bugfixes - 4.17.1

- Support for running ``-e <major>.<minor>`` has been lost, fixing it - by :user:`gaborbernat`. (:issue:`2849`)
- ``base_python`` now accepts absolute paths to interpreter executable - by :user:`paveldikov`. (:issue:`3191`)
v4.17.0 (2024-08-05)
Features - 4.17.0

• Add graalpy prefix as a supported base python (:issue:3312)
• Add :ref:on_platform core configuration holding the tox platform and do not install package when exec an environment
  • by :user:gaborbernat. (:issue:3315)

Bugfixes - 4.17.0

- Add table with default environment variables per OS (:issue:`2753`)
v4.16.0 (2024-07-02)
Bugfixes - 4.16.0

• • Add windir to the default list of Windows pass_env environment variables. - by :user:kurtmckee (:issue:3302)

Improved Documentation - 4.16.0

- - Fix typo in configuration example and fix broken link to code style guide. - by :user:`srenfo` (:issue:`3297`)
v4.15.1 (2024-06-05)
Features - 4.15.1
- Fix ``skip_missing_interpreters`` option for ``package = wheel`` (:issue:`3269`)
</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/tox-dev/tox/commit/ea72694813a34573f75cbbe284792c4fa96c73c2&quot;&gt;&lt;code&gt;ea72694&lt;/code&gt;&lt;/a> release 4.18.0</li>

<li><a href="https://github.com/tox-dev/tox/commit/3b3628d451111ffc87f009a82eb65b53070377ec&quot;&gt;&lt;code&gt;3b3628d&lt;/code&gt;&lt;/a> Fix <a href="https://redirect.github.com/tox-dev/tox/issues/3318&quot;&gt;#3318&lt;/a> - Suppress spinner in parallel runs in CI (<a href="https://redirect.github.com/tox-dev/tox/issues/3321&quot;&gt;#3321&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/1ee4a3335b1195c85b2fe0db120355dd50324f79&quot;&gt;&lt;code&gt;1ee4a33&lt;/code&gt;&lt;/a> Fix absolute base python paths conflicting (<a href="https://redirect.github.com/tox-dev/tox/issues/3325&quot;&gt;#3325&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/add99edff0ac34520d637d0ce60f8902b1a95b55&quot;&gt;&lt;code&gt;add99ed&lt;/code&gt;&lt;/a> Fix <a href="https://redirect.github.com/tox-dev/tox/issues/3278&quot;&gt;#3278&lt;/a> - Boost temporary directories cleanup in tests (<a href="https://redirect.github.com/tox-dev/tox/issues/3323&quot;&gt;#3323&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/352a3dd778fa9ecb1ddb339c37536a79fef1c121&quot;&gt;&lt;code&gt;352a3dd&lt;/code&gt;&lt;/a> release 4.17.1</li>

<li><a href="https://github.com/tox-dev/tox/commit/fafce99fcb3d9943a10b219c16de299a82e8d491&quot;&gt;&lt;code&gt;fafce99&lt;/code&gt;&lt;/a> fix(tox_env.python): do not process absolute paths to interpreter as PythonSp...</li>

<li><a href="https://github.com/tox-dev/tox/commit/fdc9eb0355f3f58ca700147dc15e4c6894595bdf&quot;&gt;&lt;code&gt;fdc9eb0&lt;/code&gt;&lt;/a> Restore limited &lt;major&gt;.&lt;minor&gt; environment name support (<a href="https://redirect.github.com/tox-dev/tox/issues/3319&quot;&gt;#3319&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/2f7c60ec71d47f4099394af11999a840bc97c9a9&quot;&gt;&lt;code&gt;2f7c60e&lt;/code&gt;&lt;/a> release 4.17.0</li>

<li><a href="https://github.com/tox-dev/tox/commit/5425133459e9c0194c536eac332c06178ac0700e&quot;&gt;&lt;code&gt;5425133&lt;/code&gt;&lt;/a> Add on platform constat to core (<a href="https://redirect.github.com/tox-dev/tox/issues/3315&quot;&gt;#3315&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/2cf190ae5acc83488a9daef45e51cf964190e66d&quot;&gt;&lt;code&gt;2cf190a&lt;/code&gt;&lt;/a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/tox/issues/3306&quot;&gt;#3306&lt;/a&gt;)&lt;/li>

<li>Additional commits viewable in <a href="https://github.com/tox-dev/tox/compare/4.1.2...4.18.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates ruff from 0.5.1 to 0.6.1

Release notes
Sourced from ruff's releases.

0.6.1
Release Notes
This is a hotfix release to address an issue with ruff-pre-commit. In v0.6, Ruff changed its behavior to lint and format Jupyter notebooks by default; however, due to an oversight, these files were still excluded by default if Ruff was run via pre-commit, leading to inconsistent behavior. This has now been fixed.
Preview features

[fastapi] Implement fast-api-unused-path-parameter (FAST003) (#12638)

Rule changes

[pylint] Rename too-many-positional to too-many-positional-arguments (R0917) (#12905)

Server

Fix crash when applying "fix-all" code-action to notebook cells (#12929)

Other changes

[flake8-naming]: Respect import conventions (N817) (#12922)

Contributors

@​AlexWaygood
@​JonathanPlasse
@​Matthieu-LAURENT39
@​MichaReiser
@​carljm
@​dhruvmanila

Install ruff 0.6.1
Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.6.1/ruff-installer.sh | sh

Install prebuilt binaries via powershell script
powershell -c "irm https://github.com/astral-sh/ruff/releases/download/0.6.1/ruff-installer.ps1 | iex"

Download ruff 0.6.1



File
Platform
Checksum




ruff-aarch64-apple-darwin.tar.gz
Apple Silicon macOS
checksum


ruff-x86_64-apple-darwin.tar.gz
Intel macOS
checksum





... (truncated)


Changelog
Sourced from ruff's changelog.

0.6.1
This is a hotfix release to address an issue with ruff-pre-commit. In v0.6,
Ruff changed its behavior to lint and format Jupyter notebooks by default;
however, due to an oversight, these files were still excluded by default if
Ruff was run via pre-commit, leading to inconsistent behavior.
This has now been fixed.
Preview features

[fastapi] Implement fast-api-unused-path-parameter (FAST003) (#12638)

Rule changes

[pylint] Rename too-many-positional to too-many-positional-arguments (R0917) (#12905)

Server

Fix crash when applying "fix-all" code-action to notebook cells (#12929)

Other changes

[flake8-naming]: Respect import conventions (N817) (#12922)

0.6.0
Check out the blog post for a migration guide and overview of the changes!
Breaking changes
See also, the "Remapped rules" section which may result in disabled rules.

Lint and format Jupyter Notebook by default (#12878).
Detect imports in src layouts by default for isort rules (#12848)
The pytest rules PT001 and PT023 now default to omitting the decorator parentheses when there are no arguments (#12838).

Deprecations
The following rules are now deprecated:

pytest-missing-fixture-name-underscore (PT004)
pytest-incorrect-fixture-name-underscore (PT005)
unpacked-list-comprehension (UP027)

Remapped rules
The following rules have been remapped to new rule codes:

unnecessary-dict-comprehension-for-iterable: RUF025 to C420



... (truncated)


Commits

499c0bd Bump version to 0.6.1 (#12937)
4cb30b5 N817 docs: refer to the correct setting (#12935)
aba0d83 [flake8-naming]: Respect import conventions (N817) (#12922)
c319414 Ignore blank line rules for docs formatting (#12934)
ef1f6d9 Fix description of where the contributor list comes from in instructions for ...
b850b81 Use cell source code instead of the concatenated one (#12929)
a87b27c [red-knot] Add support for relative imports (#12910)
9b73532 [flake8-async] Fix examples to use async with (#12924)
d8debb7 Simplify logic for RUF027 (#12907)
bd4a947 [red-knot] Add symbol and definition for parameters (#12862)
Additional commits viewable in compare view




Updates mypy from 1.10.1 to 1.11.1

Changelog
Sourced from mypy's changelog.

Mypy Release Notes
Next release
Mypy 1.11
We’ve just uploaded mypy 1.11 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:
python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.
Support Python 3.12 Syntax for Generics (PEP 695)
Mypy now supports the new type parameter syntax introduced in Python 3.12 (PEP 695).
This feature is still experimental and must be enabled with the --enable-incomplete-feature=NewGenericSyntax flag, or with enable_incomplete_feature = NewGenericSyntax in the mypy configuration file.
We plan to enable this by default in the next mypy feature release.
This example demonstrates the new syntax:
# Generic function
def f[T](https://github.com/python/mypy/blob/master/x: T) -> T: ...
reveal_type(f(1))  # Revealed type is 'int'
Generic class
class C[T]:
def init(self, x: T) -> None:
self.x = x
c = C('a')
reveal_type(c.x)  # Revealed type is 'str'
Type alias
type A[T] = C[list[T]]

This feature was contributed by Jukka Lehtosalo.
Support for functools.partial
Mypy now type checks uses of functools.partial. Previously mypy would accept arbitrary arguments.
This example will now produce an error:
from functools import partial
</tr></table> 


... (truncated)


Commits

570b90a Bump version to 1.11
b3a102e Fix RawExpressionType.accept crash with --cache-fine-grained (#17588)
aec04c7 Fix PEP 604 isinstance caching (#17563)
cb44e4d Fix typing.TypeAliasType being undefined on python < 3.12 (#17558)
6cf9180 Fix types.GenericAlias lookup crash (#17543)
64c1ebf Bump version to 1.11.1+dev
dbd5f5c Remove +dev from version for 1.11 release
f0a8c69 Update CHANGELOG for mypy 1.11 (#17540)
371f780 CHANGELOG.md update for 1.11 (#17539)
2563da0 Fix daemon crash on invalid type in TypedDict (#17495)
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.