Bump tox from 4.13.0 to 4.16.0 by dependabot[bot] · Pull Request #376 · pinterest/snappass

dependabot · 2024-07-04T02:25:30Z

Bumps tox from 4.13.0 to 4.16.0.

Release notes

4.16.0

What's Changed

Fix two small documentation issues by @srenfo in tox-dev/tox#3297

Fix tests after new setuptools by @gaborbernat in tox-dev/tox#3299

Add windir to the default list of pass_env variables on Windows by @kurtmckee in tox-dev/tox#3303

New Contributors

@srenfo made their first contribution in tox-dev/tox#3297

Full Changelog: tox-dev/tox@4.15.1...4.16.0

4.15.1

What's Changed

fix skip with package = wheel by @MarcinKonowalczyk in tox-dev/tox#3269

Fixed typo in user guide. by @carltongibson in tox-dev/tox#3277

Fix broad build privileges @ GHA release workflow by @webknjaz in tox-dev/tox#3281

Allow ConfigSet.add_config to receive parameterized generics for of_type. by @ssbarnea in tox-dev/tox#3288

Fix section substitution with setenv by @JJLLWW in tox-dev/tox#3289

New Contributors

@MarcinKonowalczyk made their first contribution in tox-dev/tox#3269

@carltongibson made their first contribution in tox-dev/tox#3277

@JJLLWW made their first contribution in tox-dev/tox#3289

Full Changelog: tox-dev/tox@4.15.0...4.15.1

4.15.0

What's Changed

Remove duplicated and misleading configuration section by @jugmac00 in tox-dev/tox#3251

Fix dropped leading characters c from constraints' packages by @jugmac00 in tox-dev/tox#3250

Fix type-checking by @stefanor in tox-dev/tox#3260

Update installation.rst by @shenxianpeng in tox-dev/tox#3257

Allow appending to deps with the command line by @stefanor in tox-dev/tox#3259

Support multiple override appends by @amitschang in tox-dev/tox#3261

Add bang to invert exit code by @sillydan1 in tox-dev/tox#3271

fix(parser): Fix --discover parsed incorrectly from env by @mimre25 in tox-dev/tox#3274

New Contributors

@shenxianpeng made their first contribution in tox-dev/tox#3257

@amitschang made their first contribution in tox-dev/tox#3261

@sillydan1 made their first contribution in tox-dev/tox#3271

@mimre25 made their first contribution in tox-dev/tox#3274

Full Changelog: tox-dev/tox@4.14.2...4.15.0

... (truncated)

Changelog

Sourced from tox's changelog.

v4.16.0 (2024-07-02)

Bugfixes - 4.16.0

- - Add ``windir`` to the default list of Windows ``pass_env`` environment variables. - by :user:`kurtmckee` (:issue:`3302`)

Improved Documentation - 4.16.0

- Fix typo in configuration example and fix broken link to code style guide. - by :user:srenfo (:issue:3297)

v4.15.1 (2024-06-05)

Features - 4.15.1

- Fix ``skip_missing_interpreters`` option for ``package = wheel`` (:issue:`3269`)
Bugfixes - 4.15.1

Fix section substitution with setenv. (:issue:3262)
Allow ConfigSet.add_config to receive parameterized generics for of_type. (:issue:3288)

v4.15.0 (2024-04-26)

Features - 4.15.0

- Add support for multiple appending override options (-x, --override) on command line - by :user:`amitschang`. (:issue:`3261`)
- Add support for inverting exit code success criteria using bang (!) (:issue:`3271`)
Bugfixes - 4.15.0

Fix issue that the leading character c was dropped from packages in constraints files - by :user:jugmac00. (:issue:3247)
Allow appending to deps with --override testenv.deps+=foo - by :user:stefanor. (:issue:3256)
Fix non-existing branch rewrite in the documentation to main. (:issue:3257)
Update test typing for build 1.2.0, which has an explicit Distribution type - by :user:stefanor. (:issue:3260)
Fix broken input parsing for --discover flag. - by :user:mimre25 (:issue:3272)

Improved Documentation - 4.15.0

- Rephrase ``--discover`` flag's description to avoid confusion between paths and executables. - by :user:`mimre25` (:issue:`3274`)
v4.14.2 (2024-03-22)
Bugfixes - 4.14.2
- Add provision arguments to ToxParser to fix crash when provisioning new tox environment without list-dependencies by :user:`seyidaniels` (:issue:`3190`)
&lt;/tr&gt;&lt;/table&gt;

</code></pre>

</blockquote>

<p>... (truncated)</p>

</details>

<details>

<summary>Commits</summary>
<ul>

<li><a href="https://github.com/tox-dev/tox/commit/5646274f1a3cb681b70c1eb8470bbadc871ee3fc&quot;&gt;&lt;code&gt;5646274&lt;/code&gt;&lt;/a> release 4.16.0</li>

<li><a href="https://github.com/tox-dev/tox/commit/b12fa626520aa581e53deca76f622f547cfb3ff0&quot;&gt;&lt;code&gt;b12fa62&lt;/code&gt;&lt;/a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/tox/issues/3300&quot;&gt;#3300&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/264d44f3e2c97d6ed5cf194cb78a8bde5f80998c&quot;&gt;&lt;code&gt;264d44f&lt;/code&gt;&lt;/a> Add <code>windir</code> to the default list of <code>pass_env</code> variables on Windows (<a href="https://redirect.github.com/tox-dev/tox/issues/3303&quot;&gt;#3303&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/698f1dd6634c0df9fc56d14be2292e5f0764f15c&quot;&gt;&lt;code&gt;698f1dd&lt;/code&gt;&lt;/a> Fix tests after new setuptools (<a href="https://redirect.github.com/tox-dev/tox/issues/3299&quot;&gt;#3299&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/cf8db09e22a8cad11cc42c78216d4cc74fb63c6a&quot;&gt;&lt;code&gt;cf8db09&lt;/code&gt;&lt;/a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/tox-dev/tox/issues/3286&quot;&gt;#3286&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/a261614f34f1b1831b986e06af28170b43224537&quot;&gt;&lt;code&gt;a261614&lt;/code&gt;&lt;/a> Fix two small documentation issues (<a href="https://redirect.github.com/tox-dev/tox/issues/3297&quot;&gt;#3297&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/8bf2fbd0ff2da126783049d8f8e23255ed75b375&quot;&gt;&lt;code&gt;8bf2fbd&lt;/code&gt;&lt;/a> Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (<a href="https://redirect.github.com/tox-dev/tox/issues/3295&quot;&gt;#3295&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/079000fe80bb9baa3eb0e7f8f53f932810942d14&quot;&gt;&lt;code&gt;079000f&lt;/code&gt;&lt;/a> release 4.15.1</li>

<li><a href="https://github.com/tox-dev/tox/commit/489ad821e5b9c6d5aff500e1b3abc4292f52a2dc&quot;&gt;&lt;code&gt;489ad82&lt;/code&gt;&lt;/a> Fix section substitution with setenv (<a href="https://redirect.github.com/tox-dev/tox/issues/3289&quot;&gt;#3289&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/tox-dev/tox/commit/7317225d179a7bd70cbe409f5273d6aa3ffac488&quot;&gt;&lt;code&gt;7317225&lt;/code&gt;&lt;/a> Allow <code>ConfigSet.add_config</code> to receive parameterized generics for <code>of_type</code>....</li>

<li>Additional commits viewable in <a href="https://github.com/tox-dev/tox/compare/4.13.0...4.16.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />



Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [tox](https://github.com/tox-dev/tox) from 4.13.0 to 4.16.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.13.0...4.16.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [tox](https://github.com/tox-dev/tox) from 4.13.0 to 4.16.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.13.0...4.16.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump cryptography from 37.0.2 to 39.0.2 (pinterest#224) Bumps [cryptography](https://github.com/pyca/cryptography) from 37.0.2 to 39.0.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@37.0.2...39.0.2) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Snyk] Security upgrade werkzeug from 2.1.2 to 2.2.3 (pinterest#221) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump flake8 from 4.0.1 to 6.0.0 (pinterest#205) Bumps [flake8](https://github.com/pycqa/flake8) from 4.0.1 to 6.0.0. - [Release notes](https://github.com/pycqa/flake8/releases) - [Commits](PyCQA/flake8@4.0.1...6.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove py3.7 (pinterest#234) * Remove py3.7 * Restore cache action * Bump cryptography from 39.0.2 to 41.0.1 (pinterest#260) Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.2 to 41.0.1. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@39.0.2...41.0.1) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tox from 3.25.0 to 4.6.0 (pinterest#262) Bumps [tox](https://github.com/tox-dev/tox) from 3.25.0 to 4.6.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@3.25.0...4.6.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 1.7.5 to 2.14.1 (pinterest#263) Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 1.7.5 to 2.14.1. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v1.7.5...v2.14.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flask from 2.1.2 to 2.3.2 (pinterest#250) Bumps [flask](https://github.com/pallets/flask) from 2.1.2 to 2.3.2. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@2.1.2...2.3.2) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.1.2 to 7.3.1 (pinterest#243) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.2 to 7.3.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.1.2...7.3.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis from 4.5.3 to 4.5.5 (pinterest#253) Bump redis from 4.3.3 to 4.5.5 Bumps [redis](https://github.com/redis/redis-py) from 4.3.3 to 4.5.5. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.3.3...v4.5.5) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuru Shao <yshao@pinterest.com> * Bump coverage from 6.4.1 to 7.2.7 (pinterest#267) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.1 to 7.2.7. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](coveragepy/coveragepy@6.4.1...7.2.7) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest-cov from 3.0.0 to 4.1.0 (pinterest#266) Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 3.0.0 to 4.1.0. - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v3.0.0...v4.1.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/checkout from 3 to 4 (pinterest#282) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Snyk] Security upgrade cryptography from 41.0.1 to 41.0.4 (pinterest#284) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump tox from 4.6.0 to 4.11.3 (pinterest#287) Bumps [tox](https://github.com/tox-dev/tox) from 4.6.0 to 4.11.3. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.6.0...4.11.3) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 2.14.1 to 2.20.0 Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.14.1 to 2.20.0. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v2.14.1...v2.20.0) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump redis from 4.5.5 to 5.0.1 Bumps [redis](https://github.com/redis/redis-py) from 4.5.5 to 5.0.1. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v4.5.5...v5.0.1) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Install deps from requirements.txt (pinterest#303) * Prepare 1.6.1 release (pinterest#304) * Prepare 1.6.1 release * Update configs * Fix dev requirements * Bump version: 1.6.0 → 1.6.1 (pinterest#305) * Use urllib.parse for quoting/unquoting plus instead of deprecated werkzeug.urls (pinterest#300) Use urllib.parse for quoting/unquoting plus werkzeug.urls.url_quote_plus and werkzeug.urls.url_unquote_plus were deprecated and are removed in 3.0.0 and newer versions. * Bump actions/setup-python from 4 to 5 (pinterest#306) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github/codeql-action from 2 to 3 (pinterest#309) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump werkzeug from 2.3.3 to 3.0.1 (pinterest#295) Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.3.3 to 3.0.1. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@2.3.3...3.0.1) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flask from 2.3.2 to 3.0.0 (pinterest#294) Bumps [flask](https://github.com/pallets/flask) from 2.3.2 to 3.0.0. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](pallets/flask@2.3.2...3.0.0) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 7.3.1 to 7.4.4 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.3.1 to 7.4.4. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.3.1...7.4.4) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump version: 1.6.1 → 1.6.2 (pinterest#311) * Bump freezegun from 1.2.1 to 1.4.0 Bumps [freezegun](https://github.com/spulec/freezegun) from 1.2.1 to 1.4.0. - [Release notes](https://github.com/spulec/freezegun/releases) - [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG) - [Commits](spulec/freezegun@1.2.1...1.4.0) --- updated-dependencies: - dependency-name: freezegun dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump flake8 from 6.0.0 to 7.0.0 Bumps [flake8](https://github.com/pycqa/flake8) from 6.0.0 to 7.0.0. - [Commits](PyCQA/flake8@6.0.0...7.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Add health check endpoint (pinterest#329) * Add health check endpoint * Add assertion on status * add i18n to Snappass * Bump fakeredis from 2.20.0 to 2.21.1 Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.20.0 to 2.21.1. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v2.20.0...v2.21.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * remove import of flask, g * Add empty translations for de and es * Bump cryptography from 41.0.4 to 42.0.3 Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.4 to 42.0.3. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@41.0.4...42.0.3) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Add German Translation * Bump pytest from 7.4.4 to 8.0.1 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.4 to 8.0.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.4.4...8.0.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump coverage from 7.2.7 to 7.4.2 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.2.7 to 7.4.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](coveragepy/coveragepy@7.2.7...7.4.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump tox from 4.11.3 to 4.13.0 Bumps [tox](https://github.com/tox-dev/tox) from 4.11.3 to 4.13.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.11.3...4.13.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix missing bracket * restore extra spaces * Add Spanish and fixup NL&DE * TIL flake8 :) * Bump actions/cache from 3 to 4 (pinterest#320) Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v3...v4) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump jinja2 from 3.1.2 to 3.1.3 (pinterest#336) Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](pallets/jinja@3.1.2...3.1.3) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add /api endpoint for automated flows (pinterest#316) * add /api endpoint * pass password in request body when using API * flake8 fixed; tests added * flake8 fixed test.py --------- Co-authored-by: Reinoud van Leeuwen <reinoud.van.leeuwen@itcreation.nl> * Bump pytest from 8.0.1 to 8.1.0 Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.0.1 to 8.1.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.0.1...8.1.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump pytest-cov from 4.1.0 to 5.0.0 Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 4.1.0 to 5.0.0. - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest-cov@v4.1.0...v5.0.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * 🚧 Add a 'modern' REST API * 🚧 Add RFC7807 response type * 🚧 Import missing parts * 🎨 Cleanup * ♻️ Use token as name for password_key * 🧑‍💻 Use HATEHOAS style * ✅ Finish test suite implementation * 📝 Add documentation about new APIs * 🎨 flake8 * 🚸 Remove URL encoding from token * 🚸 Add a link to web view Allowing usage of the password into a subsystem which target human * Bump wheel from 0.42.0 to 0.43.0 Bumps [wheel](https://github.com/pypa/wheel) from 0.42.0 to 0.43.0. - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](pypa/wheel@0.42.0...0.43.0) --- updated-dependencies: - dependency-name: wheel dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933 * Bump tox from 4.13.0 to 4.16.0 (pinterest#376) Bumps [tox](https://github.com/tox-dev/tox) from 4.13.0 to 4.16.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.13.0...4.16.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump coverage from 7.4.2 to 7.6.0 (pinterest#379) Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.4.2 to 7.6.0. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](coveragepy/coveragepy@7.4.2...7.6.0) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 2.21.1 to 2.23.4 (pinterest#381) Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.21.1 to 2.23.4. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v2.21.1...v2.23.4) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Snyk] Security upgrade cryptography from 42.0.3 to 42.0.8 (pinterest#371) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6913422 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump freezegun from 1.4.0 to 1.5.1 (pinterest#362) Bumps [freezegun](https://github.com/spulec/freezegun) from 1.4.0 to 1.5.1. - [Release notes](https://github.com/spulec/freezegun/releases) - [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG) - [Commits](spulec/freezegun@1.4.0...1.5.1) --- updated-dependencies: - dependency-name: freezegun dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [Snyk] Security upgrade jinja2 from 3.1.3 to 3.1.4 (pinterest#359) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump itsdangerous from 2.1.2 to 2.2.0 (pinterest#347) Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 2.1.2 to 2.2.0. - [Release notes](https://github.com/pallets/itsdangerous/releases) - [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst) - [Commits](pallets/itsdangerous@2.1.2...2.2.0) --- updated-dependencies: - dependency-name: itsdangerous dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuru Shao <yshao@pinterest.com> * Environment variables for default port and bind address (pinterest#342) * Add env vars to override default bind address and port * Update main.py Prefix bind address and port with SNAPPASS_ * Update README.rst update readme to prefix SNAPPASS_ to bind address and port --------- Co-authored-by: Yuru Shao <yshao@pinterest.com> * Bump cryptography from 42.0.8 to 43.0.0 (pinterest#382) Bumps [cryptography](https://github.com/pyca/cryptography) from 42.0.8 to 43.0.0. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@42.0.8...43.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pytest from 8.1.0 to 8.3.2 (pinterest#385) Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.1.0 to 8.3.2. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@8.1.0...8.3.2) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flake8 from 7.0.0 to 7.1.1 (pinterest#383) Bumps [flake8](https://github.com/pycqa/flake8) from 7.0.0 to 7.1.1. - [Commits](PyCQA/flake8@7.0.0...7.1.1) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump wheel from 0.43.0 to 0.44.0 (pinterest#384) Bumps [wheel](https://github.com/pypa/wheel) from 0.43.0 to 0.44.0. - [Release notes](https://github.com/pypa/wheel/releases) - [Changelog](https://github.com/pypa/wheel/blob/main/docs/news.rst) - [Commits](pypa/wheel@0.43.0...0.44.0) --- updated-dependencies: - dependency-name: wheel dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tox from 4.16.0 to 4.17.0 (pinterest#386) Bumps [tox](https://github.com/tox-dev/tox) from 4.16.0 to 4.17.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.16.0...4.17.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump tox from 4.17.0 to 4.18.0 (pinterest#388) Bumps [tox](https://github.com/tox-dev/tox) from 4.17.0 to 4.18.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.17.0...4.18.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 2.23.4 to 2.24.1 (pinterest#390) Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.23.4 to 2.24.1. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v2.23.4...v2.24.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix i18n (pinterest#375) * fix i18n * Ignore linter error regarding _ * [Snyk] Security upgrade cryptography from 43.0.0 to 43.0.1 (pinterest#391) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-7886970 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Bump tox from 4.18.0 to 4.23.0 (pinterest#405) Bumps [tox](https://github.com/tox-dev/tox) from 4.18.0 to 4.23.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](tox-dev/tox@4.18.0...4.23.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump fakeredis from 2.24.1 to 2.25.1 (pinterest#397) Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.24.1 to 2.25.1. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](cunla/fakeredis-py@v2.24.1...v2.25.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump redis from 5.0.1 to 5.1.1 (pinterest#401) Bumps [redis](https://github.com/redis/redis-py) from 5.0.1 to 5.1.1. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](redis/redis-py@v5.0.1...v5.1.1) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Improve german translation (pinterest#412) * Improve german translation The translation was very inconsistent in naming the components and addressing the user. This has been improved. * Further improvements to the german translation Fix some more mistakes in the translation * Update messages.po minor improvements * [Snyk] Security upgrade werkzeug from 2.2.3 to 3.0.6 (pinterest#409) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309091 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309092 Co-authored-by: snyk-bot <snyk-bot@snyk.io> * Update NL messages.po (pinterest#424) fix typo * add French translation by snaaky404, fixes pinterest#380 (pinterest#422) * update image to use safepass * update branding in the base theme * add pre-commit config file * project configuration * update placeholder for secret input * chore: add matomo js stuff * chore: add matomo values injector * chore: fix matomo.php's path * Patch: get secrets id using a query parameter (#36) * chore: set and retreive passwords using a query parameter * chore: disallow matomo from tracking query params * Add wp ci (#40) * chore: remove old drone file * builds: add new wp builds file * Bump actions/checkout from 3 to 4 (pinterest#282) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Install deps from requirements.txt (pinterest#303) * Bump github/codeql-action from 2 to 3 (pinterest#309) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add i18n to Snappass * fix i18n (pinterest#375) * fix i18n * Ignore linter error regarding _ * ci(pc): add pre-commit configuration * feat(branding): add safepass branding * ci(workflows): update branch names in triggers * ci(pc): add samplr pc hook * fix(project): fix formatting issues * ci(samplr): add samplr configuration * build(gitignore): update ignores for environment configuration * refactor(compose): revert docker compose file * fix(main.py): add matomo environment variables * ci: setup samplr * refactor(i18n): update branding from snappass to safepass --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Devin Lundberg <devin60070@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Yuru Shao <yshao@pinterest.com> Co-authored-by: Yuping Li <ypli@ksu.edu> Co-authored-by: vin01 <30344579+vin01@users.noreply.github.com> Co-authored-by: systeembeheerder <19684880+systeembeheerder@users.noreply.github.com> Co-authored-by: Reinoud van Leeuwen <github@leeuwen.net> Co-authored-by: Reinoud van Leeuwen <reinoud.van.leeuwen@itcreation.nl> Co-authored-by: Emilien GUILMINEAU <XREvo@users.noreply.github.com> Co-authored-by: Emilien GUILMINEAU <guilmineau.emilien@gmail.com> Co-authored-by: Egg <45681670+Radical-Egg@users.noreply.github.com> Co-authored-by: Viktor Haid <52320564+viktorhaid@users.noreply.github.com> Co-authored-by: S. Neuhaus <neuhaus@users.noreply.github.com> Co-authored-by: George Khoury <g.khoury@josa.ngo> Co-authored-by: Baraa Al-Masri <pub@mbaraa.com> Co-authored-by: thamudi <18720062+thamudi@users.noreply.github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jul 4, 2024

dependabot Bot mentioned this pull request Jul 4, 2024

Bump tox from 4.13.0 to 4.15.1 #366

Closed

yurushao approved these changes Aug 2, 2024

View reviewed changes

yurushao merged commit e247322 into master Aug 2, 2024

dependabot Bot deleted the dependabot/pip/tox-4.16.0 branch August 2, 2024 22:18

silverl mentioned this pull request Nov 2, 2024

ls/latest updates trackabout/snappass#45

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump tox from 4.13.0 to 4.16.0#376

Bump tox from 4.13.0 to 4.16.0#376
yurushao merged 1 commit intomasterfrom
dependabot/pip/tox-4.16.0

dependabot Bot commented on behalf of github Jul 4, 2024

v4.14.2 (2024-03-22)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Jul 4, 2024

4.16.0

What's Changed

New Contributors

4.15.1

What's Changed

New Contributors

4.15.0

What's Changed

New Contributors

v4.16.0 (2024-07-02)

v4.15.1 (2024-06-05)

v4.15.0 (2024-04-26)

v4.14.2 (2024-03-22)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant