Skip to content

Bump the dependencies group with 7 updates #52

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the dependencies group with 7 updates #52

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 19, 2024
edited
Loading

Bumps the dependencies group with 7 updates:

Package From To
pygithub 1.59.1 2.2.0
duckdb 0.9.2 0.10.1
tqdm 4.65.2 4.66.2
more-itertools 10.1.0 10.2.0
prql-python 0.9.5 0.11.2
psutil 5.9.6 5.9.8
black 23.7.0 24.3.0

Updates pygithub from 1.59.1 to 2.2.0

Release notes

Sourced from pygithub's releases.

v2.2.0

Breaking Changes

The github.Comparison.Comparison instance returned by Repository.compare provides a commits property that used to return a list[github.Commit.Commit], which has now been changed to PaginatedList[github.Commit.Commit]. This breaks user code that assumes a list:

commits = repo.compare("v0.6", "v0.7").commits
no_of_commits = len(commits)  # will raise a TypeError

This will raise a TypeError: object of type 'PaginatedList' has no len(), as the returned PaginatedList does not support the len() method. Use the totalCount property instead:

commits = repo.compare("v0.6", "v0.7").commits
no_of_commits = commits.totalCount

New features

  • Add support to call GraphQL API

Improvements

Bug Fixes

... (truncated)

Changelog

Sourced from pygithub's changelog.

Version 2.2.0 (January 28, 2024)

Breaking Changes ^^^^^^^^^^^^^^^^

  • The github.Comparison.Comparison instance returned by Repository.compare provides a commits property that used to return a list[github.Commit.Commit], which has now been changed to PaginatedList[github.Commit.Commit]. This breaks user code that assumes a list:

.. code-block:: python

commits = repo.compare("v0.6", "v0.7").commits
no_of_commits = len(commits)

This will raise a TypeError: object of type 'PaginatedList' has no len(), as the returned PaginatedList does not support the len() method. Use the totalCount property instead:

.. code-block:: python

commits = repo.compare("v0.6", "v0.7").commits
no_of_commits = commits.totalCount

New features ^^^^^^^^^^^^

  • Add support to call GraphQL API

Improvements ^^^^^^^^^^^^

  • Add parent_team_id, maintainers and notification_setting for creating and updating teams. (#2863) (49d07d16)
  • Add support for issue reactions summary (#2866) (cc4c5269)
  • Support for DependabotAlert APIs (#2879) (14af7051)
  • Derive GraphQL URL from base_url (#2880) (d0caa3c3)
  • Make Repository.compare().commits return paginated list (#2882) (2d284d1e)
  • Add missing branch protection fields (#2873) (e47c153b)
  • Add include_all_branches to create_repo_from_template of AuthenticatedUser and Organization (#2871) (34c4642e)
  • Add and update organisation dependabot secrets (#2316) (603896f4)
  • Add missing params to Organization.create_repo (#2700) (9c61a2a4)
  • Update allowed values for Repository collaborator permissions (#1996) (b5b66da8)
  • Support editing PullRequestReview (#2851) (b1c4c561)
  • Update attributes after calling PullRequestReview.dismiss (#2854) (6f3d714c)
  • Add request_cve on RepositoryAdvisories (#2855) (41b617b7)
  • Filter collaborators of a repository by permissions (#2792) (702c127a)
  • Set pull request to auto merge via GraphQL API (#2816) (232df79a)
  • Support Environment Variables and Secrets (#2848) (7df97398)
  • Update workflow.get_runs & pullrequest.add_to_assignees function signature (#2799) (26eedbb0)
  • Add GithubObject.last_modified_datetime to have last_modified as a datetime (#2772) (e7ce8189)

... (truncated)

Commits
  • 7e7653f Release v2.2.0 (#2886)
  • 49d07d1 Add parent_team_id, maintainers and notification_setting for creating and upd...
  • cc4c526 Add support for issue reactions summary (#2866)
  • 2d284d1 Make Repository.compare().commits return paginated list (#2882)
  • 14af705 Support for DependabotAlert APIs (#2879)
  • d0caa3c Derive GraphQL URL from base_url (#2880)
  • e47c153 Add missing branch protection fields (#2873)
  • 34c4642 Add include_all_branches to create_repo_from_template of `AuthenticatedUs...
  • 603896f Add and update organisation dependabot secrets (#2316)
  • 2f44b2e Update the class name for NetrcAuth in the examples (#2860)
  • Additional commits viewable in compare view

Updates duckdb from 0.9.2 to 0.10.1

Release notes

Sourced from duckdb's releases.

v0.10.1 Bugfix Release

This is a bug fix release for various issues discovered after we released 0.10.0. There are no new features, just bug fixes. Database files created by DuckDB v0.10.0 or v0.9.* can be read by DuckDB v0.10.1.

What's Changed

... (truncated)

Commits
  • 867df6f Disable jemalloc on arm in Python extension as well
  • a655c5c [Dev] get_git_describe: Allow 'g' to be prepended to hash
  • 587d76f Merge pull request #11209 from carlopi/fix_py_override_describe
  • 6686dcf [Dev] More fixes to get_git_describe logic
  • 6d0039c [Dev] catch only subprocess.CalledProcessError, with @​Tishj
  • 7faa4c7 separate out the fixes
  • c353a1a [Dev] Add import to tools/pythonpkg/setup.py
  • b72b993 Merge pull request #11175 from cmdlineluser/is-null-or-not-is-null
  • 8c8991c Python: explcitly provide version in setup.py
  • 4c68838 Add stubs
  • Additional commits viewable in compare view

Updates tqdm from 4.65.2 to 4.66.2

Release notes

Sourced from tqdm's releases.

tqdm v4.66.2 stable

  • pandas: add DataFrame.progress_map (#1549)
  • notebook: fix HTML padding (#1506)
  • keras: fix resuming training when verbose>=2 (#1508)
  • fix format_num negative fractions missing leading zero (#1548)
  • fix Python 3.12 DeprecationWarning on import (#1519)
  • linting: use f-strings (#1549)
  • update tests (#1549)
  • CI: bump actions (#1549)

tqdm v4.66.1 stable

  • fix utils.envwrap types (#1493 <- #1491, #1320 <- #966, #1319)
    • e.g. cloudwatch & kubernetes workaround: export TQDM_POSITION=-1
  • drop mentions of unsupported Python versions

tqdm v4.66.0 stable

  • environment variables to override defaults (TQDM_*) (#1491 <- #1061, #950 <- #614, #1318, #619, #612, #370)
    • e.g. in CI jobs, export TQDM_MININTERVAL=5 to avoid log spam
    • add tests & docs for tqdm.utils.envwrap
  • fix & update CLI completion
  • fix & update API docs
  • minor code tidy: replace os.path => pathlib.Path
  • fix docs image hosting
  • release with CI bot account again (cli/cli#6680)
Commits

Updates more-itertools from 10.1.0 to 10.2.0

Release notes

Sourced from more-itertools's releases.

Version 10.2.0

  • New functions

    • iter_suppress (thanks to jaraco, pochmann, and rhettinger)
    • filter_map (thanks to struktured)
    • classify_unique (thanks to haukex)
    • totient (from the itertools docs)
    • reshape (from the itertools docs)

  • Changes to existing functions

    • factor, iter_index, sieve, and unique_justseen were updated to match the itertools docs
    • first was was optimized (thanks to pochmann)
    • takewhile_inclusive was was refactored (thanks to eltoder)
    • combination_with_replacement_index was was optimized (thanks to elliotwutingfeng and rhettinger)
    • nth_permutation, nth_combination_with_replacement, combination_index, and combination_with_replacement_index were optimized (thanks to rhettinger)
    • batched now accepts a strict argument (adapted from itertools docs)
    • time_limited was improved for Windows (thanks to haukex)

  • Other changes

    • Several typing updates were made (thanks to obaltian and ilai-deutel)
    • Some documentation issues were fixed (thanks to F-park, DimitriPapadopoulos, peterbygrave, shuuji3, eltoder, and homeworkprod)
Commits
  • 1e0e662 Merge pull request #789 from more-itertools/version-10.2.0
  • 6700628 Add time_limited credit
  • 740ea62 Merge remote-tracking branch 'origin/master' into version-10.2.0
  • 3e94640 Merge pull request #791 from haukex/time_limit_0
  • fcd1f88 Fix up credits
  • 7313c86 Ensure time_limited(0, ...) always returns nothing
  • f83ff28 Attempt to fix RTD theme, round 2
  • 451c06f Attempt to fix RTD theme
  • f7d7c5a Add missing commas
  • 51ad8fb Bump version: 10.1.0 → 10.2.0
  • Additional commits viewable in compare view

Updates prql-python from 0.9.5 to 0.11.2

Release notes

Sourced from prql-python's releases.

0.11.2 — 2023-02-07

0.11.2 contains lots of internal changes, lots of syntax highlighting, and the beginning of lutra, a query runner.

This release has 122 commits from 9 contributors. Selected changes include:

Features:

Fixes:

Integrations:

Internal changes:

  • prql-compiler has been renamed to prqlc, and we've established a more consistent naming scheme. The existing crate will still be published, re-exporting prqlc, so no dependencies will break. A future version will add a deprecation warning.
  • The prqlc-clib crate was renamed to prqlc-c, and associated artifacts were renamed. We're trying to make names consistent (ideally for the final time!), and have a plan to rename some other bindings. (@​max-sixty, #4077)
  • Add lots of whitespace items to the lexer, in preparation for the completion of prqlc fmt (@​max-sixty, #4109, #4105)
  • Table declarations (@​aljazerzen, #4126)

New Contributors:

0.11.1 fixes a couple of small bugs; it comes a few days after 0.11.

This release has 16 commits from 6 contributors. Selected changes:

Features:

  • Infer the type of array literals to be the union of types of its items. (@​aljazerzen, #3989)
  • prql module is added and the prql_version function is renamed to the prql.version function. The old prql_version function is deprecated and will be removed in the future release. (@​eitsupi, #4006)

Fixes:

  • Do not compile to DISTINCT ON when take n is used with group for the targets clickhouse, duckdb and postgres. (@​PrettyWood, #3988)
  • Fix take n rows for mssql dialect by switching from TOP to FETCH (@​PrettyWood, #3994)

0.11.0 introduces new date, text & math modules with lots of standard functions, including a new date.to_text function. It contains a few bugs fixes, and lots of internal improvements to the compiler.

This release has 119 commits from 9 contributors. Selected changes:

Language:

  • Breaking: group's by columns are now excluded from the partition. (#3490)
  • Breaking: round is now in the math module and needs to be called via math.round. (#3928)
  • Breaking: lower and upper are now in the text module and need to be called via text.lower and text.upper. (#3913, #3973)

... (truncated)

Changelog

Sourced from prql-python's changelog.

0.11.2 — 2024-02-07

0.11.2 contains lots of internal changes, lots of syntax highlighting, and the beginning of lutra, a query runner.

This release has 122 commits from 9 contributors. Selected changes:

Features:

Fixes:

Integrations:

Internal changes:

  • prql-compiler has been renamed to prqlc, and we've established a more consistent naming scheme. The existing crate will still be published, re-exporting prqlc, so no dependencies will break. A future version will add a deprecation warning.
  • The prqlc-clib crate was renamed to prqlc-c, and associated artifacts were renamed. We're trying to make names consistent (ideally for the final time!), and have a plan to rename some other bindings. (@​max-sixty, #4077)
  • Add lots of whitespace items to the lexer, in preparation for the completion of prqlc fmt (@​max-sixty, #4109, #4105)
  • Table declarations (@​aljazerzen, #4126)

New Contributors:

0.11.1 — 2023-12-26

0.11.1 fixes a couple of small bugs; it comes a few days after 0.11.

This release has 16 commits from 6 contributors. Selected changes:

Features:

... (truncated)

Commits

Updates psutil from 5.9.6 to 5.9.8

Changelog

Sourced from psutil's changelog.

5.9.8

2024-01-19

Enhancements

  • 2343_, [FreeBSD]: filter net_connections()_ returned list in C instead of Python, and avoid to retrieve unnecessary connection types unless explicitly asked. E.g., on an IDLE system with few IPv6 connections this will run around 4 times faster. Before all connection types (TCP, UDP, UNIX) were retrieved internally, even if only a portion was returned.
  • 2342_, [NetBSD]: same as above (#2343) but for NetBSD.
  • 2349_: adopted black formatting style.

Bug fixes

  • 930_, [NetBSD], [critical]: net_connections()_ implementation was broken. It could either leak memory or core dump.
  • 2340_, [NetBSD]: if process is terminated, Process.cwd()_ will return an empty string instead of raising NoSuchProcess_.
  • 2345_, [Linux]: fix compilation on older compiler missing DUPLEX_UNKNOWN.
  • 2222_, [macOS]: cpu_freq() now returns fixed values for min and max frequencies in all Apple Silicon chips.

5.9.7

2023-12-17

Enhancements

  • 2324_: enforce Ruff rule raw-string-in-exception, which helps providing clearer tracebacks when exceptions are raised by psutil.

Bug fixes

  • 2325_, [PyPy]: psutil did not compile on PyPy due to missing PyErr_SetExcFromWindowsErrWithFilenameObject cPython API.
Commits

Updates black from 23.7.0 to 24.3.0

Release notes

Sourced from black's releases.

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

  • Don't move comments along with delimiters, which could cause crashes (#4248)
  • Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
  • Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

  • Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

  • Note what happens when --check is used with --quiet (#4236)

24.2.0

Stable style

  • Fixed a bug where comments where mistakenly removed along with redundant parentheses (#4218)

Preview style

  • Move the hug_parens_with_braces_and_square_brackets feature to the unstable style due to an outstanding crash and proposed formatting tweaks (#4198)
  • Fixed a bug where base expressions caused inconsistent formatting of ** in tenary expression (#4154)
  • Checking for newline before adding one on docstring that is almost at the line limit (#4185)
  • Remove redundant parentheses in case statement if guards (#4214).

Configuration

... (truncated)

Changelog

Sourced from black's changelog.

24.3.0

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

  • Don't move comments along with delimiters, which could cause crashes (#4248)
  • Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. (#4270)
  • Fix a bug where line-ranges exceeding the last code line would not work as expected (#4273)

Performance

  • Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes CVE-2024-21503. (#4278)

Documentation

  • Note what happens when --check is used with --quiet (#4236)

24.2.0

Stable style

  • Fixed a bug where comments where mistakenly removed along with redundant parentheses (#4218)

Preview style

  • Move the hug_parens_with_braces_and_square_brackets feature to the unstable style due to an outstanding crash and proposed formatting tweaks (#4198)
  • Fixed a bug where base expressions caused inconsistent formatting of ** in tenary expression (#4154)
  • Checking for newline before adding one on docstring that is almost at the line limit (#4185)
  • Remove redundant parentheses in case statement if guards (#4214).

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 19, 2024
@dependabot dependabot bot mentioned this pull request Mar 19, 2024
Closed
@dependabot dependabot bot force-pushed the dependabot/pip/dependencies-d8bbcc4cd3 branch 2 times, most recently from 6d6fc24 to a787218 Compare March 21, 2024 07:30
@dependabot
Bump the dependencies group with 7 updates
14c96d1 
Bumps the dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [pygithub](https://github.com/pygithub/pygithub) | `1.59.1` | `2.2.0` |
| [duckdb](https://github.com/duckdb/duckdb) | `0.9.2` | `0.10.1` |
| [tqdm](https://github.com/tqdm/tqdm) | `4.65.2` | `4.66.2` |
| [more-itertools](https://github.com/more-itertools/more-itertools) | `10.1.0` | `10.2.0` |
| [prql-python](https://github.com/PRQL/prql) | `0.9.5` | `0.11.2` |
| [psutil](https://github.com/giampaolo/psutil) | `5.9.6` | `5.9.8` |
| [black](https://github.com/psf/black) | `23.7.0` | `24.3.0` |


Updates `pygithub` from 1.59.1 to 2.2.0
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](PyGithub/PyGithub@v1.59.1...v2.2.0)

Updates `duckdb` from 0.9.2 to 0.10.1
- [Release notes](https://github.com/duckdb/duckdb/releases)
- [Changelog](https://github.com/duckdb/duckdb/blob/main/tools/release-pip.py)
- [Commits](duckdb/duckdb@v0.9.2...v0.10.1)

Updates `tqdm` from 4.65.2 to 4.66.2
- [Release notes](https://github.com/tqdm/tqdm/releases)
- [Commits](tqdm/tqdm@v4.65.2...v4.66.2)

Updates `more-itertools` from 10.1.0 to 10.2.0
- [Release notes](https://github.com/more-itertools/more-itertools/releases)
- [Commits](more-itertools/more-itertools@v10.1.0...v10.2.0)

Updates `prql-python` from 0.9.5 to 0.11.2
- [Release notes](https://github.com/PRQL/prql/releases)
- [Changelog](https://github.com/PRQL/prql/blob/main/CHANGELOG.md)
- [Commits](PRQL/prql@0.9.5...0.11.2)

Updates `psutil` from 5.9.6 to 5.9.8
- [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst)
- [Commits](giampaolo/psutil@release-5.9.6...release-5.9.8)

Updates `black` from 23.7.0 to 24.3.0
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](psf/black@23.7.0...24.3.0)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: duckdb
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tqdm
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: more-itertools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: prql-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: psutil
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/dependencies-d8bbcc4cd3 branch from a787218 to 14c96d1 Compare March 22, 2024 07:35
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 25, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Mar 25, 2024
@dependabot dependabot bot deleted the dependabot/pip/dependencies-d8bbcc4cd3 branch March 25, 2024 07:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant