Merged
Conversation
Silly typo in #659 — turns out macOS is where it fails with the wrong flags, not Linux
Goes from a range of 26-32m -> 15->23m
Picking up astral-sh/python-build-standalone#93 --------- Co-authored-by: Adrian Antkowiak <adiantek@gmail.com>
I think this will be a useful precursor to astral-sh/python-build-standalone#670
As in #672 this seems helpful for #670
Using the free GitHub runners for Linux breaks those builds :)
Uses a raw string literal for the regex to avoid
```
python-build-standalone/pythonbuild/cpython.py:675: SyntaxWarning: invalid escape sequence '\{'
RE_INITTAB_ENTRY = re.compile('\{"([^"]+)", ([^\}]+)\},')
```
This seems to "just work." Let's stay modern.
I think deletion of the legacy proto packages a few commits ago fixed up the build failures the deleted comment alluded to.
I just published an LLVM 20 toolchain for aarch64. The toolchain has support for PGO and BOLT. This commit switches the Linux aarch64 builds to be performed natively on aarch64 machines. PGO and BOLT are enabled on the builds, hopefully making them a bit faster.
This task was deferred from the initial Python 3.14 support. There's already support on Windows.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/astral-sh/python-build-standalone/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the python group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [certifi](https://github.com/certifi/python-certifi) | `2025.4.26` | `2025.6.15` | | [pyyaml](https://github.com/yaml/pyyaml) | `6.0.1` | `6.0.2` | | [rpds-py](https://github.com/crate-py/rpds) | `0.25.1` | `0.26.0` | | [typing-extensions](https://github.com/python/typing_extensions) | `4.13.2` | `4.14.1` | | [mypy](https://github.com/python/mypy) | `1.16.0` | `1.16.1` | | [ruff](https://github.com/astral-sh/ruff) | `0.11.13` | `0.12.2` | Updates `certifi` from 2025.4.26 to 2025.6.15 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/certifi/python-certifi/commit/e767d5938eddddf804216cec93a55c85129c5f2d"><code>e767d59</code></a> 2025.06.15 (<a href="https://redirect.github.com/certifi/python-certifi/issues/357">#357</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/3e7076557d66b598fcca462e422dc988f09a6802"><code>3e70765</code></a> Bump actions/setup-python from 5.5.0 to 5.6.0</li> <li><a href="https://github.com/certifi/python-certifi/commit/9afd2ff407b8a0638988c952a6636b8dd623af7c"><code>9afd2ff</code></a> Bump actions/download-artifact from 4.2.1 to 4.3.0</li> <li><a href="https://github.com/certifi/python-certifi/commit/d7c816cbc9cf621b3ddc8cd7fa7eda3f36982620"><code>d7c816c</code></a> remove code that's no longer required that 3.7 is our minimum (<a href="https://redirect.github.com/certifi/python-certifi/issues/351">#351</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/189961379209973abd0dd6304297f03e2359e1b9"><code>1899613</code></a> Declare setuptools as the build backend in pyproject.toml (<a href="https://redirect.github.com/certifi/python-certifi/issues/350">#350</a>)</li> <li><a href="https://github.com/certifi/python-certifi/commit/c8741423d67e1025c0bdad5225ded05cf962f207"><code>c874142</code></a> update CI for ubuntu 20.04 deprecation (<a href="https://redirect.github.com/certifi/python-certifi/issues/348">#348</a>)</li> <li>See full diff in <a href="https://github.com/certifi/python-certifi/compare/2025.04.26...2025.06.15">compare view</a></li> </ul> </details> <br /> Updates `pyyaml` from 6.0.1 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/yaml/pyyaml/releases">pyyaml's releases</a>.</em></p> <blockquote> <h2>6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Support for Cython 3.x and Python 3.13.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2">https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2</a></p> <h2>6.0.2rc1</h2> <ul> <li>Support for extension build with Cython 3.x</li> <li>Support for Python 3.13</li> <li>Added PyPI wheels for musllinux on aarch64</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/yaml/pyyaml/blob/main/CHANGES">pyyaml's changelog</a>.</em></p> <blockquote> <p>6.0.2 (2024-08-06)</p> <ul> <li><a href="https://redirect.github.com/yaml/pyyaml/pull/808">yaml/pyyaml#808</a> -- Support for Cython 3.x and Python 3.13</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yaml/pyyaml/commit/41309b0bcb4559edb1d691d47199035ef539d785"><code>41309b0</code></a> Release 6.0.2 (<a href="https://redirect.github.com/yaml/pyyaml/issues/819">#819</a>)</li> <li><a href="https://github.com/yaml/pyyaml/commit/dd9f0e1236775dcce682c91823e009556ce2a271"><code>dd9f0e1</code></a> 6.0.2rc1 (<a href="https://redirect.github.com/yaml/pyyaml/issues/809">#809</a>)</li> <li><a href="https://github.com/yaml/pyyaml/commit/f5527a26d518b3e9c66f9211e0af00c83f09a97e"><code>f5527a2</code></a> disable CI trigger on PR edits</li> <li><a href="https://github.com/yaml/pyyaml/commit/b4d80a742142004490d2da7691d534923820b81c"><code>b4d80a7</code></a> Python 3.12 + musllinux_1_1_x86_64 wheel support</li> <li>See full diff in <a href="https://github.com/yaml/pyyaml/compare/6.0.1...6.0.2">compare view</a></li> </ul> </details> <br /> Updates `rpds-py` from 0.25.1 to 0.26.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-py/rpds/releases">rpds-py's releases</a>.</em></p> <blockquote> <h2>v0.26.0</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>Build CPython 3.14 wheels by <a href="https://github.com/edgarrmondragon"><code>@edgarrmondragon</code></a> in <a href="https://redirect.github.com/crate-py/rpds/pull/134">crate-py/rpds#134</a></li> <li>Require maturin>=1.9.0 to ensure support for PEP 639 by <a href="https://github.com/edgarrmondragon"><code>@edgarrmondragon</code></a> in <a href="https://redirect.github.com/crate-py/rpds/pull/146">crate-py/rpds#146</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/crate-py/rpds/compare/v0.25.1...v0.26.0">https://github.com/crate-py/rpds/compare/v0.25.1...v0.26.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-py/rpds/commit/ff9278f7e718760bb052cd4c130bbdeca8d27b20"><code>ff9278f</code></a> Tag a release.</li> <li><a href="https://github.com/crate-py/rpds/commit/d2f69ef82b23135fedc8b42bda743f9c53af607d"><code>d2f69ef</code></a> Update requirements.</li> <li><a href="https://github.com/crate-py/rpds/commit/58ee607148940533f212893ac886f7e82b3c35bb"><code>58ee607</code></a> Merge pull request <a href="https://redirect.github.com/crate-py/rpds/issues/146">#146</a> from edgarrmondragon/136-require-maturin-1.9-pep639</li> <li><a href="https://github.com/crate-py/rpds/commit/5433ab6aa936aa835d97bb204fd73d289525e331"><code>5433ab6</code></a> Require maturin>=1.9.0 to ensure support for PEP 639</li> <li><a href="https://github.com/crate-py/rpds/commit/7557e538fb8d14c4b534133b9ac48f3940e787b4"><code>7557e53</code></a> Merge pull request <a href="https://redirect.github.com/crate-py/rpds/issues/144">#144</a> from crate-py/dependabot/github_actions/github/codeql...</li> <li><a href="https://github.com/crate-py/rpds/commit/d0963ae1a2b0bcc61702adb3249ae3b73bc32dda"><code>d0963ae</code></a> Merge pull request <a href="https://redirect.github.com/crate-py/rpds/issues/145">#145</a> from crate-py/dependabot/github_actions/astral-sh/set...</li> <li><a href="https://github.com/crate-py/rpds/commit/513ec227cba30c93b4df9c820b4d54e7e6dcb318"><code>513ec22</code></a> Bump astral-sh/setup-uv from 6.3.0 to 6.3.1</li> <li><a href="https://github.com/crate-py/rpds/commit/cbb4277105e08df8248c7e64ab99d5a51a1b4568"><code>cbb4277</code></a> Bump github/codeql-action from 3.29.0 to 3.29.2</li> <li><a href="https://github.com/crate-py/rpds/commit/25123e9a2fed652d68ec490ac0481e543f3c77fd"><code>25123e9</code></a> Merge pull request <a href="https://redirect.github.com/crate-py/rpds/issues/143">#143</a> from crate-py/dependabot/github_actions/PyO3/maturin-...</li> <li><a href="https://github.com/crate-py/rpds/commit/7a59bb7f1848a1ac0793bf77066a1381d33de20f"><code>7a59bb7</code></a> Merge pull request <a href="https://redirect.github.com/crate-py/rpds/issues/142">#142</a> from crate-py/dependabot/github_actions/astral-sh/set...</li> <li>Additional commits viewable in <a href="https://github.com/crate-py/rpds/compare/v0.25.1...v0.26.0">compare view</a></li> </ul> </details> <br /> Updates `typing-extensions` from 4.13.2 to 4.14.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python/typing_extensions/releases">typing-extensions's releases</a>.</em></p> <blockquote> <h2>4.14.1</h2> <h1>Release 4.14.1 (July 4, 2025)</h1> <ul> <li>Fix usage of <code>typing_extensions.TypedDict</code> nested inside other types (e.g., <code>typing.Type[typing_extensions.TypedDict]</code>). This is not allowed by the type system but worked on older versions, so we maintain support.</li> </ul> <h2>4.14.0</h2> <p>This release adds several new features, including experimental support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>) and sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>), and support for changes in Python 3.14. In addition, Python 3.8 is no longer supported.</p> <p>Changes since 4.14.0rc1:</p> <ul> <li>Remove <code>__or__</code> and <code>__ror__</code> methods from <code>typing_extensions.Sentinel</code> on Python versions <3.10. PEP 604 was introduced in Python 3.10, and <code>typing_extensions</code> does not generally attempt to backport PEP-604 methods to prior versions.</li> <li>Further update <code>typing_extensions.evaluate_forward_ref</code> with changes in Python 3.14.</li> </ul> <p>Changes included in 4.14.0rc1:</p> <ul> <li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Do not attempt to re-export names that have been removed from <code>typing</code>, anticipating the removal of <code>typing.no_type_check_decorator</code> in Python 3.15. Patch by Jelle Zijlstra.</li> <li>Update <code>typing_extensions.Format</code>, <code>typing_extensions.evaluate_forward_ref</code>, and <code>typing_extensions.TypedDict</code> to align with changes in Python 3.14. Patches by Jelle Zijlstra.</li> <li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li> </ul> <p>New features:</p> <ul> <li>Add support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Add <code>typing_extensions.Reader</code> and <code>typing_extensions.Writer</code>. Patch by Sebastian Rittau.</li> <li>Add support for sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> </ul> <h2>4.14.0rc1</h2> <p>Major changes:</p> <ul> <li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Do not attempt to re-export names that have been removed from <code>typing</code>, anticipating the removal of <code>typing.no_type_check_decorator</code> in Python 3.15. Patch by Jelle Zijlstra.</li> <li>Update <code>typing_extensions.Format</code>, <code>typing_extensions.evaluate_forward_ref</code>, and <code>typing_extensions.TypedDict</code> to align with changes in Python 3.14. Patches by Jelle Zijlstra.</li> <li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's changelog</a>.</em></p> <blockquote> <h1>Release 4.14.1 (July 4, 2025)</h1> <ul> <li>Fix usage of <code>typing_extensions.TypedDict</code> nested inside other types (e.g., <code>typing.Type[typing_extensions.TypedDict]</code>). This is not allowed by the type system but worked on older versions, so we maintain support.</li> </ul> <h1>Release 4.14.0 (June 2, 2025)</h1> <p>Changes since 4.14.0rc1:</p> <ul> <li>Remove <code>__or__</code> and <code>__ror__</code> methods from <code>typing_extensions.Sentinel</code> on Python versions <3.10. PEP 604 was introduced in Python 3.10, and <code>typing_extensions</code> does not generally attempt to backport PEP-604 methods to prior versions.</li> <li>Further update <code>typing_extensions.evaluate_forward_ref</code> with changes in Python 3.14.</li> </ul> <h1>Release 4.14.0rc1 (May 24, 2025)</h1> <ul> <li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Do not attempt to re-export names that have been removed from <code>typing</code>, anticipating the removal of <code>typing.no_type_check_decorator</code> in Python 3.15. Patch by Jelle Zijlstra.</li> <li>Update <code>typing_extensions.Format</code>, <code>typing_extensions.evaluate_forward_ref</code>, and <code>typing_extensions.TypedDict</code> to align with changes in Python 3.14. Patches by Jelle Zijlstra.</li> <li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li> </ul> <p>New features:</p> <ul> <li>Add support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Add <code>typing_extensions.Reader</code> and <code>typing_extensions.Writer</code>. Patch by Sebastian Rittau.</li> <li>Add support for sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/python/typing_extensions/commit/42027aba3558c9d9133a90bca17f6fecaecc48d8"><code>42027ab</code></a> Prepare release 4.14.1 (<a href="https://redirect.github.com/python/typing_extensions/issues/620">#620</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/59d2c20858ac527516ebad5a89c05af514dac94a"><code>59d2c20</code></a> Fix off by one in pickle protocol tests (<a href="https://redirect.github.com/python/typing_extensions/issues/618">#618</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/40e22ebb2ca5747eaa9405b152c43a294ac3af37"><code>40e22eb</code></a> Do not use slots for <code>_TypedDictSpecialForm</code> (<a href="https://redirect.github.com/python/typing_extensions/issues/616">#616</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/d17c456d367e88adee4a4e3bef48f81f7e2df473"><code>d17c456</code></a> allow TypedDict as a type argument (<a href="https://redirect.github.com/python/typing_extensions/issues/614">#614</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/b07d24525615ba9377e47aaf5a26650a2517b2c4"><code>b07d245</code></a> Prepare release 4.14.0 (<a href="https://redirect.github.com/python/typing_extensions/issues/612">#612</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/fcf5265b3040337db1cfd6b786648a8ed0aeb0bf"><code>fcf5265</code></a> Backport evaluate_forward_ref() changes (<a href="https://redirect.github.com/python/typing_extensions/issues/611">#611</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/fadc1edbcfd942074007875007870c1df6acd4d0"><code>fadc1ed</code></a> Remove PEP-604 methods from <code>Sentinel</code> on Python <3.10 (<a href="https://redirect.github.com/python/typing_extensions/issues/605">#605</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/44de568f73a93f29e52c2fc2d5f149305a4a3bae"><code>44de568</code></a> Add 3.14 to project classifiers and tox.ini (<a href="https://redirect.github.com/python/typing_extensions/issues/604">#604</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/36cc47605804318bf40ee26d765de2070741c25c"><code>36cc476</code></a> Prepare release 4.14.0rc1 (<a href="https://redirect.github.com/python/typing_extensions/issues/603">#603</a>)</li> <li><a href="https://github.com/python/typing_extensions/commit/ec1876c65000ac86faade29552245178918a7a69"><code>ec1876c</code></a> More fixes for 3.14 and 3.15 (<a href="https://redirect.github.com/python/typing_extensions/issues/602">#602</a>)</li> <li>Additional commits viewable in <a href="https://github.com/python/typing_extensions/compare/4.13.2...4.14.1">compare view</a></li> </ul> </details> <br /> Updates `mypy` from 1.16.0 to 1.16.1 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/python/mypy/commit/68b8fa097d080c92d30a429bc74de8acd56caf85"><code>68b8fa0</code></a> Bump version to 1.16.1</li> <li><a href="https://github.com/python/mypy/commit/e253eded9c887630f3f5404c4b9f73f13570476a"><code>e253ede</code></a> Single underscore is not a sunder (<a href="https://redirect.github.com/python/mypy/issues/19273">#19273</a>)</li> <li><a href="https://github.com/python/mypy/commit/9fb5ff66c51bd971d7a6b1260cc0ec9f1b82cc06"><code>9fb5ff6</code></a> Fix properties with setters after deleters (<a href="https://redirect.github.com/python/mypy/issues/19248">#19248</a>)</li> <li><a href="https://github.com/python/mypy/commit/c20fd7838338cd65d6c7c6e252eda85996cfc98e"><code>c20fd78</code></a> Handle assignment of bound methods in class bodies (<a href="https://redirect.github.com/python/mypy/issues/19233">#19233</a>)</li> <li><a href="https://github.com/python/mypy/commit/c86480ce51e4bb6db21f4b3f0b3ec8833aafc8ce"><code>c86480c</code></a> Tighten metaclass <strong>call</strong> handling in protocols (<a href="https://redirect.github.com/python/mypy/issues/19191">#19191</a>)</li> <li><a href="https://github.com/python/mypy/commit/cb3c6ec6a7aaa96a0e26768a946ac63ea14115f2"><code>cb3c6ec</code></a> Fix crash on partial type used as context (<a href="https://redirect.github.com/python/mypy/issues/19216">#19216</a>)</li> <li><a href="https://github.com/python/mypy/commit/c39f5e73c47182e51c5d8d488f7cc7301257c974"><code>c39f5e7</code></a> [mypyc] Fixing condition for handling user-defined <strong>del</strong> (<a href="https://redirect.github.com/python/mypy/issues/19188">#19188</a>)</li> <li><a href="https://github.com/python/mypy/commit/0a4f28431faa18e59d35bc269cb0ea6c00810653"><code>0a4f284</code></a> Fix crash on invalid property inside its own body (<a href="https://redirect.github.com/python/mypy/issues/19208">#19208</a>)</li> <li><a href="https://github.com/python/mypy/commit/9b079f6592740a51c0e629728eeb0324ad85126f"><code>9b079f6</code></a> Bump version to 1.16.1+dev</li> <li>See full diff in <a href="https://github.com/python/mypy/compare/v1.16.0...v1.16.1">compare view</a></li> </ul> </details> <br /> Updates `ruff` from 0.11.13 to 0.12.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>0.12.2</h2> <h2>Release Notes</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-pyi</code>] Expand <code>Optional[A]</code> to <code>A | None</code> (<code>PYI016</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18572">#18572</a>)</li> <li>[<code>pyupgrade</code>] Mark <code>UP008</code> fix safe if no comments are in range (<a href="https://redirect.github.com/astral-sh/ruff/pull/18683">#18683</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>[<code>flake8-comprehensions</code>] Fix <code>C420</code> to prepend whitespace when needed (<a href="https://redirect.github.com/astral-sh/ruff/pull/18616">#18616</a>)</li> <li>[<code>perflint</code>] Fix <code>PERF403</code> panic on attribute or subscription loop variable (<a href="https://redirect.github.com/astral-sh/ruff/pull/19042">#19042</a>)</li> <li>[<code>pydocstyle</code>] Fix <code>D413</code> infinite loop for parenthesized docstring (<a href="https://redirect.github.com/astral-sh/ruff/pull/18930">#18930</a>)</li> <li>[<code>pylint</code>] Fix <code>PLW0108</code> autofix introducing a syntax error when the lambda's body contains an assignment expression (<a href="https://redirect.github.com/astral-sh/ruff/pull/18678">#18678</a>)</li> <li>[<code>refurb</code>] Fix false positive on empty tuples (<code>FURB168</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19058">#19058</a>)</li> <li>[<code>ruff</code>] Allow more <code>field</code> calls from <code>attrs</code> (<code>RUF009</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19021">#19021</a>)</li> <li>[<code>ruff</code>] Fix syntax error introduced for an empty string followed by a u-prefixed string (<code>UP025</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18899">#18899</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>flake8-executable</code>] Allow <code>uvx</code> in shebang line (<code>EXE003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18967">#18967</a>)</li> <li>[<code>pandas</code>] Avoid flagging <code>PD002</code> if <code>pandas</code> is not imported (<a href="https://redirect.github.com/astral-sh/ruff/pull/18963">#18963</a>)</li> <li>[<code>pyupgrade</code>] Avoid PEP-604 unions with <code>typing.NamedTuple</code> (<code>UP007</code>, <code>UP045</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18682">#18682</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Document link between <code>import-outside-top-level (PLC0415)</code> and <code>lint.flake8-tidy-imports.banned-module-level-imports</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18733">#18733</a>)</li> <li>Fix description of the <code>format.skip-magic-trailing-comma</code> example (<a href="https://redirect.github.com/astral-sh/ruff/pull/19095">#19095</a>)</li> <li>[<code>airflow</code>] Make <code>AIR302</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18988">#18988</a>)</li> <li>[<code>airflow</code>] Make <code>AIR312</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18989">#18989</a>)</li> <li>[<code>flake8-annotations</code>] Make <code>ANN401</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18974">#18974</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC100</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18993">#18993</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC105</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19002">#19002</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC110</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18975">#18975</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC210</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18977">#18977</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC220</code>, <code>ASYNC221</code>, and <code>ASYNC222</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18978">#18978</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC251</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18990">#18990</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S201</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19017">#19017</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S604</code> and <code>S609</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19049">#19049</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B028</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19054">#19054</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B911</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19051">#19051</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ011</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19055">#19055</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ901</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19056">#19056</a>)</li> <li>[<code>flake8-pyi</code>] Make <code>PYI032</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19061">#19061</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI014</code>, <code>PYI015</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19097">#19097</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI042</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19101">#19101</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI059</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19080">#19080</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI062</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19079">#19079</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT023</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19104">#19104</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT030</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19105">#19105</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.12.2</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-pyi</code>] Expand <code>Optional[A]</code> to <code>A | None</code> (<code>PYI016</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18572">#18572</a>)</li> <li>[<code>pyupgrade</code>] Mark <code>UP008</code> fix safe if no comments are in range (<a href="https://redirect.github.com/astral-sh/ruff/pull/18683">#18683</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>[<code>flake8-comprehensions</code>] Fix <code>C420</code> to prepend whitespace when needed (<a href="https://redirect.github.com/astral-sh/ruff/pull/18616">#18616</a>)</li> <li>[<code>perflint</code>] Fix <code>PERF403</code> panic on attribute or subscription loop variable (<a href="https://redirect.github.com/astral-sh/ruff/pull/19042">#19042</a>)</li> <li>[<code>pydocstyle</code>] Fix <code>D413</code> infinite loop for parenthesized docstring (<a href="https://redirect.github.com/astral-sh/ruff/pull/18930">#18930</a>)</li> <li>[<code>pylint</code>] Fix <code>PLW0108</code> autofix introducing a syntax error when the lambda's body contains an assignment expression (<a href="https://redirect.github.com/astral-sh/ruff/pull/18678">#18678</a>)</li> <li>[<code>refurb</code>] Fix false positive on empty tuples (<code>FURB168</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19058">#19058</a>)</li> <li>[<code>ruff</code>] Allow more <code>field</code> calls from <code>attrs</code> (<code>RUF009</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19021">#19021</a>)</li> <li>[<code>ruff</code>] Fix syntax error introduced for an empty string followed by a u-prefixed string (<code>UP025</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18899">#18899</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>flake8-executable</code>] Allow <code>uvx</code> in shebang line (<code>EXE003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18967">#18967</a>)</li> <li>[<code>pandas</code>] Avoid flagging <code>PD002</code> if <code>pandas</code> is not imported (<a href="https://redirect.github.com/astral-sh/ruff/pull/18963">#18963</a>)</li> <li>[<code>pyupgrade</code>] Avoid PEP-604 unions with <code>typing.NamedTuple</code> (<code>UP007</code>, <code>UP045</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18682">#18682</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Document link between <code>import-outside-top-level (PLC0415)</code> and <code>lint.flake8-tidy-imports.banned-module-level-imports</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18733">#18733</a>)</li> <li>Fix description of the <code>format.skip-magic-trailing-comma</code> example (<a href="https://redirect.github.com/astral-sh/ruff/pull/19095">#19095</a>)</li> <li>[<code>airflow</code>] Make <code>AIR302</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18988">#18988</a>)</li> <li>[<code>airflow</code>] Make <code>AIR312</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18989">#18989</a>)</li> <li>[<code>flake8-annotations</code>] Make <code>ANN401</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18974">#18974</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC100</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18993">#18993</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC105</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19002">#19002</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC110</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18975">#18975</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC210</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18977">#18977</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC220</code>, <code>ASYNC221</code>, and <code>ASYNC222</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18978">#18978</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC251</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18990">#18990</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S201</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19017">#19017</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S604</code> and <code>S609</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19049">#19049</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B028</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19054">#19054</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B911</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19051">#19051</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ011</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19055">#19055</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ901</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19056">#19056</a>)</li> <li>[<code>flake8-pyi</code>] Make <code>PYI032</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19061">#19061</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI014</code>, <code>PYI015</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19097">#19097</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI042</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19101">#19101</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI059</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19080">#19080</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI062</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19079">#19079</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT023</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19104">#19104</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT030</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19105">#19105</a>)</li> <li>[<code>flake8-quotes</code>] Make example error out-of-the-box (<code>Q003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19106">#19106</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/astral-sh/ruff/commit/9bee8376a17401f9736b45fdefffb62edc2f1668"><code>9bee837</code></a> Bump 0.12.2 (<a href="https://redirect.github.com/astral-sh/ruff/issues/19126">#19126</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/1c6717b149ddfbcd4aa0aee2e160320474392da9"><code>1c6717b</code></a> Filter private symbols from stubs if they are internal types (<a href="https://redirect.github.com/astral-sh/ruff/issues/19121">#19121</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/1b813cd5f1933ab05ba7b96ace798199429c0bd6"><code>1b813cd</code></a> Fix description of the <code>format.skip-magic-trailing-comma</code> example (<a href="https://redirect.github.com/astral-sh/ruff/issues/19095">#19095</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/b00f68a23cedbd3a38fc25bac63638f0f11fc3f0"><code>b00f68a</code></a> [<code>ruff</code>] Allow more <code>field</code> calls from <code>attrs</code> (<code>RUF009</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19021">#19021</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/710c60f7135879b05f6c05a34085cd7af5c19e7f"><code>710c60f</code></a> [<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT023</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19104">#19104</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/811e25d16e22ca4ce124d9514232211c9a0b27a1"><code>811e25d</code></a> [<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT030</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19105">#19105</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/b78af2db4822dc55acbfb1024b30e69fe0262311"><code>b78af2d</code></a> [<code>flake8-quotes</code>] Make example error out-of-the-box (<code>Q003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19106">#19106</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/4f36f0677f09b0ed1ba20f583b6f017c4f7d26c8"><code>4f36f06</code></a> Document link between <code>import-outside-top-level (PLC0415)</code> and `lint.flake8-t...</li> <li><a href="https://github.com/astral-sh/ruff/commit/2589a2938ee58a1ff1b54a9558807ecb000ccca3"><code>2589a29</code></a> [<code>flake8-simplify</code>] Make example error out-of-the-box (<code>SIM113</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19109">#19109</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/26bb8f7b7189558520bb386867579768b5a17347"><code>26bb8f7</code></a> [<code>flake8-simplify</code>] Make example error out-of-the-box (<code>SIM401</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19110">#19110</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/0.11.13...0.12.2">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
GitHub has started enforcing a 1000 file limit, which breaks us. I first encountered it in CI during the release: https://github.com/astral-sh/python-build-standalone/actions/runs/16156480423 Then got to an actual error message via the CLI: ``` ❯ gh release upload 20250708 dist/cpython-3.14.0b4-riscv64-unknown-linux-gnu-freethreaded+lto-20250708T1536.tar.zst HTTP 422: Validation Failed (https://uploads.github.com/repos/astral-sh/python-build-standalone/releases/230978017/assets?label=&name=cpython-3.14.0b4-riscv64-unknown-linux-gnu-freethreaded%2Blto-20250708T1536.tar.zst) file_count limited to 1000 assets per release ``` You can see they documented a limit recently: https://docs.github.com/en/repositories/releasing-projects-on-github/about-releases#storage-and-bandwidth-quotas https://web.archive.org/web/20250629152715/https://docs.github.com/en/repositories/releasing-projects-on-github/about-releases
This was unintentionally removed in 21cf744.
And add some regression tests. Co-authored-by: Geoffrey Thomas <geofft@ldpreload.com>
This allows downloading and poking at build artifacts that fail validation. Now the order of tasks for all platforms is the same: build, upload attestations, upload artifacts, validate. (This was already the order for macos.)
The previous version is being dropped - actions/runner-images#12708 - https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes?tabs=allfeatures#17.14.11
This reverts commit 6228086c4523ca1d3e77b5215cf5f280c4d3c21b following #756
`just download-stats*` are failing with an HTTP 504 Gateway Timeout on GitHub's servers. We can work around this by reducing the requested number of releases per page. As part of this, we adopt a 3rd party package for querying the GitHub API because I was too lazy to implement pagination manually. Also, since pagination is enabled, the counts reported by these commands are now accurate and don't implicitly truncate at the most recent 10 releases. Co-authored-by: Zanie Blue <contact@zanie.dev>
Starting in Python 3.10, -DMODULE_NAME="sqlite3" is no longer needed when building _sqlite3. python/cpython#87610 / python/cpython#24801
I was looking at the build pipeline for the distributions, and was surprised to find the builder image artifacts having different SHA256 hashes across runs. e.g. compare the output of the "Upload Docker Image" step of two jobs: https://github.com/chowder/python-build-standalone/actions/runs/17012490960/job/48230404008 https://github.com/chowder/python-build-standalone/actions/runs/17012490960/job/48230532790 For the same image: ``` SHA256 digest of uploaded artifact zip is d47e11cc1c0e648bed6ec64a3613fa166c317981d252085c241c05745604973b Finalizing artifact upload Artifact image-build-linux_x86_64.zip successfully finalized. Artifact ID 3780654566 Artifact image-build-linux_x86_64 has been successfully uploaded! Final size is 80890477 bytes. Artifact ID is 3780654566 ``` ``` SHA256 digest of uploaded artifact zip is 3341d64b1d7efb680db3e4d62ae3dab9bf24e22e384f585aaf3a5b551aee5e7b Finalizing artifact upload Artifact image-build-linux_x86_64.zip successfully finalized. Artifact ID 3780667100 Artifact image-build-linux_x86_64 has been successfully uploaded! Final size is 80890477 bytes. Artifact ID is 3780667100 ``` Turns out this is because the `upload-artifact` step applies a layer of compression to the specified files, but doesn't reset/zero out the mtime, thus making these artifacts non-reproducible. Given that the docker images are already compressed [in a prior step](https://github.com/astral-sh/python-build-standalone/blob/main/.github/workflows/linux.yml#L117-L120): ```yaml - name: Compress Image run: | echo ${STEPS_BUILD_IMAGE_OUTPUTS_IMAGEID} > build/image-${MATRIX_NAME}.linux_${MATRIX_ARCH} zstd -v -T0 -6 --rm build/image-*.tar ``` We can skip the compression in the `upload-artifact` step, and get reproducible artifacts each time. #### Test Evidence See these two runs that include the proposed changes: https://github.com/chowder/python-build-standalone/actions/runs/17012517183/job/48230459046 https://github.com/chowder/python-build-standalone/actions/runs/17012517183/job/48230772691 Both generate the same digest: ``` Finished uploading artifact content to blob storage! SHA256 digest of uploaded artifact zip is c73f01690d74c103f92bd8113ff158e8b8d2d4de19dca96d36b3d6fbc688fe16 Finalizing artifact upload Artifact image-build-linux_x86_64.zip successfully finalized. Artifact ID 3780661038 Artifact image-build-linux_x86_64 has been successfully uploaded! Final size is 81208314 bytes. Artifact ID is 3780661038 ``` ``` SHA256 digest of uploaded artifact zip is c73f01690d74c103f92bd8113ff158e8b8d2d4de19dca96d36b3d6fbc688fe16 Finalizing artifact upload Artifact image-build-linux_x86_64.zip successfully finalized. Artifact ID 3780693018 Artifact image-build-linux_x86_64 has been successfully uploaded! Final size is 81208314 bytes. Artifact ID is 3780693018 ```
I verified this on macOS ``` ❯ python -c "from compression import zstd; print(zstd.CompressionParameter.nb_workers.bounds())" (0, 256) ``` See #761 I'm not sure if this is all of the performance difference, but using threads should make a significant difference. astral-sh/python-build-standalone#761 (comment) notes that threads are not used by default, so I think there's more going on — but we should enable this at build time regardless. See also #768.
Also, enable verbose output in the build system because it is otherwise too quiet to be helpful. See astral-sh/python-build-standalone#761 (comment)
Addressing the environment bootstrap regression from #706 — we can't build `cryptography` and `pynacl` from source and we don't need download statistics in CI.
This has been working fine since May 2022....
The former is just a composite of a latter, but does not pin to a commit so it violates our policy. I do not think `setup-crate` supports pinning a just commit, so I think we will want to just drop the whole action in the future. See - astral-sh/python-build-standalone#760 - extractions/setup-just#20 - extractions/setup-just#23 See failure at https://github.com/astral-sh/python-build-standalone/actions/runs/17052072811/attempts/1
Closes #87 Does not include the `+static` variant as I was having a hard time getting the bzip2 build passing. I'll open a new issue to track that. Related astral-sh/python-build-standalone#484
% `codespell --ignore-words-list=inout --skip="LICENSE.*,python-licenses.rst" --write-changes` * https://pypi.org/project/codespell
…780) Closes #749.
Fixes #784.
Bumps the actions group in /.github/workflows with 4 updates: [actions/checkout](https://github.com/actions/checkout), [docker/login-action](https://github.com/docker/login-action), [actions/download-artifact](https://github.com/actions/download-artifact) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action). Updates `actions/checkout` from 4.2.2 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li><a href="https://github.com/actions/checkout/commit/08eba0b27e820071cde6df949e0beb9ba4906955"><code>08eba0b</code></a> Prepare release v4.3.0 (<a href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li> <li><a href="https://github.com/actions/checkout/commit/631c7dc4f80f88219c5ee78fee08c6b62fac8da1"><code>631c7dc</code></a> Update package dependencies (<a href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li> <li><a href="https://github.com/actions/checkout/commit/8edcb1bdb4e267140fa742c62e395cd74f332709"><code>8edcb1b</code></a> Update CODEOWNERS for actions (<a href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li> <li><a href="https://github.com/actions/checkout/commit/09d2acae674a48949e3602304ab46fd20ae0c42f"><code>09d2aca</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li> <li><a href="https://github.com/actions/checkout/commit/85e6279cec87321a52edac9c87bce653a07cf6c2"><code>85e6279</code></a> Adjust positioning of user email note and permissions heading (<a href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li> <li><a href="https://github.com/actions/checkout/commit/009b9ae9e446ad8d9b8c809870b0fbcc5e03573e"><code>009b9ae</code></a> Documentation update - add recommended permissions to Readme (<a href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li> <li><a href="https://github.com/actions/checkout/commit/cbb722410c2e876e24abbe8de2cc27693e501dcb"><code>cbb7224</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li> <li><a href="https://github.com/actions/checkout/commit/3b9b8c884f6b4bb4d5be2779c26374abadae0871"><code>3b9b8c8</code></a> docs: update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v4.2.2...08c6903cd8c0fde910a37f88322edcfb5dd907a8">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.4.0 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <ul> <li>Support dual-stack endpoints for AWS ECR by <a href="https://github.com/Spacefish"><code>@Spacefish</code></a> <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a> <a href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in <a href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/184bdaa0721073962dff0199f1fb9940f07167d1"><code>184bdaa</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/878">#878</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/5c6bc94683baa064818f51e7417087c2ac58b32c"><code>5c6bc94</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/caf405864315c6006c5581b540e5047cf728b4e7"><code>caf4058</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/ef38ec311a7df3f01475313e7c5bb584b74b112a"><code>ef38ec3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/860">#860</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/d52e8ef81c0de894e9c95bed8de0ee5955ec7eb7"><code>d52e8ef</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/9644ab7025be3206ff4b12f1531a1b6919022b00"><code>9644ab7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/7abd1d512621d8896b31f4ea992d207f15915ad6"><code>7abd1d5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/875">#875</a> from docker/dependabot/npm_and_yarn/form-data-2.5.5</li> <li><a href="https://github.com/docker/login-action/commit/1a81202c4fda440f3b33eca3381d5d39c7efe85e"><code>1a81202</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/876">#876</a> from crazy-max/aws-public-dual-stack</li> <li><a href="https://github.com/docker/login-action/commit/d1ab30dc54161cbfd704562857677edf4dd7837a"><code>d1ab30d</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/f25ff28d1c8cd9a7c35896711238fed682755e1c"><code>f25ff28</code></a> support dual-stack for aws public ecr</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/74a5d142397b4f367a81961eba4e8cd7edddf772...184bdaa0721073962dff0199f1fb9940f07167d1">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/407">actions/download-artifact#407</a></li> <li>BREAKING fix: inconsistent path behavior for single artifact downloads by ID by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/416">actions/download-artifact#416</a></li> </ul> <h2>v5.0.0</h2> <h3>🚨 Breaking Change</h3> <p>This release fixes an inconsistency in path behavior for single artifact downloads by ID. <strong>If you're downloading single artifacts by ID, the output path may change.</strong></p> <h4>What Changed</h4> <p>Previously, <strong>single artifact downloads</strong> behaved differently depending on how you specified the artifact:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (direct)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/my-artifact/</code> (nested)</li> </ul> <p>Now both methods are consistent:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (unchanged)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/</code> (fixed - now direct)</li> </ul> <h4>Migration Guide</h4> <h5>✅ No Action Needed If:</h5> <ul> <li>You download artifacts by <strong>name</strong></li> <li>You download <strong>multiple</strong> artifacts by ID</li> <li>You already use <code>merge-multiple: true</code> as a workaround</li> </ul> <h5>⚠️ Action Required If:</h5> <p>You download <strong>single artifacts by ID</strong> and your workflows expect the nested directory structure.</p> <p><strong>Before v5 (nested structure):</strong></p> <pre lang="yaml"><code>- uses: actions/download-artifact@v4 with: artifact-ids: 12345 path: dist # Files were in: dist/my-artifact/ </code></pre> <blockquote> <p>Where <code>my-artifact</code> is the name of the artifact you previously uploaded</p> </blockquote> <p><strong>To maintain old behavior (if needed):</strong></p> <pre lang="yaml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/634f93cb2916e3fdff6788551b99b062d0335ce0"><code>634f93c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/416">#416</a> from actions/single-artifact-id-download-path</li> <li><a href="https://github.com/actions/download-artifact/commit/b19ff4302770b82aa4694b63703b547756dacce6"><code>b19ff43</code></a> refactor: resolve download path correctly in artifact download tests (mainly ...</li> <li><a href="https://github.com/actions/download-artifact/commit/e262cbee4ab8c473c61c59a81ad8e9dc760e90db"><code>e262cbe</code></a> bundle dist</li> <li><a href="https://github.com/actions/download-artifact/commit/bff23f9308ceb2f06d673043ea6311519be6a87b"><code>bff23f9</code></a> update docs</li> <li><a href="https://github.com/actions/download-artifact/commit/fff8c148a8fdd56aa81fcb019f0b5f6c65700c4d"><code>fff8c14</code></a> fix download path logic when downloading a single artifact by id</li> <li><a href="https://github.com/actions/download-artifact/commit/448e3f862ab3ef47aa50ff917776823c9946035b"><code>448e3f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/407">#407</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/47225c44b359a5155efdbbbc352041b3e249fb1b"><code>47225c4</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0">compare view</a></li> </ul> </details> <br /> Updates `zizmorcore/zizmor-action` from 0.1.1 to 0.1.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zizmorcore/zizmor-action/releases">zizmorcore/zizmor-action's releases</a>.</em></p> <blockquote> <h2>v0.1.2</h2> <h2>What's Changed</h2> <ul> <li>fix: allow version prefix of <code>v</code> by <a href="https://github.com/martincostello"><code>@martincostello</code></a> in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/31">zizmorcore/zizmor-action#31</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/martincostello"><code>@martincostello</code></a> made their first contribution in <a href="https://redirect.github.com/zizmorcore/zizmor-action/pull/31">zizmorcore/zizmor-action#31</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/zizmorcore/zizmor-action/compare/v0.1.1...v0.1.2">https://github.com/zizmorcore/zizmor-action/compare/v0.1.1...v0.1.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/5ca5fc7a4779c5263a3ffa0e1f693009994446d1"><code>5ca5fc7</code></a> README: add note about v prefix (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/32">#32</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/9c584465516ae8ece7a63486ba95d35b930c37b6"><code>9c58446</code></a> fix: allow version prefix of <code>v</code> (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/31">#31</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/c17832b972c15fd5f3d5065a7e16ad761a0a10d2"><code>c17832b</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/30">#30</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/383d31df2eb66a2f42db98c9654bdc73231f3e3a"><code>383d31d</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/27">#27</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/87e33752ad17c7c7fc16fe27c858900c59b18d77"><code>87e3375</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/26">#26</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/0f0557ab4a0b31211d42435e42df31cbd63fdd59"><code>0f0557a</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/25">#25</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/1c7106082dbc1753372e3924b7da1b9417011a21"><code>1c71060</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/24">#24</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/5ed208dc845128f1a5d66d862076e981c1dc58a0"><code>5ed208d</code></a> chore(deps): bump github/codeql-action in the github-actions group (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/22">#22</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/77053b0c7ee4c9902feed7f61f6c90d0085d70c9"><code>77053b0</code></a> chore(deps): bump the github-actions group with 2 updates (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/21">#21</a>)</li> <li><a href="https://github.com/zizmorcore/zizmor-action/commit/ff52d5a61addc2a9b3637515001c0faa855bc4ad"><code>ff52d5a</code></a> README: bump action versions (<a href="https://redirect.github.com/zizmorcore/zizmor-action/issues/20">#20</a>)</li> <li>See full diff in <a href="https://github.com/zizmorcore/zizmor-action/compare/f52a838cfabf134edcbaa7c8b3677dde20045018...5ca5fc7a4779c5263a3ffa0e1f693009994446d1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the python group with 14 updates:
| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2025.7.14` |
`2025.8.3` |
| [charset-normalizer](https://github.com/jawah/charset_normalizer) |
`3.4.2` | `3.4.3` |
| [cryptography](https://github.com/pyca/cryptography) | `45.0.5` |
`45.0.6` |
| [jsonschema](https://github.com/python-jsonschema/jsonschema) |
`4.25.0` | `4.25.1` |
| [pygithub](https://github.com/pygithub/pygithub) | `2.6.1` | `2.7.0` |
| [requests](https://github.com/psf/requests) | `2.32.4` | `2.32.5` |
| [rpds-py](https://github.com/crate-py/rpds) | `0.26.0` | `0.27.0` |
| [wrapt](https://github.com/GrahamDumpleton/wrapt) | `1.17.2` |
`1.17.3` |
| [zstandard](https://github.com/indygreg/python-zstandard) | `0.23.0` |
`0.24.0` |
| [pywin32](https://github.com/mhammond/pywin32) | `310` | `311` |
| [mypy](https://github.com/python/mypy) | `1.17.0` | `1.17.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.12.4` | `0.12.9` |
| [types-jsonschema](https://github.com/typeshed-internal/stub_uploader)
| `4.25.0.20250720` | `4.25.0.20250809` |
| [types-pyyaml](https://github.com/typeshed-internal/stub_uploader) |
`6.0.12.20250516` | `6.0.12.20250809` |
Updates `certifi` from 2025.7.14 to 2025.8.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/a97d9ad8f87c382378dddc0b0b33b9770932404e"><code>a97d9ad</code></a>
2025.08.03 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/362">#362</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2025.07.14...2025.08.03">compare
view</a></li>
</ul>
</details>
<br />
Updates `charset-normalizer` from 3.4.2 to 3.4.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jawah/charset_normalizer/releases">charset-normalizer's
releases</a>.</em></p>
<blockquote>
<h2>Version 3.4.3</h2>
<h2><a
href="https://github.com/Ousret/charset_normalizer/compare/3.4.2...3.4.3">3.4.3</a>
(2025-08-09)</h2>
<h3>Changed</h3>
<ul>
<li>mypy(c) is no longer a required dependency at build time if
<code>CHARSET_NORMALIZER_USE_MYPYC</code> isn't set to <code>1</code>.
(<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/595">#595</a>)
(<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/583">#583</a>)</li>
<li>automatically lower confidence on small bytes samples that are not
Unicode in <code>detect</code> output legacy function. (<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/391">#391</a>)</li>
</ul>
<h3>Added</h3>
<ul>
<li>Custom build backend to overcome inability to mark mypy as an
optional dependency in the build phase.</li>
<li>Support for Python 3.14</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>sdist archive contained useless directories.</li>
<li>automatically fallback on valid UTF-16 or UTF-32 even if the md says
it's noisy. (<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/633">#633</a>)</li>
</ul>
<h3>Misc</h3>
<ul>
<li>SBOM are automatically published to the relevant GitHub release to
comply with regulatory changes.
Each published wheel comes with its SBOM. We choose CycloneDX as the
format.</li>
<li>Prebuilt optimized wheel are no longer distributed by default for
CPython 3.7 due to a change in cibuildwheel.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md">charset-normalizer's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/Ousret/charset_normalizer/compare/3.4.2...3.4.3">3.4.3</a>
(2025-08-09)</h2>
<h3>Changed</h3>
<ul>
<li>mypy(c) is no longer a required dependency at build time if
<code>CHARSET_NORMALIZER_USE_MYPYC</code> isn't set to <code>1</code>.
(<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/595">#595</a>)
(<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/583">#583</a>)</li>
<li>automatically lower confidence on small bytes samples that are not
Unicode in <code>detect</code> output legacy function. (<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/391">#391</a>)</li>
</ul>
<h3>Added</h3>
<ul>
<li>Custom build backend to overcome inability to mark mypy as an
optional dependency in the build phase.</li>
<li>Support for Python 3.14</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>sdist archive contained useless directories.</li>
<li>automatically fallback on valid UTF-16 or UTF-32 even if the md says
it's noisy. (<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/633">#633</a>)</li>
</ul>
<h3>Misc</h3>
<ul>
<li>SBOM are automatically published to the relevant GitHub release to
comply with regulatory changes.
Each published wheel comes with its SBOM. We choose CycloneDX as the
format.</li>
<li>Prebuilt optimized wheel are no longer distributed by default for
CPython 3.7 due to a change in cibuildwheel.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/46f662da20edeced520c8819965a37eefbbc85de"><code>46f662d</code></a>
Release 3.4.3 (<a
href="https://redirect.github.com/jawah/charset_normalizer/issues/638">#638</a>)</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/1a059b26c155dd5fca408b0e0145c930633c4bf2"><code>1a059b2</code></a>
:wrench: skip building on freethreaded as we're not confident it is
stable</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/2275e3d3fea2bf6232661f1e9c21e7b81428e2a6"><code>2275e3d</code></a>
:pencil: final note in CHANGELOG.md</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/c96acdfdb34b5b1deb6f70803167bae89b209832"><code>c96acdf</code></a>
:pencil: update release date on CHANGELOG.md</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/43e5460518003df24ad1a3e7b5c0a34445395012"><code>43e5460</code></a>
:pencil: update README.md</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/f277074e281a070cfa64fc91c46f8291043fc37c"><code>f277074</code></a>
:wrench: automatically lower confidence on small bytes str on non
Unicode res...</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/15ae2411072b5e026f2c9d6ec81b55f75af7dcf2"><code>15ae241</code></a>
:bug: automatically fallback on valid UTF-16 or UTF-32 even if the md
says it...</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/37397c1799a05454ab42fbbc94a7643cdb277924"><code>37397c1</code></a>
:wrench: enable 3.14 in nox test_mypyc session</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/cb82537ecad195f48383b92e330351cea1fc6bc8"><code>cb82537</code></a>
:rewind: revert license due to compat python 3.7 issue setuptools</li>
<li><a
href="https://github.com/jawah/charset_normalizer/commit/6a2efeb4c6e205964b61008b0c36ddf88c321543"><code>6a2efeb</code></a>
:art: fix linter errors</li>
<li>Additional commits viewable in <a
href="https://github.com/jawah/charset_normalizer/compare/3.4.2...3.4.3">compare
view</a></li>
</ul>
</details>
<br />
Updates `cryptography` from 45.0.5 to 45.0.6
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst">cryptography's
changelog</a>.</em></p>
<blockquote>
<p>45.0.6 - 2025-08-05</p>
<pre><code>
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL
3.5.2.
<p>.. _v45-0-5:<br />
</code></pre></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pyca/cryptography/commit/66198c23c97c9594d64540e5a866e4b4121aec2d"><code>66198c2</code></a>
Bump for release (<a
href="https://redirect.github.com/pyca/cryptography/issues/13249">#13249</a>)</li>
<li>See full diff in <a
href="https://github.com/pyca/cryptography/compare/45.0.5...45.0.6">compare
view</a></li>
</ul>
</details>
<br />
Updates `jsonschema` from 4.25.0 to 4.25.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python-jsonschema/jsonschema/releases">jsonschema's
releases</a>.</em></p>
<blockquote>
<h2>v4.25.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>Fix <code>Validator</code> protocol init to match runtime by <a
href="https://github.com/sirosen"><code>@sirosen</code></a> in <a
href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1396">python-jsonschema/jsonschema#1396</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/python-jsonschema/jsonschema/compare/v4.25.0...v4.25.1">https://github.com/python-jsonschema/jsonschema/compare/v4.25.0...v4.25.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst">jsonschema's
changelog</a>.</em></p>
<blockquote>
<h1>v4.25.1</h1>
<ul>
<li>Fix an incorrect required argument in the <code>Validator</code>
protocol's type annotations (<a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1396">#1396</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/331c38425519b69118d22ebe467ad230fb83a010"><code>331c384</code></a>
Add the fix to the changelog.</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/c1ec0a645e913e83de95995f6efbbd358676abf6"><code>c1ec0a6</code></a>
Merge pull request <a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1398">#1398</a>
from python-jsonschema/dependabot/github_actions/ast...</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/8e7d594faff13f8f663b306a0d86bea0ce5de6cb"><code>8e7d594</code></a>
Merge pull request <a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1399">#1399</a>
from python-jsonschema/dependabot/github_actions/act...</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/460f4fae42664773160f56ccc843a4fcea34f7cf"><code>460f4fa</code></a>
Merge pull request <a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1396">#1396</a>
from sirosen/improve-protocol-init-signature</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/1e58409b71a9696b7bf9938ae8a3a48ef95ab29e"><code>1e58409</code></a>
[pre-commit.ci] auto fixes from pre-commit.com hooks</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/64bc2171624ef201bdbf35e47780348ce30935c5"><code>64bc217</code></a>
Add a typing test for the Validator protocol</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/6c25741bff889477680f9b0d1aa967ae35c38f43"><code>6c25741</code></a>
Bump actions/checkout from 4 to 5</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/bf603d59117f840916709fc87c6625df43d1fe72"><code>bf603d5</code></a>
Bump astral-sh/setup-uv from 6.4.3 to 6.5.0</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/a916d8f8253baa11bacc60f0868f0bab1e42d526"><code>a916d8f</code></a>
Fix <code>Validator</code> protocol init to match runtime</li>
<li><a
href="https://github.com/python-jsonschema/jsonschema/commit/de60f18bd97395a52a11b561eb62963e0ffe9e71"><code>de60f18</code></a>
Merge pull request <a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1397">#1397</a>
from python-jsonschema/pre-commit-ci-update-config</li>
<li>Additional commits viewable in <a
href="https://github.com/python-jsonschema/jsonschema/compare/v4.25.0...v4.25.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `pygithub` from 2.6.1 to 2.7.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pygithub/pygithub/releases">pygithub's
releases</a>.</em></p>
<blockquote>
<h2>v2.7.0</h2>
<h2>What's Changed</h2>
<h3>Breaking Changes</h3>
<ul>
<li>Method <code>Github.get_rate_limit()</code> now returns
<code>RateLimitOverview</code> rather than <code>RateLimit</code> (<a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3205">PyGithub/PyGithub#3205</a>).</li>
</ul>
<p>Code like</p>
<pre lang="python"><code>gh.get_rate_limit().core.remaining
</code></pre>
<p>should be replaced with</p>
<pre lang="python"><code>gh.get_rate_limit().resources.core.remaining
</code></pre>
<ul>
<li>Method <code>GitTag.verification</code> now returns
<code>GitCommitVerification</code> rather than <code>dict[str,
Any]</code> (<a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3226">PyGithub/PyGithub#3226</a>).</li>
</ul>
<p>Code like</p>
<pre lang="python"><code>tag.verification["reason"]
tag.verification.get("reason")
</code></pre>
<p>should be replaced with</p>
<pre lang="python"><code>tag.verification.reason
</code></pre>
<h3>New Features</h3>
<ul>
<li>Add getting list of self-hosted runners of organization by <a
href="https://github.com/climbfuji"><code>@climbfuji</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3190">PyGithub/PyGithub#3190</a></li>
<li>Apply OpenAPI spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3317">PyGithub/PyGithub#3317</a></li>
<li>Add support for Sub-Issues by <a
href="https://github.com/e7217"><code>@e7217</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3258">PyGithub/PyGithub#3258</a></li>
</ul>
<h3>Improvements</h3>
<ul>
<li>Refactor search results into separate classes by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3204">PyGithub/PyGithub#3204</a></li>
<li>Add <code>OrganizationInvitation</code> by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3207">PyGithub/PyGithub#3207</a></li>
<li>Add and apply missing schemas by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3209">PyGithub/PyGithub#3209</a></li>
<li>Sync <code>RepositoryAdvisory</code> tests with OpenAPI spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3215">PyGithub/PyGithub#3215</a></li>
<li>Sync <code>ProjectColumn</code> and <code>ProjectCard</code> tests
with OpenAPI spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3216">PyGithub/PyGithub#3216</a></li>
<li>Sync <code>CopilotSeat</code> class with API spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3232">PyGithub/PyGithub#3232</a></li>
<li>Sync <code>HookDeliverySummary</code> class with API spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3233">PyGithub/PyGithub#3233</a></li>
<li>Sync <code>RequiredPullRequestReviews</code> class with API spec by
<a href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3234">PyGithub/PyGithub#3234</a></li>
<li>Sync <code>RequiredStatusChecks</code> class with API spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3236">PyGithub/PyGithub#3236</a></li>
<li>Sync <code>Team</code> class with API spec by <a
href="https://github.com/EnricoMi"><code>@EnricoMi</code></a> in <a
href="https://redirect.github.com/PyGithub/PyGithub/pull/3237">PyGithub/PyGithub#3237</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst">pygithub's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.7.0 (July 31, 2025)</h2>
<p>Breaking Changes
^^^^^^^^^^^^^^^^</p>
<ul>
<li>
<p>Method <code>Github.get_rate_limit()</code> now returns
<code>RateLimitOverview</code> rather than <code>RateLimit</code>
(<code>[#3205](https://github.com/pygithub/pygithub/issues/3205)
<https://github.com/PyGithub/PyGithub/pull/3205></code><em>)
(<code>56ee057a
<https://github.com/PyGithub/PyGithub/commit/56ee057a></code></em>).</p>
<p>Code like</p>
<p>.. code-block:: python</p>
<p>gh.get_rate_limit().core.remaining</p>
<p>should be replaced with</p>
<p>.. code-block:: python</p>
<p>gh.get_rate_limit().resources.core.remaining</p>
</li>
<li>
<p>Method <code>GitTag.verification</code> now returns
<code>GitCommitVerification</code> rather than <code>dict[str,
Any]</code>
(<code>[#3226](https://github.com/pygithub/pygithub/issues/3226)
<https://github.com/PyGithub/PyGithub/pull/3226></code><em>)
(<code>850932cc
<https://github.com/PyGithub/PyGithub/commit/850932cc></code></em>).</p>
<p>Code like</p>
<p>.. code-block:: python</p>
<p>tag.verification["reason"]
tag.verification.get("reason")</p>
<p>should be replaced with</p>
<p>.. code-block:: python</p>
<p>tag.verification.reason</p>
</li>
</ul>
<p>Deprecations
^^^^^^^^^^^^</p>
<ul>
<li>Methods <code>dismissal_users</code> and
<code>dismissal_teams</code> of <code>RequiredPullRequestReviews</code>
are deprecated,
use <code>dismissal_restrictions.users</code> and
<code>dismissal_restrictions.teams</code> instead.</li>
</ul>
<p>New Features
^^^^^^^^^^^^</p>
<ul>
<li>Add getting list of self-hosted runners of organization
(<code>[#3190](https://github.com/pygithub/pygithub/issues/3190)
<https://github.com/PyGithub/PyGithub/pull/3190></code><em>)
(<code>b4092b5d
<https://github.com/PyGithub/PyGithub/commit/b4092b5d></code></em>)</li>
<li>Apply OpenAPI spec
(<code>[#3317](https://github.com/pygithub/pygithub/issues/3317)
<https://github.com/PyGithub/PyGithub/pull/3317></code><em>)
(<code>858b9e5b
<https://github.com/PyGithub/PyGithub/commit/858b9e5b></code></em>)</li>
<li>Add support for Sub-Issues
(<code>[#3258](https://github.com/pygithub/pygithub/issues/3258)
<https://github.com/PyGithub/PyGithub/pull/3258></code><em>)
(<code>c7858c85
<https://github.com/PyGithub/PyGithub/commit/c7858c85></code></em>)</li>
</ul>
<p>Improvement
^^^^^^^^^^^</p>
<ul>
<li>Refactor search results into separate classes
(<code>[#3204](https://github.com/pygithub/pygithub/issues/3204)
<https://github.com/PyGithub/PyGithub/pull/3204></code><em>)
(<code>938f80b1
<https://github.com/PyGithub/PyGithub/commit/938f80b1></code></em>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/bccc5aa1b02dc2135196c993e795bcb7795d9c72"><code>bccc5aa</code></a>
Release 2.7.0 (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3323">#3323</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/cb4281510da5a9c924b916ec6b50edc52b1fae34"><code>cb42815</code></a>
Add <code>delete_self_hosted_runner</code> to <code>Organization</code>
(<a
href="https://redirect.github.com/pygithub/pygithub/issues/3306">#3306</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/01196d67452e726a1ef6a26312e50e428b6a705d"><code>01196d6</code></a>
Normalize App ID to String & Enhance JWT Issuer Verification (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3272">#3272</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/c7858c85a1f1912e668f60f0f8de6ab2e75220bc"><code>c7858c8</code></a>
Add support for Sub-Issues (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3258">#3258</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/131949b3c12a89534874526bb812acdcd75c9db7"><code>131949b</code></a>
Make <code>TimingData.run_duration_ms</code> optional (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3268">#3268</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/0378cceedd9cd6f16514d7e1117d1b15d9e32824"><code>0378cce</code></a>
Fix side-effect when removing Authorization key from headers (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3313">#3313</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/da73fc8ac3d73341c971f881c773275ad19ba2ee"><code>da73fc8</code></a>
Fix url encoding of strings with slashes in URLs (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3263">#3263</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/f51a3f487e2e6493a29101a29908d8805fddc674"><code>f51a3f4</code></a>
Adds <code>multi_select</code> and <code>true_false</code> options to
<code>CustomProperty.value_type</code> (...</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/e7110bf41038ba0433bc04a048c73a8ecd26a32f"><code>e7110bf</code></a>
Relax 404 condition in <code>Requester</code> exception handling (<a
href="https://redirect.github.com/pygithub/pygithub/issues/3299">#3299</a>)</li>
<li><a
href="https://github.com/PyGithub/PyGithub/commit/95f015c8b46e62a853051ae98c1bff843765aa1f"><code>95f015c</code></a>
Support built-in <code>reversed()</code> on <code>PaginatedList</code>
(<a
href="https://redirect.github.com/pygithub/pygithub/issues/3260">#3260</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pygithub/pygithub/compare/v2.6.1...v2.7.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `requests` from 2.32.4 to 2.32.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.32.5</h2>
<h2>2.32.5 (2025-08-18)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>The SSLContext caching feature originally introduced in 2.32.0 has
created
a new class of issues in Requests that have had negative impact across a
number
of use cases. The Requests team has decided to revert this feature as
long term
maintenance of it is proving to be unsustainable in its current
iteration.</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Added support for Python 3.14.</li>
<li>Dropped support for Python 3.8 following its end of support.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.32.5 (2025-08-18)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>The SSLContext caching feature originally introduced in 2.32.0 has
created
a new class of issues in Requests that have had negative impact across a
number
of use cases. The Requests team has decided to revert this feature as
long term
maintenance of it is proving to be unsustainable in its current
iteration.</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Added support for Python 3.14.</li>
<li>Dropped support for Python 3.8 following its end of support.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/requests/commit/b25c87d7cb8d6a18a37fa12442b5f883f9e41741"><code>b25c87d</code></a>
v2.32.5</li>
<li><a
href="https://github.com/psf/requests/commit/131e506079d97606e4214cc4d87b780ac478de7a"><code>131e506</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/7010">#7010</a>
from psf/dependabot/github_actions/actions/checkout-...</li>
<li><a
href="https://github.com/psf/requests/commit/b336cb2bc616a63a93c6470c558fc1f576b77f90"><code>b336cb2</code></a>
Bump actions/checkout from 4.2.0 to 5.0.0</li>
<li><a
href="https://github.com/psf/requests/commit/46e939b5525d9c72b677340985582b04b128478a"><code>46e939b</code></a>
Update publish workflow to use <code>artifact-id</code> instead of
<code>name</code></li>
<li><a
href="https://github.com/psf/requests/commit/4b9c546aa3f35fca6ca24945376fe7462bb007c4"><code>4b9c546</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/6999">#6999</a>
from psf/dependabot/github_actions/step-security/har...</li>
<li><a
href="https://github.com/psf/requests/commit/7618dbef01d333f23ba4b9c4d97397b06dd89cb6"><code>7618dbe</code></a>
Bump step-security/harden-runner from 2.12.0 to 2.13.0</li>
<li><a
href="https://github.com/psf/requests/commit/2edca11103c1c27dd8b572dab544b7f48cf3b446"><code>2edca11</code></a>
Add support for Python 3.14 and drop support for Python 3.8 (<a
href="https://redirect.github.com/psf/requests/issues/6993">#6993</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/fec96cd5976ad763e45bac9a033d62cca1877a00"><code>fec96cd</code></a>
Update Makefile rules (<a
href="https://redirect.github.com/psf/requests/issues/6996">#6996</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/d58d8aa2f45c3575268d6d5250745ef69f9cf8b7"><code>d58d8aa</code></a>
docs: clarify timeout parameter uses seconds in Session.request (<a
href="https://redirect.github.com/psf/requests/issues/6994">#6994</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/91a3eabd3dcc4d7f36dd8249e4777a90ef9b4305"><code>91a3eab</code></a>
Bump github/codeql-action from 3.28.5 to 3.29.0</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.32.4...v2.32.5">compare
view</a></li>
</ul>
</details>
<br />
Updates `rpds-py` from 0.26.0 to 0.27.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-py/rpds/releases">rpds-py's
releases</a>.</em></p>
<blockquote>
<h2>v0.27.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>Allow packaging of wheels for riscv64 architecture by <a
href="https://github.com/ffgan"><code>@ffgan</code></a> in <a
href="https://redirect.github.com/crate-py/rpds/pull/150">crate-py/rpds#150</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ffgan"><code>@ffgan</code></a> made
their first contribution in <a
href="https://redirect.github.com/crate-py/rpds/pull/150">crate-py/rpds#150</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crate-py/rpds/compare/v0.26.0...v0.27.0">https://github.com/crate-py/rpds/compare/v0.26.0...v0.27.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-py/rpds/commit/c7cd37d2a2def95fe6d5c36aaf2a87feb6280f89"><code>c7cd37d</code></a>
Tag a release for RISC</li>
<li><a
href="https://github.com/crate-py/rpds/commit/7adac992a67fdf323c78cdf96a3f83745157e26f"><code>7adac99</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-py/rpds/issues/150">#150</a>
from ffgan/feature/allow_riscv_package</li>
<li><a
href="https://github.com/crate-py/rpds/commit/439ad44d249008a927d6528223387977cb9ac745"><code>439ad44</code></a>
fix format error</li>
<li><a
href="https://github.com/crate-py/rpds/commit/2091f272bd232fd292c34dc56766c9ffe3577964"><code>2091f27</code></a>
downgrade riscv64 manylinux version</li>
<li><a
href="https://github.com/crate-py/rpds/commit/29a539fb5b03936546db0867059594f47dc2fa08"><code>29a539f</code></a>
Merge branch 'crate-py:main' into feature/allow_riscv_package</li>
<li><a
href="https://github.com/crate-py/rpds/commit/7546f2d8c26d85c55412d18ff3aef2792d41e8ed"><code>7546f2d</code></a>
Allow packaging of wheels for riscv64 architecture</li>
<li><a
href="https://github.com/crate-py/rpds/commit/8ede3f474b438c90c66e9317d589aadb97935182"><code>8ede3f4</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-py/rpds/issues/149">#149</a>
from crate-py/dependabot/github_actions/github/codeql...</li>
<li><a
href="https://github.com/crate-py/rpds/commit/0840694707b02fdcf782ddb9db67c769fbbf6f25"><code>0840694</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-py/rpds/issues/148">#148</a>
from crate-py/dependabot/github_actions/astral-sh/set...</li>
<li><a
href="https://github.com/crate-py/rpds/commit/725aabe89862cb1e0449c072c81bdcf046d83ca8"><code>725aabe</code></a>
Bump github/codeql-action from 3.29.2 to 3.29.3</li>
<li><a
href="https://github.com/crate-py/rpds/commit/db4a842d81f36e48efb83df35aa7ccded82853a1"><code>db4a842</code></a>
Bump astral-sh/setup-uv from 6.3.1 to 6.4.1</li>
<li>See full diff in <a
href="https://github.com/crate-py/rpds/compare/v0.26.0...v0.27.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `wrapt` from 1.17.2 to 1.17.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/GrahamDumpleton/wrapt/releases">wrapt's
releases</a>.</em></p>
<blockquote>
<h2>wrapt-1.17.3</h2>
<p>See the project page on the Python Package Index at <a
href="https://pypi.org/project/wrapt/1.17.3/">https://pypi.org/project/wrapt/1.17.3/</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst">wrapt's
changelog</a>.</em></p>
<blockquote>
<h2>Version 1.17.3</h2>
<p><strong>Bugs Fixed</strong></p>
<ul>
<li>Reference count was not being incremented on type object for C
implementation
of the partial callable object proxy when module was initialized. If
wrapt was
being used in Python sub interpreters which were deleted it could lead
to the
process crashing.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/99130c02842c87001f40dbe73e21934c0615398d"><code>99130c0</code></a>
Build for Windows 11 ARM.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/26f5344323b6e4152587dcb86f4b5935aeda9ccf"><code>26f5344</code></a>
Build for Python 3.14.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/43dbbe0df1fc80a9b711af64f09b606e16c2396f"><code>43dbbe0</code></a>
Modify artifact upload pattern.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/e90bd88440bf38a33e5c06540d2ac889731bc9ab"><code>e90bd88</code></a>
Update cibuildwheel version.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/58efb76117a8ebbf78cf1b424a260b1a447d0dde"><code>58efb76</code></a>
Update to ubuntu-latest.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/800a2047f38ce4ad4dc3c821fc4630ea440adc11"><code>800a204</code></a>
Increment release version.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/33b8840d6eb06e1e40fffdb7e4136fd0e793332f"><code>33b8840</code></a>
Update obsolete GitHub action.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/1c755a1f6c32d5ce5015f4f7e8011d8b49648caa"><code>1c755a1</code></a>
Rename GitHub workflow file so can build package.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/ff4981b15cc989702c812d839438783bde885ecd"><code>ff4981b</code></a>
Fix crash due to lack of reference count.</li>
<li><a
href="https://github.com/GrahamDumpleton/wrapt/commit/ecbaaa12072aa970bd9223a703be8a406c39b322"><code>ecbaaa1</code></a>
Revert "Remove the dependency on <code>pkg_resources</code> and
hence <code>setuptools</code> on py...</li>
<li>Additional commits viewable in <a
href="https://github.com/GrahamDumpleton/wrapt/compare/1.17.2...1.17.3">compare
view</a></li>
</ul>
</details>
<br />
Updates `zstandard` from 0.23.0 to 0.24.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/indygreg/python-zstandard/releases">zstandard's
releases</a>.</em></p>
<blockquote>
<h2>0.24.0</h2>
<h1>Backwards Compatibility Notes</h1>
<ul>
<li>Support for Python 3.8 has been dropped because it reached end of
life. Python 3.9 is the minimum supported Python version. The code
should still be compatible with Python 3.8 and removing of version
checks from <code>setup.py</code> will likely yield a working install.
However, this is not officially supported.</li>
</ul>
<h1>Changes</h1>
<ul>
<li>Bundled zstd library upgraded from 1.5.6 to 1.5.7. (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/255">#255</a>)</li>
<li>We now use and require cffi 1.17.0 or newer. Previously, the
constraint was >=1.11.0 on Python <3.13.</li>
<li>The <code>pyproject.toml</code> file now defines a
<code>[project]</code> section.</li>
<li>We now use GitHub's native ARM Linux runners to build wheels and run
tests. Previously, Linux ARM wheels were built inside a QEMU virtualized
environment and we didn't run tests on this platform.</li>
<li>We now use GitHub's native ARM Windows runners to build wheels and
run tests. Previously, Windows ARM wheels were cross compiled from an
x86-64 runner and we never ran tests for the Windows ARM platform.</li>
<li>We now <code>collections.abs.Buffer</code> on Python 3.12+ instead
of <code>typing.ByteString</code>, as <code>typing.ByteString</code> was
deprecated and later removed. (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/238">#238</a>,
<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/262">#262</a>)</li>
<li>PyO3 Rust crate upgraded from 0.21 to 0.22 (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/257">#257</a>)
and later to 0.24.</li>
<li>Removed CI coverage for PyPy 3.9.</li>
<li>Added CI coverage for PyPy 3.11.</li>
<li>Anaconda Windows CI builds have been disabled because we're running
into an apparent conda bug.</li>
<li>Added CI coverage for Anaconda 3.12 and 3.13 on Linux and Windows
x86-64 (but the Windows builds no-op due to above issue).</li>
<li><code>get_frame_parameters()</code> now accepts an optional
<code>format</code> argument defining the zstandard frame type. You can
pass e.g. <code>zstandard.FORMAT_ZSTD1_MAGICLESS</code> to decode frames
without header magic. (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/217">#217</a>)</li>
<li>Initial Python 3.14 support. We build wheels and have CI test
coverage.</li>
</ul>
<h1>Source Archive Publishing Error</h1>
<p>During the release process of this version, we uploaded the source
archive to PyPI after some wheels. PyPI rejected the source archive
because of presence of a <code>license-file</code> entry while using
metadata version 2.4. We manually generated the source distribution
locally. The source distribution on PyPI therefore does not match what
GitHub Actions produced.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/indygreg/python-zstandard/blob/main/docs/news.rst">zstandard's
changelog</a>.</em></p>
<blockquote>
<h1>0.24.0 (released 2025-08-17)</h1>
<h2>Changes</h2>
<ul>
<li>Bundled zstd library upgraded from 1.5.6 to 1.5.7. (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/255">#255</a>)</li>
<li>We now use and require cffi 1.17.0 or newer. Previously, the
constraint
was >=1.11.0 on Python <3.13.</li>
<li>The <code>pyproject.toml</code> file now defines a
<code>[project]</code> section.</li>
<li>We now use GitHub's native ARM Linux runners to build wheels and run
tests.
Previously, Linux ARM wheels were built inside a QEMU virtualized
environment
and we didn't run tests on this platform.</li>
<li>We now use GitHub's native ARM Windows runners to build wheels and
run tests.
Previously, Windows ARM wheels were cross-compiled from an x86-64 runner
and
we never ran tests for the Windows ARM platform.</li>
<li>We now <code>collections.abs.Buffer</code> on Python 3.12+ instead
of <code>typing.ByteString</code>,
as <code>typing.ByteString</code> was deprecated and later removed. (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/238">#238</a>,
<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/262">#262</a>)</li>
<li>PyO3 Rust crate upgraded from 0.21 to 0.22 (<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/257">#257</a>)
and later to 0.24.</li>
<li>Removed CI coverage for PyPy 3.9.</li>
<li>Added CI coverage for PyPy 3.11.</li>
<li>Anaconda Windows CI builds have been disabled because we're running
into
an apparant conda bug.</li>
<li>Added CI coverage for Anaconda 3.12 and 3.13 on Linux and Windows
x86-64
(but the Windows builds no-op due to above issue).</li>
<li><code>get_frame_parameters()</code> now accepts an optional
<code>format</code> argument
defining the zstandard frame type. You can pass e.g.
<code>zstandard.FORMAT_ZSTD1_MAGICLESS</code> to decode frames without
header magic.
(<a
href="https://redirect.github.com/indygreg/python-zstandard/issues/217">#217</a>)</li>
<li>Initial Python 3.14 support. We build wheels and have CI test
coverage.</li>
</ul>
<h2>Backwards Compatibility Notes</h2>
<ul>
<li>Support for Python 3.8 has been dropped because it reached end of
life.
Python 3.9 is the minimum supported Python version. The code should
still be
compatible with Python 3.7 and removing of version checks from
<code>setup.py</code>
will likely yield a working install. However, this is not officially
supported.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/9223924b1db8f36cf1c7c2dcd55232093890d145"><code>9223924</code></a>
global: release 0.24.0</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/b63f21e75c85537feb6e9ede6b515ce1f109ac6e"><code>b63f21e</code></a>
ci: remove cibuildwheel from <code>requirements.txt</code></li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/724df3df0ff524d6f6278e7ac1e72061f6b5bc62"><code>724df3d</code></a>
build: require cffi 1.17.0</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/58fca18a3aaa9a520c33cc874517fc10d36957f7"><code>58fca18</code></a>
build: use static dependency metadata</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/fd9553600d91626ed2070eb721bb01780cb37310"><code>fd95536</code></a>
docs: move the potential 1.0 feature list from <code>news.rst</code> to
`missing_feature...</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/a32e7a6ee530c37e665b97a4ac6cabeccfb1ec79"><code>a32e7a6</code></a>
docs: fix incorrect <code>dict_id()</code> reference</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/4110f711ca658e43b8ab03fd350ee80d22c59596"><code>4110f71</code></a>
ci: add Python 3.14 wheels and test coverage</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/c950bbf5c86a9641bbab7d232cc5371475c7e025"><code>c950bbf</code></a>
ci: upgrade macOS wheel environment to Python 3.13</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/075f8ca4eefd366f89f642037e44685953bcf1cf"><code>075f8ca</code></a>
docs: add top-level docs section for One-Shot APIs</li>
<li><a
href="https://github.com/indygreg/python-zstandard/commit/7312fae803fb33758f9ef6f9fafd5d33f912007f"><code>7312fae</code></a>
frameparams: support defining frame format for
<code>get_frame_parameters()</code></li>
<li>Additional commits viewable in <a
href="https://github.com/indygreg/python-zstandard/compare/0.23.0...0.24.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `pywin32` from 310 to 311
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mhammond/pywin32/releases">pywin32's
releases</a>.</em></p>
<blockquote>
<h2>Build 311</h2>
<p>A release with <a
href="https://github.com/mhammond/pywin32/blob/b311/CHANGES.txt#L18">a
number of incremental improvements</a></p>
<p>Install via pip:</p>
<pre><code>pip install pywin32 --upgrade
</code></pre>
<p>More <a
href="https://github.com/mhammond/pywin32#installing-via-pip">details in
the README</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mhammond/pywin32/blob/main/CHANGES.md">pywin32's
changelog</a>.</em></p>
<blockquote>
<h2>Build 311, released 2025/07/14</h2>
<ul>
<li>Fix use-after-free in CertDeleteCertificateFromStore
(mhammond#2637)</li>
<li>Better support for COM identifiers with non-ascii characters
(mhammond#2632)</li>
<li>pywin32's own warnings will now refer to the caller, rather than to
the internal source of warning itself (mhammond#2594, [<a
href="https://github.com/Avasam"><code>@Avasam</code></a>][Avasam])</li>
<li>Fixed a regression that broke special <code>__dunder__</code>
methods with CoClass. (mhammond#1870, mhammond#2493, [<a
href="https://github.com/Avasam"><code>@Avasam</code></a>][Avasam], [<a
href="https://github.com/geppi"><code>@geppi</code></a>][geppi])</li>
<li>Fixed <code>TypeError: cannot unpack non-iterable NoneType
object</code> when registering an axscript client
<code>ScriptItem</code> (mhammond#2513, [<a
href="https://github.com/Avasam"><code>@Avasam</code></a>][Avasam])</li>
<li>Fixed a memory leak when SafeArrays are used as out parameters ([<a
href="https://github.com/the-snork"><code>@the-snork</code></a>][the-snork])</li>
<li>Fixed dispatch handling for properties ([<a
href="https://github.com/the-snork"><code>@the-snork</code></a>][the-snork])</li>
<li>Resolved a handful of deprecation warnings (mhammond#2567,
mhammond#2576, [<a
href="https://github.com/Avasam"><code>@Avasam</code></a>][Avasam])</li>
<li>The following classes now produce a valid <code>eval</code> string
representation when calling <code>repr</code>: (mhammond#2573, [<a
href="https://github.com/Avasam"><code>@Avasam</code></a>][Avasam])
<ul>
<li><code>pywin.tools.browser.HLIPythonObject</code></li>
<li><code>win32com.server.exception.COMException</code></li>
<li><code>win32comext.axscript.client.error.AXScriptException</code></li>
<li><code>win32comext.axscript.client.pyscript.NamedScriptAttribute</code></li>
</ul>
</li>
<li>Added initial <code>DECIMAL/VT_DECIMAL</code> support
(mhammond#1501, [<a
href="https://github.com/gesslerpd"><code>@gesslerpd</code></a>][gesslerpd])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/mhammond/pywin32/commits">compare view</a></li>
</ul>
</details>
<br />
Updates `mypy` from 1.17.0 to 1.17.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/mypy/blob/master/CHANGELOG.md">mypy's
changelog</a>.</em></p>
<blockquote>
<h3>Mypy 1.17.1</h3>
<ul>
<li>Retain <code>None</code> as constraints bottom if no bottoms were
provided (Stanislav Terliakov, PR <a
href="https://redirect.github.com/python/mypy/pull/19485">19485</a>)</li>
<li>Fix "ignored exception in <code>hasattr</code>" in dmypy
(Stanislav Terliakov, PR <a
href="https://redirect.github.com/python/mypy/pull/19428">19428</a>)</li>
<li>Prevent a crash when InitVar is redefined with a method in a
subclass (Stanislav Terliakov, PR <a
href="https://redirect.github.com/python/mypy/pull/19453">19453</a>)</li>
</ul>
<h3>Acknowledgements</h3>
<p>Thanks to all mypy contributors who contributed to this release:</p>
<ul>
<li>Alexey Makridenko</li>
<li>Brian Schubert</li>
<li>Chad Dombrova</li>
<li>Chainfire</li>
<li>Charlie Denton</li>
<li>Charulata</li>
<li>Christoph Tyralla</li>
<li>CoolCat467</li>
<li>Donal Burns</li>
<li>Guy Wilson</li>
<li>Ivan Levkivskyi</li>
<li>johnthagen</li>
<li>Jukka Lehtosalo</li>
<li>Łukasz Kwieciński</li>
<li>Marc Mueller</li>
<li>Michael J. Sullivan</li>
<li>Mikhail Golubev</li>
<li>Sebastian Rittau</li>
<li>Shantanu</li>
<li>Stanislav Terliakov</li>
<li>wyattscarpenter</li>
</ul>
<p>I’d also like to thank my employer, Dropbox, for supporting mypy
development.</p>
<h2>Mypy 1.16</h2>
<p>We’ve just uploaded mypy 1.16 to the Python Package Index (<a
href="https://pypi.org/project/mypy/">PyPI</a>).
Mypy is a static type checker for Python. This release includes new
features and bug fixes.
You can install it as follows:</p>
<pre><code>python3 -m pip install -U mypy
</code></pre>
<p>You can read the full documentation for this release on <a
href="http://mypy.readthedocs.io">Read the Docs</a>.</p>
<h3>Different Property Getter and Setter Types</h3>
<p>Mypy now supports using different types for a property getter and
setter:</p>
<pre lang="python"><code>class A:
_value: int
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/mypy/commit/acb29831e286bbccde37c03bc75381f40a5fdc9e"><code>acb2983</code></a>
Bump version to 1.17.1</li>
<li><a
href="https://github.com/python/mypy/commit/933c913fbe6d2fbf277ff8d6b2f2298f0f84be64"><code>933c913</code></a>
Retain <code>None</code> as constraints bottom if no bottoms were
provided (<a
href="https://redirect.github.com/python/mypy/issues/19485">#19485</a>)</li>
<li><a
href="https://github.com/python/mypy/commit/5f4428f0286df58169d2f34f4f86561ad617538b"><code>5f4428f</code></a>
Fix "ignored exception in <code>hasattr</code>" in dmypy (<a
href="https://redirect.github.com/python/mypy/issues/19428">#19428</a>)</li>
<li><a
href="https://github.com/python/mypy/commit/88fdeaae0abc92d605fc475fd153b4ad5b239310"><code>88fdeaa</code></a>
Prevent a crash when InitVar is redefined with a method in a subclass
(<a
href="https://redirect.github.com/python/mypy/issues/19453">#19453</a>)</li>
<li><a
href="https://github.com/python/mypy/commit/e44d14f8e52a8890d08726ee753c8754edefd649"><code>e44d14f</code></a>
Bump version to 1.17.1+dev</li>
<li>See full diff in <a
href="https://github.com/python/mypy/compare/v1.17.0...v1.17.1">compare
view</a></li>
</ul>
</details>
<br />
Updates `ruff` from 0.12.4 to 0.12.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.12.9</h2>
<h2>Release Notes</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>airflow</code>] Add check for
<code>airflow.secrets.cache.SecretCache</code> (<code>AIR301</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17707">#17707</a>)</li>
<li>[<code>ruff</code>] Offer a safe fix for multi-digit zeros
(<code>RUF064</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19847">#19847</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[<code>flake8-blind-except</code>] Fix <code>BLE001</code>
false-positive on <code>raise ... from None</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19755">#19755</a>)</li>
<li>[<code>flake8-comprehensions</code>] Fix false positive for
<code>C420</code> with attribute, subscript, or slice assignment targets
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/19513">#19513</a>)</li>
<li>[<code>flake8-simplify</code>] Fix handling of U+001C..U+001F
whitespace (<code>SIM905</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19849">#19849</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>pylint</code>] Use lowercase hex characters to match the
formatter (<code>PLE2513</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19808">#19808</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Fix <code>lint.future-annotations</code> link (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19876">#19876</a>)</li>
</ul>
<h3>Other changes</h3>
<ul>
<li>
<p>Build <code>riscv64</code> binaries for release (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19819">#19819</a>)</p>
</li>
<li>
<p>Add rule code to error description in GitLab output (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19896">#19896</a>)</p>
</li>
<li>
<p>Improve rendering of the <code>full</code> output format (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19415">#19415</a>)</p>
<p>Below is an example diff for <a
href="https://docs.astral.sh/ruff/rules/unused-import/"><code>F401</code></a>:</p>
<pre lang="diff"><code>-unused.py:8:19: F401 [*] `pathlib` imported but
unused
+F401 [*] `pathlib` imported but unused
+ --> unused.py:8:19
|
7 | # Unused, _not_ marked as required (due to the alias).
8 | import pathlib as non_alias
- | ^^^^^^^^^ F401
+ | ^^^^^^^^^
9 |
10 | # Unused, marked as required.
|
- = help: Remove unused import: `pathlib`
+help: Remove unused import: `pathlib`
</code></pre>
<p>For now, the primary difference is the movement of the filename, line
number, and column information to a second line in the header. This new
representation will allow us to make further additions to Ruff's
diagnostics, such as adding sub-diagnostics and multiple annotations to
the same snippet.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.12.9</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>airflow</code>] Add check for
<code>airflow.secrets.cache.SecretCache</code> (<code>AIR301</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17707">#17707</a>)</li>
<li>[<code>ruff</code>] Offer a safe fix for multi-digit zeros
(<code>RUF064</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19847">#19847</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[<code>flake8-blind-except</code>] Fix <code>BLE001</code>
false-positive on <code>raise ... from None</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19755">#19755</a>)</li>
<li>[<code>flake8-comprehensions</code>] Fix false positive for
<code>C420</code> with attribute, subscript, or slice assignment targets
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/19513">#19513</a>)</li>
<li>[<code>flake8-simplify</code>] Fix handling of U+001C..U+001F
whitespace (<code>SIM905</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19849">#19849</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>pylint</code>] Use lowercase hex characters to match the
formatter (<code>PLE2513</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19808">#19808</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Fix <code>lint.future-annotations</code> link (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19876">#19876</a>)</li>
</ul>
<h3>Other changes</h3>
<ul>
<li>
<p>Build <code>riscv64</code> binaries for release (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19819">#19819</a>)</p>
</li>
<li>
<p>Add rule code to error description in GitLab output (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19896">#19896</a>)</p>
</li>
<li>
<p>Improve rendering of the <code>full</code> output format (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19415">#19415</a>)</p>
<p>Below is an example diff for <a
href="https://docs.astral.sh/ruff/rules/unused-import/"><code>F401</code></a>:</p>
<pre lang="diff"><code>-unused.py:8:19: F401 [*] `pathlib` imported but
unused
+F401 [*] `pathlib` imported but unused
+ --> unused.py:8:19
|
7 | # Unused, _not_ marked as required (due to the alias).
8 | import pathlib as non_alias
- | ^^^^^^^^^ F401
+ | ^^^^^^^^^
9 |
10 | # Unused, marked as required.
|
- = help: Remove unused import: `pathlib`
+help: Remove unused import: `pathlib`
</code></pre>
<p>For now, the primary difference is the movement of the filename, line
number, and column information to a second line in the header. This new
representation will allow us to make further additions to Ruff's
diagnostics, such as adding sub-diagnostics and multiple annotations to
the same snippet.</p>
</li>
</ul>
<h2>0.12.8</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astral-sh/ruff/commit/ef422460de726c5b896c09c364d02a4db24bcaf0"><code>ef42246</code></a>
Bump 0.12.9 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19917">#19917</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/dc2e8ab3776a7f7ec9ec26be61939f73567a2c13"><code>dc2e8ab</code></a>
[ty] support <code>kw_only=True</code> for <code>dataclass()</code> and
<code>field()</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19677">#19677</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/9aaa82d037a12e38daebe518ab11c83414f2fe55"><code>9aaa82d</code></a>
Feature/build riscv64 bin (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19819">#19819</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/3288ac2dfbfd3388b6ed99fe9776ea228eecca54"><code>3288ac2</code></a>
[ty] Add caching to <code>CodeGeneratorKind::matches()</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19912">#19912</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/1167ed61cf3fa186e852df2d6ec9cb0136dffa80"><code>1167ed6</code></a>
[ty] Rename <code>functionArgumentNames</code> to
<code>callArgumentNames</code> inlay hint setting...</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/2ee47d87b6908a6ba6f672bf48d6f42c17ee3dfe"><code>2ee47d8</code></a>
[ty] Default <code>ty.inlayHints.*</code> server settings to true (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19910">#19910</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/d324cedfc2d953f5ed435fc4ba0b1e2d504641c3"><code>d324ced</code></a>
[ty] Remove py-fuzzer skips for seeds that are no longer slow (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19906">#19906</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/5a570c8e6d227b1f4270987b124e853ccd7b2af3"><code>5a570c8</code></a>
[ty] fix deferred name loading in PEP695 generic classes/functions (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19888">#19888</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/baadb5a78d7cddf0d876a841f308287a853e81e9"><code>baadb5a</code></a>
[ty] Add some additional type safety to <code>CycleDetector</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19903">#19903</a>)</li>
<li><a
href="https://github.com/astral-sh/ruff/commit/df0648aae046f30bd1993323d93091bf4bde385c"><code>df0648a</code></a>
[<code>flake8-blind-except</code>] Fix <code>BLE001</code>
false-positive on <code>raise ... from None</code> ...</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.12.4...0.12.9">compare
view</a></li>
</ul>
</details>
<br />
Updates `types-jsonschema` from 4.25.0.20250720 to 4.25.0.20250809
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />
Updates `types-pyyaml` from 6.0.12.20250516 to 6.0.12.20250809
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This is from cargo 1.88, since 1.89 pulls in let-chains, and whatever version of Rust is in GitHub CI doesn't support them last time I tried. (We should upgrade it at some point, though, since our Rust usage is all internal.)
- astral-sh/python-build-standalone#204 Add support for loongarch64 linux gnu target. No automated builds; manual execution of `./build-linux.py --target loongarch64-unknown-linux-gnu`. Signed-off-by: 吴小白 <296015668@qq.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| pull_request: {} | ||
| jobs: | ||
| running-3rd-party-pr-security-checks: | ||
| uses: verkada/securitybots/.github/workflows/3rd-party-pr-checks.yml@main |
Check warning
Code scanning / zizmor
secrets unconditionally inherited by called workflow Warning
joseflores314
approved these changes
Sep 5, 2025
juanzolotoochin
approved these changes
Sep 5, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.