notus-scanner icon indicating copy to clipboard operation
notus-scanner copied to clipboard
verified publisher icon greenbone

Deps: Bump the python-packages group across 1 directory with 11 updates

Open dependabot[bot] opened this issue 8 months ago • 0 comments

Bumps the python-packages group with 11 updates in the / directory:

Package From To
packaging 24.2 25.0
pontos 25.3.3 25.4.0
autohooks 25.3.0 25.4.1
certifi 2025.1.31 2025.4.26
exceptiongroup 1.2.2 1.3.0
httpcore 0.13.2 1.0.9
httpx 0.25.1 0.28.1
lxml 5.3.2 5.4.0
mypy-extensions 1.0.0 1.1.0
platformdirs 4.3.7 4.3.8
ruff 0.11.5 0.11.9

Updates packaging from 24.2 to 25.0

Release notes

Sourced from packaging's releases.

25.0

What's Changed

New Contributors

Full Changelog: https://github.com/pypa/packaging/compare/24.2...25.0

Changelog

Sourced from packaging's changelog.

25.0 - 2025-04-19


* PEP 751: Add support for ``extras`` and ``dependency_groups`` markers. (:issue:`885`)
* PEP 738: Add support for Android platform tags. (:issue:`880`)
Commits
  • f585376 Bump for release
  • 600ecea Add changelog entries
  • 3910129 support 'extras' and 'dependency_groups' markers (#888)
  • 8e49b43 Add support for PEP 738 Android tags (#880)
  • e624d8e Bump the github-actions group with 3 updates (#886)
  • 71f38d8 Bump the github-actions group with 2 updates (#878)
  • 9b4922d Bump the github-actions group with 3 updates (#870)
  • 8510bd9 Upgrade to ruff 0.9.1 (#865)
  • 9375ec2 Re-add tests for Unicode file name parsing (#863)
  • 2256ed4 Bump the github-actions group across 1 directory with 2 updates (#864)
  • Additional commits viewable in compare view

Updates pontos from 25.3.3 to 25.4.0

Release notes

Sourced from pontos's releases.

pontos 25.4.0

25.4.0 - 2025-04-28

Dependencies

  • Bump the python-packages group across 1 directory with 8 updates 58a0889
  • Bump the python-packages group with 5 updates d090af5
  • Bump the python-packages group with 8 updates f8a9b52
  • Bump the python-packages group across 1 directory with 5 updates 8d12c14
  • Bump actions/upload-artifact in the actions group 0242859
Commits
  • d4ab71c Automatic release to 25.4.0
  • 58a0889 Deps: Bump the python-packages group across 1 directory with 8 updates
  • d090af5 Deps: Bump the python-packages group with 5 updates
  • f8a9b52 Deps: Bump the python-packages group with 8 updates
  • 8d12c14 Deps: Bump the python-packages group across 1 directory with 5 updates
  • 0242859 Deps: Bump actions/upload-artifact in the actions group
  • 2605224 Automatic adjustments after release [skip ci]
  • See full diff in compare view

Updates autohooks from 25.3.0 to 25.4.1

Release notes

Sourced from autohooks's releases.

autohooks 25.4.1

25.4.1 - 2025-04-25

Dependencies

autohooks 25.4.0

25.4.0 - 2025-04-23

Dependencies

  • Bump the dependencies group with 4 updates 0c35d6b
  • Bump the dependencies group with 5 updates f2ef4ed
  • Bump the dependencies group with 3 updates 1fb3b60
  • Bump the dependencies group with 3 updates c22bddb
  • Bump the dependencies group with 3 updates 4fe804b
Commits
  • c3bda42 Automatic release to 25.4.1
  • bcd7773 Deps: Update deps - fix h11
  • 9bfa624 Automatic adjustments after release [skip ci]
  • 65b53e5 Automatic release to 25.4.0
  • 0c35d6b Deps: Bump the dependencies group with 4 updates
  • f2ef4ed Deps: Bump the dependencies group with 5 updates
  • 1fb3b60 Deps: Bump the dependencies group with 3 updates
  • c22bddb Deps: Bump the dependencies group with 3 updates
  • 4fe804b Deps: Bump the dependencies group with 3 updates
  • 607cc08 Automatic adjustments after release [skip ci]
  • See full diff in compare view

Updates certifi from 2025.1.31 to 2025.4.26

Commits
  • 275c9eb 2025.04.26 (#347)
  • 3788331 Bump actions/setup-python from 5.4.0 to 5.5.0 (#346)
  • 9d1f1b7 Bump actions/download-artifact from 4.1.9 to 4.2.1 (#344)
  • 96b97a5 Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#343)
  • c054ed3 Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (#342)
  • 44547fc Bump actions/download-artifact from 4.1.8 to 4.1.9 (#341)
  • 5ea5124 Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#340)
  • 2f142b7 Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (#339)
  • 80d2ebd Bump actions/setup-python from 5.3.0 to 5.4.0 (#337)
  • See full diff in compare view

Updates exceptiongroup from 1.2.2 to 1.3.0

Release notes

Sourced from exceptiongroup's releases.

1.3.0

  • Added **kwargs to function and method signatures as appropriate to match the signatures in the standard library
  • In line with the stdlib typings in typeshed, updated (Base)ExceptionGroup generic types to define defaults for their generic arguments (defaulting to BaseExceptionGroup[BaseException] and ExceptionGroup[Exception]) (PR by @​mikenerone)
  • Changed BaseExceptionGroup.__init__() to directly call BaseException.__init__() instead of the superclass __init__() in order to emulate the CPython behavior (broken or not) (PR by @​cfbolz)
  • Changed the exceptions attribute to always return the same tuple of exceptions, created from the original exceptions sequence passed to BaseExceptionGroup to match CPython behavior (#143)
Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.3.0

  • Added **kwargs to function and method signatures as appropriate to match the signatures in the standard library
  • In line with the stdlib typings in typeshed, updated (Base)ExceptionGroup generic types to define defaults for their generic arguments (defaulting to BaseExceptionGroup[BaseException] and ExceptionGroup[Exception]) (PR by @​mikenerone)
  • Changed BaseExceptionGroup.__init__() to directly call BaseException.__init__() instead of the superclass __init__() in order to emulate the CPython behavior (broken or not) (PR by @​cfbolz)
  • Changed the exceptions attribute to always return the same tuple of exceptions, created from the original exceptions sequence passed to BaseExceptionGroup to match CPython behavior ([#143](https://github.com/agronholm/exceptiongroup/issues/143) <https://github.com/agronholm/exceptiongroup/issues/143>_)

1.2.2

  • Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry ([#123](https://github.com/agronholm/exceptiongroup/issues/123) <https://github.com/agronholm/exceptiongroup/issues/123>_)

1.2.1

  • Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
  • Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
  • Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

  • Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
  • Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
  • Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

1.1.3

  • catch() now raises a TypeError if passed an async exception handler instead of just giving a RuntimeWarning about the coroutine never being awaited. (#66, PR by John Litborn)

... (truncated)

Commits
  • 77fba8a Added the release version
  • 5e153aa Revert "Migrated test dependencies to dependency groups"
  • 5000bfe Migrated tox configuration to native TOML
  • 427220d Updated pytest options
  • 4ca264f Migrated test dependencies to dependency groups
  • 163c3a8 Marked test_exceptions_mutate_original_sequence as xfail on pypy3.11
  • a176574 Always create the exceptions tuple at init and return it from the exceptions ...
  • 550b796 Added BaseExceptionGroup.init, following CPython (#142)
  • 2a84dfd Added typevar defaults to (Base)ExceptionGroup (#147)
  • fb9133b [pre-commit.ci] pre-commit autoupdate (#145)
  • Additional commits viewable in compare view

Updates httpcore from 0.13.2 to 1.0.9

Release notes

Sourced from httpcore's releases.

Version 1.0.9 (April 24th, 2025)

Version 1.0.8 (April 11th, 2025)

  • Fix AttributeError when importing on Python 3.14. (#1005)

Version 1.0.7 (November 15th, 2024)

  • Support proxy=… configuration on ConnectionPool(). (#974)

Version 1.0.6 (October 1st, 2024)

  • Relax trio dependency pinning. (#956)
  • Handle trio raising NotImplementedError on unsupported platforms. (#955)
  • Handle mapping ssl.SSLError to httpcore.ConnectError. (#918)

Version 1.0.5

1.0.5 (March 27th, 2024)

Version 1.0.4

1.0.4 (February 21st, 2024)

  • Add target request extension. (#888)
  • Fix support for connection Upgrade and CONNECT when some data in the stream has been read. (#882)

Version 1.0.3

1.0.3 (February 13th, 2024)

  • Fix support for async cancellations. (#880)
  • Fix trace extension when used with socks proxy. (#849)
  • Fix SSL context for connections using the "wss" scheme (#869)

Version 1.0.2

1.0.2 (November 10th, 2023)

  • Fix float("inf") timeouts in Event.wait function. (#846)

Version 1.0.1

1.0.1 (November 3rd, 2023)

  • Fix pool timeout to account for the total time spent retrying. (#823)
  • Raise a neater RuntimeError when the correct async deps are not installed. (#826)
  • Add support for synchronous TLS-in-TLS streams. (#840)

Version 1.0.0

... (truncated)

Changelog

Sourced from httpcore's changelog.

Version 1.0.9 (April 24th, 2025)

Version 1.0.8 (April 11th, 2025)

  • Fix AttributeError when importing on Python 3.14. (#1005)

Version 1.0.7 (November 15th, 2024)

  • Support proxy=… configuration on ConnectionPool(). (#974)

Version 1.0.6 (October 1st, 2024)

  • Relax trio dependency pinning. (#956)
  • Handle trio raising NotImplementedError on unsupported platforms. (#955)
  • Handle mapping ssl.SSLError to httpcore.ConnectError. (#918)

1.0.5 (March 27th, 2024)

  • Handle EndOfStream exception for anyio backend. (#899)
  • Allow trio 0.25.* series in package dependancies. (#903)

1.0.4 (February 21st, 2024)

  • Add target request extension. (#888)
  • Fix support for connection Upgrade and CONNECT when some data in the stream has been read. (#882)

1.0.3 (February 13th, 2024)

  • Fix support for async cancellations. (#880)
  • Fix trace extension when used with socks proxy. (#849)
  • Fix SSL context for connections using the "wss" scheme (#869)

1.0.2 (November 10th, 2023)

  • Fix float("inf") timeouts in Event.wait function. (#846)

1.0.1 (November 3rd, 2023)

  • Fix pool timeout to account for the total time spent retrying. (#823)
  • Raise a neater RuntimeError when the correct async deps are not installed. (#826)
  • Add support for synchronous TLS-in-TLS streams. (#840)

1.0.0 (October 6th, 2023)

From version 1.0 our async support is now optional, as the package has minimal dependencies by default.

For async support use either pip install 'httpcore[asyncio]' or pip install 'httpcore[trio]'.

... (truncated)

Commits

Updates httpx from 0.25.1 to 0.28.1

Release notes

Sourced from httpx's releases.

Version 0.28.1

0.28.1 (6th December, 2024)

  • Fix SSL case where verify=False together with client side certificates.

Version 0.28.0

0.28.0 (28th November, 2024)

The 0.28 release includes a limited set of deprecations.

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

  • The verify argument as a string argument is now deprecated and will raise warnings.
  • The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

  • The deprecated proxies argument has now been removed.
  • The deprecated app argument has now been removed.
  • JSON request bodies use a compact representation. (#3363)
  • Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
  • Ensure certifi and httpcore are only imported if required. (#3377)
  • Treat socks5h as a valid proxy scheme. (#3178)
  • Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
  • Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

Version 0.27.2

0.27.2 (27th August, 2024)

Fixed

  • Reintroduced supposedly-private URLTypes shortcut. (#2673)

Version 0.27.1

0.27.1 (27th August, 2024)

Added

  • Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

  • Improved error messaging for InvalidURL exceptions. (#3250)
  • Fix app type signature in ASGITransport. (#3109)

... (truncated)

Changelog

Sourced from httpx's changelog.

0.28.1 (6th December, 2024)

  • Fix SSL case where verify=False together with client side certificates.

0.28.0 (28th November, 2024)

Be aware that the default JSON request bodies now use a more compact representation. This is generally considered a prefered style, tho may require updates to test suites.

The 0.28 release includes a limited set of deprecations...

Deprecations:

We are working towards a simplified SSL configuration API.

For users of the standard verify=True or verify=False cases, or verify=<ssl_context> case this should require no changes. The following cases have been deprecated...

  • The verify argument as a string argument is now deprecated and will raise warnings.
  • The cert argument is now deprecated and will raise warnings.

Our revised SSL documentation covers how to implement the same behaviour with a more constrained API.

The following changes are also included:

  • The deprecated proxies argument has now been removed.
  • The deprecated app argument has now been removed.
  • JSON request bodies use a compact representation. (#3363)
  • Review URL percent escape sets, based on WHATWG spec. (#3371, #3373)
  • Ensure certifi and httpcore are only imported if required. (#3377)
  • Treat socks5h as a valid proxy scheme. (#3178)
  • Cleanup Request() method signature in line with client.request() and httpx.request(). (#3378)
  • Bugfix: When passing params={}, always strictly update rather than merge with an existing querystring. (#3364)

0.27.2 (27th August, 2024)

Fixed

  • Reintroduced supposedly-private URLTypes shortcut. (#2673)

0.27.1 (27th August, 2024)

Added

  • Support for zstd content decoding using the python zstandard package is added. Installable using httpx[zstd]. (#3139)

Fixed

  • Improved error messaging for InvalidURL exceptions. (#3250)
  • Fix app type signature in ASGITransport. (#3109)

0.27.0 (21st February, 2024)

... (truncated)

Commits

Updates lxml from 5.3.2 to 5.4.0

Release notes

Sourced from lxml's releases.

lxml-5.4.0

5.4.0 (2025-04-22)

Bugs fixed

  • LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve several CVEs. (Binary wheels for Windows continue to use a patched libxml2 2.11.9 and libxslt 1.1.39.) Issue found by Anatoly Katyushin, see https://bugs.launchpad.net/lxml/+bug/2107279
Changelog

Sourced from lxml's changelog.

5.4.0 (2025-04-22)

Bugs fixed

  • LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve several CVEs. (Binary wheels for Windows continue to use a patched libxml2 2.11.9 and libxslt 1.1.39.) Issue found by Anatoly Katyushin.
Commits
  • 6e76d57 Build: Exclude slow Py3.9 wheel builds for s390/ppc and Py3.7 for ARM64.
  • ee10c02 Prepare release of lxml 5.4.0.
  • 0e4f3c3 Prepare release of lxml 5.3.3.
  • b4703fc Update changelog.
  • db723bb Build: Use libxslt 1.1.43 instead of 1.1.42 to resolve some CVEs.
  • a664877 Build: Use libxml2 2.13.8 instead of 2.12.x to resolve some CVEs.
  • df4633e Remove appveyor usage.
  • See full diff in compare view

Updates mypy-extensions from 1.0.0 to 1.1.0

Commits

Updates platformdirs from 4.3.7 to 4.3.8

Release notes

Sourced from platformdirs's releases.

4.3.8

What's Changed

New Contributors

Full Changelog: https://github.com/tox-dev/platformdirs/compare/4.3.7...4.3.8

Commits

Updates ruff from 0.11.5 to 0.11.9

Release notes

Sourced from ruff's releases.

0.11.9

Release Notes

Preview features

  • Default to latest supported Python version for version-related syntax errors (#17529)
  • Implement deferred annotations for Python 3.14 (#17658)
  • [airflow] Fix SQLTableCheckOperator typo (AIR302) (#17946)
  • [airflow] Remove airflow.utils.dag_parsing_context.get_parsing_context (AIR301) (#17852)
  • [airflow] Skip attribute check in try catch block (AIR301) (#17790)
  • [flake8-bandit] Mark tuples of string literals as trusted input in S603 (#17801)
  • [isort] Check full module path against project root(s) when categorizing first-party imports (#16565)
  • [ruff] Add new rule in-empty-collection (RUF060) (#16480)

Bug fixes

  • Fix missing combine call for lint.typing-extensions setting (#17823)
  • [flake8-async] Fix module name in ASYNC110, ASYNC115, and ASYNC116 fixes (#17774)
  • [pyupgrade] Add spaces between tokens as necessary to avoid syntax errors in UP018 autofix (#17648)
  • [refurb] Fix false positive for float and complex numbers in FURB116 (#17661)
  • [parser] Flag single unparenthesized generator expr with trailing comma in arguments. (#17893)

Documentation

  • Add instructions on how to upgrade to a newer Rust version (#17928)
  • Update code of conduct email address (#17875)
  • Add fix safety sections to PLC2801, PLR1722, and RUF013 (#17825, #17826, #17759)
  • Add link to check-typed-exception from S110 and S112 (#17786)

Other changes

  • Allow passing a virtual environment to ruff analyze graph (#17743)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.11.9

Preview features

  • Default to latest supported Python version for version-related syntax errors (#17529)
  • Implement deferred annotations for Python 3.14 (#17658)
  • [airflow] Fix SQLTableCheckOperator typo (AIR302) (#17946)
  • [airflow] Remove airflow.utils.dag_parsing_context.get_parsing_context (AIR301) (#17852)
  • [airflow] Skip attribute check in try catch block (AIR301) (#17790)
  • [flake8-bandit] Mark tuples of string literals as trusted input in S603 (#17801)
  • [isort] Check full module path against project root(s) when categorizing first-party imports (#16565)
  • [ruff] Add new rule in-empty-collection (RUF060) (#16480)

Bug fixes

  • Fix missing combine call for lint.typing-extensions setting (#17823)
  • [flake8-async] Fix module name in ASYNC110, ASYNC115, and ASYNC116 fixes (#17774)
  • [pyupgrade] Add spaces between tokens as necessary to avoid syntax errors in UP018 autofix (#17648)
  • [refurb] Fix false positive for float and complex numbers in FURB116 (#17661)
  • [parser] Flag single unparenthesized generator expr with trailing comma in arguments. (#17893)

Documentation

  • Add instructions on how to upgrade to a newer Rust version (#17928)
  • Update code of conduct email address (#17875)
  • Add fix safety sections to PLC2801, PLR1722, and RUF013 (#17825, #17826, #17759)
  • Add link to check-typed-exception from S110 and S112 (#17786)

Other changes

  • Allow passing a virtual environment to ruff analyze graph (#17743)

0.11.8

Preview features

  • [airflow] Apply auto fixes to cases where the names have changed in Airflow 3 (AIR302, AIR311) (#17553, #17570, #17571)
  • [airflow] Extend AIR301 rule (#17598)
  • [airflow] Update existing AIR302 rules with better suggestions (#17542)
  • [refurb] Mark fix as safe for readlines-in-for (FURB129) (#17644)
  • [syntax-errors] nonlocal declaration at module level (#17559)
  • [syntax-errors] Detect single starred expression assignment x = *y (#17624)

Bug fixes

  • [flake8-pyi] Ensure Literal[None,] | Literal[None,] is not autofixed to None | None (PYI061) (#17659)
  • [flake8-use-pathlib] Avoid suggesting Path.iterdir() for os.listdir with file descriptor (PTH208) (#17715)
  • [flake8-use-pathlib] Fix PTH104 false positive when rename is passed a file descriptor (#17712)
  • [flake8-use-pathlib] Fix PTH116 false positive when stat is passed a file descriptor (#17709)
  • [flake8-use-pathlib] Fix PTH123 false positive when open is passed a file descriptor from a function call (#17705)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot[bot] avatar May 12 '25 04:05 dependabot[bot]