chore(pip-dev)(deps-dev): bump setuptools from 72.2.0 to 73.0.0 #338

2024-08-20T17:29:54+02:00

dependabot[bot] commented

2024-08-20 17:29:54 +02:00

(Migrated from github.com)

Bumps setuptools from 72.2.0 to 73.0.0.

Changelog

v73.0.0

Features

Mark abstract base classes and methods with abc.ABC and abc.abstractmethod -- by :user:Avasam (#4503)

Changed the order of type checks in setuptools.command.easy_install.CommandSpec.from_param to support any collections.abc.Iterable of str param -- by :user:Avasam (#4505)

Bugfixes

Prevent an error in bdist_wheel if compression is set to a str (even if valid) after finalizing options but before running the command. -- by :user:Avasam (#4383)

Raises an exception when py_limited_api is used in a build with Py_GIL_DISABLEDpython/cpython#111506#4420)

pypa/distutils#284

Deprecations and Removals

setuptools is replacing the usages of :pypi:ordered_set with simple instances of dict[Hashable, None]. This is done to remove the extra dependency and it is possible because since Python 3.7, dict maintain insertion order. (#4574)

Misc

#4534, #4546, #4554, #4559, #4565

Commits

4147b09 Bump version: 72.2.0 → 73.0.0
2ad8c10 Merge pull request #4576 from pypa/bugfix/distutils-284
8afe0c3 Merge pull request #4574 from abravalheri/ordered_set
ad611bc Merge https://github.com/pypa/distutils into bugfix/distutils-284
30b7331 Ensure a missing target is still indicated as 'sources are newer' even when t...
9a9946f Add test capturing missed expectation.
dbfcf80 Add newsfragment
d081fbd Remove bundled ordered_set
49d7438 Replace OrderedSet with dict
8bd9308 Allow dash-separated module name in pyproject.toml (#4566)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [setuptools](https://github.com/pypa/setuptools) from 72.2.0 to 73.0.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's changelog</a>.</em></p> <blockquote> <h1>v73.0.0</h1> <h2>Features</h2> <ul> <li>Mark abstract base classes and methods with <code>abc.ABC</code> and <code>abc.abstractmethod</code> -- by :user:<code>Avasam</code> (<a href="https://redirect.github.com/pypa/setuptools/issues/4503">#4503</a>)</li> <li>Changed the order of type checks in <code>setuptools.command.easy_install.CommandSpec.from_param</code> to support any <code>collections.abc.Iterable</code> of <code>str</code> param -- by :user:<code>Avasam</code> (<a href="https://redirect.github.com/pypa/setuptools/issues/4505">#4505</a>)</li> </ul> <h2>Bugfixes</h2> <ul> <li>Prevent an error in <code>bdist_wheel</code> if <code>compression</code> is set to a <code>str</code> (even if valid) after finalizing options but before running the command. -- by :user:<code>Avasam</code> (<a href="https://redirect.github.com/pypa/setuptools/issues/4383">#4383</a>)</li> <li>Raises an exception when <code>py_limited_api</code> is used in a build with <code>Py_GIL_DISABLED</code><code>python/cpython#111506</code><a href="https://redirect.github.com/pypa/setuptools/issues/4420">#4420</a>)</li> <li><code>pypa/distutils#284</code></li> </ul> <h2>Deprecations and Removals</h2> <ul> <li><code>setuptools</code> is replacing the usages of :pypi:<code>ordered_set</code> with simple instances of <code>dict[Hashable, None]</code>. This is done to remove the extra dependency and it is possible because since Python 3.7, <code>dict</code> maintain insertion order. (<a href="https://redirect.github.com/pypa/setuptools/issues/4574">#4574</a>)</li> </ul> <h2>Misc</h2> <ul> <li><a href="https://redirect.github.com/pypa/setuptools/issues/4534">#4534</a>, <a href="https://redirect.github.com/pypa/setuptools/issues/4546">#4546</a>, <a href="https://redirect.github.com/pypa/setuptools/issues/4554">#4554</a>, <a href="https://redirect.github.com/pypa/setuptools/issues/4559">#4559</a>, <a href="https://redirect.github.com/pypa/setuptools/issues/4565">#4565</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/setuptools/commit/4147b093d0aea4f57757c699a0b25bbc3aab2580"><code>4147b09</code></a> Bump version: 72.2.0 → 73.0.0</li> <li><a href="https://github.com/pypa/setuptools/commit/2ad8c10d8214340be812769359090c7950a39c35"><code>2ad8c10</code></a> Merge pull request <a href="https://redirect.github.com/pypa/setuptools/issues/4576">#4576</a> from pypa/bugfix/distutils-284</li> <li><a href="https://github.com/pypa/setuptools/commit/8afe0c3e9c4c56f5d7343dc21f743e9cf83c594a"><code>8afe0c3</code></a> Merge pull request <a href="https://redirect.github.com/pypa/setuptools/issues/4574">#4574</a> from abravalheri/ordered_set</li> <li><a href="https://github.com/pypa/setuptools/commit/ad611bcaedfefef3480ac111c4f22e2ca8cc7a1c"><code>ad611bc</code></a> Merge <a href="https://github.com/pypa/distutils">https://github.com/pypa/distutils</a> into bugfix/distutils-284</li> <li><a href="https://github.com/pypa/setuptools/commit/30b7331b07fbc404959cb37ac311afdfb90813be"><code>30b7331</code></a> Ensure a missing target is still indicated as 'sources are newer' even when t...</li> <li><a href="https://github.com/pypa/setuptools/commit/9a9946f98a5c1597a230db5975bdd61dc1ca1a3f"><code>9a9946f</code></a> Add test capturing missed expectation.</li> <li><a href="https://github.com/pypa/setuptools/commit/dbfcf800b2d130066319ee6dc54f485ff3a09dc6"><code>dbfcf80</code></a> Add newsfragment</li> <li><a href="https://github.com/pypa/setuptools/commit/d081fbdfc92da4b8bcf01455445cf739ca51d5f1"><code>d081fbd</code></a> Remove bundled ordered_set</li> <li><a href="https://github.com/pypa/setuptools/commit/49d7438a23b7ec7cfca20c4d0ae5083030f631bd"><code>49d7438</code></a> Replace OrderedSet with dict</li> <li><a href="https://github.com/pypa/setuptools/commit/8bd93089e76c88775ffccd1b03183d4ff659ec67"><code>8bd9308</code></a> Allow dash-separated module name in <code>pyproject.toml</code> (<a href="https://redirect.github.com/pypa/setuptools/issues/4566">#4566</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pypa/setuptools/compare/v72.2.0...v73.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=setuptools&package-manager=pip&previous-version=72.2.0&new-version=73.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

luketainton (Migrated from github.com) reviewed 2024-08-20 17:29:54 +02:00

sonarqubecloud[bot] commented

2024-08-20 17:31:23 +02:00

(Migrated from github.com)

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

## [![Quality Gate Passed](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/checks/QualityGateBadge/qg-passed-20px.png 'Quality Gate Passed')](https://sonarcloud.io/dashboard?id=luketainton_webexmemebot&pullRequest=338) **Quality Gate passed** Issues ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0 New issues](https://sonarcloud.io/project/issues?id=luketainton_webexmemebot&pullRequest=338&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true) ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/accepted-16px.png '') [0 Accepted issues](https://sonarcloud.io/project/issues?id=luketainton_webexmemebot&pullRequest=338&issueStatuses=ACCEPTED) Measures ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=luketainton_webexmemebot&pullRequest=338&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true) ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0.0% Coverage on New Code](https://sonarcloud.io/component_measures?id=luketainton_webexmemebot&pullRequest=338&metric=new_coverage&view=list) ![](https://sonarsource.github.io/sonarcloud-github-static-resources/v2/common/passed-16px.png '') [0.0% Duplication on New Code](https://sonarcloud.io/component_measures?id=luketainton_webexmemebot&pullRequest=338&metric=new_duplicated_lines_density&view=list) [See analysis details on SonarCloud](https://sonarcloud.io/dashboard?id=luketainton_webexmemebot&pullRequest=338)

Sign in to join this conversation.

No reviewers

luketainton