a65fee3d0530a65ecf690ae7afc1dfa2db7eda89
460 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
| a65fee3d05 | chore(deps): update astral-sh/setup-uv action to v8.1.0 | |||
| b7eb8aacfc |
chore(deps): update astral-sh/setup-uv action to v8 (#433)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | action | major | `v7` → `v8.0.0` | --- ### Release Notes <details> <summary>astral-sh/setup-uv (astral-sh/setup-uv)</summary> ### [`v8.0.0`](https://github.com/astral-sh/setup-uv/releases/tag/v8.0.0): 🌈 Immutable releases and secure tags [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.6.0...v8.0.0) ### This is the first immutable release of `setup-uv` 🥳 All future releases are also immutable, if you want to know more about what this means checkout [the docs](https://docs.github.com/en/code-security/concepts/supply-chain-security/immutable-releases). This release also has two breaking changes #### New format for `manifest-file` The previously deprecated way of defining a custom version manifest to control which `uv` versions are available and where to download them from got removed. The functionality is still there but you have to use the [new format](https://github.com/astral-sh/setup-uv/blob/main/docs/customization.md#format). #### No more major and minor tags To increase **security** even more we will **stop publishing minor tags**. You won't be able to use `@v8` or `@v8.0` any longer. We do this because pinning to major releases opens up users to supply chain attacks like what happened to [tj-actions](https://unit42.paloaltonetworks.com/github-actions-supply-chain-attack/). > \[!TIP] > Use the immutable tag as a version `astral-sh/setup-uv@v8.0.0` > Or even better the githash `astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57` #### 🚨 Breaking changes - Remove update-major-minor-tags workflow [@​eifinger](https://github.com/eifinger) ([#​826](https://github.com/astral-sh/setup-uv/issues/826)) - Remove deprecrated custom manifest [@​eifinger](https://github.com/eifinger) ([#​813](https://github.com/astral-sh/setup-uv/issues/813)) #### 🧰 Maintenance - Shortcircuit latest version from manifest [@​eifinger](https://github.com/eifinger) ([#​828](https://github.com/astral-sh/setup-uv/issues/828)) - Simplify inputs.ts [@​eifinger](https://github.com/eifinger) ([#​827](https://github.com/astral-sh/setup-uv/issues/827)) - Bump release-drafter to v7.1.1 [@​eifinger](https://github.com/eifinger) ([#​825](https://github.com/astral-sh/setup-uv/issues/825)) - Refactor inputs [@​eifinger](https://github.com/eifinger) ([#​823](https://github.com/astral-sh/setup-uv/issues/823)) - Replace inline compile args with tsconfig [@​eifinger](https://github.com/eifinger) ([#​824](https://github.com/astral-sh/setup-uv/issues/824)) - chore: update known checksums for 0.11.2 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​821](https://github.com/astral-sh/setup-uv/issues/821)) - chore: update known checksums for 0.11.1 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​817](https://github.com/astral-sh/setup-uv/issues/817)) - chore: update known checksums for 0.11.0 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​815](https://github.com/astral-sh/setup-uv/issues/815)) - Fix latest-version workflow check [@​eifinger](https://github.com/eifinger) ([#​812](https://github.com/astral-sh/setup-uv/issues/812)) - chore: update known checksums for 0.10.11/0.10.12 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​811](https://github.com/astral-sh/setup-uv/issues/811)) ### [`v7.6.0`](https://github.com/astral-sh/setup-uv/releases/tag/v7.6.0): 🌈 Fetch uv from Astral's mirror by default [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.5.0...v7.6.0) #### Changes We now default to download uv from `releases.astral.sh`. This means by default we don't hit the GitHub API at all and shouldn't see any rate limits and timeouts any more. #### 🚀 Enhancements - Fetch uv from Astral's mirror by default [@​zsol](https://github.com/zsol) ([#​809](https://github.com/astral-sh/setup-uv/issues/809)) #### 🧰 Maintenance - Switch to ESM for source and test, use CommonJS for dist [@​eifinger](https://github.com/eifinger) ([#​806](https://github.com/astral-sh/setup-uv/issues/806)) - chore: update known checksums for 0.10.10 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​804](https://github.com/astral-sh/setup-uv/issues/804)) #### ⬆️ Dependency updates - chore(deps): bump zizmorcore/zizmor-action from 0.5.0 to 0.5.2 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​808](https://github.com/astral-sh/setup-uv/issues/808)) - Bump deps [@​eifinger](https://github.com/eifinger) ([#​805](https://github.com/astral-sh/setup-uv/issues/805)) ### [`v7.5.0`](https://github.com/astral-sh/setup-uv/releases/tag/v7.5.0): 🌈 Use `astral-sh/versions` as version provider [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.4.0...v7.5.0) ### No more rate-limits This release addresses a long-standing source of timeouts and rate-limit failures in setup-uv. Previously, the action resolved version identifiers like 0.5.x by iterating over available uv releases via the GitHub API to find the best match. In contrast, latest and exact versions such as 0.5.0 skipped version resolution entirely and downloaded uv directly. The `manifest-file` input was an earlier attempt to improve this. It allows providing an url to a file that lists available versions, checksums, and even custom download URLs. The action also shipped with such a manifest. However, because that bundled file could become outdated whenever new uv releases were published, the action still had to fall back to the GitHub API in many cases. This release solves the problem by sourcing version data from Astral’s versions repository via the raw content endpoint: <https://raw.githubusercontent.com/astral-sh/versions/refs/heads/main/v1/uv.ndjson> By using the raw endpoint instead of the GitHub API, version resolution no longer depends on API authentication and is much less likely to run into rate limits or timeouts. *** > \[!TIP] > The next section is only interesting for users of the `manifest-file` input The `manifest-file` input lets you override that source with your own URL, for example to test custom uv builds or alternate download locations. The manifest file must be in NDJSON format, where each line is a JSON object representing a version and its artifacts. For example: ```json {"version":"0.10.7","artifacts":[{"platform":"x86_64-unknown-linux-gnu","variant":"default","url":"https://example.com/uv-x86_64-unknown-linux-gnu.tar.gz","archive_format":"tar.gz","sha256":"..."}]} {"version":"0.10.6","artifacts":[{"platform":"x86_64-unknown-linux-gnu","variant":"default","url":"https://example.com/uv-x86_64-unknown-linux-gnu.tar.gz","archive_format":"tar.gz","sha256":"..."}]} ``` > \[!WARNING]\ > The old format still works but is deprecated. A warning will be logged when you use it. #### Changes - docs: replace copilot instructions with AGENTS.md [@​eifinger](https://github.com/eifinger) ([#​794](https://github.com/astral-sh/setup-uv/issues/794)) #### 🚀 Enhancements - Use astral-sh/versions as primary version provider [@​eifinger](https://github.com/eifinger) ([#​802](https://github.com/astral-sh/setup-uv/issues/802)) #### 📚 Documentation - docs: add cross-client dependabot rollup skill [@​eifinger](https://github.com/eifinger) ([#​793](https://github.com/astral-sh/setup-uv/issues/793)) ### [`v7.4.0`](https://github.com/astral-sh/setup-uv/releases/tag/v7.4.0): 🌈 Add riscv64 architecture support to platform detection [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.3.1...v7.4.0) #### Changes Thank you [@​luhenry](https://github.com/luhenry) for adding support for riscv64 arch #### 🚀 Enhancements - Add riscv64 architecture support to platform detection [@​luhenry](https://github.com/luhenry) ([#​791](https://github.com/astral-sh/setup-uv/issues/791)) #### 🧰 Maintenance - Delete .github/workflows/dependabot-build.yml [@​eifinger](https://github.com/eifinger) ([#​789](https://github.com/astral-sh/setup-uv/issues/789)) - Harden Dependabot build workflow [@​eifinger](https://github.com/eifinger) ([#​788](https://github.com/astral-sh/setup-uv/issues/788)) - Fix: check PR author instead of event sender for Dependabot detection [@​eifinger-bot](https://github.com/eifinger-bot) ([#​787](https://github.com/astral-sh/setup-uv/issues/787)) - chore: update known checksums for 0.10.9 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​783](https://github.com/astral-sh/setup-uv/issues/783)) - Add workflow to auto-build dist on Dependabot PRs [@​eifinger-bot](https://github.com/eifinger-bot) ([#​782](https://github.com/astral-sh/setup-uv/issues/782)) - chore: update known checksums for 0.10.8 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​779](https://github.com/astral-sh/setup-uv/issues/779)) - chore: update known checksums for 0.10.7 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​775](https://github.com/astral-sh/setup-uv/issues/775)) #### ⬆️ Dependency updates - chore(deps): bump versions [@​eifinger](https://github.com/eifinger) ([#​792](https://github.com/astral-sh/setup-uv/issues/792)) - Bump actions/setup-node from 6.2.0 to 6.3.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​790](https://github.com/astral-sh/setup-uv/issues/790)) - Bump eifinger/actionlint-action from 1.10.0 to 1.10.1 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​778](https://github.com/astral-sh/setup-uv/issues/778)) ### [`v7.3.1`](https://github.com/astral-sh/setup-uv/releases/tag/v7.3.1): 🌈 fall back to VERSION_CODENAME when VERSION_ID is not available [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.3.0...v7.3.1) #### Changes This release adds support for running in containers like `debian:testing` or `debian:unstable` #### 🐛 Bug fixes - fix: fall back to VERSION\_CODENAME when VERSION\_ID is not available [@​eifinger-bot](https://github.com/eifinger-bot) ([#​774](https://github.com/astral-sh/setup-uv/issues/774)) #### 🧰 Maintenance - chore: update known checksums for 0.10.6 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​771](https://github.com/astral-sh/setup-uv/issues/771)) - chore: update known checksums for 0.10.5 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​770](https://github.com/astral-sh/setup-uv/issues/770)) - chore: update known checksums for 0.10.4 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​768](https://github.com/astral-sh/setup-uv/issues/768)) - chore: update known checksums for 0.10.3 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​767](https://github.com/astral-sh/setup-uv/issues/767)) - chore: update known checksums for 0.10.2 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​765](https://github.com/astral-sh/setup-uv/issues/765)) - chore: update known checksums for 0.10.1 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​764](https://github.com/astral-sh/setup-uv/issues/764)) #### ⬆️ Dependency updates - Bump github/codeql-action from 4.31.9 to 4.32.2 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​766](https://github.com/astral-sh/setup-uv/issues/766)) - Bump zizmorcore/zizmor-action from 0.4.1 to 0.5.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​763](https://github.com/astral-sh/setup-uv/issues/763)) ### [`v7.3.0`](https://github.com/astral-sh/setup-uv/releases/tag/v7.3.0): 🌈 New features and bug fixes for activate-environment [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.2.1...v7.3.0) #### Changes This release contains a few bug fixes and a new feature for the activate-environment functionality. #### 🐛 Bug fixes - fix: warn instead of error when no python to cache [@​eifinger](https://github.com/eifinger) ([#​762](https://github.com/astral-sh/setup-uv/issues/762)) - fix: use --clear to create venv [@​eifinger](https://github.com/eifinger) ([#​761](https://github.com/astral-sh/setup-uv/issues/761)) #### 🚀 Enhancements - feat: add venv-path input for activate-environment [@​eifinger](https://github.com/eifinger) ([#​746](https://github.com/astral-sh/setup-uv/issues/746)) #### 🧰 Maintenance - chore: update known checksums for 0.10.0 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​759](https://github.com/astral-sh/setup-uv/issues/759)) - refactor: tilde-expansion tests as unittests and no self-hosted tests [@​eifinger](https://github.com/eifinger) ([#​760](https://github.com/astral-sh/setup-uv/issues/760)) - chore: update known checksums for 0.9.30 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​756](https://github.com/astral-sh/setup-uv/issues/756)) - chore: update known checksums for 0.9.29 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​748](https://github.com/astral-sh/setup-uv/issues/748)) #### 📚 Documentation - Fix punctuation [@​pm-dev563](https://github.com/pm-dev563) ([#​747](https://github.com/astral-sh/setup-uv/issues/747)) #### ⬆️ Dependency updates - Bump typesafegithub/github-actions-typing from 2.2.1 to 2.2.2 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​753](https://github.com/astral-sh/setup-uv/issues/753)) - Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​751](https://github.com/astral-sh/setup-uv/issues/751)) - Bump actions/checkout from 6.0.1 to 6.0.2 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​740](https://github.com/astral-sh/setup-uv/issues/740)) - Bump release-drafter/release-drafter from 6.1.0 to 6.2.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​743](https://github.com/astral-sh/setup-uv/issues/743)) - Bump eifinger/actionlint-action from 1.9.3 to 1.10.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​731](https://github.com/astral-sh/setup-uv/issues/731)) - Bump actions/setup-node from 6.1.0 to 6.2.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​738](https://github.com/astral-sh/setup-uv/issues/738)) ### [`v7.2.1`](https://github.com/astral-sh/setup-uv/releases/tag/v7.2.1): 🌈 update known checksums up to 0.9.28 [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.2.0...v7.2.1) #### Changes #### 🧰 Maintenance - chore: update known checksums for 0.9.28 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​744](https://github.com/astral-sh/setup-uv/issues/744)) - chore: update known checksums for 0.9.27 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​742](https://github.com/astral-sh/setup-uv/issues/742)) - chore: update known checksums for 0.9.26 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​734](https://github.com/astral-sh/setup-uv/issues/734)) - chore: update known checksums for 0.9.25 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​733](https://github.com/astral-sh/setup-uv/issues/733)) - chore: update known checksums for 0.9.24 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​730](https://github.com/astral-sh/setup-uv/issues/730)) #### 📚 Documentation - Clarify impact of using actions/setup-python [@​eifinger](https://github.com/eifinger) ([#​732](https://github.com/astral-sh/setup-uv/issues/732)) #### ⬆️ Dependency updates - Bump zizmorcore/zizmor-action from 0.3.0 to 0.4.1 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​741](https://github.com/astral-sh/setup-uv/issues/741)) ### [`v7.2.0`](https://github.com/astral-sh/setup-uv/releases/tag/v7.2.0): 🌈 add outputs python-version and python-cache-hit [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.6...v7.2.0) #### Changes Among some minor typo fixes and quality of life features for developers of actions the main feature of this release are new outputs: - **python-version:** The Python version that was set (same content as existing `UV_PYTHON`) - **python-cache-hit:** A boolean value to indicate the Python cache entry was found While implementing this it became clear, that it is easier to handle the Python binaries in a separate cache entry. The added benefit for users is that the "normal" cache containing the dependencies can be used in all runs no matter if these cache the Python binaries or not. > \[!NOTE]\ > This release will invalidate caches that contain the Python binaries. This happens a single time. #### 🐛 Bug fixes - chore: remove stray space from UV\_PYTHON\_INSTALL\_DIR message [@​akx](https://github.com/akx) ([#​720](https://github.com/astral-sh/setup-uv/issues/720)) #### 🚀 Enhancements - add outputs python-version and python-cache-hit [@​eifinger](https://github.com/eifinger) ([#​728](https://github.com/astral-sh/setup-uv/issues/728)) - Add action typings with validation [@​krzema12](https://github.com/krzema12) ([#​721](https://github.com/astral-sh/setup-uv/issues/721)) #### 🧰 Maintenance - fix: use uv\_build backend for old-python-constraint-project [@​eifinger](https://github.com/eifinger) ([#​729](https://github.com/astral-sh/setup-uv/issues/729)) - chore: update known checksums for 0.9.22 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​727](https://github.com/astral-sh/setup-uv/issues/727)) - chore: update known checksums for 0.9.21 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​726](https://github.com/astral-sh/setup-uv/issues/726)) - chore: update known checksums for 0.9.20 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​725](https://github.com/astral-sh/setup-uv/issues/725)) - chore: update known checksums for 0.9.18 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​718](https://github.com/astral-sh/setup-uv/issues/718)) #### ⬆️ Dependency updates - Bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​719](https://github.com/astral-sh/setup-uv/issues/719)) - Bump github/codeql-action from 4.31.6 to 4.31.9 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​723](https://github.com/astral-sh/setup-uv/issues/723)) ### [`v7.1.6`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.6): 🌈 add OS version to cache key to prevent binary incompatibility [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.5...v7.1.6) #### Changes This release will invalidate your cache existing keys! The os version e.g. `ubuntu-22.04` is now part of the cache key. This prevents failing builds when a cache got populated with wheels built with different tools (e.g. glibc) than are present on the runner where the cache got restored. #### 🐛 Bug fixes - feat: add OS version to cache key to prevent binary incompatibility [@​eifinger](https://github.com/eifinger) ([#​716](https://github.com/astral-sh/setup-uv/issues/716)) #### 🧰 Maintenance - chore: update known checksums for 0.9.17 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​714](https://github.com/astral-sh/setup-uv/issues/714)) #### ⬆️ Dependency updates - Bump actions/checkout from 5.0.0 to 6.0.1 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​712](https://github.com/astral-sh/setup-uv/issues/712)) - Bump actions/setup-node from 6.0.0 to 6.1.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​715](https://github.com/astral-sh/setup-uv/issues/715)) ### [`v7.1.5`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.5): 🌈 allow setting `cache-local-path` without `enable-cache: true` [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.4...v7.1.5) #### Changes [#​612](https://github.com/astral-sh/setup-uv/pull/612) fixed a faulty behavior where this action set `UV_CACHE_DIR` even though `enable-cache` was `false`. It also fixed the cases were the cache dir is already configured in a settings file like `pyproject.toml` or `UV_CACHE_DIR` was already set. Here the action shouldn't overwrite or set `UV_CACHE_DIR`. These fixes introduced an unwanted behavior: You can still set `cache-local-path` but this action didn't do anything. This release fixes that. You can now use `cache-local-path` to automatically set `UV_CACHE_DIR` even when `enable-cache` is `false` (or gets set to false by default e.g. on self-hosted runners) ```yaml - name: This is now possible uses: astral-sh/setup-uv@v7 with: enable-cache: false cache-local-path: "/path/to/cache" ``` #### 🐛 Bug fixes - allow cache-local-path w/o enable-cache [@​eifinger](https://github.com/eifinger) ([#​707](https://github.com/astral-sh/setup-uv/issues/707)) #### 🧰 Maintenance - set biome files.maxSize to 2MiB [@​eifinger](https://github.com/eifinger) ([#​708](https://github.com/astral-sh/setup-uv/issues/708)) - chore: update known checksums for 0.9.16 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​706](https://github.com/astral-sh/setup-uv/issues/706)) - chore: update known checksums for 0.9.15 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​704](https://github.com/astral-sh/setup-uv/issues/704)) - chore: use `npm ci --ignore-scripts` everywhere [@​woodruffw](https://github.com/woodruffw) ([#​699](https://github.com/astral-sh/setup-uv/issues/699)) - chore: update known checksums for 0.9.14 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​700](https://github.com/astral-sh/setup-uv/issues/700)) - chore: update known checksums for 0.9.13 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​694](https://github.com/astral-sh/setup-uv/issues/694)) - chore: update known checksums for 0.9.12 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​693](https://github.com/astral-sh/setup-uv/issues/693)) - chore: update known checksums for 0.9.11 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​688](https://github.com/astral-sh/setup-uv/issues/688)) #### ⬆️ Dependency updates - Bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​695](https://github.com/astral-sh/setup-uv/issues/695)) - bump dependencies [@​eifinger](https://github.com/eifinger) ([#​709](https://github.com/astral-sh/setup-uv/issues/709)) - Bump github/codeql-action from 4.30.9 to 4.31.6 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​698](https://github.com/astral-sh/setup-uv/issues/698)) - Bump zizmorcore/zizmor-action from 0.2.0 to 0.3.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​696](https://github.com/astral-sh/setup-uv/issues/696)) - Bump eifinger/actionlint-action from 1.9.2 to 1.9.3 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​690](https://github.com/astral-sh/setup-uv/issues/690)) ### [`v7.1.4`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.4): 🌈 Fix libuv closing bug on Windows [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.3...v7.1.4) #### Changes This release fixes the bug `Assertion failed: !(handle->flags & UV_HANDLE_CLOSING)` on Windows runners #### 🐛 Bug fixes - Wait 50ms before exit to fix libuv bug [@​eifinger](https://github.com/eifinger) ([#​689](https://github.com/astral-sh/setup-uv/issues/689)) #### 🧰 Maintenance - chore: update known checksums for 0.9.10 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​681](https://github.com/astral-sh/setup-uv/issues/681)) - chore: update known checksums for 0.9.9 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​679](https://github.com/astral-sh/setup-uv/issues/679)) ### [`v7.1.3`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.3): 🌈 Support act [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.2...v7.1.3) #### Changes This bug fix release adds support for <https://github.com/nektos/act> It was previously broken because of a too new `undici` version and TS transpilation target. Compatibility with act is now automatically tested. #### 🐛 Bug fixes - use old undici and ES2022 target for act support [@​eifinger](https://github.com/eifinger) ([#​678](https://github.com/astral-sh/setup-uv/issues/678)) #### 🧰 Maintenance - chore: update known checksums for 0.9.8 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​677](https://github.com/astral-sh/setup-uv/issues/677)) - chore: update known checksums for 0.9.7 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​671](https://github.com/astral-sh/setup-uv/issues/671)) - chore: update known checksums for 0.9.6 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​670](https://github.com/astral-sh/setup-uv/issues/670)) #### 📚 Documentation - Correct description of `cache-dependency-glob` [@​allanlewis](https://github.com/allanlewis) ([#​676](https://github.com/astral-sh/setup-uv/issues/676)) ### [`v7.1.2`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.2): 🌈 Speed up extraction on Windows [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.1...v7.1.2) #### Changes [@​lazka](https://github.com/lazka) fixed a bug that caused extracting uv to take up to 30s. Thank you! #### 🐛 Bug fixes - Use tar for extracting the uv zip file on Windows too [@​lazka](https://github.com/lazka) ([#​660](https://github.com/astral-sh/setup-uv/issues/660)) #### 🧰 Maintenance - chore: update known checksums for 0.9.5 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​663](https://github.com/astral-sh/setup-uv/issues/663)) #### ⬆️ Dependency updates - Bump dependencies [@​eifinger](https://github.com/eifinger) ([#​664](https://github.com/astral-sh/setup-uv/issues/664)) - Bump github/codeql-action from 4.30.8 to 4.30.9 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​652](https://github.com/astral-sh/setup-uv/issues/652)) ### [`v7.1.1`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.1): 🌈 Fix empty workdir detection and lowest resolution strategy [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7.1.0...v7.1.1) #### Changes This release fixes a bug where the `working-directory` input was not used to detect an empty work dir. It also fixes the `lowest` resolution strategy resolving to latest when only a lower bound was specified. Special thanks to [@​tpgillam](https://github.com/tpgillam) for the first contribution! #### 🐛 Bug fixes - Fix "lowest" resolution strategy with lower-bound only [@​tpgillam](https://github.com/tpgillam) ([#​649](https://github.com/astral-sh/setup-uv/issues/649)) - Use working-directory to detect empty workdir [@​eifinger](https://github.com/eifinger) ([#​645](https://github.com/astral-sh/setup-uv/issues/645)) #### 🧰 Maintenance - chore: update known checksums for 0.9.4 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​651](https://github.com/astral-sh/setup-uv/issues/651)) - chore: update known checksums for 0.9.3 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​644](https://github.com/astral-sh/setup-uv/issues/644)) #### 📚 Documentation - Change version in docs to v7 [@​eifinger](https://github.com/eifinger) ([#​647](https://github.com/astral-sh/setup-uv/issues/647)) #### ⬆️ Dependency updates - Bump github/codeql-action from 4.30.7 to 4.30.8 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​639](https://github.com/astral-sh/setup-uv/issues/639)) - Bump actions/setup-node from 5.0.0 to 6.0.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​641](https://github.com/astral-sh/setup-uv/issues/641)) - Bump eifinger/actionlint-action from 1.9.1 to 1.9.2 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​634](https://github.com/astral-sh/setup-uv/issues/634)) - Update lockfile with latest npm [@​eifinger](https://github.com/eifinger) ([#​636](https://github.com/astral-sh/setup-uv/issues/636)) ### [`v7.1.0`](https://github.com/astral-sh/setup-uv/releases/tag/v7.1.0): 🌈 Support all the use cases [Compare Source](https://github.com/astral-sh/setup-uv/compare/v7...v7.1.0) #### Changes **Support all the use cases!!!** ... well, that we know of. This release adds support for some use cases that most users don't encounter but are useful for e.g. people running Gitea. The input `resolution-strategy` lets you use the lowest possible version of uv from a version range. Useful if you want to test your tool with different versions of uv. If you use `activate-environment` the path to the activated venv is now also exposed under the output `venv`. Downloaded python installations can now also be uploaded to the GitHub Actions cache backend. Useful if you are running in `act` and have configured your own backend and don't want to download python again, and again over a slow internet connection. Finally the path to installed python interpreters is now added to the `PATH` on Windows. #### 🚀 Enhancements - Add resolution-strategy input to support oldest compatible version selection @​[copilot-swe-agent\[bot\]](https://github.com/apps/copilot-swe-agent) ([#​631](https://github.com/astral-sh/setup-uv/issues/631)) - Add value of UV\_PYTHON\_INSTALL\_DIR to path [@​eifinger](https://github.com/eifinger) ([#​628](https://github.com/astral-sh/setup-uv/issues/628)) - Set output venv when activate-environment is used [@​eifinger](https://github.com/eifinger) ([#​627](https://github.com/astral-sh/setup-uv/issues/627)) - Cache python installs [@​merlinz01](https://github.com/merlinz01) ([#​621](https://github.com/astral-sh/setup-uv/issues/621)) #### 🧰 Maintenance - Add copilot-instructions.md [@​eifinger](https://github.com/eifinger) ([#​630](https://github.com/astral-sh/setup-uv/issues/630)) - chore: update known checksums for 0.9.2 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​626](https://github.com/astral-sh/setup-uv/issues/626)) - chore: update known checksums for 0.9.1 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​625](https://github.com/astral-sh/setup-uv/issues/625)) - Fall back to PR for updating known versions [@​eifinger](https://github.com/eifinger) ([#​623](https://github.com/astral-sh/setup-uv/issues/623)) #### 📚 Documentation - Split up documentation [@​eifinger](https://github.com/eifinger) ([#​632](https://github.com/astral-sh/setup-uv/issues/632)) #### ⬆️ Dependency updates - Bump deps [@​eifinger](https://github.com/eifinger) ([#​633](https://github.com/astral-sh/setup-uv/issues/633)) - Bump github/codeql-action from 3.30.6 to 4.30.7 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​614](https://github.com/astral-sh/setup-uv/issues/614)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjEyNS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/433 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| b8f1ae00b7 |
feat(deps): lock file maintenance (#431)
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "before 4am on monday" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMTEuMCIsInVwZGF0ZWRJblZlciI6IjQzLjExMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: #431 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 959ff490f5 |
[SECURITY] Update dependency pytest to v9.0.3 [SECURITY] (#432)
Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 530659ee38 |
feat(deps): lock file maintenance (#430)
All checks were successful
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "before 4am on monday" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDQuNCIsInVwZGF0ZWRJblZlciI6IjQzLjEwNC40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: #430 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.26.0 |
|||
| 111bf1fc8d |
feat(deps): lock file maintenance (#428)
All checks were successful
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My45OS4xIiwidXBkYXRlZEluVmVyIjoiNDMuOTkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #428 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.25.0 |
|||
| 1396ce92ac |
fix(deps): update dependency requests to v2.33.1 (#429)
Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| c366e9ddd7 |
feat(deps): Update dependency requests to v2.33.0 [SECURITY] (#427)
All checks were successful
This PR contains the following updates:
| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [requests](https://github.com/psf/requests) ([changelog](https://github.com/psf/requests/blob/master/HISTORY.md)) | `==2.32.5` → `==2.33.0` |  |  |
---
### Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function
[CVE-2026-25645](https://nvd.nist.gov/vuln/detail/CVE-2026-25645) / [GHSA-gc5v-m9x4-r6x2](https://github.com/advisories/GHSA-gc5v-m9x4-r6x2)
<details>
<summary>More information</summary>
#### Details
##### Impact
The `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one.
##### Affected usages
**Standard usage of the Requests library is not affected by this vulnerability.** Only applications that call `extract_zipped_paths()` directly are impacted.
##### Remediation
Upgrade to at least Requests 2.33.0, where the library now extracts files to a non-deterministic location.
If developers are unable to upgrade, they can set `TMPDIR` in their environment to a directory with restricted write access.
#### Severity
- CVSS Score: 4.4 / 10 (Medium)
- Vector String: `CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N`
#### References
- [https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2](https://github.com/psf/requests/security/advisories/GHSA-gc5v-m9x4-r6x2)
- [
v1.24.0
|
|||
| 7680383d17 |
feat(deps): lock file maintenance (#425)
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My44Ni4wIiwidXBkYXRlZEluVmVyIjoiNDMuODYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #425 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| c344a641fd |
feat(deps): lock file maintenance (#424)
Some checks failed
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My43Ni4yIiwidXBkYXRlZEluVmVyIjoiNDMuNzYuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #424 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 03531d811a |
chore(deps): update dependency black to <26.3.2,>=26.3.1 (#423)
All checks were successful
Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.23.0 |
|||
| afe7f1758b |
feat(deps): lock file maintenance (#422)
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OS40IiwidXBkYXRlZEluVmVyIjoiNDMuNTkuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #422 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| f73cdb26ef |
chore(deps): update docker/setup-buildx-action action to v4 (#418)
Some checks failed
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | action | major | `v3` → `v4` | --- ### Release Notes <details> <summary>docker/setup-buildx-action (docker/setup-buildx-action)</summary> ### [`v4`](https://github.com/docker/setup-buildx-action/compare/v3...v4) [Compare Source](https://github.com/docker/setup-buildx-action/compare/v3...v4) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41NS40IiwidXBkYXRlZEluVmVyIjoiNDMuNTUuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #418 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.22.0 |
|||
| a0b58dd76b |
chore(deps): update docker/metadata-action action to v6 (#419)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker/metadata-action](https://github.com/docker/metadata-action) | action | major | `v5` → `v6` | --- ### Release Notes <details> <summary>docker/metadata-action (docker/metadata-action)</summary> ### [`v6`](https://github.com/docker/metadata-action/compare/v5...v6) [Compare Source](https://github.com/docker/metadata-action/compare/v5...v6) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41Ni4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #419 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 0c85eb5c17 |
chore(deps): update docker/build-push-action action to v7 (#420)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker/build-push-action](https://github.com/docker/build-push-action) | action | major | `v6` → `v7` | --- ### Release Notes <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v7`](https://github.com/docker/build-push-action/compare/v6...v7) [Compare Source](https://github.com/docker/build-push-action/compare/v6...v7) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41Ni4xIiwidXBkYXRlZEluVmVyIjoiNDMuNTYuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #420 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| ddb0a28d5e |
chore(deps): update dependency black to <26.3.1,>=26.3.0 (#421)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [black](https://github.com/psf/black) ([changelog](https://github.com/psf/black/blob/main/CHANGES.md)) | `<26.1.1,>=26.1.0` → `<26.3.1,>=26.3.0` |  |  | --- ### Release Notes <details> <summary>psf/black (black)</summary> ### [`v26.3.0`](https://github.com/psf/black/blob/HEAD/CHANGES.md#2630) [Compare Source](https://github.com/psf/black/compare/26.1.0...26.3.0) ##### Stable style - Don't double-decode input, causing non-UTF-8 files to be corrupted ([#​4964](https://github.com/psf/black/issues/4964)) - Fix crash on standalone comment in lambda default arguments ([#​4993](https://github.com/psf/black/issues/4993)) - Preserve parentheses when `# type: ignore` comments would be merged with other comments on the same line, preventing AST equivalence failures ([#​4888](https://github.com/psf/black/issues/4888)) ##### Preview style - Fix bug where `if` guards in `case` blocks were incorrectly split when the pattern had a trailing comma ([#​4884](https://github.com/psf/black/issues/4884)) - Fix `string_processing` crashing on unassigned long string literals with trailing commas (one-item tuples) ([#​4929](https://github.com/psf/black/issues/4929)) - Simplify implementation of the power operator "hugging" logic ([#​4918](https://github.com/psf/black/issues/4918)) ##### Packaging - Fix shutdown errors in PyInstaller builds on macOS by disabling multiprocessing in frozen environments ([#​4930](https://github.com/psf/black/issues/4930)) ##### Performance - Introduce winloop for windows as an alternative to uvloop ([#​4996](https://github.com/psf/black/issues/4996)) - Remove deprecated function `uvloop.install()` in favor of `uvloop.new_event_loop()` ([#​4996](https://github.com/psf/black/issues/4996)) - Rename `maybe_install_uvloop` function to `maybe_use_uvloop` to simplify loop installation and creation of either a uvloop/winloop evenloop or default eventloop ([#​4996](https://github.com/psf/black/issues/4996)) ##### Output - Emit a clear warning when the target Python version is newer than the running Python version, since AST safety checks cannot parse newer syntax. Also replace the misleading "INTERNAL ERROR" message with an actionable error explaining the version mismatch ([#​4983](https://github.com/psf/black/issues/4983)) ##### *Blackd* - Introduce winloop to be used when windows in use which enables blackd to run faster on windows when winloop is installed. ([#​4996](https://github.com/psf/black/issues/4996)) ##### Integrations - Remove unused gallery script ([#​5030](https://github.com/psf/black/issues/5030)) - Harden parsing of `black` requirements in the GitHub Action when `use_pyproject` is enabled so that only version specifiers are accepted and direct references such as `black @​ https://...` are rejected. Users should upgrade to the latest version of the action as soon as possible. This update is received automatically when using `psf/black@stable`, and is independent of the version of Black installed by the action. ([#​5031](https://github.com/psf/black/issues/5031)) ##### Documentation - Expand preview style documentation with detailed examples for `wrap_comprehension_in`, `simplify_power_operator_hugging`, and `wrap_long_dict_values_in_parens` features ([#​4987](https://github.com/psf/black/issues/4987)) - Add detailed documentation for formatting Jupyter Notebooks ([#​5009](https://github.com/psf/black/issues/5009)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41OC4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTguMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/421 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| f734eb8a76 |
fix(deps): update dependency tabulate to v0.10.0 (#417)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [tabulate](https://github.com/astanin/python-tabulate) | `==0.9.0` → `==0.10.0` |  |  | --- ### Release Notes <details> <summary>astanin/python-tabulate (tabulate)</summary> ### [`v0.10.0`](https://github.com/astanin/python-tabulate/compare/v0.9.0...v0.10.0) [Compare Source](https://github.com/astanin/python-tabulate/compare/v0.9.0...v0.10.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41My4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTMuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #417 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 107ca28eaa |
feat(deps): lock file maintenance (#415)
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40Ni42IiwidXBkYXRlZEluVmVyIjoiNDMuNDYuNiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #415 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| ff9c67dc20 |
chore(deps): update docker/login-action action to v4 (#416)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [docker/login-action](https://github.com/docker/login-action) | action | major | `v3` → `v4` | --- ### Release Notes <details> <summary>docker/login-action (docker/login-action)</summary> ### [`v4`](https://github.com/docker/login-action/compare/v3...v4) [Compare Source](https://github.com/docker/login-action/compare/v3...v4) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41Mi4wIiwidXBkYXRlZEluVmVyIjoiNDMuNTIuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #416 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| bce0633d3e |
feat(deps): lock file maintenance (#414)
Some checks failed
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4zMS4xIiwidXBkYXRlZEluVmVyIjoiNDMuMzEuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #414 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.21.0 |
|||
| 880e51cbfa |
feat(deps): lock file maintenance (#413)
Some checks failed
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4wLjkiLCJ1cGRhdGVkSW5WZXIiOiI0My4wLjkiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInR5cGUvZGVwZW5kZW5jaWVzIl19--> Reviewed-on: #413 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.20.0 |
|||
| 168b51bf98 |
feat(deps): lock file maintenance (#412)
Some checks failed
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Mi40IiwidXBkYXRlZEluVmVyIjoiNDIuOTIuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #412 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.19.0 |
|||
| a8454098c1 |
chore(deps): update actions/checkout action to v6.0.2 (#411)
Some checks failed
Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.18.0 |
|||
| c3f2b5f9f4 |
chore(ci): remove Snyk security workflow and update renovate configuration (#410)
Reviewed-on: #410 |
|||
| 0ff1a68aee |
feat(deps): lock file maintenance (#409)
All checks were successful
Security / snyk (push) Successful in 31s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44NC4yIiwidXBkYXRlZEluVmVyIjoiNDIuODQuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #409 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| aa310426e3 |
Update renovate.json
All checks were successful
Security / snyk (push) Successful in 30s
|
|||
| 3f56ddea57 |
chore(deps): update dependency black to v26 (#408)
All checks were successful
Security / snyk (push) Successful in 2m0s
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [black](https://github.com/psf/black) ([changelog](https://github.com/psf/black/blob/main/CHANGES.md)) | `<25.12.1,>=25.12.0` → `<26.1.1,>=26.1.0` |  |  | --- ### Release Notes <details> <summary>psf/black (black)</summary> ### [`v26.1.0`](https://github.com/psf/black/blob/HEAD/CHANGES.md#2610) [Compare Source](https://github.com/psf/black/compare/25.12.0...26.1.0) ##### Highlights Introduces the 2026 stable style ([#​4892](https://github.com/psf/black/issues/4892)), stabilizing the following changes: - `always_one_newline_after_import`: Always force one blank line after import statements, except when the line after the import is a comment or an import statement ([#​4489](https://github.com/psf/black/issues/4489)) - `fix_fmt_skip_in_one_liners`: Fix `# fmt: skip` behavior on one-liner declarations, such as `def foo(): return "mock" # fmt: skip`, where previously the declaration would have been incorrectly collapsed ([#​4800](https://github.com/psf/black/issues/4800)) - `fix_module_docstring_detection`: Fix module docstrings being treated as normal strings if preceded by comments ([#​4764](https://github.com/psf/black/issues/4764)) - `fix_type_expansion_split`: Fix type expansions split in generic functions ([#​4777](https://github.com/psf/black/issues/4777)) - `multiline_string_handling`: Make expressions involving multiline strings more compact ([#​1879](https://github.com/psf/black/issues/1879)) - `normalize_cr_newlines`: Add `\r` style newlines to the potential newlines to normalize file newlines both from and to ([#​4710](https://github.com/psf/black/issues/4710)) - `remove_parens_around_except_types`: Remove parentheses around multiple exception types in `except` and `except*` without `as` ([#​4720](https://github.com/psf/black/issues/4720)) - `remove_parens_from_assignment_lhs`: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting ([#​4865](https://github.com/psf/black/issues/4865)) - `standardize_type_comments`: Format type comments which have zero or more spaces between `#` and `type:` or between `type:` and value to `# type: (value)` ([#​4645](https://github.com/psf/black/issues/4645)) The following change was not in any previous stable release: - Regenerated the `_width_table.py` and added tests for the Khmer language ([#​4253](https://github.com/psf/black/issues/4253)) This release alo bumps `pathspec` to v1 and fixes inconsistencies with Git's `.gitignore` logic ([#​4958](https://github.com/psf/black/issues/4958)). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format `exclude/not_this/foo.py` with this `.gitignore`: ``` exclude/ !exclude/not_this/ ``` Now, `exclude/not_this/foo.py` will remain ignored. To ensure `exclude/not_this/` and all of it's children are included in formatting (and in Git), use this `.gitignore`: ``` */exclude/* !*/exclude/not_this/ ``` This new behavior matches Git. The leading `*/` are only necessary if you wish to ignore matching subdirectories (like the previous behavior did), and not just matching root directories. ##### Output - Explicitly shutdown the multiprocessing manager when run in diff mode too ([#​4952](https://github.com/psf/black/issues/4952)) ##### Integrations - Upgraded PyPI upload workflow to use Trusted Publishing ([#​4611](https://github.com/psf/black/issues/4611)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44NC4yIiwidXBkYXRlZEluVmVyIjoiNDIuODQuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/408 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| b37c346daf |
feat(deps): lock file maintenance (#407)
Some checks failed
Security / snyk (push) Successful in 30s
Release / Tag release (push) Successful in 16s
Release / Create Release (push) Successful in 1s
Release / Publish Docker Images (push) Successful in 1m10s
Release / Get Release ID (push) Successful in 1s
Release / Build Wheel File (push) Failing after 13s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43OC4xIiwidXBkYXRlZEluVmVyIjoiNDIuNzguMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #407 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.17.0 |
|||
| c8b7d09031 |
feat(deps): lock file maintenance (#406)
All checks were successful
Security / snyk (push) Successful in 46s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43MS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNzEuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #406 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.16.0 |
|||
| 5e465d8b1a |
feat(deps): lock file maintenance (#405)
Some checks failed
Release / Tag release (push) Successful in 10s
Release / Create Release (push) Successful in 2s
Release / Publish Docker Images (push) Successful in 2m0s
Release / Get Release ID (push) Failing after 45s
Release / Build Wheel File (push) Has been skipped
Security / snyk (push) Successful in 43s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42Ni4xMSIsInVwZGF0ZWRJblZlciI6IjQyLjY2LjExIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: #405 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.15.0 |
|||
| aaa8e4fd85 |
feat(deps): lock file maintenance (#404)
Some checks failed
Release / Tag release (push) Successful in 8s
Release / Create Release (push) Successful in 2s
Release / Publish Docker Images (push) Failing after 58s
Release / Get Release ID (push) Successful in 1s
Release / Build Wheel File (push) Failing after 9s
Security / snyk (push) Successful in 49s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41Mi44IiwidXBkYXRlZEluVmVyIjoiNDIuNTIuOCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #404 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.14.0 |
|||
| 537aa0f406 |
chore(deps): update actions/cache action to v5 (#403)
Some checks failed
Release / Tag release (push) Successful in 8s
Release / Create Release (push) Successful in 2s
Release / Publish Docker Images (push) Successful in 1m14s
Release / Get Release ID (push) Successful in 1s
Release / Build Wheel File (push) Failing after 9s
Security / snyk (push) Successful in 32s
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/cache](https://github.com/actions/cache) | action | major | `v4` -> `v5` | --- ### Release Notes <details> <summary>actions/cache (actions/cache)</summary> ### [`v5`](https://github.com/actions/cache/compare/v4...v5) [Compare Source](https://github.com/actions/cache/compare/v4...v5) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Ni4wIiwidXBkYXRlZEluVmVyIjoiNDIuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #403 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.13.0 |
|||
| 4a40ebfd34 |
chore(deps): update dependency black to <25.12.1,>=25.12.0 (#402)
All checks were successful
Security / snyk (push) Successful in 1m49s
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [black](https://github.com/psf/black) ([changelog](https://github.com/psf/black/blob/main/CHANGES.md)) | `<25.11.1,>=25.11.0` -> `<25.12.1,>=25.12.0` |  |  | --- ### Release Notes <details> <summary>psf/black (black)</summary> ### [`v25.12.0`](https://github.com/psf/black/blob/HEAD/CHANGES.md#25120) [Compare Source](https://github.com/psf/black/compare/25.11.0...25.12.0) ##### Highlights - Black no longer supports running with Python 3.9 ([#​4842](https://github.com/psf/black/issues/4842)) ##### Stable style - Fix bug where comments preceding `# fmt: off`/`# fmt: on` blocks were incorrectly removed, particularly affecting Jupytext's `# %% [markdown]` comments ([#​4845](https://github.com/psf/black/issues/4845)) - Fix crash when multiple `# fmt: skip` comments are used in a multi-part if-clause, on string literals, or on dictionary entries with long lines ([#​4872](https://github.com/psf/black/issues/4872)) - Fix possible crash when `fmt: ` directives aren't on the top level ([#​4856](https://github.com/psf/black/issues/4856)) ##### Preview style - Fix `fmt: skip` skipping the line after instead of the line it's on ([#​4855](https://github.com/psf/black/issues/4855)) - Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting ([#​4865](https://github.com/psf/black/issues/4865)) - Fix `fix_fmt_skip_in_one_liners` crashing on `with` statements ([#​4853](https://github.com/psf/black/issues/4853)) - Fix `fix_fmt_skip_in_one_liners` crashing on annotated parameters ([#​4854](https://github.com/psf/black/issues/4854)) - Fix new lines being added after imports with `# fmt: skip` on them ([#​4894](https://github.com/psf/black/issues/4894)) ##### Packaging - Releases now include arm64 Windows binaries and wheels ([#​4814](https://github.com/psf/black/issues/4814)) ##### Integrations - Add `output-file` input to GitHub Action `psf/black` to write formatter output to a file for artifact capture and log cleanliness ([#​4824](https://github.com/psf/black/issues/4824)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zOS40IiwidXBkYXRlZEluVmVyIjoiNDIuMzkuNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/402 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 93f61ab3f8 |
feat(deps): lock file maintenance (#401)
All checks were successful
Security / snyk (push) Successful in 29s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zOS4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #401 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 26dba20357 |
chore(deps): update dependency pylint to v4 (#399)
All checks were successful
Security / snyk (push) Successful in 1m38s
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [pylint](https://github.com/pylint-dev/pylint) ([changelog](https://pylint.readthedocs.io/en/latest/whatsnew/3/)) | `<4.0.0,>=3.1.0` -> `<4.1.0,>=4.0.4` |  |  | --- ### Release Notes <details> <summary>pylint-dev/pylint (pylint)</summary> ### [`v4.0.4`](https://github.com/pylint-dev/pylint/releases/tag/v4.0.4) [Compare Source](https://github.com/pylint-dev/pylint/compare/v4.0.3...v4.0.4) ## What's new in Pylint 4.0.4? Release date: 2025-11-30 ## False Positives Fixed - Fixed false positive for `invalid-name` where module-level constants were incorrectly classified as variables when a class-level attribute with the same name exists. Closes [#​10719](https://github.com/pylint-dev/pylint/issues/10719) - Fix a false positive for `invalid-name` on an UPPER\_CASED name inside an `if` branch that assigns an object. Closes [#​10745](https://github.com/pylint-dev/pylint/issues/10745) ### [`v4.0.3`](https://github.com/pylint-dev/pylint/releases/tag/v4.0.3) [Compare Source](https://github.com/pylint-dev/pylint/compare/v4.0.2...v4.0.3) ## What's new in Pylint 4.0.3? Release date: 2025-11-13 ## False Positives Fixed - Add Enum dunder methods `_generate_next_value_`, `_missing_`, `_numeric_repr_`, `_add_alias_`, and `_add_value_alias_` to the list passed to `--good-dunder-names`. Closes [#​10435](https://github.com/pylint-dev/pylint/issues/10435) - Fixed false positive for `invalid-name` with `typing.Annotated`. Closes [#​10696](https://github.com/pylint-dev/pylint/issues/10696) - Fix false positive for `f-string-without-interpolation` with template strings when using format spec. Closes [#​10702](https://github.com/pylint-dev/pylint/issues/10702) - Fix a false positive when an UPPER\_CASED class attribute was raising an `invalid-name` when typed with `Final`. Closes [#​10711](https://github.com/pylint-dev/pylint/issues/10711) - Fix a false positive for `unbalanced-tuple-unpacking` when a tuple is assigned to a function call and the structure of the function's return value is ambiguous. Closes [#​10721](https://github.com/pylint-dev/pylint/issues/10721) ## Other Bug Fixes - Make 'ignore' option work as expected again. Closes [#​10669](https://github.com/pylint-dev/pylint/issues/10669) - Fix crash for `consider-using-assignment-expr` when a variable annotation without assignment is used as the `if` test expression. Closes [#​10707](https://github.com/pylint-dev/pylint/issues/10707) - Fix crash for `prefer-typing-namedtuple` and `consider-math-not-float` when a `slice` object is called. Closes [#​10708](https://github.com/pylint-dev/pylint/issues/10708) ### [`v4.0.2`](https://github.com/pylint-dev/pylint/releases/tag/v4.0.2) [Compare Source](https://github.com/pylint-dev/pylint/compare/v4.0.1...v4.0.2) ## False Positives Fixed - Fix false positive for `invalid-name` on a partially uninferable module-level constant. Closes [#​10652](https://github.com/pylint-dev/pylint/issues/10652) - Fix a false positive for `invalid-name` on exclusive module-level assignments composed of three or more branches. We won't raise `disallowed-name` on module-level names that can't be inferred until a further refactor to remove this false negative is done. Closes [#​10664](https://github.com/pylint-dev/pylint/issues/10664) - Fix false positive for `invalid-name` for `TypedDict` instances. Closes [#​10672](https://github.com/pylint-dev/pylint/issues/10672) ### [`v4.0.1`](https://github.com/pylint-dev/pylint/releases/tag/v4.0.1) [Compare Source](https://github.com/pylint-dev/pylint/compare/v4.0.0...v4.0.1) ## What's new in Pylint 4.0.1? Release date: 2025-10-14 ## False Positives Fixed - Exclude `__all__` and `__future__.annotations` from `unused-variable`. Closes [#​10019](https://github.com/pylint-dev/pylint/issues/10019) - Fix false-positive for `bare-name-capture-pattern` if a case guard is used. Closes [#​10647](https://github.com/pylint-dev/pylint/issues/10647) - Check enums created with the `Enum()` functional syntax to pass against the `--class-rgx` for the `invalid-name` check, like other enums. Closes [#​10660](https://github.com/pylint-dev/pylint/issues/10660) ### [`v4.0.0`](https://github.com/pylint-dev/pylint/releases/tag/v4.0.0) [Compare Source](https://github.com/pylint-dev/pylint/compare/v3.3.9...v4.0.0) - Pylint now supports Python 3.14. - Pylint's inference engine (`astroid`) is now much more precise, understanding implicit booleanness and ternary expressions. (Thanks [@​zenlyj](https://github.com/zenlyj)!) Consider this example: ```python class Result: errors: dict | None = None result = Result() if result.errors: result.errors[field_key] # inference engine understands result.errors cannot be None # pylint no longer raises unsubscriptable-object ``` The required `astroid` version is now 4.0.0. See the [astroid changelog](https://pylint.readthedocs.io/projects/astroid/en/latest/changelog.html#what-s-new-in-astroid-4-0-0) for additional fixes, features, and performance improvements applicable to pylint. - Handling of `invalid-name` at the module level was patchy. Now, module-level constants that are reassigned are treated as variables and checked against `--variable-rgx` rather than `--const-rgx`. Module-level lists, sets, and objects can pass against either regex. Here, `LIMIT` is reassigned, so pylint only uses `--variable-rgx`: ```python LIMIT = 500 # [invalid-name] if sometimes: LIMIT = 1 # [invalid-name] ``` If this is undesired, refactor using *exclusive* assignment so that it is evident that this assignment happens only once: ```python if sometimes: LIMIT = 1 else: LIMIT = 500 # exclusive assignment: uses const regex, no warning ``` Lists, sets, and objects still pass against either `const-rgx` or `variable-rgx` even if reassigned, but are no longer completely skipped: ```python MY_LIST = [] my_list = [] My_List = [] # [invalid-name] ``` Remember to adjust the [regexes](https://pylint.readthedocs.io/en/latest/user_guide/messages/convention/invalid-name.html) and [allow lists](https://pylint.readthedocs.io/en/latest/user_guide/configuration/all-options.html#good-names) to your liking. ## Breaking Changes - `invalid-name` now distinguishes module-level constants that are assigned only once from those that are reassigned and now applies `--variable-rgx` to the latter. Values other than literals (lists, sets, objects) can pass against either the constant or variable regexes (e.g. "LOGGER" or "logger" but not "LoGgEr"). Remember that `--good-names` or `--good-names-rgxs` can be provided to explicitly allow good names. Closes [#​3585](https://github.com/pylint-dev/pylint/issues/3585) - The unused `pylintrc` argument to `PyLinter.__init__()` is deprecated and will be removed. Refs [#​6052](https://github.com/pylint-dev/pylint/issues/6052) - Commented out code blocks such as `# bar() # TODO: remove dead code` will no longer emit `fixme`. Refs [#​9255](https://github.com/pylint-dev/pylint/issues/9255) - `pyreverse` `Run` was changed to no longer call `sys.exit()` in its `__init__`. You should now call `Run(args).run()` which will return the exit code instead. Having a class that always raised a `SystemExit` exception was considered a bug. Normal usage of pyreverse through the CLI will not be affected by this change. Refs [#​9689](https://github.com/pylint-dev/pylint/issues/9689) - The `suggestion-mode` option was removed, as pylint now always emits user-friendly hints instead of false-positive error messages. You should remove it from your conf if it's defined. Refs [#​9962](https://github.com/pylint-dev/pylint/issues/9962) - The `async.py` checker module has been renamed to `async_checker.py` since `async` is a Python keyword and cannot be imported directly. This allows for better testing and extensibility of the async checker functionality. Refs [#​10071](https://github.com/pylint-dev/pylint/issues/10071) - The message-id of `continue-in-finally` was changed from `E0116` to `W0136`. The warning is now emitted for every Python version since it will raise a syntax warning in Python 3.14. See [PEP 765 - Disallow return/break/continue that exit a finally block](https://peps.python.org/pep-0765/). Refs [#​10480](https://github.com/pylint-dev/pylint/issues/10480) - Removed support for `nmp.NaN` alias for `numpy.NaN` being recognized in ':ref:`nan-comparison`'. Use `np` or `numpy` instead. Refs [#​10583](https://github.com/pylint-dev/pylint/issues/10583) - Version requirement for `isort` has been bumped to >=5.0.0. The internal compatibility for older `isort` versions exposed via `pylint.utils.IsortDriver` has been removed. Refs [#​10637](https://github.com/pylint-dev/pylint/issues/10637) ## New Features - `comparison-of-constants` now uses the unicode from the ast instead of reformatting from the node's values preventing some bad formatting due to `utf-8` limitation. The message now uses `"` instead of `'` to better work with what the python ast returns. Refs [#​8736](https://github.com/pylint-dev/pylint/issues/8736) - Enhanced pyreverse to properly distinguish between UML relationship types (association, aggregation, composition) based on object ownership semantics. Type annotations without assignment are now treated as associations, parameter assignments as aggregations, and object instantiation as compositions. Closes [#​9045](https://github.com/pylint-dev/pylint/issues/9045) Closes [#​9267](https://github.com/pylint-dev/pylint/issues/9267) - The `fixme` check can now search through docstrings as well as comments, by using `check-fixme-in-docstring = true` in the `[tool.pylint.miscellaneous]` section. Closes [#​9255](https://github.com/pylint-dev/pylint/issues/9255) - The `use-implicit-booleaness-not-x` checks now distinguish between comparisons used in boolean contexts and those that are not, enabling them to provide more accurate refactoring suggestions. Closes [#​9353](https://github.com/pylint-dev/pylint/issues/9353) - The verbose option now outputs the filenames of the files that have been checked. Previously, it only included the number of checked and skipped files. Closes [#​9357](https://github.com/pylint-dev/pylint/issues/9357) - colorized reporter now colorizes messages/categories that have been configured as `fail-on` in red inverse. This makes it easier to quickly find the errors that are causing pylint CI job failures. Closes [#​9898](https://github.com/pylint-dev/pylint/issues/9898) - Enhanced support for [@​property](https://github.com/property) decorator in pyreverse to correctly display return types of annotated properties when generating class diagrams. Closes [#​10057](https://github.com/pylint-dev/pylint/issues/10057) - Add --max-depth option to pyreverse to control diagram complexity. A depth of 0 shows only top-level packages, 1 shows one level of subpackages, etc. This helps manage visualization of large codebases by limiting the depth of displayed packages and classes. Refs [#​10077](https://github.com/pylint-dev/pylint/issues/10077) - Handle deferred evaluation of annotations in Python 3.14. Closes [#​10149](https://github.com/pylint-dev/pylint/issues/10149) - Enhanced pyreverse to properly detect aggregations for comprehensions (list, dict, set, generator). Closes [#​10236](https://github.com/pylint-dev/pylint/issues/10236) - `pyreverse`: add support for colorized output when using output format `mmd` (MermaidJS) and `html`. Closes [#​10242](https://github.com/pylint-dev/pylint/issues/10242) - pypy 3.11 is now officially supported. Refs [#​10287](https://github.com/pylint-dev/pylint/issues/10287) - Add support for Python 3.14. Refs [#​10467](https://github.com/pylint-dev/pylint/issues/10467) - Add naming styles for `ParamSpec` and `TypeVarTuple` that align with the `TypeVar` style. Refs [#​10541](https://github.com/pylint-dev/pylint/issues/10541) ## New Checks - Add `match-statements` checker and the following message: `bare-name-capture-pattern`. This will emit an error message when a name capture pattern is used in a match statement which would make the remaining patterns unreachable. This code is a SyntaxError at runtime. Closes [#​7128](https://github.com/pylint-dev/pylint/issues/7128) - Add new check `async-context-manager-with-regular-with` to detect async context managers used with regular `with` statements instead of `async with`. Refs [#​10408](https://github.com/pylint-dev/pylint/issues/10408) - Add `break-in-finally` warning. Using `break` inside the `finally` clause will raise a syntax warning in Python 3.14. See `PEP 765 - Disallow return/break/continue that exit a finally block <https://peps.python.org/pep-0765/>`\_. Refs [#​10480](https://github.com/pylint-dev/pylint/issues/10480) - Add new checks for invalid uses of class patterns in :keyword:`match`. - :ref:`invalid-match-args-definition` is emitted if :py:data:`object.__match_args__` isn't a tuple of strings. - :ref:`too-many-positional-sub-patterns` if there are more positional sub-patterns than specified in :py:data:`object.__match_args__`. - :ref:`multiple-class-sub-patterns` if there are multiple sub-patterns for the same attribute. Refs [#​10559](https://github.com/pylint-dev/pylint/issues/10559) - Add additional checks for suboptimal uses of class patterns in :keyword:`match`. - :ref:`match-class-bind-self` is emitted if a name is bound to `self` instead of using an `as` pattern. - :ref:`match-class-positional-attributes` is emitted if a class pattern has positional attributes when keywords could be used. Refs [#​10587](https://github.com/pylint-dev/pylint/issues/10587) - Add a `consider-math-not-float` message. `float("nan")` and `float("inf")` are slower than their counterpart `math.inf` and `math.nan` by a factor of 4 (notwithstanding the initial import of math) and they are also not well typed when using mypy. This check also catches typos in float calls as a side effect. The :ref:`pylint.extensions.code_style` need to be activated for this check to work. Refs [#​10621](https://github.com/pylint-dev/pylint/issues/10621) ## False Positives Fixed - Fix a false positive for `used-before-assignment` when a variable defined under an `if` and via a named expression (walrus operator) is used later when guarded under the same `if` test. Closes [#​10061](https://github.com/pylint-dev/pylint/issues/10061) - Fix :ref:`no-name-in-module` for members of `concurrent.futures` with Python 3.14. Closes [#​10632](https://github.com/pylint-dev/pylint/issues/10632) ## False Negatives Fixed - Fix false negative for `used-before-assignment` when a `TYPE_CHECKING` import is used as a type annotation prior to erroneous usage. Refs [#​8893](https://github.com/pylint-dev/pylint/issues/8893) - Match cases are now counted as edges in the McCabe graph and will increase the complexity accordingly. Refs [#​9667](https://github.com/pylint-dev/pylint/issues/9667) - Check module-level constants with type annotations for `invalid-name`. Remember to adjust `const-naming-style` or `const-rgx` to your liking. Closes [#​9770](https://github.com/pylint-dev/pylint/issues/9770) - Fix false negative where function-redefined (E0102) was not reported for functions with a leading underscore. Closes [#​9894](https://github.com/pylint-dev/pylint/issues/9894) - We now raise a `logging-too-few-args` for format string with no interpolation arguments at all (i.e. for something like `logging.debug("Awaiting process %s")` or `logging.debug("Awaiting process {pid}")`). Previously we did not raise for such case. Closes [#​9999](https://github.com/pylint-dev/pylint/issues/9999) - Fix false negative for `used-before-assignment` when a function is defined inside a `TYPE_CHECKING` guard block and used later. Closes [#​10028](https://github.com/pylint-dev/pylint/issues/10028) - Fix a false negative for `possibly-used-before-assignment` when a variable is conditionally defined and later assigned to a type-annotated variable. Closes [#​10421](https://github.com/pylint-dev/pylint/issues/10421) - Fix false negative for `deprecated-module` when a `__import__` method is used instead of `import` sentence. Refs [#​10453](https://github.com/pylint-dev/pylint/issues/10453) - Count match cases for `too-many-branches` check. Refs [#​10542](https://github.com/pylint-dev/pylint/issues/10542) - Fix false-negative where :ref:`unused-import` was not reported for names referenced in a preceding `global` statement. Refs [#​10633](https://github.com/pylint-dev/pylint/issues/10633) ## Other Bug Fixes - When displaying unicode with surrogates (or other potential `UnicodeEncodeError`), pylint will now display a '?' character (using `encode(encoding="utf-8", errors="replace")`) instead of crashing. The functional tests classes are also updated to handle this case. Closes [#​8736](https://github.com/pylint-dev/pylint/issues/8736) - Fixed unidiomatic-typecheck only checking left-hand side. Closes [#​10217](https://github.com/pylint-dev/pylint/issues/10217) - Fix a crash caused by malformed format strings when using `.format` with keyword arguments. Closes [#​10282](https://github.com/pylint-dev/pylint/issues/10282) - Fix false positive `inconsistent-return-statements` when using `quit()` or `exit()` functions. Closes [#​10508](https://github.com/pylint-dev/pylint/issues/10508) - Fix a crash in :ref:`nested-min-max` when using `builtins.min` or `builtins.max` instead of `min` or `max` directly. Closes [#​10626](https://github.com/pylint-dev/pylint/issues/10626) - Fixed a crash in :ref:`unnecessary-dict-index-lookup` when the index of an enumerated list was deleted inside a for loop. Closes [#​10627](https://github.com/pylint-dev/pylint/issues/10627) ## Other Changes - Remove support for launching pylint with Python 3.9. Code that supports Python 3.9 can still be linted with the `--py-version=3.9` setting. Refs [#​10405](https://github.com/pylint-dev/pylint/issues/10405) ## Internal Changes - Modified test framework to allow for different test output for different Python versions. Refs [#​10382](https://github.com/pylint-dev/pylint/issues/10382) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zOS4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/399 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| b8f5508dca |
feat(deps): lock file maintenance (#400)
All checks were successful
Security / snyk (push) Successful in 28s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zOS4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #400 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 71777ecc02 |
chore(deps): update actions/checkout action to v6.0.1 (#398)
Some checks failed
Security / snyk (push) Successful in 1m37s
Release / Tag release (push) Successful in 11s
Release / Create Release (push) Successful in 2s
Release / Publish Docker Images (push) Failing after 46s
Release / Get Release ID (push) Successful in 1s
Release / Build Wheel File (push) Failing after 10s
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | patch | `v6.0.0` -> `v6.0.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.1`](https://github.com/actions/checkout/releases/tag/v6.0.1) [Compare Source](https://github.com/actions/checkout/compare/v6.0.0...v6.0.1) #### What's Changed - Update all references from v5 and v4 to v6 by [@​ericsciple](https://github.com/ericsciple) in [#​2314](https://github.com/actions/checkout/pull/2314) - Add worktree support for persist-credentials includeIf by [@​ericsciple](https://github.com/ericsciple) in [#​2327](https://github.com/actions/checkout/pull/2327) - Clarify v6 README by [@​ericsciple](https://github.com/ericsciple) in [#​2328](https://github.com/actions/checkout/pull/2328) **Full Changelog**: <https://github.com/actions/checkout/compare/v6...v6.0.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMC4xIiwidXBkYXRlZEluVmVyIjoiNDIuMzAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #398 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| fbbcb369c4 |
feat(deps): lock file maintenance (#397)
Some checks failed
Release / Tag release (push) Successful in 12s
Release / Create Release (push) Successful in 1s
Release / Publish Docker Images (push) Successful in 1m8s
Release / Get Release ID (push) Successful in 2s
Release / Build Wheel File (push) Failing after 11s
Security / snyk (push) Successful in 30s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xOS4zIiwidXBkYXRlZEluVmVyIjoiNDIuMTkuMyIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #397 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.12.0 |
|||
| 361cd6a323 |
chore(deps): update actions/checkout action to v6 (#396)
Some checks failed
Release / Tag release (push) Successful in 8s
Release / Create Release (push) Successful in 2s
Release / Publish Docker Images (push) Successful in 1m19s
Release / Get Release ID (push) Successful in 1s
Release / Build Wheel File (push) Failing after 8s
Security / snyk (push) Successful in 29s
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | major | `v5.0.1` -> `v6.0.0` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.0`](https://github.com/actions/checkout/releases/tag/v6.0.0) [Compare Source](https://github.com/actions/checkout/compare/v5.0.1...v6.0.0) #### What's Changed - Update README to include Node.js 24 support details and requirements by [@​salmanmkc](https://github.com/salmanmkc) in [#​2248](https://github.com/actions/checkout/pull/2248) - Persist creds to a separate file by [@​ericsciple](https://github.com/ericsciple) in [#​2286](https://github.com/actions/checkout/pull/2286) - v6-beta by [@​ericsciple](https://github.com/ericsciple) in [#​2298](https://github.com/actions/checkout/pull/2298) - update readme/changelog for v6 by [@​ericsciple](https://github.com/ericsciple) in [#​2311](https://github.com/actions/checkout/pull/2311) **Full Changelog**: <https://github.com/actions/checkout/compare/v5.0.0...v6.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xOC4wIiwidXBkYXRlZEluVmVyIjoiNDIuMTguMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #396 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.11.0 |
|||
| 4469b7ebb1 |
feat(deps): lock file maintenance (#394)
All checks were successful
Security / snyk (push) Successful in 1m25s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xMS4wIiwidXBkYXRlZEluVmVyIjoiNDIuMTEuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #394 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 43ead425d8 |
chore(deps): update actions/checkout action to v5.0.1 (#395)
All checks were successful
Security / snyk (push) Successful in 35s
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | patch | `v5.0.0` -> `v5.0.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v5.0.1`](https://github.com/actions/checkout/releases/tag/v5.0.1) [Compare Source](https://github.com/actions/checkout/compare/v5.0.0...v5.0.1) #### What's Changed - Port v6 cleanup to v5 by [@​ericsciple](https://github.com/ericsciple) in [#​2301](https://github.com/actions/checkout/pull/2301) **Full Changelog**: <https://github.com/actions/checkout/compare/v5...v5.0.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xMi4xIiwidXBkYXRlZEluVmVyIjoiNDIuMTIuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #395 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| ca26704f34 |
feat(deps): lock file maintenance (#392)
Some checks failed
Release / Tag release (push) Successful in 12s
Release / Create Release (push) Successful in 1s
Release / Publish Docker Images (push) Successful in 1m4s
Release / Get Release ID (push) Successful in 2s
Release / Build Wheel File (push) Failing after 8s
Security / snyk (push) Successful in 29s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4yLjAiLCJ1cGRhdGVkSW5WZXIiOiI0Mi4yLjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInR5cGUvZGVwZW5kZW5jaWVzIl19--> Reviewed-on: #392 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.10.0 |
|||
| 3bd83e18c3 |
chore(deps): update dependency black to <25.11.1,>=25.11.0 (#393)
All checks were successful
Security / snyk (push) Successful in 29s
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [black](https://github.com/psf/black) ([changelog](https://github.com/psf/black/blob/main/CHANGES.md)) | `<25.9.1,>=25.9.0` -> `<25.11.1,>=25.11.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>psf/black (black)</summary> ### [`v25.11.0`](https://github.com/psf/black/blob/HEAD/CHANGES.md#25110) [Compare Source](https://github.com/psf/black/compare/25.9.0...25.11.0) ##### Highlights - Enable base 3.14 support ([#​4804](https://github.com/psf/black/issues/4804)) - Add support for the new Python 3.14 t-string syntax introduced by PEP 750 ([#​4805](https://github.com/psf/black/issues/4805)) ##### Stable style - Fix bug where comments between `# fmt: off` and `# fmt: on` were reformatted ([#​4811](https://github.com/psf/black/issues/4811)) - Comments containing fmt directives now preserve their exact formatting instead of being normalized ([#​4811](https://github.com/psf/black/issues/4811)) ##### Preview style - Move `multiline_string_handling` from `--unstable` to `--preview` ([#​4760](https://github.com/psf/black/issues/4760)) - Fix bug where module docstrings would be treated as normal strings if preceded by comments ([#​4764](https://github.com/psf/black/issues/4764)) - Fix bug where python 3.12 generics syntax split line happens weirdly ([#​4777](https://github.com/psf/black/issues/4777)) - Standardize type comments to form `# type: <value>` ([#​4645](https://github.com/psf/black/issues/4645)) - Fix `fix_fmt_skip_in_one_liners` preview feature to respect `# fmt: skip` for compound statements with semicolon-separated bodies ([#​4800](https://github.com/psf/black/issues/4800)) ##### Configuration - Add `no_cache` option to control caching behavior. ([#​4803](https://github.com/psf/black/issues/4803)) ##### Packaging - Releases now include arm64 Linux binaries ([#​4773](https://github.com/psf/black/issues/4773)) ##### Output - Write unchanged content to stdout when excluding formatting from stdin using pipes ([#​4610](https://github.com/psf/black/issues/4610)) ##### *Blackd* - Implemented BlackDClient. This simple python client allows to easily send formatting requests to blackd ([#​4774](https://github.com/psf/black/issues/4774)) ##### Integrations - Enable 3.14 base CI ([#​4804](https://github.com/psf/black/issues/4804)) - Enhance GitHub Action `psf/black` to support the `required-version` major-version-only "stability" format when using pyproject.toml ([#​4770](https://github.com/psf/black/issues/4770)) - Improve error message for vim plugin users. It now handles independently vim version - Vim: Warn on unsupported Vim and Python versions independently ([#​4772](https://github.com/psf/black/issues/4772)) - Vim: Print the import paths when importing black fails ([#​4675](https://github.com/psf/black/issues/4675)) - Vim: Fix handling of virtualenvs that have a different Python version ([#​4675](https://github.com/psf/black/issues/4675)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4yLjAiLCJ1cGRhdGVkSW5WZXIiOiI0Mi4yLjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInR5cGUvZGVwZW5kZW5jaWVzIl19--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/393 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 50dbaafb78 |
chore(deps): update dependency pytest to v9 (#391)
Some checks failed
Release / Tag release (push) Successful in 13s
Release / Create Release (push) Successful in 2s
Release / Get Release ID (push) Successful in 2s
Release / Publish Docker Images (push) Failing after 1m11s
Release / Build Wheel File (push) Failing after 13s
Security / snyk (push) Successful in 1m20s
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [pytest](https://github.com/pytest-dev/pytest) ([changelog](https://docs.pytest.org/en/stable/changelog.html)) | `<9.0.0,>=8.1.1` -> `<9.1.0,>=9.0.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>pytest-dev/pytest (pytest)</summary> ### [`v9.0.0`](https://github.com/pytest-dev/pytest/compare/8.4.2...9.0.0) [Compare Source](https://github.com/pytest-dev/pytest/compare/8.4.2...9.0.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4xLjMiLCJ1cGRhdGVkSW5WZXIiOiI0Mi4xLjMiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInR5cGUvZGVwZW5kZW5jaWVzIl19--> Reviewed-on: #391 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 3bd993f439 |
feat(deps): update https://git.tainton.uk/actions/conventional-commits-check-action action to v1.3.0 (#390)
Some checks failed
Release / Tag release (push) Successful in 9s
Release / Create Release (push) Successful in 4s
Release / Publish Docker Images (push) Successful in 1m26s
Release / Get Release ID (push) Successful in 2s
Release / Build Wheel File (push) Failing after 11s
Security / snyk (push) Successful in 1m32s
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [https://git.tainton.uk/actions/conventional-commits-check-action](https://git.tainton.uk/actions/conventional-commits-check-action) | action | minor | `v1.2.4` -> `v1.3.0` |
---
### Release Notes
<details>
<summary>actions/conventional-commits-check-action (https://git.tainton.uk/actions/conventional-commits-check-action)</summary>
### [`v1.3.0`](https://git.tainton.uk/actions/conventional-commits-check-action/releases/tag/v1.3.0)
[Compare Source](https://git.tainton.uk/actions/conventional-commits-check-action/compare/v1.2.4...v1.3.0)
##### Features
- **deps:** update conventional-pre-commit to 4.3.0 ([b6d1665](
v1.9.0
|
|||
| f2eb2bed82 |
Update renovate.json
All checks were successful
Security / snyk (push) Successful in 26s
|
|||
| e13b0de800 |
chore(deps): lock file maintenance (#389)
Some checks failed
Release / Tag release (push) Successful in 17s
Release / Create Release (push) Successful in 5s
Release / Get Release ID (push) Successful in 6s
Release / Publish Docker Images (push) Failing after 1m9s
Release / Build Wheel File (push) Failing after 10s
Security / snyk (push) Successful in 1m9s
This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNTIuOSIsInVwZGF0ZWRJblZlciI6IjQxLjE1Mi45IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: #389 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
|||
| 2240bdc031 |
chore(deps): update dependency python (#382)
Some checks failed
Release / Tag release (push) Successful in 8s
Release / Create Release (push) Successful in 1s
Release / Get Release ID (push) Successful in 2s
Release / Publish Docker Images (push) Successful in 1m15s
Release / Build Wheel File (push) Failing after 50s
Security / snyk (push) Successful in 1m1s
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [python](https://github.com/actions/python-versions) | uses-with | minor | `3.13` -> `3.14` | | python | final | minor | `3.13-slim` -> `3.14-slim` | --- ### Release Notes <details> <summary>actions/python-versions (python)</summary> ### [`v3.14.0`](https://github.com/actions/python-versions/releases/tag/3.14.0-18313368925): 3.14.0 [Compare Source](https://github.com/actions/python-versions/compare/3.13.8-18331000654...3.14.0-18313368925) Python 3.14.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzguNSIsInVwZGF0ZWRJblZlciI6IjQxLjE0MC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: #382 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>v1.8.16 |
|||
| 5249c54e1e |
fix(ci): Remove dependencies of dependencies (#388)
All checks were successful
Security / snyk (push) Successful in 2m2s
Reviewed-on: #388 |
|||
| 92714ee045 |
fix(deps): update dependency idna to v3.11 (#386)
All checks were successful
Security / snyk (push) Successful in 2m5s
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [idna](https://github.com/kjd/idna) ([changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)) | `==3.10` -> `==3.11` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>kjd/idna (idna)</summary> ### [`v3.11`](https://github.com/kjd/idna/compare/v3.10...v3.11) [Compare Source](https://github.com/kjd/idna/compare/v3.10...v3.11) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNDYuMCIsInVwZGF0ZWRJblZlciI6IjQxLjE0Ni4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: #386 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk> |
