chore(deps): bump the python-packages group with 2 updates

[dependabot]

Bumps the python-packages group with 2 updates: playwright and python-semantic-release.

Updates playwright from 1.44.0 to 1.45.0

Release notes

Sourced from playwright's releases.

v1.45.0

Clock

Utilizing the new Clock API allows to manipulate and control time within tests to verify time-related behavior. This API covers many common scenarios, including:

• testing with predefined time;
• keeping consistent time and timers;
• monitoring inactivity;
• ticking through time manually.

# Initialize clock with some time before the test time and let the page load
# naturally. `Date.now` will progress as the timers fire.
page.clock.install(time=datetime.datetime(2024, 2, 2, 8, 0, 0))
page.goto("http://localhost:3333")
Pretend that the user closed the laptop lid and opened it again at 10am.
Pause the time once reached that point.
page.clock.pause_at(datetime.datetime(2024, 2, 2, 10, 0, 0))
Assert the page state.
expect(page.get_by_test_id("current-time")).to_have_text("2/2/2024, 10:00:00 AM")
Close the laptop lid again and open it at 10:30am.
page.clock.fast_forward("30:00")
expect(page.get_by_test_id("current-time")).to_have_text("2/2/2024, 10:30:00 AM")

See the clock guide for more details.

Miscellaneous

• Method locator.setInputFiles() now supports uploading a directory for <input type=file webkitdirectory> elements.

  page.get_by_label("Upload directory").set_input_files('mydir')

• Multiple methods like locator.click() or locator.press() now support a ControlOrMeta modifier key. This key maps to Meta on macOS and maps to Control on Windows and Linux.

  # Press the common keyboard shortcut Control+S or Meta+S to trigger a "Save" operation.
  page.keyboard.press("ControlOrMeta+S")

• New property httpCredentials.send in apiRequest.newContext() that allows to either always send the Authorization header or only send it in response to 401 Unauthorized.
• Playwright now supports Chromium, Firefox and WebKit on Ubuntu 24.04.
• v1.45 is the last release to receive WebKit update for macOS 12 Monterey. Please update macOS to keep using the latest WebKit.

Browser Versions

• Chromium 127.0.6533.5
• Mozilla Firefox 127.0
• WebKit 17.4

This version was also tested against the following stable channels:

• Google Chrome 126

... (truncated)

Commits

• 90bf2e6 build(deps): bump mypy from 1.10.0 to 1.10.1 (#2479)
• ecb34e3 build(deps): bump types-requests from 2.32.0.20240602 to 2.32.0.20240622 (#2470)
• 8f9bcd1 chore(roll): roll to Playwright 1.45.1-beta-1719996498000 (#2474)
• d83dc6e fix(fetch): serialise empty array in 'data' as JSON (#2476)
• c6cc4c9 chore(roll): roll Playwright to 1.45.0-alpha-2024-06-14 (#2464)
• b331b8e devops: update conda-incubator/setup-miniconda to v3 (#2467)
• 3c46eec build(deps): bump flake8 from 7.0.0 to 7.1.0 (#2466)
• f8c8882 devops: run conda test builds on macos-13
• d46b729 build(deps): bump types-requests from 2.31.0.20240406 to 2.32.0.20240602 (#2459)
• 5213511 build(deps): bump requests from 2.32.0 to 2.32.3 (#2458)
• Additional commits viewable in compare view

Updates python-semantic-release from 9.8.3 to 9.8.5

Release notes

Sourced from python-semantic-release's releases.

v9.8.5 (2024-07-06)

Fixes

• Enable --print-last-released* when in detached head or non-release branch (#926)

• changelog: resolve commit ordering issue when dates are similar (bfda159)

• version-cmd: drop branch restriction for --print-last-released* opts (782c0a6)

Performance Improvements

• Improve git history processing for changelog generation (#972)

• changelog: improve git history parser changelog generation (bfda159)

Resolved Issues

• #900: Allow version --print-last-released outside of release branches

---

Detailed Changes: python-semantic-release/python-semantic-release@v9.8.4...v9.8.5

v9.8.4 (2024-07-04)

Fixes

• changelog-cmd: remove usage strings when error occured (348a51d)

• changelog-cmd: render default changelog when user template directory exist but is empty (bded8de)

• config: prevent path traversal manipulation of target changelog location (43e35d0, 3eb3dba)

• publish-cmd: prevent error when provided tag does not exist locally (16afbbb)

• publish-cmd: remove usage strings when error occurred (afbb187)

• version-cmd: remove usage strings when error occurred (a7c17c7)

Resolved Issues

• #810: Help string should not be output if PSR fails due to error

---

Detailed Changes: python-semantic-release/python-semantic-release@v9.8.3...v9.8.4

Changelog

Sourced from python-semantic-release's changelog.

v9.8.5 (2024-07-06)

Fix

• fix: enable --print-last-released* when in detached head or non-release branch (#926)

• test(version-cmd): add tests to print when detached or non-release branch

  ref: #900

• fix(version-cmd): drop branch restriction for --print-last-released* opts

  Resolves: #900 (782c0a6)

Performance

• perf: improve git history processing for changelog generation (#972)

• perf(changelog): improve git history parser changelog generation

  This converts the double for-loop (O(n^2)) down to O(n) using a lookup table to match the current commit with a known tag rather than iterating through all the tags of the repository every time.

• fix(changelog): resolve commit ordering issue when dates are similar (bfda159)

v9.8.4 (2024-07-04)

Fix

• fix(changelog-cmd): remove usage strings when error occured

Resolves: #810 (348a51d)

• fix(publish-cmd): remove usage strings when error occured

Resolves: #810 (afbb187)

• fix(config): prevent path traversal manipulation of target changelog location (43e35d0)

• fix(version-cmd): remove usage strings when error occurred

Resolves: #810 (a7c17c7)

• fix(publish-cmd): prevent error when provided tag does not exist locally (16afbbb)

• fix(config): prevent path traversal manipulation of target changelog location (3eb3dba)

• fix(changelog-cmd): render default changelog when user template directory exist but is empty (bded8de)

Commits

• 3ba5346 9.8.5
• 782c0a6 fix: enable --print-last-released* when in detached head or non-release bra...
• bfda159 perf: improve git history processing for changelog generation (#972)
• e02a9bd 9.8.4
• 7342484 style: beautify 348a51db8a837d951966aff3789aa0c93d473829
• 348a51d fix(changelog-cmd): remove usage strings when error occured
• afbb187 fix(publish-cmd): remove usage strings when error occured
• c841eee test(cli): refactor for better performance & accuracy
• 43e35d0 fix(config): prevent path traversal manipulation of target changelog location
• be4919c test(changelog): add tests to exercise path traversal attack prevention
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Your image	nicconike/steam-stats:latest
Current base image	mcr.microsoft.com/playwright/python:v1.44.0-jammy

[github-actions]

🔍 Vulnerabilities of nicconike/steam-stats:latest

📦 Image Reference nicconike/steam-stats:latest

digest	sha256:66caac4d52d232d0adffe1a9928a63281a0bc38f8d34a1f879fe74debecfa830
vulnerabilities
size	818 MB
packages	560

📦 Base Image ubuntu:22.04

also known as	jammy jammy-20240427
digest	sha256:2af372c1e2645779643284c7dc38775e3dbbc417b2d784a27c5a9eb784014fb8
vulnerabilities

openssh-client 1:8.9p1-3ubuntu0.7 (deb) pkg:deb/ubuntu/openssh-client@1:8.9p1-3ubuntu0.7?arch=amd64&upstream=openssh&distro=ubuntu-22.04 # Dockerfile (11:11) RUN useradd -ms /bin/bash steam-stats Affected range <1:8.9p1-3ubuntu0.10 Fixed version 1:8.9p1-3ubuntu0.10 CVSS Score 8.1 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H EPSS Score 12.45% EPSS Percentile 95th percentile Description A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.