Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

patchback/backports/3.11/1d170d37f476df705a9dcc3588e192e8ccb871c0/pr 7731 #9005

Closed
wants to merge 99 commits into from
Closed

patchback/backports/3.11/1d170d37f476df705a9dcc3588e192e8ccb871c0/pr 7731 #9005

wants to merge 99 commits into from

Conversation

booniepepper
Copy link
Contributor

What do these changes do?

Are there changes in behavior for the user?

Is it a substantial burden for the maintainers to support this?

Related issue number

Checklist

  • I think the code is well written
  • Unit tests for the changes exist
  • Documentation reflects the changes
  • If you provide code modification, please add yourself to CONTRIBUTORS.txt
    • The format is <Name> <Surname>.
    • Please keep alphabetical order, the file is sorted by names.
  • Add a new news fragment into the CHANGES/ folder
    • name it <issue_or_pr_num>.<type>.rst (e.g. 588.bugfix.rst)

    • if you don't have an issue number, change it to the pull request
      number after creating the PR

      • .bugfix: A bug fix for something the maintainers deemed an
        improper undesired behavior that got corrected to match
        pre-agreed expectations.
      • .feature: A new behavior, public APIs. That sort of stuff.
      • .deprecation: A declaration of future API removals and breaking
        changes in behavior.
      • .breaking: When something public is removed in a breaking way.
        Could be deprecated in an earlier release.
      • .doc: Notable updates to the documentation structure or build
        process.
      • .packaging: Notes for downstreams about unobvious side effects
        and tooling. Changes in the test invocation considerations and
        runtime assumptions.
      • .contrib: Stuff that affects the contributor experience. e.g.
        Running tests, building the docs, setting up the development
        environment.
      • .misc: Changes that are hard to assign to any of the above
        categories.
    • Make sure to use full sentences with correct case and punctuation,
      for example:

      Fixed issue with non-ascii contents in doctest text files
      -- by :user:`contributor-gh-handle`.

      Use the past tense or the present tense a non-imperative mood,
      referring to what's changed compared to the last released version
      of this project.

patchback bot and others added 30 commits August 19, 2024 22:04
…Dependabot (#8757)

**This is a backport of PR #8755 as merged into master
(d50f275).**

Co-authored-by: Sam Bull <git@sambull.org>
Bumps
[sphinxcontrib-applehelp](https://github.com/sphinx-doc/sphinxcontrib-applehelp)
from 1.0.2 to 1.0.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/blob/master/CHANGES.rst">sphinxcontrib-applehelp's
changelog</a>.</em></p>
<blockquote>
<h1>Release 1.0.4 (2023-01-21)</h1>
<ul>
<li>Fix package name</li>
</ul>
<h1>Release 1.0.3 (2023-01-08)</h1>
<ul>
<li>Drop Python 3.7 and lower</li>
<li>Fix deprecation warnings from Sphinx 6.1</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/0af552585aed2193185577c4726c370fb0e11892"><code>0af5525</code></a>
Bump 1.0.4 final</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/11b0c9e58949fcf18e8c2273133a01d901a596e7"><code>11b0c9e</code></a>
Switch back to <code>setuptools</code></li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/5657fa041f6bae5e10260adcfa278f8236736bdf"><code>5657fa0</code></a>
Bump version</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/dcf26a5b9914d05e2a27eed341b44fae7aa1bf31"><code>dcf26a5</code></a>
Bump 1.0.3 final</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/5556fda893a9cea5b65d1aa7551db832f9e04ad6"><code>5556fda</code></a>
Add newer Python versions to trove classifiers</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/a129a3065d31ac0dd02636a11d734cc2163312a6"><code>a129a30</code></a>
Satisfy MyPy</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/1fb2a0ddaebcb6d5eb31846e7a17687903d10e3f"><code>1fb2a0d</code></a>
Update Tox commands</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/5e6876ea36f389e3a929799f40643dc6a7f42c83"><code>5e6876e</code></a>
Update Tox environment list</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/8ead5e941c6fae3e6a740578bf91d777b244b331"><code>8ead5e9</code></a>
Merge branch 'pyproject'</li>
<li><a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/a5f90db8409fc20dd0b24830ba51827ddd5a4b37"><code>a5f90db</code></a>
Move tool configuration to individual files</li>
<li>Additional commits viewable in <a
href="https://github.com/sphinx-doc/sphinxcontrib-applehelp/compare/1.0.2...1.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sphinxcontrib-applehelp&package-manager=pip&previous-version=1.0.2&new-version=1.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [cfgv](https://github.com/asottile/cfgv) from 3.3.1 to 3.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/asottile/cfgv/commit/44cc7353ad4238cee1fc2eb2f0aa07b78f0cbe27"><code>44cc735</code></a>
v3.4.0</li>
<li><a
href="https://github.com/asottile/cfgv/commit/53641d074ab8294d36000509c2ffbe761f41abfa"><code>53641d0</code></a>
Merge pull request <a
href="https://redirect.github.com/asottile/cfgv/issues/122">#122</a>
from asottile/custom-display-name</li>
<li><a
href="https://github.com/asottile/cfgv/commit/a9dbeca6fac21e1c38c03a1f67b01873a72de7f8"><code>a9dbeca</code></a>
add a custom display name for loading from a file</li>
<li><a
href="https://github.com/asottile/cfgv/commit/a05f8f2d1842072775bea0d6d92a509102b01ad9"><code>a05f8f2</code></a>
Merge pull request <a
href="https://redirect.github.com/asottile/cfgv/issues/121">#121</a>
from asottile/pre-commit-ci-update-config</li>
<li><a
href="https://github.com/asottile/cfgv/commit/38a74b3ca766a1721f7e049c05a807f48cbec51b"><code>38a74b3</code></a>
[pre-commit.ci] pre-commit autoupdate</li>
<li><a
href="https://github.com/asottile/cfgv/commit/9a0589fa8d22eeafac10a0aa2ecfc97e0f3ae460"><code>9a0589f</code></a>
Merge pull request <a
href="https://redirect.github.com/asottile/cfgv/issues/120">#120</a>
from asottile/pre-commit-ci-update-config</li>
<li><a
href="https://github.com/asottile/cfgv/commit/1cd03ccb9365f2f77db54a8320d5bceb40a82d3b"><code>1cd03cc</code></a>
[pre-commit.ci] pre-commit autoupdate</li>
<li><a
href="https://github.com/asottile/cfgv/commit/285c4bcaab8ea312a8d74abed90c83457dadaecf"><code>285c4bc</code></a>
Merge pull request <a
href="https://redirect.github.com/asottile/cfgv/issues/119">#119</a>
from asottile/pre-commit-ci-update-config</li>
<li><a
href="https://github.com/asottile/cfgv/commit/4cc61b20060c53db520f51f5079823a25e70c7ff"><code>4cc61b2</code></a>
[pre-commit.ci] pre-commit autoupdate</li>
<li><a
href="https://github.com/asottile/cfgv/commit/26255c643f625e380d49dd8d24a1039a0cb4a264"><code>26255c6</code></a>
Merge pull request <a
href="https://redirect.github.com/asottile/cfgv/issues/118">#118</a>
from asottile/all-repos_autofix_py38-plus</li>
<li>Additional commits viewable in <a
href="https://github.com/asottile/cfgv/compare/v3.3.1...v3.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cfgv&package-manager=pip&previous-version=3.3.1&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pygments](https://github.com/pygments/pygments) from 2.15.1 to
2.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pygments/pygments/releases">pygments's
releases</a>.</em></p>
<blockquote>
<h2>2.18.0</h2>
<ul>
<li>
<p>New lexers:</p>
<ul>
<li>Janet (<a
href="https://redirect.github.com/pygments/pygments/issues/2557">#2557</a>)</li>
<li>Lean 4 (<a
href="https://redirect.github.com/pygments/pygments/issues/2618">#2618</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2626">#2626</a>)</li>
<li>Luau (<a
href="https://redirect.github.com/pygments/pygments/issues/2605">#2605</a>)</li>
<li>Mojo (<a
href="https://redirect.github.com/pygments/pygments/issues/2691">#2691</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2515">#2515</a>)</li>
<li>org-mode (<a
href="https://redirect.github.com/pygments/pygments/issues/2628">#2628</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2636">#2636</a>)</li>
<li>Promela (<a
href="https://redirect.github.com/pygments/pygments/issues/2620">#2620</a>)</li>
<li>Soong / <code>Android.bp</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2659">#2659</a>)</li>
<li>Tact (<a
href="https://redirect.github.com/pygments/pygments/issues/2571">#2571</a>)</li>
<li>Typst (<a
href="https://redirect.github.com/pygments/pygments/issues/2596">#2596</a>)</li>
</ul>
</li>
<li>
<p>Updated lexers:</p>
<ul>
<li>Awk: recognize ternary operator (<a
href="https://redirect.github.com/pygments/pygments/issues/2687">#2687</a>)</li>
<li>Bash: add <code>openrc</code> alias (<a
href="https://redirect.github.com/pygments/pygments/issues/2599">#2599</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2371">#2371</a>)</li>
<li>Coq: add keywords, lex more vernacular command arguments, produce
fewer tokens on heading comments (<a
href="https://redirect.github.com/pygments/pygments/issues/2678">#2678</a>)</li>
<li>DNS zone files: Fix comment parsing (<a
href="https://redirect.github.com/pygments/pygments/issues/2595">#2595</a>)</li>
<li>Hy: Support unicode literals (<a
href="https://redirect.github.com/pygments/pygments/issues/1126">#1126</a>)</li>
<li>Inform6: Update to Inform 6.42 (<a
href="https://redirect.github.com/pygments/pygments/issues/2644">#2644</a>)</li>
<li>lean: Fix name handling (<a
href="https://redirect.github.com/pygments/pygments/issues/2614">#2614</a>)</li>
<li>Logtalk: add <code>uninstantiation</code> keyword and recognize
escape sequences (<a
href="https://redirect.github.com/pygments/pygments/issues/2619">#2619</a>)</li>
<li>Macaulay2: Update to 1.23 (<a
href="https://redirect.github.com/pygments/pygments/issues/2655">#2655</a>)</li>
<li>Python: fix highlighting of soft keywords before
<code>None</code>/<code>True</code>/<code>False</code></li>
<li>reStructuredText: use <code>Token.Comment</code> for comments
instead of
<code>Comment.Preproc</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2598">#2598</a>)</li>
<li>Rust: highlight <code>:</code>, <code>::</code> and
<code>-&gt;</code> as <code>Punctuation</code>
and whitespace as <code>Whitespace</code>, instead of <code>Text</code>
in both cases (<a
href="https://redirect.github.com/pygments/pygments/issues/2631">#2631</a>)</li>
<li>Spice: Add keywords (<a
href="https://redirect.github.com/pygments/pygments/issues/2621">#2621</a>)</li>
<li>SQL Explain: allow negative numbers (<a
href="https://redirect.github.com/pygments/pygments/issues/2610">#2610</a>)</li>
<li>Swift: Support multiline strings (<a
href="https://redirect.github.com/pygments/pygments/issues/2681">#2681</a>)</li>
<li>ThingsDB: add constants and new functions; support template
strings (<a
href="https://redirect.github.com/pygments/pygments/issues/2624">#2624</a>)</li>
<li>UL4: support nested <code>&lt;?doc?&gt;</code> and
<code>&lt;?note?&gt;</code> tags (<a
href="https://redirect.github.com/pygments/pygments/issues/2597">#2597</a>)</li>
<li>VHDL: support multi-line comments of VHDL-2008 (<a
href="https://redirect.github.com/pygments/pygments/issues/2622">#2622</a>)</li>
<li>Wikitext: Remove <code>kk-*</code> in <code>variant_langs</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2647">#2647</a>)</li>
<li>Xtend: Add <code>val</code> and <code>var</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2602">#2602</a>)</li>
</ul>
</li>
<li>
<p>New styles:</p>
<ul>
<li>Coffee (<a
href="https://redirect.github.com/pygments/pygments/issues/2609">#2609</a>)</li>
</ul>
</li>
<li>
<p>Make background colors in the image formatter work with Pillow 10.0
(<a
href="https://redirect.github.com/pygments/pygments/issues/2623">#2623</a>)</p>
</li>
<li>
<p>Require Python 3.8. As a result, the <code>importlib-metadata</code>
package
is no longer needed for fast plugin discovery on Python 3.7.
The <code>plugins</code> extra (used as, e.g., <code>pip install
pygments[plugins]</code>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pygments/pygments/blob/master/CHANGES">pygments's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.18.0</h2>
<p>(released May 4th, 2024)</p>
<ul>
<li>
<p>New lexers:</p>
<ul>
<li>Janet (<a
href="https://redirect.github.com/pygments/pygments/issues/2557">#2557</a>)</li>
<li>Lean 4 (<a
href="https://redirect.github.com/pygments/pygments/issues/2618">#2618</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2626">#2626</a>)</li>
<li>Luau (<a
href="https://redirect.github.com/pygments/pygments/issues/2605">#2605</a>)</li>
<li>Mojo (<a
href="https://redirect.github.com/pygments/pygments/issues/2691">#2691</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2515">#2515</a>)</li>
<li>org-mode (<a
href="https://redirect.github.com/pygments/pygments/issues/2628">#2628</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2636">#2636</a>)</li>
<li>Promela (<a
href="https://redirect.github.com/pygments/pygments/issues/2620">#2620</a>)</li>
<li>Soong / <code>Android.bp</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2659">#2659</a>)</li>
<li>Tact (<a
href="https://redirect.github.com/pygments/pygments/issues/2571">#2571</a>)</li>
<li>Typst (<a
href="https://redirect.github.com/pygments/pygments/issues/2596">#2596</a>)</li>
</ul>
</li>
<li>
<p>Updated lexers:</p>
<ul>
<li>Awk: recognize ternary operator (<a
href="https://redirect.github.com/pygments/pygments/issues/2687">#2687</a>)</li>
<li>Bash: add <code>openrc</code> alias (<a
href="https://redirect.github.com/pygments/pygments/issues/2599">#2599</a>,
<a
href="https://redirect.github.com/pygments/pygments/issues/2371">#2371</a>)</li>
<li>Coq: add keywords, lex more vernacular command arguments, produce
fewer tokens on heading comments (<a
href="https://redirect.github.com/pygments/pygments/issues/2678">#2678</a>)</li>
<li>DNS zone files: Fix comment parsing (<a
href="https://redirect.github.com/pygments/pygments/issues/2595">#2595</a>)</li>
<li>Hy: Support unicode literals (<a
href="https://redirect.github.com/pygments/pygments/issues/1126">#1126</a>)</li>
<li>Inform6: Update to Inform 6.42 (<a
href="https://redirect.github.com/pygments/pygments/issues/2644">#2644</a>)</li>
<li>lean: Fix name handling (<a
href="https://redirect.github.com/pygments/pygments/issues/2614">#2614</a>)</li>
<li>Logtalk: add <code>uninstantiation</code> keyword and recognize
escape sequences (<a
href="https://redirect.github.com/pygments/pygments/issues/2619">#2619</a>)</li>
<li>Macaulay2: Update to 1.23 (<a
href="https://redirect.github.com/pygments/pygments/issues/2655">#2655</a>)</li>
<li>Python: fix highlighting of soft keywords before
<code>None</code>/<code>True</code>/<code>False</code></li>
<li>reStructuredText: use <code>Token.Comment</code> for comments
instead of
<code>Comment.Preproc</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2598">#2598</a>)</li>
<li>Rust: highlight <code>:</code>, <code>::</code> and
<code>-&gt;</code> as <code>Punctuation</code>
and whitespace as <code>Whitespace</code>, instead of <code>Text</code>
in both cases (<a
href="https://redirect.github.com/pygments/pygments/issues/2631">#2631</a>)</li>
<li>Spice: Add keywords (<a
href="https://redirect.github.com/pygments/pygments/issues/2621">#2621</a>)</li>
<li>SQL Explain: allow negative numbers (<a
href="https://redirect.github.com/pygments/pygments/issues/2610">#2610</a>)</li>
<li>Swift: Support multiline strings (<a
href="https://redirect.github.com/pygments/pygments/issues/2681">#2681</a>)</li>
<li>ThingsDB: add constants and new functions; support template
strings (<a
href="https://redirect.github.com/pygments/pygments/issues/2624">#2624</a>)</li>
<li>UL4: support nested <code>&lt;?doc?&gt;</code> and
<code>&lt;?note?&gt;</code> tags (<a
href="https://redirect.github.com/pygments/pygments/issues/2597">#2597</a>)</li>
<li>VHDL: support multi-line comments of VHDL-2008 (<a
href="https://redirect.github.com/pygments/pygments/issues/2622">#2622</a>)</li>
<li>Wikitext: Remove <code>kk-*</code> in <code>variant_langs</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2647">#2647</a>)</li>
<li>Xtend: Add <code>val</code> and <code>var</code> (<a
href="https://redirect.github.com/pygments/pygments/issues/2602">#2602</a>)</li>
</ul>
</li>
<li>
<p>New styles:</p>
<ul>
<li>Coffee (<a
href="https://redirect.github.com/pygments/pygments/issues/2609">#2609</a>)</li>
</ul>
</li>
<li>
<p>Make background colors in the image formatter work with Pillow 10.0
(<a
href="https://redirect.github.com/pygments/pygments/issues/2623">#2623</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pygments/pygments/commit/d7d11f6e6d3aa97805215c1cc833ea5f0ef1fcbb"><code>d7d11f6</code></a>
Last steps for 2.18 release.</li>
<li><a
href="https://github.com/pygments/pygments/commit/ec7bfd2cc91a1bb2a7200b27c2c553309d689839"><code>ec7bfd2</code></a>
Fix Janet version_added.</li>
<li><a
href="https://github.com/pygments/pygments/commit/ea9c8232b4edfdc7193f25f1253040e77342f878"><code>ea9c823</code></a>
Update CHANGES.</li>
<li><a
href="https://github.com/pygments/pygments/commit/338d36665371cd9e4193b59a267d4f576d8eb05d"><code>338d366</code></a>
Merge pull request <a
href="https://redirect.github.com/pygments/pygments/issues/2670">#2670</a>
from Kodiologist/hylex</li>
<li><a
href="https://github.com/pygments/pygments/commit/4d1371b30af2de7c6a74af6ef64673b657dfe3ea"><code>4d1371b</code></a>
Lock down the pytest version.</li>
<li><a
href="https://github.com/pygments/pygments/commit/8dd97e04d47437581ca2fcb19a94aeb5cbd1dba2"><code>8dd97e0</code></a>
Improve docs.</li>
<li><a
href="https://github.com/pygments/pygments/commit/26179d66122f2afacdc115071ce344af1984a55c"><code>26179d6</code></a>
Fix deprecated variable usage in tests.</li>
<li><a
href="https://github.com/pygments/pygments/commit/ad125ca614097b5b02c4603bdbe63ec79b791473"><code>ad125ca</code></a>
Prepare 2.18 release.</li>
<li><a
href="https://github.com/pygments/pygments/commit/24deeb9cae597db4d22496b0c2cc9e82d3e8a689"><code>24deeb9</code></a>
Lock the ruff version in tox.ini.</li>
<li><a
href="https://github.com/pygments/pygments/commit/c9165cf7fb18f01066222ec7d063e5e5975f2a69"><code>c9165cf</code></a>
Fix format string usage.</li>
<li>Additional commits viewable in <a
href="https://github.com/pygments/pygments/compare/2.15.1...2.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pygments&package-manager=pip&previous-version=2.15.1&new-version=2.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[backports-entry-points-selectable](https://github.com/jaraco/backports.entry_points_selectable)
from 1.1.1 to 1.3.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jaraco/backports.entry_points_selectable/blob/main/NEWS.rst">backports-entry-points-selectable's
changelog</a>.</em></p>
<blockquote>
<h1>v1.3.0</h1>
<h2>Features</h2>
<ul>
<li>Require Python 3.8 or later.</li>
</ul>
<h1>v1.2.0</h1>
<p>Refreshed packaging.</p>
<p>Require Python 3.7 or later.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/27a788feb0b51d89dd405d2d80cf3e0dac19bbf0"><code>27a788f</code></a>
Finalize</li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/b15df87577cab060a02667767bcc96b2dfd5b91a"><code>b15df87</code></a>
Prefer imperative voice</li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/dfddd1dd797e5bc82a1eeef2f452cdc7e21f34c1"><code>dfddd1d</code></a>
Merge <a
href="https://github.com/jaraco/skeleton">https://github.com/jaraco/skeleton</a></li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/5732ebeeaa9480f8cd80c96a3183d7b247f27214"><code>5732ebe</code></a><code>jaraco/skeleton#95</code></li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/75d9cc1b7cb6f84e7a16a83ec3abb9a478fdb130"><code>75d9cc1</code></a><code>jaraco/skeleton#94</code></li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/03f03e7802b0842b41f70b2b1c17ab26551a7533"><code>03f03e7</code></a>
Limit sphinxlint jobs to 1. Workaround for <a
href="https://redirect.github.com/sphinx-contrib/sphinx-lint/issues/83">sphinx-contrib/sphinx-lint#83</a>.</li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/d8e796e4e3517b678281964b23a74ffb92be4489"><code>d8e796e</code></a>
Merge <a
href="https://github.com/jaraco/skeleton">https://github.com/jaraco/skeleton</a></li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/ca1831c2148fe5ddbffd001de76ff5f6005f812c"><code>ca1831c</code></a>
Prefer <code>pass_env</code> in tox config. Preferred failure mode for
<a
href="https://redirect.github.com/tox-dev/tox/issues/312">tox-dev/tox#312</a>...</li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/928e9a86d61d3a660948bcba7689f90216cc8243"><code>928e9a8</code></a>
Add FORCE_COLOR to the TOX_OVERRIDE for GHA. Requires tox 4.11.1. Closes
jara...</li>
<li><a
href="https://github.com/jaraco/backports.entry_points_selectable/commit/a6256e2935468b72a61aa7fda1e036faef3bfb3d"><code>a6256e2</code></a>
Add descriptions to the tox environments. Closes <a
href="https://redirect.github.com/jaraco/skeleton/issues/91">jaraco/skeleton#91</a>.</li>
<li>Additional commits viewable in <a
href="https://github.com/jaraco/backports.entry_points_selectable/compare/v1.1.1...v1.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=backports-entry-points-selectable&package-manager=pip&previous-version=1.1.1&new-version=1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tqdm](https://github.com/tqdm/tqdm) from 4.62.3 to 4.66.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tqdm/tqdm/releases">tqdm's
releases</a>.</em></p>
<blockquote>
<h2>tqdm v4.66.5 stable</h2>
<ul>
<li>support <code>ncols</code> auto-detection on FreeBSD (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1602">#1602</a> &lt;-
<a
href="https://redirect.github.com/casperdcl/git-fame/issues/98">casperdcl/git-fame#98</a>)</li>
<li>fix Python 3.13 CLI (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1594">#1594</a> &lt;-
<a
href="https://redirect.github.com/tqdm/tqdm/issues/1585">#1585</a>)</li>
<li>fix Python 3.13 tests (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1595">#1595</a> &lt;-
<a
href="https://redirect.github.com/python/cpython/issues/117536#issuecomment-2036883124">python/cpython#117536</a>)</li>
<li>misc framework updates (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1602">#1602</a>)
<ul>
<li>add official Python 3.12 support</li>
<li>bump deps (<a
href="https://redirect.github.com/NiklasRosenstein/pydoc-markdown/issues/329">NiklasRosenstein/pydoc-markdown#329</a>,
<a
href="https://redirect.github.com/tikitu/jsmin/pull/44">tikitu/jsmin#44</a>)</li>
</ul>
</li>
</ul>
<h2>tqdm v4.66.4 stable</h2>
<ul>
<li><code>rich</code>: fix completion (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1395">#1395</a> &lt;-
<a
href="https://redirect.github.com/tqdm/tqdm/issues/1306">#1306</a>)</li>
<li>minor framework updates &amp; code tidy (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1578">#1578</a>)</li>
</ul>
<h2>tqdm v4.66.3 stable</h2>
<ul>
<li><code>cli</code>: <code>eval</code> safety (fixes CVE-2024-34062,
GHSA-g7vv-2v7x-gj9p)</li>
</ul>
<h2>tqdm v4.66.2 stable</h2>
<ul>
<li><code>pandas</code>: add <code>DataFrame.progress_map</code> (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1549">#1549</a>)</li>
<li><code>notebook</code>: fix HTML padding (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1506">#1506</a>)</li>
<li><code>keras</code>: fix resuming training when
<code>verbose&gt;=2</code> (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1508">#1508</a>)</li>
<li>fix <code>format_num</code> negative fractions missing leading zero
(<a
href="https://redirect.github.com/tqdm/tqdm/issues/1548">#1548</a>)</li>
<li>fix Python 3.12 <code>DeprecationWarning</code> on
<code>import</code> (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1519">#1519</a>)</li>
<li>linting: use f-strings (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1549">#1549</a>)</li>
<li>update tests (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1549">#1549</a>)
<ul>
<li>fix <code>pandas</code> warnings</li>
<li>fix <code>asv</code> (<a
href="https://redirect.github.com/airspeed-velocity/asv/issues/1323">airspeed-velocity/asv#1323</a>)</li>
<li>fix macos <code>notebook</code> docstring indentation</li>
</ul>
</li>
<li>CI: bump actions (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1549">#1549</a>)</li>
</ul>
<h2>tqdm v4.66.1 stable</h2>
<ul>
<li>fix <code>utils.envwrap</code> types (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1493">#1493</a> &lt;-
<a href="https://redirect.github.com/tqdm/tqdm/issues/1491">#1491</a>,
<a href="https://redirect.github.com/tqdm/tqdm/issues/1320">#1320</a>
&lt;- <a
href="https://redirect.github.com/tqdm/tqdm/issues/966">#966</a>, <a
href="https://redirect.github.com/tqdm/tqdm/issues/1319">#1319</a>)
<ul>
<li>e.g. cloudwatch &amp; kubernetes workaround: <code>export
TQDM_POSITION=-1</code></li>
</ul>
</li>
<li>drop mentions of unsupported Python versions</li>
</ul>
<h2>tqdm v4.66.0 stable</h2>
<ul>
<li>environment variables to override defaults (<code>TQDM_*</code>) (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1491">#1491</a> &lt;-
<a href="https://redirect.github.com/tqdm/tqdm/issues/1061">#1061</a>,
<a href="https://redirect.github.com/tqdm/tqdm/issues/950">#950</a>
&lt;- <a
href="https://redirect.github.com/tqdm/tqdm/issues/614">#614</a>, <a
href="https://redirect.github.com/tqdm/tqdm/issues/1318">#1318</a>, <a
href="https://redirect.github.com/tqdm/tqdm/issues/619">#619</a>, <a
href="https://redirect.github.com/tqdm/tqdm/issues/612">#612</a>, <a
href="https://redirect.github.com/tqdm/tqdm/issues/370">#370</a>)
<ul>
<li>e.g. in CI jobs, <code>export TQDM_MININTERVAL=5</code> to avoid log
spam</li>
<li>add tests &amp; docs for <code>tqdm.utils.envwrap</code></li>
</ul>
</li>
<li>fix &amp; update CLI completion</li>
<li>fix &amp; update API docs</li>
<li>minor code tidy: replace <code>os.path</code> =&gt;
<code>pathlib.Path</code></li>
<li>fix docs image hosting</li>
<li>release with CI bot account again (<a
href="https://redirect.github.com/cli/cli/issues/6680">cli/cli#6680</a>)</li>
</ul>
<h2>tqdm v4.65.2 stable</h2>
<ul>
<li>exclude <code>examples</code> from distributed wheel (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1492">#1492</a>)</li>
</ul>
<h2>tqdm v4.65.1 stable</h2>
<ul>
<li>migrate <code>setup.{cfg,py}</code> =&gt;
<code>pyproject.toml</code> (<a
href="https://redirect.github.com/tqdm/tqdm/issues/1490">#1490</a>)
<ul>
<li>fix <code>asv</code> benchmarks</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tqdm/tqdm/commit/951a2ba8d8754b7385e6e8c08dae9045f73b1438"><code>951a2ba</code></a>
Merge pull request <a
href="https://redirect.github.com/tqdm/tqdm/issues/1595">#1595</a> from
hroncok/py3.13-await-aclose</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/2fbad6ad511e551efe868e70f61c876e0c467fd0"><code>2fbad6a</code></a>
Avoid Python 3.13+ RuntimeWarning: coroutine method 'aclose' of 'acount'
was ...</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/025434544eeda158e340d330391af9bc7278d5d9"><code>0254345</code></a>
Merge pull request <a
href="https://redirect.github.com/tqdm/tqdm/issues/1594">#1594</a> from
mgorny/py313-docstring</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/43230f6095a1ab5068481d543dc7ec3a60a3c08b"><code>43230f6</code></a>
slight lint</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/5ba65950bdca7e7a7520869df87f398cffbbe585"><code>5ba6595</code></a>
cli: Fix docstring processing with Python 3.13+</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/448946ae03ddafcbbb0f622bbad8f58dd12b2b58"><code>448946a</code></a>
Merge pull request <a
href="https://redirect.github.com/tqdm/tqdm/issues/1602">#1602</a> from
tqdm/devel</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/46cd3958045370f56f68faf6e12877c540419ec8"><code>46cd395</code></a>
add py3.12 support</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/d8ac65641ddfa87c3c6b1f729b3e89bb002fa600"><code>d8ac656</code></a>
ncols: support FreeBSD</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/4f662763e6b97c3288497e653d394681427694ac"><code>4f66276</code></a>
bump deps &amp; linters</li>
<li><a
href="https://github.com/tqdm/tqdm/commit/54796cc1519dceb9bd20edaf3e1664d4cdf125a7"><code>54796cc</code></a>
docs: bump versions</li>
<li>Additional commits viewable in <a
href="https://github.com/tqdm/tqdm/compare/v4.62.3...v4.66.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tqdm&package-manager=pip&previous-version=4.62.3&new-version=4.66.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [build](https://github.com/pypa/build) from 1.0.3 to 1.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/build/releases">build's
releases</a>.</em></p>
<blockquote>
<h2>Version 1.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Avoid error when terminal width is undetectable on Python &lt; 3.11
(PR <a
href="https://redirect.github.com/pypa/build/issues/761">#761</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/build/compare/1.2.0...1.2.1">https://github.com/pypa/build/compare/1.2.0...1.2.1</a></p>
<h2>Version 1.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>--installer</code> option, supporting <code>pip</code> and
<code>uv</code>. Added <code>uv</code> extra.
(PR <a
href="https://redirect.github.com/pypa/build/issues/751">#751</a>)</li>
<li>Improve console output and provide <code>-v</code> for dependency
installation
(PR <a
href="https://redirect.github.com/pypa/build/issues/749">#749</a>)</li>
<li>Avoid compiling unused bytecode when using <code>pip</code>
(PR <a
href="https://redirect.github.com/pypa/build/issues/752">#752</a>)</li>
<li>Dropped support for Python 3.7
(PR <a
href="https://redirect.github.com/pypa/build/issues/743">#743</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/build/compare/1.1.1...1.2.0">https://github.com/pypa/build/compare/1.1.1...1.2.0</a></p>
<h2>Version 1.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixed invoking outer pip from user site packages
(PR <a
href="https://redirect.github.com/pypa/build/issues/746">#746</a>, fixes
issue <a
href="https://redirect.github.com/pypa/build/issues/745">#745</a>)</li>
<li>Corrected the minimum pip version required to use an outer pip
(PR <a
href="https://redirect.github.com/pypa/build/issues/746">#746</a>, fixes
issue <a
href="https://redirect.github.com/pypa/build/issues/745">#745</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/build/compare/v1.1.0...1.1.1">https://github.com/pypa/build/compare/v1.1.0...1.1.1</a></p>
<h2>Version 1.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Use external pip if available instead of installing, speeds up
environment setup with virtualenv slightly and venv significantly. (PR
<a
href="https://redirect.github.com/pypa/build/issues/736">#736</a>)</li>
<li>Stopped injecting <code>wheel</code> as a build dependency
automatically, in the case of missing <code>pyproject.toml</code> -- by
<a href="https://github.com/webknjaz"><code>@​webknjaz</code></a>. (PR
<a
href="https://redirect.github.com/pypa/build/issues/716">#716</a>)</li>
<li>Use <code>importlib_metadata</code> on Python &lt;3.10.2 for
bugfixes not present in those CPython standard libraries (not required
when bootstrapping) -- by <a
href="https://github.com/GianlucaFicarelli"><code>@​GianlucaFicarelli</code></a>.
(PR <a
href="https://redirect.github.com/pypa/build/issues/693">#693</a>, fixes
issue <a
href="https://redirect.github.com/pypa/build/issues/692">#692</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/MichaReiser"><code>@​MichaReiser</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/build/pull/697">pypa/build#697</a></li>
<li><a
href="https://github.com/GianlucaFicarelli"><code>@​GianlucaFicarelli</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/build/pull/693">pypa/build#693</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/build/compare/1.0.3...v1.1.0">https://github.com/pypa/build/compare/1.0.3...v1.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/build/blob/main/CHANGELOG.rst">build's
changelog</a>.</em></p>
<blockquote>
<h1>1.2.1 (2024-03-28)</h1>
<ul>
<li>Avoid error when terminal width is undetectable on Python &lt; 3.11
(PR :pr:<code>761</code>)</li>
</ul>
<h1>1.2.0 (2024-03-27)</h1>
<ul>
<li>Add <code>--installer</code> option, supporting <code>pip</code> and
<code>uv</code>. Added <code>uv</code>
extra.
(PR :pr:<code>751</code>)</li>
<li>Improve console output and provide <code>-v</code> for dependency
installation
(PR :pr:<code>749</code>)</li>
<li>Avoid compiling unused bytecode when using <code>pip</code>
(PR :pr:<code>752</code>)</li>
<li>Dropped support for Python 3.7
(PR :pr:<code>743</code>)</li>
</ul>
<h1>1.1.1 (2024-02-29)</h1>
<ul>
<li>Fixed invoking outer pip from user site packages
(PR :pr:<code>746</code>, fixes issue :issue:<code>745</code>)</li>
<li>Corrected the minimum pip version required to use an outer pip
(PR :pr:<code>746</code>, fixes issue :issue:<code>745</code>)</li>
</ul>
<h1>1.1.0 (2024-02-29)</h1>
<ul>
<li>Use external pip if available instead of installing, speeds up
environment
setup with virtualenv slightly and venv significantly.
(PR :pr:<code>736</code>)</li>
<li>Stopped injecting <code>wheel</code> as a build dependency
automatically, in the
case of missing <code>pyproject.toml</code> -- by
:user:<code>webknjaz</code>.
(PR :pr:<code>716</code>)</li>
<li>Use <code>importlib_metadata</code> on Python &lt;3.10.2 for
bugfixes not present in
those CPython standard libraries (not required when bootstrapping) -- by
:user:<code>GianlucaFicarelli</code>.
(PR :pr:<code>693</code>, fixes issue :issue:<code>692</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/build/commit/1e67c062e9d1b1a6d5ffed621f4b29902bb764e5"><code>1e67c06</code></a>
chore: bump version number to 1.2.1</li>
<li><a
href="https://github.com/pypa/build/commit/e5072e3de2eb1baa4034247d345916f54f9e8e91"><code>e5072e3</code></a>
fix: support min width not detectable (<a
href="https://redirect.github.com/pypa/build/issues/761">#761</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/d5fb6fbecce164e01065b62b52ac4f270d09183d"><code>d5fb6fb</code></a>
chore: prepare for 1.2.0 (<a
href="https://redirect.github.com/pypa/build/issues/758">#758</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/1ae6eb177dc8b5282976e9c6796652616c20ff9d"><code>1ae6eb1</code></a>
pre-commit: bump repositories (<a
href="https://redirect.github.com/pypa/build/issues/757">#757</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/a1f005d840d51116e707b6f62c4abc25b57258de"><code>a1f005d</code></a>
pre-commit: bump repositories (<a
href="https://redirect.github.com/pypa/build/issues/756">#756</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/5076a56d90f34e227eb368d5dded1e3122e15115"><code>5076a56</code></a>
uv: support double verbosity flag</li>
<li><a
href="https://github.com/pypa/build/commit/566266918357bc032837ca273729a8ddfe2ac4a8"><code>5662669</code></a>
chore: bump mypy</li>
<li><a
href="https://github.com/pypa/build/commit/24c513d4c9402cdac1a1c46cc01597f011ba6645"><code>24c513d</code></a>
chore: reformat using Black 2024 style</li>
<li><a
href="https://github.com/pypa/build/commit/08cdb76c17b2599ebfc85dbfe33b33271a48f221"><code>08cdb76</code></a>
ruff: bump version and update config</li>
<li><a
href="https://github.com/pypa/build/commit/97ea57bb79e41f17d76023a4384cb7199f743060"><code>97ea57b</code></a>
perf: avoid compiling unused bytecode (<a
href="https://redirect.github.com/pypa/build/issues/752">#752</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/build/compare/1.0.3...1.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=build&package-manager=pip&previous-version=1.0.3&new-version=1.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pycares](https://github.com/saghul/pycares) from 4.3.0 to 4.4.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/saghul/pycares/commit/3d0f9cf2a015fb78617a0d5112d1c7828847d825"><code>3d0f9cf</code></a>
Bump version to 4.4.0</li>
<li><a
href="https://github.com/saghul/pycares/commit/bc7630f4c0f214c8b80de98ca5f9305e38af0bdc"><code>bc7630f</code></a>
Add support for 3.12, drop EOL 3.7</li>
<li><a
href="https://github.com/saghul/pycares/commit/86baf7598e4cf599ce3f88601bea155054c2282c"><code>86baf75</code></a>
Bump versions of used GitHub Actions</li>
<li><a
href="https://github.com/saghul/pycares/commit/d62a60c6abb20d8b16e1de287863659bc0163a3d"><code>d62a60c</code></a>
Bump GitHub Actions versions and fix warnings in the process</li>
<li>See full diff in <a
href="https://github.com/saghul/pycares/compare/pycares-4.3.0...v4.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pycares&package-manager=pip&previous-version=4.3.0&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [blockdiag](https://github.com/blockdiag/blockdiag) from 2.0.1 to
3.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/blockdiag/blockdiag/blob/master/CHANGES.rst">blockdiag's
changelog</a>.</em></p>
<blockquote>
<h2>3.0.0 (2021-12-06)</h2>
<ul>
<li>
<p>Drop python3.6 support</p>
</li>
<li>
<p>Use funcparserlib-1.0.0a0 or newer to support new python versions</p>
</li>
<li>
<p>Allow to write multiline string via triple quotes (&quot;&quot;&quot;
... &quot;&quot;&quot;)</p>
</li>
<li>
<p>Fix a bug</p>
<ul>
<li>Fix <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/147">#147</a>:
file existence disclosure using svg renderer</li>
</ul>
</li>
</ul>
<h2>2.0.0 (2020-02-01)</h2>
<ul>
<li>
<p>Fix a bug</p>
<ul>
<li>Fix <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/126">#126</a>:
'_io.BufferedRandom' object has no attribute 'buffer'</li>
</ul>
</li>
</ul>
<h2>2.0.0 (2020-01-26)</h2>
<ul>
<li>
<p>Drop python2 and python3.4 support</p>
</li>
<li>
<p>Fix a bug</p>
<ul>
<li>Fix <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/109">#109</a>
blockdiag does not work with recent pillow</li>
</ul>
</li>
</ul>
<h2>1.5.4 (2018-07-22)</h2>
<ul>
<li>
<p>Fix bug</p>
<ul>
<li>Fix <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/94">#94</a>
Python 3.7 compatibility</li>
</ul>
</li>
</ul>
<h2>1.5.3 (2015-07-30)</h2>
<ul>
<li>
<p>Fix bug</p>
<ul>
<li>Fix <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/67">#67</a>
Group overlaps with nodes having href</li>
</ul>
</li>
</ul>
<h2>1.5.2 (2015-05-17)</h2>
<ul>
<li>
<p>Fix dependency; webcolors-1.5 does not support py32</p>
</li>
<li>
<p>Fix bug</p>
<ul>
<li>Fix images.open() failed with PIL</li>
</ul>
</li>
</ul>
<h2>1.5.1 (2015-02-21)</h2>
<ul>
<li>
<p>Fix bug</p>
<ul>
<li>Fix labels are overwrapped on antialias mode</li>
</ul>
</li>
</ul>
<h2>1.5.0 (2015-01-01)</h2>
<ul>
<li>Refactor cleanup procedures</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/ce37f0c18dc7f88caab3d3b24aac4f3f066b793c"><code>ce37f0c</code></a>
Bump version</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/030da560763a4d0bec313552ecb2ba8cbd98dfc5"><code>030da56</code></a>
Merge pull request <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/158">#158</a>
from Mogztter/patch-1</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/8d48c48d365d0c2a45ab6671c9307b8cbcae8af8"><code>8d48c48</code></a>
Update badges</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/52b3023a212de232d30d2685e24fe570b2677c31"><code>52b3023</code></a>
Merge pull request <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/157">#157</a>
from blockdiag/link_action</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/5e6a686209bfd1373d4c0061f7737bf7ee8418a0"><code>5e6a686</code></a>
test: Add flake8 target to tox.ini</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/fdfde71eeb913bce207d6f17d41675e3d4c5db90"><code>fdfde71</code></a>
test: Do linting on custom action</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/93b542090acf9cde1aa3726fdf1824a9e412f568"><code>93b5420</code></a>
Merge pull request <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/156">#156</a>
from blockdiag/adjust_gha</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/4e9a67f3f39d05f50b88344d8f8203524bcb7c90"><code>4e9a67f</code></a>
Adjust GitHub Actions</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/7392df8a45b34bc7766e2b470bc26673c924f96c"><code>7392df8</code></a>
Merge pull request <a
href="https://redirect.github.com/blockdiag/blockdiag/issues/155">#155</a>
from blockdiag/fix_readme</li>
<li><a
href="https://github.com/blockdiag/blockdiag/commit/c23489868beda05e420f687b6cbe4b401aa30c9e"><code>c234898</code></a>
Fix README; python 3.7 or later</li>
<li>Additional commits viewable in <a
href="https://github.com/blockdiag/blockdiag/compare/2.0.1...3.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=blockdiag&package-manager=pip&previous-version=2.0.1&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [imagesize](https://github.com/shibukawa/imagesize_py) from 1.3.0
to 1.4.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/8d88ec6b646d6184b5633604551d6fc154783073"><code>8d88ec6</code></a>
add <strong>init</strong>.py</li>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/e9b1be1998304d05401df18a5366e5d4664571ad"><code>e9b1be1</code></a>
1.4.1: add <strong>version</strong> attribute</li>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/27427545c9a61b0fea55cf0d323d08c20b231150"><code>2742754</code></a>
bump version to 1.4.0</li>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/d0b4497dc168952850a70ca8529f95e7de3f36cd"><code>d0b4497</code></a>
Merge pull request <a
href="https://redirect.github.com/shibukawa/imagesize_py/issues/52">#52</a>
from ExtReMLapin/patch-1</li>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/e7c81aa290e6832754dc8eaa911d831a381135c7"><code>e7c81aa</code></a>
Update imagesize.py</li>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/013a0dd3d3be5d47befd1bddfc8f35bac77835c5"><code>013a0dd</code></a>
fixed support for VP8X</li>
<li><a
href="https://github.com/shibukawa/imagesize_py/commit/b214d05c3899816d7f1f908145461453a6719ad2"><code>b214d05</code></a>
added support for webp files</li>
<li>See full diff in <a
href="https://github.com/shibukawa/imagesize_py/compare/1.3.0...1.4.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=imagesize&package-manager=pip&previous-version=1.3.0&new-version=1.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.7 to
2.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/releases">urllib3's
releases</a>.</em></p>
<blockquote>
<h2>2.2.2</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added the <code>Proxy-Authorization</code> header to the list of
headers to strip from requests when redirecting to a different host. As
before, different headers can be set via
<code>Retry.remove_headers_on_redirect</code>.</li>
<li>Allowed passing negative integers as <code>amt</code> to read
methods of <code>http.client.HTTPResponse</code> as an alternative to
<code>None</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3122">#3122</a>)</li>
<li>Fixed return types representing copying actions to use
<code>typing.Self</code>. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3363">#3363</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2">https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2</a></p>
<h2>2.2.1</h2>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3331">#3331</a>)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3343">#3343</a>)</li>
<li>Changed <code>ProtocolError</code> to
<code>InvalidChunkLength</code> when response terminates before the
chunk length is sent. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2860">#2860</a>)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3261">#3261</a>)</li>
</ul>
<h2>2.2.0</h2>
<h2>🖥️ urllib3 now works in the browser</h2>
<p>:tada: <strong>This release adds experimental support for <a
href="https://urllib3.readthedocs.io/en/stable/reference/contrib/emscripten.html">using
urllib3 in the browser with Pyodide</a>!</strong> 🎉</p>
<p>Thanks to Joe Marshall (<a
href="https://github.com/joemarshall"><code>@​joemarshall</code></a>)
for contributing this feature. This change was possible thanks to work
done in urllib3 v2.0 to detach our API from <code>http.client</code>.
Please report all bugs to the <a
href="https://github.com/urllib3/urllib3/issues">urllib3 issue
tracker</a>.</p>
<h2>🚀 urllib3 is fundraising for HTTP/2 support</h2>
<p><a
href="https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support">urllib3
is raising ~$40,000 USD</a> to release HTTP/2 support and ensure
long-term sustainable maintenance of the project after a sharp decline
in financial support for 2023. If your company or organization uses
Python and would benefit from HTTP/2 support in Requests, pip, cloud
SDKs, and thousands of other projects <a
href="https://opencollective.com/urllib3">please consider contributing
financially</a> to ensure HTTP/2 support is developed sustainably and
maintained for the long-haul.</p>
<p>Thank you for your support.</p>
<h2>Changes</h2>
<ul>
<li>Added support for <a
href="https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html">Emscripten
and Pyodide</a>, including streaming support in cross-origin isolated
browser environments where threading is enabled. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2951">#2951</a>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3186">#3186</a>)</li>
<li>Added rudimentary support for HTTP/2. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3284">#3284</a>)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/2244">#2244</a>)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code> to be always set to a
boolean after connecting to a proxy. It could be <code>None</code> in
some cases previously. (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3130">#3130</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/urllib3/urllib3/blob/main/CHANGES.rst">urllib3's
changelog</a>.</em></p>
<blockquote>
<h1>2.2.2 (2024-06-17)</h1>
<ul>
<li>Added the <code>Proxy-Authorization</code> header to the list of
headers to strip from requests when redirecting to a different host. As
before, different headers can be set via
<code>Retry.remove_headers_on_redirect</code>.</li>
<li>Allowed passing negative integers as <code>amt</code> to read
methods of <code>http.client.HTTPResponse</code> as an alternative to
<code>None</code>.
(<code>[#3122](urllib3/urllib3#3122)
&lt;https://github.com/urllib3/urllib3/issues/3122&gt;</code>__)</li>
<li>Fixed return types representing copying actions to use
<code>typing.Self</code>.
(<code>[#3363](urllib3/urllib3#3363)
&lt;https://github.com/urllib3/urllib3/issues/3363&gt;</code>__)</li>
</ul>
<h1>2.2.1 (2024-02-16)</h1>
<ul>
<li>Fixed issue where <code>InsecureRequestWarning</code> was emitted
for HTTPS connections when using Emscripten.
(<code>[#3331](urllib3/urllib3#3331)
&lt;https://github.com/urllib3/urllib3/issues/3331&gt;</code>__)</li>
<li>Fixed <code>HTTPConnectionPool.urlopen</code> to stop automatically
casting non-proxy headers to <code>HTTPHeaderDict</code>. This change
was premature as it did not apply to proxy headers and
<code>HTTPHeaderDict</code> does not handle byte header values correctly
yet. (<code>[#3343](urllib3/urllib3#3343)
&lt;https://github.com/urllib3/urllib3/issues/3343&gt;</code>__)</li>
<li>Changed <code>InvalidChunkLength</code> to
<code>ProtocolError</code> when response terminates before the chunk
length is sent.
(<code>[#2860](urllib3/urllib3#2860)
&lt;https://github.com/urllib3/urllib3/issues/2860&gt;</code>__)</li>
<li>Changed <code>ProtocolError</code> to be more verbose on incomplete
reads with excess content.
(<code>[#3261](urllib3/urllib3#3261)
&lt;https://github.com/urllib3/urllib3/issues/3261&gt;</code>__)</li>
</ul>
<h1>2.2.0 (2024-01-30)</h1>
<ul>
<li>Added support for <code>Emscripten and Pyodide
&lt;https://urllib3.readthedocs.io/en/latest/reference/contrib/emscripten.html&gt;</code><strong>,
including streaming support in cross-origin isolated browser
environments where threading is enabled.
(<code>[#2951](urllib3/urllib3#2951)
&lt;https://github.com/urllib3/urllib3/issues/2951&gt;</code></strong>)</li>
<li>Added support for <code>HTTPResponse.read1()</code> method.
(<code>[#3186](urllib3/urllib3#3186)
&lt;https://github.com/urllib3/urllib3/issues/3186&gt;</code>__)</li>
<li>Added rudimentary support for HTTP/2.
(<code>[#3284](urllib3/urllib3#3284)
&lt;https://github.com/urllib3/urllib3/issues/3284&gt;</code>__)</li>
<li>Fixed issue where requests against urls with trailing dots were
failing due to SSL errors
when using proxy.
(<code>[#2244](urllib3/urllib3#2244)
&lt;https://github.com/urllib3/urllib3/issues/2244&gt;</code>__)</li>
<li>Fixed <code>HTTPConnection.proxy_is_verified</code> and
<code>HTTPSConnection.proxy_is_verified</code>
to be always set to a boolean after connecting to a proxy. It could be
<code>None</code> in some cases previously.
(<code>[#3130](urllib3/urllib3#3130)
&lt;https://github.com/urllib3/urllib3/issues/3130&gt;</code>__)</li>
<li>Fixed an issue where <code>headers</code> passed in a request with
<code>json=</code> would be mutated
(<code>[#3203](urllib3/urllib3#3203)
&lt;https://github.com/urllib3/urllib3/issues/3203&gt;</code>__)</li>
<li>Fixed <code>HTTPSConnection.is_verified</code> to be set to
<code>False</code> when connecting
from a HTTPS proxy to an HTTP target. It was set to <code>True</code>
previously.
(<code>[#3267](urllib3/urllib3#3267)
&lt;https://github.com/urllib3/urllib3/issues/3267&gt;</code>__)</li>
<li>Fixed handling of new error message from OpenSSL 3.2.0 when
configuring an HTTP proxy as HTTPS
(<code>[#3268](urllib3/urllib3#3268)
&lt;https://github.com/urllib3/urllib3/issues/3268&gt;</code>__)</li>
<li>Fixed TLS 1.3 post-handshake auth when the server certificate
validation is disabled
(<code>[#3325](urllib3/urllib3#3325)
&lt;https://github.com/urllib3/urllib3/issues/3325&gt;</code>__)</li>
<li>Note for downstream distributors: To run integration tests, you now
need to run the tests a second
time with the <code>--integration</code> pytest flag.
(<code>[#3181](urllib3/urllib3#3181)
&lt;https://github.com/urllib3/urllib3/issues/3181&gt;</code>__)</li>
</ul>
<h1>2.1.0 (2023-11-13)</h1>
<ul>
<li>Removed support for the deprecated urllib3[secure] extra.
(<code>[#2680](urllib3/urllib3#2680)
&lt;https://github.com/urllib3/urllib3/issues/2680&gt;</code>__)</li>
<li>Removed support for the deprecated SecureTransport TLS
implementation.
(<code>[#2681](urllib3/urllib3#2681)
&lt;https://github.com/urllib3/urllib3/issues/2681&gt;</code>__)</li>
<li>Removed support for the end-of-life Python 3.7.
(<code>[#3143](urllib3/urllib3#3143)
&lt;https://github.com/urllib3/urllib3/issues/3143&gt;</code>__)</li>
<li>Allowed loading CA certificates from memory for proxies.
(<code>[#3065](urllib3/urllib3#3065)
&lt;https://github.com/urllib3/urllib3/issues/3065&gt;</code>__)</li>
<li>Fixed decoding Gzip-encoded responses which specified
<code>x-gzip</code> content-encoding.
(<code>[#3174](urllib3/urllib3#3174)
&lt;https://github.com/urllib3/urllib3/issues/3174&gt;</code>__)</li>
</ul>
<h1>2.0.7 (2023-10-17)</h1>
<ul>
<li>Made body stripped from HTTP requests changing the request method to
GET after HTTP 303 &quot;See Other&quot; redirect responses.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/urllib3/urllib3/commit/27e2a5c5a7ab6a517252cc8dcef3ffa6ffb8f61a"><code>27e2a5c</code></a>
Release 2.2.2 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3406">#3406</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/accff72ecc2f6cf5a76d9570198a93ac7c90270e"><code>accff72</code></a>
Merge pull request from GHSA-34jh-p97f-mpxf</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/34be4a57e59eb7365bcc37d52e9f8271b5b8d0d3"><code>34be4a5</code></a>
Pin CFFI to a new release candidate instead of a Git commit (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3398">#3398</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/da410581b6b3df73da976b5ce5eb20a4bd030437"><code>da41058</code></a>
Bump browser-actions/setup-chrome from 1.6.0 to 1.7.1 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3399">#3399</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b07a669bd970d69847801148286b726f0570b625"><code>b07a669</code></a>
Bump github/codeql-action from 2.13.4 to 3.25.6 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3396">#3396</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b8589ec9f8c4da91511e601b632ac06af7e7c10e"><code>b8589ec</code></a>
Measure coverage with v4 of artifact actions (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3394">#3394</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/f3bdc5585111429e22c81b5fb26c3ec164d98b81"><code>f3bdc55</code></a>
Allow triggering CI manually (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3391">#3391</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/52392654b30183129cf3ec06010306f517d9c146"><code>5239265</code></a>
Fix HTTP version in debug log (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3316">#3316</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/b34619f94ece0c40e691a5aaf1304953d88089de"><code>b34619f</code></a>
Bump actions/checkout to 4.1.4 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3387">#3387</a>)</li>
<li><a
href="https://github.com/urllib3/urllib3/commit/9961d14de7c920091d42d42ed76d5d479b80064d"><code>9961d14</code></a>
Bump browser-actions/setup-chrome from 1.5.0 to 1.6.0 (<a
href="https://redirect.github.com/urllib3/urllib3/issues/3386">#3386</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/urllib3/urllib3/compare/1.26.7...2.2.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=urllib3&package-manager=pip&previous-version=1.26.7&new-version=2.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [snowballstemmer](https://github.com/snowballstem/snowball) from
2.1.0 to 2.2.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/snowballstem/snowball/blob/master/NEWS">snowballstemmer's
changelog</a>.</em></p>
<blockquote>
<h1>Snowball 2.2.0 (2021-11-10)</h1>
<h2>New Code Generators</h2>
<ul>
<li>Add Ada generator from Stephane Carrez (<a
href="https://redirect.github.com/snowballstem/snowball/issues/135">#135</a>).</li>
</ul>
<h2>Javascript</h2>
<ul>
<li>
<p>Fix generated code to use integer division rather than floating point
division.</p>
<p>Noted by David Corbett.</p>
</li>
</ul>
<h2>Pascal</h2>
<ul>
<li>
<p>Fix code generated for division. Previously real division was used
and the
generated code would fail to compile with an &quot;Incompatible
types&quot; error.</p>
<p>Noted by David Corbett.</p>
</li>
<li>
<p>Fix code generated for Snowball's <code>minint</code> and
<code>maxint</code> constant.</p>
</li>
</ul>
<h2>Python</h2>
<ul>
<li>
<p>Python 2 is no longer actively supported, as proposed on the mailing
list:
<a
href="https://lists.tartarus.org/pipermail/snowball-discuss/2021-August/001721.html">https://lists.tartarus.org/pipermail/snowball-discuss/2021-August/001721.html</a></p>
</li>
<li>
<p>Fix code generated for division. Previously the Python code we
generated
used integer division but rounded negative fractions towards negative
infinity rather than zero under Python 2, and under Python 3 used
floating
point division.</p>
<p>Noted by David Corbett.</p>
</li>
</ul>
<h2>Code Quality Improvements</h2>
<ul>
<li>C#: An <code>among</code> without functions is now generated as
<code>static</code> and groupings
are now generated as constant. Patches from James Turner in <a
href="https://redirect.github.com/snowballstem/snowball/issues/146">#146</a>
and <a
href="https://redirect.github.com/snowballstem/snowball/issues/147">#147</a>.</li>
</ul>
<h2>Code generation improvements</h2>
<ul>
<li>General:</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/snowballstem/snowball/commit/48a67a2831005f49c48ec29a5837640e23e54e6b"><code>48a67a2</code></a>
Update for 2.2.0</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/ec00981590405827782d4655fcb4e68e9dcb9d43"><code>ec00981</code></a>
Fix handling of len and lenof as names</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/5559db7016d232c0a9f6d9db52ecafce83496740"><code>5559db7</code></a>
Report clearer error if = is used instead of ==</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/4ff359881a651fc921e9966ef39674918f8e426a"><code>4ff3598</code></a>
Optimise constant numeric expressions</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/40b164100328367c426324cdd29ab69114d4ba8e"><code>40b1641</code></a>
NEWS: Update</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/f89c3b9d639b9543222f69b0e24742be1dcfe392"><code>f89c3b9</code></a>
Fix $(EXE_EXT) to $(EXEEXT)</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/55fd44b016303d7103f93f8b1fab9a634f0678ac"><code>55fd44b</code></a>
Ada: Fix code generated for <code>minint</code> and
<code>maxint</code></li>
<li><a
href="https://github.com/snowballstem/snowball/commit/e6d8b6f1d7df1a05fa8fbc11f479069e17b50788"><code>e6d8b6f</code></a>
Pascal: Fix code generated for <code>minint</code></li>
<li><a
href="https://github.com/snowballstem/snowball/commit/ed32a1da901351c225ad1ddcbd5e3bd6f53c3a1f"><code>ed32a1d</code></a>
Ada: Fix &quot;parentheses required for unary minus&quot; errors</li>
<li><a
href="https://github.com/snowballstem/snowball/commit/47773b9a06679972d69f6a2e14f11d5c09f30adf"><code>47773b9</code></a>
NEWS: Update</li>
<li>Additional commits viewable in <a
href="https://github.com/snowballstem/snowball/compare/v2.1.0...v2.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=snowballstemmer&package-manager=pip&previous-version=2.1.0&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [jinja2](https://github.com/pallets/jinja) from 3.0.3 to 3.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/jinja/releases">jinja2's
releases</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<p>This is the Jinja 3.1.4 security release, which fixes security issues
and bugs but does not otherwise change behavior and should not result in
breaking changes.</p>
<p>PyPI: <a
href="https://pypi.org/project/Jinja2/3.1.4/">https://pypi.org/project/Jinja2/3.1.4/</a>
Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4</a></p>
<ul>
<li>The <code>xmlattr</code> filter does not allow keys with
<code>/</code> solidus, <code>&gt;</code> greater-than sign, or
<code>=</code> equals sign, in addition to disallowing spaces.
Regardless of any validation done by Jinja, user input should never be
used as keys to this filter, or must be separately validated first.
GHSA-h75v-3vvj-5mfj</li>
</ul>
<h2>3.1.3</h2>
<p>This is a fix release for the 3.1.x feature branch.</p>
<ul>
<li>Fix for <a
href="https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95">GHSA-h5c8-rqwp-cp95</a>.
You are affected if you are using <code>xmlattr</code> and passing user
input as attribute keys.</li>
<li>Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-3">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-3</a></li>
<li>Milestone: <a
href="https://github.com/pallets/jinja/milestone/15?closed=1">https://github.com/pallets/jinja/milestone/15?closed=1</a></li>
</ul>
<h2>3.1.2</h2>
<p>This is a fix release for the <a
href="https://github.com/pallets/jinja/releases/tag/3.1.0">3.1.0</a>
feature release.</p>
<ul>
<li>Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-2">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-2</a></li>
<li>Milestone: <a
href="https://github.com/pallets/jinja/milestone/13?closed=1">https://github.com/pallets/jinja/milestone/13?closed=1</a></li>
</ul>
<h2>3.1.1</h2>
<ul>
<li>Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-1">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-1</a></li>
<li>Milestone: <a
href="https://github.com/pallets/jinja/milestone/12?closed=1">https://github.com/pallets/jinja/milestone/12?closed=1</a></li>
</ul>
<h2>3.1.0</h2>
<p>This is a feature release, which includes new features and removes
previously deprecated features. The 3.1.x branch is now the supported
bugfix branch, the 3.0.x branch has become a tag marking the end of
support for that branch. We encourage everyone to upgrade, and to use a
tool such as <a href="https://pypi.org/project/pip-tools/">pip-tools</a>
to pin all dependencies and control upgrades. We also encourage
upgrading to MarkupSafe 2.1.1, the latest version at this time.</p>
<ul>
<li>Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-0">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-0</a></li>
<li>Milestone: <a
href="https://github.com/pallets/jinja/milestone/8?closed=1">https://github.com/pallets/jinja/milestone/8?closed=1</a></li>
<li>MarkupSafe changes: <a
href="https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-1">https://markupsafe.palletsprojects.com/en/2.1.x/changes/#version-2-1-1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/jinja/blob/main/CHANGES.rst">jinja2's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.1.4</h2>
<p>Released 2024-05-05</p>
<ul>
<li>The <code>xmlattr</code> filter does not allow keys with
<code>/</code> solidus, <code>&gt;</code>
greater-than sign, or <code>=</code> equals sign, in addition to
disallowing spaces.
Regardless of any validation done by Jinja, user input should never be
used
as keys to this filter, or must be separately validated first.
:ghsa:<code>h75v-3vvj-5mfj</code></li>
</ul>
<h2>Version 3.1.3</h2>
<p>Released 2024-01-10</p>
<ul>
<li>Fix compiler error when checking if required blocks in parent
templates are
empty. :pr:<code>1858</code></li>
<li><code>xmlattr</code> filter does not allow keys with spaces.
:ghsa:<code>h5c8-rqwp-cp95</code></li>
<li>Make error messages stemming from invalid nesting of <code>{% trans
%}</code> blocks
more helpful. :pr:<code>1918</code></li>
</ul>
<h2>Version 3.1.2</h2>
<p>Released 2022-04-28</p>
<ul>
<li>Add parameters to <code>Environment.overlay</code> to match
<code>__init__</code>.
:issue:<code>1645</code></li>
<li>Handle race condition in <code>FileSystemBytecodeCache</code>.
:issue:<code>1654</code></li>
</ul>
<h2>Version 3.1.1</h2>
<p>Released 2022-03-25</p>
<ul>
<li>The template filename on Windows uses the primary path separator.
:issue:<code>1637</code></li>
</ul>
<h2>Version 3.1.0</h2>
<p>Released 2022-03-24</p>
<ul>
<li>Drop support for Python 3.6. :pr:<code>1534</code></li>
<li>Remove previously deprecated code. :pr:<code>1544</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/jinja/commit/dd4a8b5466d8790540c181590b14db4d4d889d57"><code>dd4a8b5</code></a>
release version 3.1.4</li>
<li><a
href="https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb"><code>0668239</code></a>
Merge pull request from GHSA-h75v-3vvj-5mfj</li>
<li><a
href="https://github.com/pallets/jinja/commit/d655030770081e2dfe46f90e27620472a502289d"><code>d655030</code></a>
disallow invalid characters in keys to xmlattr filter</li>
<li><a
href="https://github.com/pallets/jinja/commit/a7863ba9d3521f1450f821119c50d19d7ecea329"><code>a7863ba</code></a>
add ghsa links</li>
<li><a
href="https://github.com/pallets/jinja/commit/b5c98e78c2ee7d2bf0aa06d29ed9bf7082de9cf4"><code>b5c98e7</code></a>
start version 3.1.4</li>
<li><a
href="https://github.com/pallets/jinja/commit/da3a9f0b804199845fcb76f2e08748bdaeba93ee"><code>da3a9f0</code></a>
update project files (<a
href="https://redirect.github.com/pallets/jinja/issues/1968">#1968</a>)</li>
<li><a
href="https://github.com/pallets/jinja/commit/0ee5eb41d1a2d7d9a05a02dc26dd70e63aaaeeb1"><code>0ee5eb4</code></a>
satisfy formatter, linter, and strict mypy</li>
<li><a
href="https://github.com/pallets/jinja/commit/20477c63575175196bfc8103f223cc9f5642595d"><code>20477c6</code></a>
update project files (<a
href="https://redirect.github.com/pallets/jinja/issues/5457">#5457</a>)</li>
<li><a
href="https://github.com/pallets/jinja/commit/e491223739dedbb1f4fc6a71340c1484e149d947"><code>e491223</code></a>
update pyyaml dev dependency</li>
<li><a
href="https://github.com/pallets/jinja/commit/36f98854c721f98ba103f97f65a8a098da5af0d7"><code>36f9885</code></a>
fix pr link</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/jinja/compare/3.0.3...3.1.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jinja2&package-manager=pip&previous-version=3.0.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [python-dateutil](https://github.com/dateutil/dateutil) from 2.8.2
to 2.9.0.post0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dateutil/dateutil/releases">python-dateutil's
releases</a>.</em></p>
<blockquote>
<h2>2.9.0.post0</h2>
<h1>Version 2.9.0.post0 (2024-03-01)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Pinned <code>setuptools_scm</code> to <code>&lt;8</code>, which
should make the generated <code>_version.py</code> file compatible with
all supported versions of Python.</li>
</ul>
<h2>2.9.0</h2>
<h1>Version 2.9.0 (2024-02-29)</h1>
<h2>Data updates</h2>
<ul>
<li>Updated tzdata version to 2024a. (gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1342">#1342</a>)</li>
</ul>
<h2>Features</h2>
<ul>
<li>Made all <code>dateutil</code> submodules lazily imported using <a
href="https://www.python.org/dev/peps/pep-0562/">PEP 562</a>. On Python
3.7+, things like <code>import dateutil;
dateutil.tz.gettz(&quot;America/New_York&quot;)</code> will now work
without explicitly importing <code>dateutil.tz</code>, with the import
occurring behind the scenes on first use. The old behavior remains on
Python 3.6 and earlier. Fixed by Orson Adams. (gh issue <a
href="https://redirect.github.com/dateutil/dateutil/issues/771">#771</a>,
gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1007">#1007</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Removed a call to <code>datetime.utcfromtimestamp</code>, which is
deprecated as of Python 3.12. Reported by Hugo van Kemenade (gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1284">#1284</a>),
fixed by Thomas Grainger (gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1285">#1285</a>).</li>
</ul>
<h2>Documentation changes</h2>
<ul>
<li>Added note into docs and tests where relativedelta would return last
day of the month only if the same day on a different month resolves to a
date that doesn't exist. Reported by <a
href="https://github.com/hawkEye-01"><code>@​hawkEye-01</code></a> (gh
issue <a
href="https://redirect.github.com/dateutil/dateutil/issues/1167">#1167</a>).
Fixed by <a href="https://github.com/Mifrill"><code>@​Mifrill</code></a>
(gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1168">#1168</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dateutil/dateutil/blob/master/NEWS">python-dateutil's
changelog</a>.</em></p>
<blockquote>
<h1>Version 2.9.0.post0 (2024-03-01)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Pinned <code>setuptools_scm</code> to <code>&lt;8</code>, which
should make the generated <code>_version.py</code> file compatible with
all supported versions of Python.</li>
</ul>
<h1>Version 2.9.0 (2024-02-29)</h1>
<h2>Data updates</h2>
<ul>
<li>Updated tzdata version to 2024a. (gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1342">#1342</a>)</li>
</ul>
<h2>Features</h2>
<ul>
<li>Made all <code>dateutil</code> submodules lazily imported using
<code>PEP 562 &lt;https://www.python.org/dev/peps/pep-0562/&gt;</code>_.
On Python 3.7+, things like
<code>import dateutil;
dateutil.tz.gettz(&quot;America/New_York&quot;)</code> will now work
without explicitly importing <code>dateutil.tz</code>, with the import
occurring behind
the scenes on first use. The old behavior remains on Python 3.6 and
earlier.
Fixed by Orson Adams. (gh issue <a
href="https://redirect.github.com/dateutil/dateutil/issues/771">#771</a>,
gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1007">#1007</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Removed a call to <code>datetime.utcfromtimestamp</code>, which is
deprecated as of Python 3.12. Reported by Hugo van Kemenade (gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1284">#1284</a>),
fixed by Thomas Grainger (gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1285">#1285</a>).</li>
</ul>
<h2>Documentation changes</h2>
<ul>
<li>Added note into docs and tests where relativedelta would return last
day of the month
only if the same day on a different month resolves to a date that
doesn't exist.
Reported by <a
href="https://github.com/hawkEye-01"><code>@​hawkEye-01</code></a> (gh
issue <a
href="https://redirect.github.com/dateutil/dateutil/issues/1167">#1167</a>).
Fixed by <a href="https://github.com/Mifrill"><code>@​Mifrill</code></a>
(gh pr <a
href="https://redirect.github.com/dateutil/dateutil/issues/1168">#1168</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dateutil/dateutil/commit/1ae807774053c071acc9e7d3d27778fba0a7773e"><code>1ae8077</code></a>
Merge pull request <a
href="https://redirect.github.com/dateutil/dateutil/issues/1346">#1346</a>
from pganssle/release_2.9.0.post0</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/ee6de9deab99e1697837f9b78f145a91c57d600d"><code>ee6de9d</code></a>
Update news to prepare for release</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/9780d32aea9ab681769671c4e3540b449d62cdd0"><code>9780d32</code></a>
Pin <code>setuptools_scm</code> to &lt;8</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/db9d018944c41ddc740015cf5f64717c2ba64a5c"><code>db9d018</code></a>
Merge pull request <a
href="https://redirect.github.com/dateutil/dateutil/issues/1343">#1343</a>
from pganssle/release_2.9.0</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/423ca2f02faffa5d0543612b9462ace420ed7925"><code>423ca2f</code></a>
Run updatezinfo before build</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/edd3fd4565616f7c92567c1daa957ee52df221a4"><code>edd3fd4</code></a>
Update NEWS file</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/fe02d0218c00c907c6d8546dc3dce7fe7bb0588c"><code>fe02d02</code></a>
Run towncrier with Python 3.11</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/9c7524a92600282488fbb85c7f1d6af10ce4ad15"><code>9c7524a</code></a>
Fix MANIFEST.in pattern</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/6de58f572257088d4248a6a3a1d2a426df534a02"><code>6de58f5</code></a>
Update classifiers to include Python 3.12</li>
<li><a
href="https://github.com/dateutil/dateutil/commit/8fe0cab3b52fb714da3140c04aafe9c1f72f1211"><code>8fe0cab</code></a>
Merge pull request <a
href="https://redirect.github.com/dateutil/dateutil/issues/1342">#1342</a>
from pganssle/update_zoneinfo</li>
<li>Additional commits viewable in <a
href="https://github.com/dateutil/dateutil/compare/2.8.2...2.9.0.post0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=python-dateutil&package-manager=pip&previous-version=2.8.2&new-version=2.9.0.post0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [aiohappyeyeballs](https://github.com/aio-libs/aiohappyeyeballs)
from 2.3.7 to 2.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohappyeyeballs/releases">aiohappyeyeballs's
releases</a>.</em></p>
<blockquote>
<h1>v2.4.0 (2024-08-19)</h1>
<h2>Documentation</h2>
<ul>
<li>docs: fix a trivial typo in README.md (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/84">#84</a>)
(<a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/f5ae7d4bce04ee0645257ac828745a3b989ef149"><code>f5ae7d4</code></a>)</li>
</ul>
<h2>Feature</h2>
<ul>
<li>feat: add support for python 3.13 (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/86">#86</a>)
(<a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/4f2152fbb6b1d915c2fd68219339d998c47a71f9"><code>4f2152f</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/aiohappyeyeballs/blob/main/CHANGELOG.md">aiohappyeyeballs's
changelog</a>.</em></p>
<blockquote>
<h2>v2.4.0 (2024-08-19)</h2>
<h3>Feature</h3>
<ul>
<li>Add support for python 3.13 (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/86">#86</a>)
(<a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/4f2152fbb6b1d915c2fd68219339d998c47a71f9"><code>4f2152f</code></a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Fix a trivial typo in readme.md (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/84">#84</a>)
(<a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/f5ae7d4bce04ee0645257ac828745a3b989ef149"><code>f5ae7d4</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/c31b127a69bdcd7895d1a521985d918061955348"><code>c31b127</code></a>
2.4.0</li>
<li><a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/4f2152fbb6b1d915c2fd68219339d998c47a71f9"><code>4f2152f</code></a>
feat: add support for python 3.13 (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/86">#86</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/546f9b8dd53da275147aa75ccb70a00db7faf916"><code>546f9b8</code></a>
chore(pre-commit.ci): pre-commit autoupdate (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/85">#85</a>)</li>
<li><a
href="https://github.com/aio-libs/aiohappyeyeballs/commit/f5ae7d4bce04ee0645257ac828745a3b989ef149"><code>f5ae7d4</code></a>
docs: fix a trivial typo in README.md (<a
href="https://redirect.github.com/aio-libs/aiohappyeyeballs/issues/84">#84</a>)</li>
<li>See full diff in <a
href="https://github.com/aio-libs/aiohappyeyeballs/compare/v2.3.7...v2.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aiohappyeyeballs&package-manager=pip&previous-version=2.3.7&new-version=2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from
2023.7.22 to 2024.7.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463"><code>bd81538</code></a>
2024.07.04 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/295">#295</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/06a2cbf21f345563dde6c28b60e29d57e9b210b3"><code>06a2cbf</code></a>
Bump peter-evans/create-pull-request from 6.0.5 to 6.1.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/294">#294</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/13bba02b72bac97c432c277158bc04b4d2a6bc23"><code>13bba02</code></a>
Bump actions/checkout from 4.1.6 to 4.1.7 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/293">#293</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/e8abcd0e62b334c164b95d49fcabdc9ecbca0554"><code>e8abcd0</code></a>
Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/292">#292</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/124f4adf171e15cd9a91a8b6e0325ecc97be8fe1"><code>124f4ad</code></a>
2024.06.02 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/291">#291</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/c2196ce5d6ee675b27755a19948480a7823e2c6a"><code>c2196ce</code></a>
--- (<a
href="https://redirect.github.com/certifi/python-certifi/issues/290">#290</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/fefdeec7588ff1c05214b85a552afcad5fdb51b2"><code>fefdeec</code></a>
Bump actions/checkout from 4.1.4 to 4.1.5 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/289">#289</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/3c5fb1560b826a7f83f1f9750173ff766492c9cf"><code>3c5fb15</code></a>
Bump actions/download-artifact from 4.1.6 to 4.1.7 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/286">#286</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/4a9569a3eb58db8548536fc16c5c5c7af946a5b1"><code>4a9569a</code></a>
Bump actions/checkout from 4.1.2 to 4.1.4 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/287">#287</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/1fc808626a895a916b1e4c2b63abae6c5eafdbe3"><code>1fc8086</code></a>
Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/288">#288</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/certifi/python-certifi/compare/2023.07.22...2024.07.04">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=certifi&package-manager=pip&previous-version=2023.7.22&new-version=2024.7.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [zipp](https://github.com/jaraco/zipp) from 3.17.0 to 3.20.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jaraco/zipp/blob/main/NEWS.rst">zipp's
changelog</a>.</em></p>
<blockquote>
<h1>v3.20.0</h1>
<h2>Features</h2>
<ul>
<li>Made the zipfile compatibility overlay available as
zipp.compat.overlay.</li>
</ul>
<h1>v3.19.3</h1>
<h2>Bugfixes</h2>
<ul>
<li>Also match directories in Path.glob. (<a
href="https://redirect.github.com/jaraco/zipp/issues/121">#121</a>)</li>
</ul>
<h1>v3.19.2</h1>
<p>No significant changes.</p>
<h1>v3.19.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Improved handling of malformed zip files. (<a
href="https://redirect.github.com/jaraco/zipp/issues/119">#119</a>)</li>
</ul>
<h1>v3.19.0</h1>
<h2>Features</h2>
<ul>
<li>Implement is_symlink. (<a
href="https://redirect.github.com/jaraco/zipp/issues/117">#117</a>)</li>
</ul>
<h1>v3.18.2</h1>
<p>No significant changes.</p>
<h1>v3.18.1</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jaraco/zipp/commit/c5a33b2fae38dab057445011fdf33d26d0ba7cdf"><code>c5a33b2</code></a>
Finalize</li>
<li><a
href="https://github.com/jaraco/zipp/commit/f7f1cb32cd12eb8b413930068e55e8d76914488d"><code>f7f1cb3</code></a>
Made the zipfile compatibility overlay available as
zipp.compat.overlay.</li>
<li><a
href="https://github.com/jaraco/zipp/commit/9be5e1217a3aa1f96ba0aee57d348e8244ad9145"><code>9be5e12</code></a>
Finalize</li>
<li><a
href="https://github.com/jaraco/zipp/commit/11841113ebd25cd2520f801981bb1e16b01690d7"><code>1184111</code></a>
Narrow the versions under which Traversable is imported from
importlib.abc. F...</li>
<li><a
href="https://github.com/jaraco/zipp/commit/579be51bb31881a8e04040ff7a7c134053540326"><code>579be51</code></a>
Merge pull request <a
href="https://redirect.github.com/jaraco/zipp/issues/122">#122</a> from
jaraco/bugfix/121-glob-dirs</li>
<li><a
href="https://github.com/jaraco/zipp/commit/5d89a1cf540894ef28c0b6485daf01c860bd59d0"><code>5d89a1c</code></a>
Also match directories in Path.glob.</li>
<li><a
href="https://github.com/jaraco/zipp/commit/6f900eda31288c29c4e0af58c4504334704a9650"><code>6f900ed</code></a>
Add failing test capturing missed expectation.</li>
<li><a
href="https://github.com/jaraco/zipp/commit/21c6bfd6ed451640ec3a69e1239fab053e1d7d6f"><code>21c6bfd</code></a>
Merge <a
href="https://github.com/jaraco/skeleton">https://github.com/jaraco/skeleton</a></li>
<li><a
href="https://github.com/jaraco/zipp/commit/ab34814ca3ffe511ad63bb9589da06fd76758db8"><code>ab34814</code></a>
Re-enable preview, this time not for one specific feature, but for all
featur...</li>
<li><a
href="https://github.com/jaraco/zipp/commit/05d8b1482e5d32fadd96322bf86e158a17c4919d"><code>05d8b14</code></a>
Merge <a
href="https://github.com/jaraco/skeleton">https://github.com/jaraco/skeleton</a></li>
<li>Additional commits viewable in <a
href="https://github.com/jaraco/zipp/compare/v3.17.0...v3.20.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zipp&package-manager=pip&previous-version=3.17.0&new-version=3.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.10.0 to
20.26.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/releases">virtualenv's
releases</a>.</em></p>
<blockquote>
<h2>20.26.3</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.26.2 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2724">pypa/virtualenv#2724</a></li>
<li>Bump embeded wheels by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2741">pypa/virtualenv#2741</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3">https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3</a></p>
<h2>20.26.2</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>Release 20.26.1 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2713">pypa/virtualenv#2713</a></li>
<li>Update activate_this.py documentation to use runpy instead of exec
by <a href="https://github.com/FredStober"><code>@​FredStober</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2716">pypa/virtualenv#2716</a></li>
<li>Apply ruff/bugbear new rules by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2718">pypa/virtualenv#2718</a></li>
<li>Fix the CI by <a
href="https://github.com/HandSonic"><code>@​HandSonic</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2721">pypa/virtualenv#2721</a></li>
<li>Fix <a
href="https://redirect.github.com/pypa/virtualenv/issues/1949">#1949</a>:
zipapp virtual environment creation fails if zipapp path is symlinked by
<a href="https://github.com/HandSonic"><code>@​HandSonic</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2722">pypa/virtualenv#2722</a></li>
<li>Fix bad return code in bash activation if hashing is disabled by <a
href="https://github.com/fenkes-ibm"><code>@​fenkes-ibm</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2717">pypa/virtualenv#2717</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/FredStober"><code>@​FredStober</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2716">pypa/virtualenv#2716</a></li>
<li><a href="https://github.com/HandSonic"><code>@​HandSonic</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2721">pypa/virtualenv#2721</a></li>
<li><a
href="https://github.com/fenkes-ibm"><code>@​fenkes-ibm</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2717">pypa/virtualenv#2717</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.26.1...20.26.2">https://github.com/pypa/virtualenv/compare/20.26.1...20.26.2</a></p>
<h2>20.26.1</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.26.0 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2710">pypa/virtualenv#2710</a></li>
<li>Fix PATH-based Python discovery on Windows by <a
href="https://github.com/ofek"><code>@​ofek</code></a> in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2712">pypa/virtualenv#2712</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.26.0...20.26.1">https://github.com/pypa/virtualenv/compare/20.26.0...20.26.1</a></p>
<h2>20.26.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.25.3 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2704">pypa/virtualenv#2704</a></li>
<li>Fixed a case when template variable is WindowsPath by <a
href="https://github.com/NtWriteCode"><code>@​NtWriteCode</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2707">pypa/virtualenv#2707</a></li>
<li>Allow builtin interpreter discovery to find specific Python versions
given a general spec by <a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a>
in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2709">pypa/virtualenv#2709</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/NtWriteCode"><code>@​NtWriteCode</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2707">pypa/virtualenv#2707</a></li>
<li><a
href="https://github.com/flying-sheep"><code>@​flying-sheep</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/virtualenv/pull/2709">pypa/virtualenv#2709</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's
changelog</a>.</em></p>
<blockquote>
<h2>v20.26.3 (2024-06-21)</h2>
<p>Bugfixes - 20.26.3</p>
<pre><code>- Upgrade embedded wheels:
<ul>
<li>setuptools to <code>70.1.0</code> from <code>69.5.1</code></li>
<li>pip to <code>24.1</code> from <code>24.0</code>
(:issue:<code>2741</code>)</li>
</ul>
<h2>v20.26.2 (2024-05-13)</h2>
<p>Bugfixes - 20.26.2
</code></pre></p>
<ul>
<li><code>virtualenv.pyz</code> no longer fails when zipapp path
contains a symlink - by :user:<code>HandSonic</code> and
:user:<code>petamas</code>. (:issue:<code>1949</code>)</li>
<li>Fix bad return code from activate.sh if hashing is disabled - by
:user:'fenkes-ibm'. (:issue:<code>2717</code>)</li>
</ul>
<h2>v20.26.1 (2024-04-29)</h2>
<p>Bugfixes - 20.26.1</p>
<pre><code>- fix PATH-based Python discovery on Windows - by
:user:`ofek`. (:issue:`2712`)
<h2>v20.26.0 (2024-04-23)</h2>
<p>Bugfixes - 20.26.0
</code></pre></p>
<ul>
<li>allow builtin discovery to discover specific interpreters (e.g.
<code>python3.12</code>) given an unspecific spec (e.g.
<code>python3</code>) - by :user:<code>flying-sheep</code>.
(:issue:<code>2709</code>)</li>
</ul>
<h2>v20.25.3 (2024-04-17)</h2>
<p>Bugfixes - 20.25.3</p>
<pre><code>- Python 3.13.0a6 renamed pathmod to parser. (:issue:`2702`)
<h2>v20.25.2 (2024-04-16)</h2>
<p>Bugfixes - 20.25.2
</code></pre></p>
<ul>
<li>
<p>Upgrade embedded wheels:</p>
<ul>
<li>setuptools of <code>69.1.0</code> to <code>69.5.1</code></li>
<li>wheel of <code>0.42.0</code> to <code>0.43.0</code>
(:issue:<code>2699</code>)</li>
</ul>
</li>
</ul>
<p>v20.25.1 (2024-02-21)</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/virtualenv/commit/3185e1f8a5eaae8ff055a8481a542cc70a9cbce4"><code>3185e1f</code></a>
release 20.26.3</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/2a149ec196eefceceb3b017a0a8df7788f52522a"><code>2a149ec</code></a>
Bump embeded wheels (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2741">#2741</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/bd91d48f01da390c8b3aa19b7b0dc04f34ec1e5d"><code>bd91d48</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2739">#2739</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/82202884cd0961b2a09064571d7b9ed663da8542"><code>8220288</code></a>
Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2738">#2738</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/429d6a2319c1bf917452ca418bf041fe0daa130d"><code>429d6a2</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2734">#2734</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/c723579b81ee92aaaab7e3c3a51d66209fa2abd9"><code>c723579</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2730">#2730</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/e35ece8dd863562024ede29837964da782d2800e"><code>e35ece8</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2727">#2727</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/0646a0544eedfe9c7666690ffe805a6d17cf6016"><code>0646a05</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2724">#2724</a>
from pypa/release-20.26.2</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/9b14661dc4fb6866533b556c470ee47263c7249f"><code>9b14661</code></a>
release 20.26.2</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/7cbed79924b6b6d953ca9ecf40de23a7d3486f57"><code>7cbed79</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2723">#2723</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/virtualenv/compare/20.10.0...20.26.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.10.0&new-version=20.26.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
**This is a backport of PR #8776 as merged into master
(11171b8).**

---------

Co-authored-by: Sam Bull <git@sambull.org>
(cherry picked from commit 5be5af3)
**This is a backport of PR #8800 as merged into master
(17bf912).**

Co-authored-by: Sam Bull <git@sambull.org>
Bumps
[annotated-types](https://github.com/annotated-types/annotated-types)
from 0.5.0 to 0.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/annotated-types/annotated-types/releases">annotated-types's
releases</a>.</em></p>
<blockquote>
<h2>v0.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow <code>tzinfo</code> objects for <code>Timezone</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/56">annotated-types/annotated-types#56</a></li>
<li>add URLs to <code>pyproject.toml</code> by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/58">annotated-types/annotated-types#58</a></li>
<li>suggested fix on typo by <a
href="https://github.com/PelicanQ"><code>@​PelicanQ</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/60">annotated-types/annotated-types#60</a></li>
<li>Correct misstatement in README by <a
href="https://github.com/Zac-HD"><code>@​Zac-HD</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/62">annotated-types/annotated-types#62</a></li>
<li>Fix IsDigit -&gt; IsDigits by <a
href="https://github.com/toriningen"><code>@​toriningen</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/63">annotated-types/annotated-types#63</a></li>
<li>Add <code>Unit</code> type by <a
href="https://github.com/tlambert03"><code>@​tlambert03</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/65">annotated-types/annotated-types#65</a></li>
<li>Improve handling of GroupedMetadata (First try) by <a
href="https://github.com/cksleigen"><code>@​cksleigen</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/69">annotated-types/annotated-types#69</a></li>
<li>Prepare for 0.7.0 release by <a
href="https://github.com/adriangb"><code>@​adriangb</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/70">annotated-types/annotated-types#70</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Viicos"><code>@​Viicos</code></a> made
their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/56">annotated-types/annotated-types#56</a></li>
<li><a href="https://github.com/PelicanQ"><code>@​PelicanQ</code></a>
made their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/60">annotated-types/annotated-types#60</a></li>
<li><a
href="https://github.com/toriningen"><code>@​toriningen</code></a> made
their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/63">annotated-types/annotated-types#63</a></li>
<li><a
href="https://github.com/tlambert03"><code>@​tlambert03</code></a> made
their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/65">annotated-types/annotated-types#65</a></li>
<li><a href="https://github.com/cksleigen"><code>@​cksleigen</code></a>
made their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/69">annotated-types/annotated-types#69</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/annotated-types/annotated-types/compare/v0.6.0...v0.7.0">https://github.com/annotated-types/annotated-types/compare/v0.6.0...v0.7.0</a></p>
<h2>v0.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Drop Python 3.7, test on 3.12-dev and update deps by <a
href="https://github.com/adriangb"><code>@​adriangb</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/44">annotated-types/annotated-types#44</a></li>
<li>Add IsFinite type by <a
href="https://github.com/adriangb"><code>@​adriangb</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/43">annotated-types/annotated-types#43</a></li>
<li>Add Not to allow predicate negation by <a
href="https://github.com/adriangb"><code>@​adriangb</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/45">annotated-types/annotated-types#45</a></li>
<li>update deps to fix python 3.12 CI by <a
href="https://github.com/adriangb"><code>@​adriangb</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/50">annotated-types/annotated-types#50</a></li>
<li>✨ Add support for <code>doc()</code> by <a
href="https://github.com/tiangolo"><code>@​tiangolo</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/49">annotated-types/annotated-types#49</a></li>
<li>Fix README typo by <a
href="https://github.com/JelleZijlstra"><code>@​JelleZijlstra</code></a>
in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/52">annotated-types/annotated-types#52</a></li>
<li>Remove unused pytest-mock test dependency by <a
href="https://github.com/gotmax23"><code>@​gotmax23</code></a> in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/54">annotated-types/annotated-types#54</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/tiangolo"><code>@​tiangolo</code></a>
made their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/49">annotated-types/annotated-types#49</a></li>
<li><a
href="https://github.com/JelleZijlstra"><code>@​JelleZijlstra</code></a>
made their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/52">annotated-types/annotated-types#52</a></li>
<li><a href="https://github.com/gotmax23"><code>@​gotmax23</code></a>
made their first contribution in <a
href="https://redirect.github.com/annotated-types/annotated-types/pull/54">annotated-types/annotated-types#54</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/annotated-types/annotated-types/compare/v0.5.0...v0.6.0">https://github.com/annotated-types/annotated-types/compare/v0.5.0...v0.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/0735cd3d4c272b88405b6b04009716b691115210"><code>0735cd3</code></a>
Prepare for 0.7.0 release (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/70">#70</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/0757d4126a55681f577a0d9800b15b8d418bc7ad"><code>0757d41</code></a>
Improve handling of GroupedMetadata (First try) (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/69">#69</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/99dbac8103ec938ffc1abd779f2f4316bf5e73e7"><code>99dbac8</code></a>
Add <code>Unit</code> type (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/65">#65</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/89e3d2ec0c828b2cd8a1bd08132daf355bc34fe2"><code>89e3d2e</code></a>
Fix IsDigit -&gt; IsDigits (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/63">#63</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/59a50d17126f97a6ad383d886c21e03d5de54972"><code>59a50d1</code></a>
Correct misstatement in README (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/62">#62</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/66930379318ab566798219368eda267f2031f404"><code>6693037</code></a>
suggested fix on typo (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/60">#60</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/195e3406a276d3599fb94f6f982f5e91837de4a3"><code>195e340</code></a>
add URLs to <code>pyproject.toml</code> (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/58">#58</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/657ded980a131be3609e7df486cdd96b6133de29"><code>657ded9</code></a>
Allow <code>tzinfo</code> objects for <code>Timezone</code> (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/56">#56</a>)</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/18584dffd31a845c25b92857b73ea76d10ea3d0d"><code>18584df</code></a>
Prepare for 0.6.0 release</li>
<li><a
href="https://github.com/annotated-types/annotated-types/commit/4ddf47e6b2427634a4ff8ca9618aa295d92e6bad"><code>4ddf47e</code></a>
Remove unused pytest-mock test dependency (<a
href="https://redirect.github.com/annotated-types/annotated-types/issues/54">#54</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/annotated-types/annotated-types/compare/v0.5.0...v0.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=annotated-types&package-manager=pip&previous-version=0.5.0&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [incremental](https://github.com/twisted/incremental) from 22.10.0
to 24.7.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/twisted/incremental/blob/trunk/NEWS.rst">incremental's
changelog</a>.</em></p>
<blockquote>
<h1>Incremental 24.7.2 (2024-07-29)</h1>
<h2>Bugfixes</h2>
<ul>
<li>
<p>Incremental could mis-identify that a project had opted in to version
management.</p>
<p>If a <code>pyproject.toml</code> in the current directory contained a
<code>[project]</code> table with a <code>name</code> key, but did not
contain the opt-in <code>[tool.incremental]</code> table, Incremental
would still treat the file as if the opt-in were present and attempt to
validate the configuration. This could happen in contexts outside of
packaging, such as when creating a virtualenv. When operating as a
setuptools plugin Incremental now always ignores invalid configuration,
such as configuration that doesn't match the content of the working
directory.
(<code>[#106](twisted/incremental#106)
&lt;https://github.com/twisted/incremental/issues/106&gt;</code>__)</p>
</li>
</ul>
<h1>Incremental 24.7.1 (2024-07-27)</h1>
<h2>Bugfixes</h2>
<ul>
<li>Incremental 24.7.0 would produce an error when parsing the
<code>pyproject.toml</code> of a project that lacked the
<code>use_incremental=True</code> or <code>[tool.incremental]</code>
opt-in markers if that file lacked a <code>[project]</code> section
containing the package name. This could cause a project that only uses
<code>pyproject.toml</code> to configure tools to fail to build if
Incremental is installed. Incremental now ignores such projects.
(<code>[#100](twisted/incremental#100)
&lt;https://github.com/twisted/incremental/issues/100&gt;</code>__)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><code>[#101](twisted/incremental#101)
&lt;https://github.com/twisted/incremental/issues/101&gt;</code>__</li>
</ul>
<h1>Incremental 24.7.0 (2024-07-25)</h1>
<h2>Features</h2>
<ul>
<li>Incremental can now be configured using <code>pyproject.toml</code>.
(<code>[#90](twisted/incremental#90)
&lt;https://github.com/twisted/incremental/issues/90&gt;</code>__)</li>
<li>Incremental now provides a read-only <code>Hatchling version source
plugin
&lt;https://hatch.pypa.io/latest/plugins/version-source/reference/&gt;</code>_.
(<code>[#93](twisted/incremental#93)
&lt;https://github.com/twisted/incremental/issues/93&gt;</code>__)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Incremental no longer inserts a dot before the rc version component
(i.e., <code>1.2.3rc1</code> instead of <code>1.2.3.rc1</code>),
resulting in version numbers in the <code>canonical format
&lt;https://packaging.python.org/en/latest/specifications/version-specifiers/#public-version-identifiers&gt;</code><strong>.
(<code>[#81](twisted/incremental#81)
&lt;https://github.com/twisted/incremental/issues/81&gt;</code></strong>)</li>
<li>Incremental's tests are now included in the sdist release artifact.
(<code>[#80](twisted/incremental#80)
&lt;https://github.com/twisted/incremental/issues/80&gt;</code>__)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li><code>incremental[scripts]</code> no longer depends on Twisted.
(<code>[#88](twisted/incremental#88)
&lt;https://github.com/twisted/incremental/issues/88&gt;</code>__)</li>
<li>Support for Python 2.7 has been dropped for lack of test
infrastructure. We no longer provide universal wheels.
(<code>[#86](twisted/incremental#86)
&lt;https://github.com/twisted/incremental/issues/86&gt;</code>__)</li>
<li>Support for Python 3.5, 3.6, and 3.7 has been dropped for lack of
test infrastructure.
(<code>[#92](twisted/incremental#92)
&lt;https://github.com/twisted/incremental/issues/92&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/twisted/incremental/commit/32be98f929cc45b6a1b588e865dcf8c220b6c7f6"><code>32be98f</code></a>
Release Incremental 24.7.2</li>
<li><a
href="https://github.com/twisted/incremental/commit/380e66970918027bc7fbbb393453de7cd8d7a555"><code>380e669</code></a>
Merge pull request <a
href="https://redirect.github.com/twisted/incremental/issues/107">#107</a>
from twisted/106-never-raise</li>
<li><a
href="https://github.com/twisted/incremental/commit/a559f5c770ec93c95abaadfc8693d7ae654c6e39"><code>a559f5c</code></a>
Allow syntax errors to propagate</li>
<li><a
href="https://github.com/twisted/incremental/commit/3d2cdb172c7d5c7e27903c0949128f0aa7888741"><code>3d2cdb1</code></a>
Cleanups to shorten the diff</li>
<li><a
href="https://github.com/twisted/incremental/commit/d2fe36fa5bb5bb13bfbeb3461154fadd5d709993"><code>d2fe36f</code></a>
Defense in depth</li>
<li><a
href="https://github.com/twisted/incremental/commit/d659ea0ed0f8518608f40065aa5e6ad6dd2a69be"><code>d659ea0</code></a>
There and back again</li>
<li><a
href="https://github.com/twisted/incremental/commit/11ad4133e2857b37f140bfee835135f8cf1b6ad0"><code>11ad413</code></a>
Update the readme</li>
<li><a
href="https://github.com/twisted/incremental/commit/0f7001c2bf5cc3d24f6d273067b2e88866bff6d1"><code>0f7001c</code></a>
Tidy up some comments</li>
<li><a
href="https://github.com/twisted/incremental/commit/4adf23bb48cfbc35e75d44c4863b2dc73d4e9563"><code>4adf23b</code></a>
Add newsfragment</li>
<li><a
href="https://github.com/twisted/incremental/commit/b5ad0545b572ede441d73c35d8ff882f430e64d1"><code>b5ad054</code></a>
100% coverage, why not?</li>
<li>Additional commits viewable in <a
href="https://github.com/twisted/incremental/compare/incremental-22.10.0...incremental-24.7.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=incremental&package-manager=pip&previous-version=22.10.0&new-version=24.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [packaging](https://github.com/pypa/packaging) from 21.2 to 24.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/packaging/releases">packaging's
releases</a>.</em></p>
<blockquote>
<h2>24.1</h2>
<h2>What's Changed</h2>
<ul>
<li>pyupgrade/black/isort/flake8 → ruff by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/769">pypa/packaging#769</a></li>
<li>Add support for Python 3.13 and drop EOL 3.7 by <a
href="https://github.com/hugovk"><code>@​hugovk</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/783">pypa/packaging#783</a></li>
<li>Bump the github-actions group with 4 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/782">pypa/packaging#782</a></li>
<li>Fix typo in <code>_parser</code> docstring by <a
href="https://github.com/pradyunsg"><code>@​pradyunsg</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/784">pypa/packaging#784</a></li>
<li>Modernise type annotations using FA rules from ruff by <a
href="https://github.com/pradyunsg"><code>@​pradyunsg</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/785">pypa/packaging#785</a></li>
<li>Document <code>markers.default_environment()</code> by <a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/753">pypa/packaging#753</a></li>
<li>Bump the github-actions group with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/789">pypa/packaging#789</a></li>
<li>Work around platform.python_version() returning non PEP 440
compliant version for non-tagged CPython builds by <a
href="https://github.com/sbidoul"><code>@​sbidoul</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/802">pypa/packaging#802</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/dependabot"><code>@​dependabot</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/782">pypa/packaging#782</a></li>
<li><a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/753">pypa/packaging#753</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/packaging/compare/24.0...24.1">https://github.com/pypa/packaging/compare/24.0...24.1</a></p>
<h2>24.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix specifier matching when the specifier is long and has an epoch
by <a href="https://github.com/SpecLad"><code>@​SpecLad</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/712">pypa/packaging#712</a></li>
<li>Clarify version split/join usage by <a
href="https://github.com/uranusjr"><code>@​uranusjr</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/725">pypa/packaging#725</a></li>
<li>Default optional metadata values to None by <a
href="https://github.com/dstufft"><code>@​dstufft</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/734">pypa/packaging#734</a></li>
<li>Stop using deprecated/removed keys by <a
href="https://github.com/dstufft"><code>@​dstufft</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/739">pypa/packaging#739</a></li>
<li>Correctly use the ExceptionGroup shim only when needed by <a
href="https://github.com/dstufft"><code>@​dstufft</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/736">pypa/packaging#736</a></li>
<li>Update CHANGELOG entry about <code>validate</code> kwarg by <a
href="https://github.com/pradyunsg"><code>@​pradyunsg</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/731">pypa/packaging#731</a></li>
<li>Support --disable-gil builds (PEP 703) in packaging.tags by <a
href="https://github.com/colesbury"><code>@​colesbury</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/728">pypa/packaging#728</a></li>
<li>Skip <code>test_glibc_version_string_ctypes_raise_oserror</code> if
<code>ctypes</code> is unavailable by <a
href="https://github.com/kevinchang96"><code>@​kevinchang96</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/741">pypa/packaging#741</a></li>
<li>Enable CodeQL by <a
href="https://github.com/joycebrum"><code>@​joycebrum</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/743">pypa/packaging#743</a></li>
<li>PEP 703: Rename <code>Py_NOGIL</code> to
<code>Py_GIL_DISABLED</code> by <a
href="https://github.com/hugovk"><code>@​hugovk</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/747">pypa/packaging#747</a></li>
<li>Replace PEP references with PUG links by <a
href="https://github.com/jeanas"><code>@​jeanas</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/750">pypa/packaging#750</a></li>
<li>Remove coverage ignore for non-existent file by <a
href="https://github.com/shenanigansd"><code>@​shenanigansd</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/752">pypa/packaging#752</a></li>
<li>Update URLs by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/764">pypa/packaging#764</a></li>
<li>Configure dependabot by <a
href="https://github.com/joycebrum"><code>@​joycebrum</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/757">pypa/packaging#757</a></li>
<li>Hash pin github actions by <a
href="https://github.com/joycebrum"><code>@​joycebrum</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/758">pypa/packaging#758</a></li>
<li>Apply some refurb suggestions by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/763">pypa/packaging#763</a></li>
<li>Appply some bugbear suggestions by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/761">pypa/packaging#761</a></li>
<li>Apply some ruff suggestions by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/pypa/packaging/pull/772">pypa/packaging#772</a></li>
<li>Add riscv64 as a supported manylinux architecture by <a
href="https://github.com/markdryan"><code>@​markdryan</code></a> in <a
href="https://redirect.github.com/pypa/packaging/pull/751">pypa/packaging#751</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/colesbury"><code>@​colesbury</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/728">pypa/packaging#728</a></li>
<li><a
href="https://github.com/kevinchang96"><code>@​kevinchang96</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/741">pypa/packaging#741</a></li>
<li><a href="https://github.com/jeanas"><code>@​jeanas</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/750">pypa/packaging#750</a></li>
<li><a
href="https://github.com/shenanigansd"><code>@​shenanigansd</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/752">pypa/packaging#752</a></li>
<li><a href="https://github.com/markdryan"><code>@​markdryan</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/packaging/pull/751">pypa/packaging#751</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/packaging/compare/23.2...24.0">https://github.com/pypa/packaging/compare/23.2...24.0</a></p>
<h2>23.2</h2>
<h2>What's Changed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/packaging/blob/main/CHANGELOG.rst">packaging's
changelog</a>.</em></p>
<blockquote>
<p>24.1 - 2024-06-10</p>
<pre><code>
No unreleased changes.
<p>24.0 - 2024-03-10<br />
</code></pre></p>
<ul>
<li>Do specifier matching correctly when the specifier contains an epoch
number
and has more components than the version (:issue:<code>683</code>)</li>
<li>Support the experimental <code>--disable-gil</code> builds in
packaging.tags
(:issue:<code>727</code>)</li>
<li>BREAKING: Make optional <code>metadata.Metadata</code> attributes
default to <code>None</code> (:issue:<code>733</code>)</li>
<li>Fix errors when trying to access the
<code>description_content_type</code>, <code>keywords</code>,
and <code>requires_python</code> attributes on
<code>metadata.Metadata</code> when those values
have not been provided (:issue:<code>733</code>)</li>
<li>Fix a bug preventing the use of the built in
<code>ExceptionGroup</code> on versions of
Python that support it (:issue:<code>725</code>)</li>
</ul>
<p>23.2 - 2023-10-01</p>
<pre><code>
* Document calendar-based versioning scheme (:issue:`716`)
* Enforce that the entire marker string is parsed (:issue:`687`)
* Requirement parsing no longer automatically validates the URL
(:issue:`120`)
* Canonicalize names for requirements comparison (:issue:`644`)
* Introduce ``metadata.Metadata`` (along with
``metadata.ExceptionGroup`` and ``metadata.InvalidMetadata``;
:issue:`570`)
* Introduce the ``validate`` keyword parameter to
``utils.normalize_name()`` (:issue:`570`)
* Introduce ``utils.is_normalized_name()`` (:issue:`570`)
* Make ``utils.parse_sdist_filename()`` and
``utils.parse_wheel_filename()``
raise ``InvalidSdistFilename`` and ``InvalidWheelFilename``,
respectively,
  when the version component of the name is invalid
* Remove support for Python 3.7 (:issue:`783`)
<p>23.1 - 2023-04-12<br />
</code></pre></p>
<ul>
<li>Parse raw metadata (:issue:<code>671</code>)</li>
<li>Import underlying parser functions as an underscored variable
(:issue:<code>663</code>)</li>
<li>Improve error for local version label with unsupported operators
(:issue:<code>675</code>)</li>
<li>Add dedicated error for specifiers with incorrect <code>.*</code>
suffix</li>
<li>Replace spaces in platform names with underscores
(:issue:<code>620</code>)</li>
<li>Relax typing of <code>_key</code> on <code>_BaseVersion</code>
(:issue:<code>669</code>)</li>
<li>Handle prefix match with zeros at end of prefix correctly
(:issue:<code>674</code>)</li>
</ul>
<p>23.0 - 2023-01-08</p>
<pre><code>
* Allow ``&quot;extra&quot;`` to be ``None`` in the marker environment
(:issue:`650`)
* Refactor ``tags._generic_api`` to use ``EXT_SUFFIX`` (:issue:`607`)
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/packaging/commit/85442b8032cb7bae72866dfd7782234a98dd2fb7"><code>85442b8</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/packaging/commit/3e67fc775e93166600c84a5183ab6a86afff84b5"><code>3e67fc7</code></a>
Work around <code>platform.python_version()</code> returning non PEP 440
compliant versi...</li>
<li><a
href="https://github.com/pypa/packaging/commit/32deafe8668a2130a3366b98154914d188f3718e"><code>32deafe</code></a>
Bump the github-actions group with 3 updates (<a
href="https://redirect.github.com/pypa/packaging/issues/789">#789</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/e0dda88874e73cd484b9e8464c5921a903db3cf0"><code>e0dda88</code></a>
Document <code>markers.default_environment()</code> (<a
href="https://redirect.github.com/pypa/packaging/issues/753">#753</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/cc938f984bbbe43c5734b9656c9837ab3a28191f"><code>cc938f9</code></a>
Modernise type annotations using FA rules from ruff (<a
href="https://redirect.github.com/pypa/packaging/issues/785">#785</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/757f559404ff6cc1cdef59a2c3628ccdaa505ac4"><code>757f559</code></a>
Fix typo in <code>_parser</code> docstring (<a
href="https://redirect.github.com/pypa/packaging/issues/784">#784</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/ec9f203a9f1d336d62b71a26e3ad3dfcfbef92dc"><code>ec9f203</code></a>
Bump the github-actions group with 4 updates (<a
href="https://redirect.github.com/pypa/packaging/issues/782">#782</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/5cbe1e44cc7b0497a11ab441310a86a5ebf1658a"><code>5cbe1e4</code></a>
Add support for Python 3.13 and drop EOL 3.7 (<a
href="https://redirect.github.com/pypa/packaging/issues/783">#783</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/cb8fd38ef4c4189142702951b89dee1f09e4d71f"><code>cb8fd38</code></a>
pyupgrade/black/isort/flake8 → ruff (<a
href="https://redirect.github.com/pypa/packaging/issues/769">#769</a>)</li>
<li><a
href="https://github.com/pypa/packaging/commit/e8002b16e79c71a5f256d4f20eee0170f4327dd9"><code>e8002b1</code></a>
Bump for development</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/packaging/compare/21.2...24.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=packaging&package-manager=pip&previous-version=21.2&new-version=24.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [pip](https://github.com/pypa/pip) from 23.2.1 to 24.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/pip/blob/main/NEWS.rst">pip's
changelog</a>.</em></p>
<blockquote>
<h1>24.2 (2024-07-28)</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Deprecate <code>pip install --editable</code> falling back to
<code>setup.py develop</code>
when using a setuptools version that does not support
:pep:<code>660</code>
(setuptools v63 and older).
(<code>[#11457](pypa/pip#11457)
&lt;https://github.com/pypa/pip/issues/11457&gt;</code>_)</li>
</ul>
<h2>Features</h2>
<ul>
<li>
<p>Check unsupported packages for the current platform.
(<code>[#11054](pypa/pip#11054)
&lt;https://github.com/pypa/pip/issues/11054&gt;</code>_)</p>
</li>
<li>
<p>Use system certificates <em>and</em> certifi certificates to verify
HTTPS connections on Python 3.10+.
Python 3.9 and earlier only use certifi.</p>
<p>To revert to previous behaviour, pass the flag
<code>--use-deprecated=legacy-certs</code>.
(<code>[#11647](pypa/pip#11647)
&lt;https://github.com/pypa/pip/issues/11647&gt;</code>_)</p>
</li>
<li>
<p>Improve discovery performance of installed packages when the
<code>importlib.metadata</code>
backend is used to load distribution metadata (used by default under
Python 3.11+). (<code>[#12656](pypa/pip#12656)
&lt;https://github.com/pypa/pip/issues/12656&gt;</code>_)</p>
</li>
<li>
<p>Improve performance when the same requirement string appears many
times during
resolution, by consistently caching the parsed requirement string.
(<code>[#12663](pypa/pip#12663)
&lt;https://github.com/pypa/pip/issues/12663&gt;</code>_)</p>
</li>
<li>
<p>Minor performance improvement of finding applicable package
candidates by not
repeatedly calculating their versions
(<code>[#12664](pypa/pip#12664)
&lt;https://github.com/pypa/pip/issues/12664&gt;</code>_)</p>
</li>
<li>
<p>Disable pip's self version check when invoking a pip subprocess to
install
PEP 517 build requirements.
(<code>[#12683](pypa/pip#12683)
&lt;https://github.com/pypa/pip/issues/12683&gt;</code>_)</p>
</li>
<li>
<p>Improve dependency resolution performance by caching platform
compatibility
tags during wheel cache lookup.
(<code>[#12712](pypa/pip#12712)
&lt;https://github.com/pypa/pip/issues/12712&gt;</code>_)</p>
</li>
<li>
<p><code>wheel</code> is no longer explicitly listed as a build
dependency of <code>pip</code>.
<code>setuptools</code> injects this dependency in the
<code>get_requires_for_build_wheel()</code>
hook and no longer needs it on newer versions.
(<code>[#12728](pypa/pip#12728)
&lt;https://github.com/pypa/pip/issues/12728&gt;</code>_)</p>
</li>
<li>
<p>Ignore <code>--require-virtualenv</code> for <code>pip check</code>
and <code>pip freeze</code>
(<code>[#12842](pypa/pip#12842)
&lt;https://github.com/pypa/pip/issues/12842&gt;</code>_)</p>
</li>
<li>
<p>Improve package download and install performance.</p>
<p>Increase chunk sizes when downloading (256 kB, up from 10 kB) and
reading files (1 MB, up from 8 kB).
This reduces the frequency of updates to pip's progress bar.
(<code>[#12810](pypa/pip#12810)
&lt;https://github.com/pypa/pip/issues/12810&gt;</code>_)</p>
</li>
<li>
<p>Improve pip install performance.</p>
<p>Files are now extracted in 1MB blocks, or in one block matching the
file size for
smaller files. A decompressor is no longer instantiated when extracting
0 bytes files,
it is not necessary because there is no data to decompress.
(<code>[#12803](pypa/pip#12803)
&lt;https://github.com/pypa/pip/issues/12803&gt;</code>_)</p>
</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Set <code>no_color</code> to global <code>rich.Console</code>
instance. (<code>[#11045](pypa/pip#11045)
&lt;https://github.com/pypa/pip/issues/11045&gt;</code>_)</li>
<li>Fix resolution to respect <code>--python-version</code> when
checking <code>Requires-Python</code>.
(<code>[#12216](pypa/pip#12216)
&lt;https://github.com/pypa/pip/issues/12216&gt;</code>_)</li>
<li>Perform hash comparisons in a case-insensitive manner.
(<code>[#12680](pypa/pip#12680)
&lt;https://github.com/pypa/pip/issues/12680&gt;</code>_)</li>
<li>Avoid <code>dlopen</code> failure for glibc detection in musl builds
(<code>[#12716](pypa/pip#12716)
&lt;https://github.com/pypa/pip/issues/12716&gt;</code>_)</li>
<li>Avoid keyring logging crashes when pip is run in verbose mode.
(<code>[#12751](pypa/pip#12751)
&lt;https://github.com/pypa/pip/issues/12751&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/pip/commit/97146c7f4cd85551f3dc261830a57f304e43c181"><code>97146c7</code></a>
Bump for release</li>
<li><a
href="https://github.com/pypa/pip/commit/ef81b2eafd390fb56f62930dcd74f6e4580093e0"><code>ef81b2e</code></a>
Update AUTHORS.txt</li>
<li><a
href="https://github.com/pypa/pip/commit/350a0570a88b6c0d13c68f81ac08dc64f954cadf"><code>350a057</code></a>
Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/pypa/pip/issues/12876">#12876</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/184390f4f2cde0316801eb701f49dda4f7a9a6ac"><code>184390f</code></a>
Update dependabot.yml to bump group updates (<a
href="https://redirect.github.com/pypa/pip/issues/12572">#12572</a>)</li>
<li><a
href="https://github.com/pypa/pip/commit/48917f1c0375496058d677f652a90de6bee4dc8c"><code>48917f1</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12875">#12875</a> from
hellozee/fix-unit-test</li>
<li><a
href="https://github.com/pypa/pip/commit/dd85c28464dbfc9b3a53c885a41c209e4700ad2d"><code>dd85c28</code></a>
Fix invalid origin test to check all the logged messages</li>
<li><a
href="https://github.com/pypa/pip/commit/203780b5d167c4d01c55df7adc91d5ad1a0563aa"><code>203780b</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/pip/issues/12865">#12865</a> from
pradyunsg/better-exception-handling-around-sel...</li>
<li><a
href="https://github.com/pypa/pip/commit/e50314134886d5eb5b650b3ce95abaafcb6dce10"><code>e503141</code></a>
Properly mock <code>_self_version_check_logic</code></li>
<li><a
href="https://github.com/pypa/pip/commit/3518d3293445ad43eedba116b6182185c03abda3"><code>3518d32</code></a>
Rework how <code>--debug</code> is handled in <code>main</code></li>
<li><a
href="https://github.com/pypa/pip/commit/be21d82e4362c00aab451ef1cf212d9a62f8e58e"><code>be21d82</code></a>
Move exception suppression to cover more of self-version-check
logic</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/pip/compare/23.2.1...24.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pip&package-manager=pip&previous-version=23.2.1&new-version=24.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [identify](https://github.com/pre-commit/identify) from 2.3.5 to
2.6.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pre-commit/identify/commit/577bfe15db2b97328431ec6de934c1a4bacc6edd"><code>577bfe1</code></a>
v2.6.0</li>
<li><a
href="https://github.com/pre-commit/identify/commit/2e9f390c347cc49cace0c6b40f9b9dd8a6cd9d01"><code>2e9f390</code></a>
Merge pull request <a
href="https://redirect.github.com/pre-commit/identify/issues/468">#468</a>
from harrymander/fix-index-error-with-env-shebang</li>
<li><a
href="https://github.com/pre-commit/identify/commit/0853fe343d105b822aacb6563cb73db93aee429b"><code>0853fe3</code></a>
Merge pull request <a
href="https://redirect.github.com/pre-commit/identify/issues/457">#457</a>
from wircho/adolfo-add-ejson</li>
<li><a
href="https://github.com/pre-commit/identify/commit/818c07f7562eed43218079b5d469c168d64f93d1"><code>818c07f</code></a>
Add ejson extension</li>
<li><a
href="https://github.com/pre-commit/identify/commit/909fd829e4bacd942de2a83687347c5a97d73985"><code>909fd82</code></a>
Merge pull request <a
href="https://redirect.github.com/pre-commit/identify/issues/469">#469</a>
from pre-commit/pre-commit-ci-update-config</li>
<li><a
href="https://github.com/pre-commit/identify/commit/a9fd3882458cd34ffb1747e2007b2130a7b5296c"><code>a9fd388</code></a>
[pre-commit.ci] pre-commit autoupdate</li>
<li><a
href="https://github.com/pre-commit/identify/commit/90c7a1e580be5ccc6dde03456e79928d830fad81"><code>90c7a1e</code></a>
Fix IndexError when shebang is just '#!/usr/bin/env'</li>
<li><a
href="https://github.com/pre-commit/identify/commit/437ef92fd9331c0be3ec47eecc81aaa19971896e"><code>437ef92</code></a>
Merge pull request <a
href="https://redirect.github.com/pre-commit/identify/issues/467">#467</a>
from pre-commit/pre-commit-ci-update-config</li>
<li><a
href="https://github.com/pre-commit/identify/commit/525954b02b6a99b6ea1bbe2ff26fa4cf2fd000f1"><code>525954b</code></a>
[pre-commit.ci] pre-commit autoupdate</li>
<li><a
href="https://github.com/pre-commit/identify/commit/0651fca53e7ef7edab19cad41f6ee4fe89375b55"><code>0651fca</code></a>
Merge pull request <a
href="https://redirect.github.com/pre-commit/identify/issues/464">#464</a>
from pre-commit/pre-commit-ci-update-config</li>
<li>Additional commits viewable in <a
href="https://github.com/pre-commit/identify/compare/v2.3.5...v2.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=identify&package-manager=pip&previous-version=2.3.5&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [importlib-metadata](https://github.com/python/importlib_metadata)
from 6.8.0 to 8.4.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_metadata/blob/main/NEWS.rst">importlib-metadata's
changelog</a>.</em></p>
<blockquote>
<h1>v8.4.0</h1>
<h2>Features</h2>
<ul>
<li>Deferred import of inspect for import performance. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/499">#499</a>)</li>
</ul>
<h1>v8.3.0</h1>
<h2>Features</h2>
<ul>
<li>Disallow passing of 'dist' to EntryPoints.select.</li>
</ul>
<h1>v8.2.0</h1>
<h2>Features</h2>
<ul>
<li>Add SimplePath to importlib_metadata.<strong>all</strong>. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/494">#494</a>)</li>
</ul>
<h1>v8.1.0</h1>
<h2>Features</h2>
<ul>
<li>Prioritize valid dists to invalid dists when retrieving by name. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/489">#489</a>)</li>
</ul>
<h1>v8.0.0</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Message.<strong>getitem</strong> now raises a KeyError on missing
keys. (<a
href="https://redirect.github.com/python/importlib_metadata/issues/371">#371</a>)</li>
<li>Removed deprecated support for Distribution subclasses not
implementing abstract methods.</li>
</ul>
<h1>v7.2.1</h1>
<p>Bugfixes</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_metadata/commit/1616cb3a82c33c3603ff984b6ff417e68068aa6e"><code>1616cb3</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/71b467843258873048eb944545ba1235866523e6"><code>71b4678</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/ebcdcfdd18d427498f11b74e245b3f8a7ef5df9c"><code>ebcdcfd</code></a>
Remove workaround for <a
href="https://redirect.github.com/python/typeshed/issues/10328">python/typeshed#10328</a>.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/2c43cfe7dba2902095a166c4f6226ac5f7bfb50b"><code>2c43cfe</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/499">#499</a>
from danielhollas/defer-inspect</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/a7aaf72702b3a49ea3e33c9cf7f223839067c883"><code>a7aaf72</code></a>
Use third-person imperative voice and link to issue in comment.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/e99c10510d48e840b0550bd05d1167633dcfaea7"><code>e99c105</code></a>
Restore single-expression logic.</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/debb5165a88b1a4433150b265e155c21b497d154"><code>debb516</code></a>
Don't use global var</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/3c8e1ec4e34c11dcff086be7fbd0d1981bf32480"><code>3c8e1ec</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/5035755aac64a6ee902add3909f463a2bf54ee1c"><code>5035755</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_metadata/issues/498">#498</a>
from python/feature/entry-points-disallow-dist-match</li>
<li><a
href="https://github.com/python/importlib_metadata/commit/6d9b766099dbac1c97a220badde7e14304e03291"><code>6d9b766</code></a>
Remove MetadataPathFinder regardless of its position.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_metadata/compare/v6.8.0...v8.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=importlib-metadata&package-manager=pip&previous-version=6.8.0&new-version=8.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [iniconfig](https://github.com/pytest-dev/iniconfig) from 1.1.1 to
2.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/iniconfig/blob/main/CHANGELOG">iniconfig's
changelog</a>.</em></p>
<blockquote>
<h1>2.0.0</h1>
<ul>
<li>add support for Python 3.7-3.11</li>
<li>drop support for Python 2.6-3.6</li>
<li>add encoding argument defaulting to utf-8</li>
<li>inline and clarify type annotations</li>
<li>move parsing code from inline to extra file</li>
<li>add typing overloads for helper methods</li>
</ul>
<p>.. note::</p>
<p>major release due to the major changes in python versions supported +
changes in packaging</p>
<p>the api is expected to be compatible</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/93f5930e668c0d1ddf4597e38dd0dea4e2665e7a"><code>93f5930</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/iniconfig/issues/51">#51</a>
from pytest-dev/add-deploy</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/942655746cf0a0183f04ba7c425b4d4683e688ea"><code>9426557</code></a>
rework deploy pipeline for hatch usage and modern checkout</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/5f617e30ac0c8512f13a0af44e0f94ddbddd4240"><code>5f617e3</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/iniconfig/issues/49">#49</a>
from pytest-dev/rework-types</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/180065cec29f156b1baf9cf684ebbf3f251db073"><code>180065c</code></a>
changelog</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/c7d1d88a398cb64884c30fb03c6581dd2bcd1ae7"><code>c7d1d88</code></a>
add sectionwrapper get overload types</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/90df3d776833fcfba42c9641d73c22956f25bf37"><code>90df3d7</code></a>
hatch-vcs</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/df78c51bfba888c9d145fbd3d66f45b74dac0271"><code>df78c51</code></a>
pre-commit pyproject ftm</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/c113dd6d4c6403ae636e0d69df5b3170c2c32888"><code>c113dd6</code></a>
migrate to hatch</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/0253ff11d9e2ca1967df615185d0f52c983ee642"><code>0253ff1</code></a>
implement review comments</li>
<li><a
href="https://github.com/pytest-dev/iniconfig/commit/10583b86c3de36764f27e24f453eb9fe91c2ab3f"><code>10583b8</code></a>
update changelog</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/iniconfig/compare/v1.1.1...v2.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=iniconfig&package-manager=pip&previous-version=1.1.1&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [setuptools](https://github.com/pypa/setuptools) from 68.0.0 to
73.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v73.0.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Remove <code>abc.ABCMeta</code> metaclass from abstract classes.
<code>pypa/setuptools#4503
&lt;https://github.com/pypa/setuptools/pull/4503&gt;</code>_ had an
unintended consequence of causing potential <code>TypeError: metaclass
conflict: the metaclass of a derived class must be a (non-strict)
subclass of the metaclasses of all its bases</code> -- by
:user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4579">#4579</a>)</li>
</ul>
<h1>v73.0.0</h1>
<h2>Features</h2>
<ul>
<li>Mark abstract base classes and methods with <code>abc.ABC</code> and
<code>abc.abstractmethod</code> -- by :user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4503">#4503</a>)</li>
<li>Changed the order of type checks in
<code>setuptools.command.easy_install.CommandSpec.from_param</code> to
support any <code>collections.abc.Iterable</code> of <code>str</code>
param -- by :user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4505">#4505</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Prevent an error in <code>bdist_wheel</code> if
<code>compression</code> is set to a <code>str</code> (even if valid)
after finalizing options but before running the command. -- by
:user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4383">#4383</a>)</li>
<li>Raises an exception when <code>py_limited_api</code> is used in a
build with
<code>Py_GIL_DISABLED</code><code>python/cpython#111506</code><a
href="https://redirect.github.com/pypa/setuptools/issues/4420">#4420</a>)</li>
<li><code>pypa/distutils#284</code></li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li><code>setuptools</code> is replacing the usages of
:pypi:<code>ordered_set</code> with simple
instances of <code>dict[Hashable, None]</code>. This is done to remove
the extra
dependency and it is possible because since Python 3.7,
<code>dict</code> maintain
insertion order. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4574">#4574</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/4534">#4534</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/4546">#4546</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/4554">#4554</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/4559">#4559</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/4565">#4565</a></li>
</ul>
<h1>v72.2.0</h1>
<h2>Features</h2>
<ul>
<li><code>pypa/distutils#272</code><a
href="https://redirect.github.com/pypa/distutils/issues/237">pypa/distutils#237</a><code>pypa/distuils#228</code><a
href="https://redirect.github.com/pypa/setuptools/issues/4538">#4538</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/ebddeb36f72c9d758b5cc0e9f81f8a66aa837d96"><code>ebddeb3</code></a>
Bump version: 73.0.0 → 73.0.1</li>
<li><a
href="https://github.com/pypa/setuptools/commit/18963fb1851d24b89780cc10e213a2779be5f1eb"><code>18963fb</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4580">#4580</a>
from Avasam/no-ABCMeta</li>
<li><a
href="https://github.com/pypa/setuptools/commit/b7ee00da2cfa8208c47812fb657392e8b88f620c"><code>b7ee00d</code></a>
Remove ABCMeta metaclass, keep abstractmethods</li>
<li><a
href="https://github.com/pypa/setuptools/commit/477f713450ff57de126153f3034d032542916d03"><code>477f713</code></a>
Override distribution attribute type in all distutils-based commands (<a
href="https://redirect.github.com/pypa/setuptools/issues/4577">#4577</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/429ac589e5f290282f91b420350b002a2c519699"><code>429ac58</code></a>
Override distribution attribute type in all distutils-based
commands</li>
<li><a
href="https://github.com/pypa/setuptools/commit/4147b093d0aea4f57757c699a0b25bbc3aab2580"><code>4147b09</code></a>
Bump version: 72.2.0 → 73.0.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/2ad8c10d8214340be812769359090c7950a39c35"><code>2ad8c10</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4576">#4576</a>
from pypa/bugfix/distutils-284</li>
<li><a
href="https://github.com/pypa/setuptools/commit/8afe0c3e9c4c56f5d7343dc21f743e9cf83c594a"><code>8afe0c3</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4574">#4574</a>
from abravalheri/ordered_set</li>
<li><a
href="https://github.com/pypa/setuptools/commit/ad611bcaedfefef3480ac111c4f22e2ca8cc7a1c"><code>ad611bc</code></a>
Merge <a
href="https://github.com/pypa/distutils">https://github.com/pypa/distutils</a>
into bugfix/distutils-284</li>
<li><a
href="https://github.com/pypa/setuptools/commit/30b7331b07fbc404959cb37ac311afdfb90813be"><code>30b7331</code></a>
Ensure a missing target is still indicated as 'sources are newer' even
when t...</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v68.0.0...v73.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=setuptools&package-manager=pip&previous-version=68.0.0&new-version=73.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [regex](https://github.com/mrabarnett/mrab-regex) from 2021.11.10
to 2024.7.24.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt">regex's
changelog</a>.</em></p>
<blockquote>
<p>Version: 2024.7.24</p>
<pre><code>Git issue 539: Bug: Partial matching fails on a simple
example
</code></pre>
<p>Version: 2024.6.22</p>
<pre><code>Git issue 535: Regex fails Unicode 15.1 GraphemeBreakTest due
to missing new GB9c rule implementation
</code></pre>
<p>Version: 2024.5.15</p>
<pre><code>Git issue 530: hangs with fuzzy and optionals
<p>It's not hanging, it'll finish eventually. It's just an example of
catastrophic backtracking.</p>
<p>The error printed when Ctrl+C is pressed does show a bug, though,
which is now fixed.<br />
</code></pre></p>
<p>Version: 2024.5.10</p>
<pre><code>Updated for Python 3.13.
<p>&lt;time.h&gt; now needs to be included explicitly because Python.h
no longer includes it.<br />
</code></pre></p>
<p>Version: 2024.4.28</p>
<pre><code>Git issue 527: `VERBOSE`/`X` flag breaks `\N` escapes
</code></pre>
<p>Version: 2024.4.16</p>
<pre><code>Git issue 525: segfault when fuzzy matching empty list
</code></pre>
<p>Version: 2023.12.25</p>
<pre><code>Cannot get release notification action in main.yml to work.
Commenting it out for now.
</code></pre>
<p>Version: 2023.12.24</p>
<pre><code>Fixed invalid main.yml.
</code></pre>
<p>Version: 2023.12.23</p>
<pre><code>The escape function no longer escapes \x00. It's not
necessary.
<p>Inline flags can now be turned off and apply to what follows.</p>
<p>Added \R to match line endings.<br />
</code></pre></p>
<p>Version: 2023.10.3</p>
<pre><code>Updated to Unicode 15.1.0.
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/e8a8d28aa32a945dfbed6ef41d29f30daf07e08d"><code>e8a8d28</code></a>
Git issue 539: Bug: Partial matching fails on a simple example</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/6d086ffc5be71220d527495ad384834e4f54f340"><code>6d086ff</code></a>
Git issue 535: Regex fails Unicode 15.1 GraphemeBreakTest due to missing
new ...</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/8eabb4223e4b1d4c7b6a4496328e00eee5e352e5"><code>8eabb42</code></a>
Git issue 530: hangs with fuzzy and optionals</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/be139ffc3a18a7ead6939ea19015dc41e3682ec4"><code>be139ff</code></a>
Updated for Python 3.13.</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/2e3272be48e32367cb1110dba5329ace06312017"><code>2e3272b</code></a>
Git issue 527: <code>VERBOSE</code>/<code>X</code> flag breaks
<code>\N</code> escapes</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/9c950f2c25a5b1221a059761c5f90b9ee0f31763"><code>9c950f2</code></a>
Updated changelog.</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/5d65c8a727eb3e81d5681ec0be84e02af0f9b20b"><code>5d65c8a</code></a>
Git issue 525: segfault when fuzzy matching empty list</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/4f2ed52b3d73f39541026cf74f7c23106086b0b5"><code>4f2ed52</code></a>
Cannot get release notification action in main.yml to work. Commenting
it out...</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/647c006a88c553a694118e8cae109aa9365f188f"><code>647c006</code></a>
Further fixes in main.yml.</li>
<li><a
href="https://github.com/mrabarnett/mrab-regex/commit/d0afd79fbabd03a64ae2250e4b5701af8e997ebb"><code>d0afd79</code></a>
Another fix in main.yml.</li>
<li>Additional commits viewable in <a
href="https://github.com/mrabarnett/mrab-regex/compare/2021.11.10...2024.7.24">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=pip&previous-version=2021.11.10&new-version=2024.7.24)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
patchback bot and others added 24 commits August 29, 2024 23:02
…8939)

**This is a backport of PR #8920 as merged into master
(5cf5db5).**

Co-authored-by: Sam Bull <git@sambull.org>
(cherry picked from commit 7681235)

Co-authored-by: Xavier Halloran <75104372+ReallyReivax@users.noreply.github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.7.4
to 2024.8.30.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/certifi/python-certifi/commit/325c2fde4f8eec10d682b09f3b0414dc05e69a81"><code>325c2fd</code></a>
2024.08.30 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/304">#304</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/d66bf5fccbb2b13b033841ef86ad261ab9915833"><code>d66bf5f</code></a>
Bump actions/upload-artifact from 4.3.5 to 4.3.6 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/302">#302</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/2150f23ee178c923fb05913e516d168dd841f9e3"><code>2150f23</code></a>
Bump actions/upload-artifact from 4.3.4 to 4.3.5 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/301">#301</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/fc9b771c1e5bd5f0f97534464c16a6ab785d5592"><code>fc9b771</code></a>
Bump actions/setup-python from 5.1.0 to 5.1.1 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/300">#300</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/965b2391df4bdce03fb07bf8cc19003585b43599"><code>965b239</code></a>
Bump actions/download-artifact from 4.1.7 to 4.1.8 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/297">#297</a>)</li>
<li><a
href="https://github.com/certifi/python-certifi/commit/c1f50ccd010b428caeb105255638e67be7c64f5c"><code>c1f50cc</code></a>
Bump actions/upload-artifact from 4.3.3 to 4.3.4 (<a
href="https://redirect.github.com/certifi/python-certifi/issues/296">#296</a>)</li>
<li>See full diff in <a
href="https://github.com/certifi/python-certifi/compare/2024.07.04...2024.08.30">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=certifi&package-manager=pip&previous-version=2024.7.4&new-version=2024.8.30)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
)

**This is a backport of PR #8936 as merged into master
(76a00d1).**

---------

Co-authored-by: Sam Bull <git@sambull.org>
…eter in ClientSession (#8955)

**This is a backport of PR #8953 as merged into master
(51ea3b3).**

Co-authored-by: Maxim Zemskov <m.zemskov1@gmail.com>
Co-authored-by: J. Nick Koston <nick@koston.org>
(cherry picked from commit 6be9452)
(cherry picked from commit c09c538)

---------

Co-authored-by: Artem Yushkovskiy <ajuszkowski@ya.ru>
…t` behaviour for empty payload (#8970)

**This is a backport of PR #7168 as merged into master
(8a525d9).**

Co-authored-by: Rahul Nahata <rahul.nahata96@gmail.com>
…cts to different origin when _base_url set (#8976)

**This is a backport of PR #8966 as merged into master
(f569894).**

---------

Co-authored-by: Maxim Zemskov <m.zemskov1@gmail.com>
Co-authored-by: Sam Bull <git@sambull.org>
…ame sender (#8979)

Co-authored-by: J. Nick Koston <nick@koston.org>
…ception (#8982)

**This is a backport of PR #8968 as merged into master
(8daecf5).**

Co-authored-by: Sam Bull <git@sambull.org>
Bumps [yarl](https://github.com/aio-libs/yarl) from 1.9.6 to 1.9.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/yarl/releases">yarl's
releases</a>.</em></p>
<blockquote>
<h2>1.9.7</h2>
<h2>Removals and backward incompatible breaking changes</h2>
<ul>
<li>
<p>Removed support :rfc:<code>3986#section-3.2.3</code> port
normalization when the scheme is not one of <code>http</code>,
<code>https</code>, <code>wss</code>, or <code>ws</code> -- by
:user:<code>bdraco</code>.</p>
<p>Support for port normalization was recently added in <a
href="https://redirect.github.com/aio-libs/yarl/issues/1033">#1033</a>
and contained code that would do blocking I/O if the scheme was not one
of the four listed above. The code has been removed because this library
is intended to be safe for usage with <code>asyncio</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/yarl/issues/1076">#1076</a>.</p>
</li>
</ul>
<h2>Miscellaneous internal changes</h2>
<ul>
<li>
<p>Improved performance of property caching -- by
:user:<code>bdraco</code>.</p>
<p>The <code>reify</code> implementation from <code>aiohttp</code> was
adapted to replace the internal <code>cached_property</code>
implementation.</p>
<p><em>Related issues and pull requests on GitHub:</em>
<a
href="https://redirect.github.com/aio-libs/yarl/issues/1070">#1070</a>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/aio-libs/yarl/blob/master/CHANGES.rst">yarl's
changelog</a>.</em></p>
<blockquote>
<h1>1.9.7</h1>
<p><em>(2024-09-01)</em></p>
<h2>Removals and backward incompatible breaking changes</h2>
<ul>
<li>
<p>Removed support :rfc:<code>3986#section-3.2.3</code> port
normalization when the scheme is not one of <code>http</code>,
<code>https</code>, <code>wss</code>, or <code>ws</code> -- by
:user:<code>bdraco</code>.</p>
<p>Support for port normalization was recently added in
:issue:<code>1033</code> and contained code that would do blocking I/O
if the scheme was not one of the four listed above. The code has been
removed because this library is intended to be safe for usage with
:mod:<code>asyncio</code>.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1076</code>.</p>
</li>
</ul>
<h2>Miscellaneous internal changes</h2>
<ul>
<li>
<p>Improved performance of property caching -- by
:user:<code>bdraco</code>.</p>
<p>The <code>reify</code> implementation from <code>aiohttp</code> was
adapted to replace the internal <code>cached_property</code>
implementation.</p>
<p><em>Related issues and pull requests on GitHub:</em>
:issue:<code>1070</code>.</p>
</li>
</ul>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aio-libs/yarl/commit/845f017dc525151e2a02a0bc2e855d68d761d25a"><code>845f017</code></a>
Release 1.9.7</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/7c1220bc0930afbfe52021d47b83a3ea9995df60"><code>7c1220b</code></a>
Remove fallback to getservbyname in _get_default_port (<a
href="https://redirect.github.com/aio-libs/yarl/issues/1076">#1076</a>)</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/6339581f4fb2ad5d6d8a06470d7b09c69da0e8ef"><code>6339581</code></a>
Adapt aiohttp reify implementation to replace internal cached_property
(<a
href="https://redirect.github.com/aio-libs/yarl/issues/1070">#1070</a>)</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/2a3235ebd5c33c7ce8ea4de76e47d489a1be8d60"><code>2a3235e</code></a>
Add additional coverage for joining urls (<a
href="https://redirect.github.com/aio-libs/yarl/issues/1066">#1066</a>)</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/94b6b518195adac8da9275e36535bea6a9be9aad"><code>94b6b51</code></a>
🧪🚑 Fix coverage.py-included paths @ XML (<a
href="https://redirect.github.com/aio-libs/yarl/issues/1074">#1074</a>)</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/3d5ce652b5aab6cf3c5e1b42727420db1cd31298"><code>3d5ce65</code></a>
🧪 Bump MyPy to v1.11.2</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/8aa3733b5cdda8658c1d30cdd627f577663a71ee"><code>8aa3733</code></a>
🧪 Add a MyPy run against Python 3.13 code paths</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/cbf0b9ee12105cb15e02b012f2af1a699b7b2048"><code>cbf0b9e</code></a>
🧪💅 Lower-case bools in MyPy config</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/b253381a87517a2cd78ffa56b8e539ce27478492"><code>b253381</code></a>
🧪 Drop leftover MyPy checked paths from config</li>
<li><a
href="https://github.com/aio-libs/yarl/commit/a7f80077d2da94c2ddc597cc2afbdde4246931dd"><code>a7f8007</code></a>
🧪 Stop auto-installing MyPy type stubs</li>
<li>Additional commits viewable in <a
href="https://github.com/aio-libs/yarl/compare/v1.9.6...v1.9.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=yarl&package-manager=pip&previous-version=1.9.6&new-version=1.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ce docs (#8989)

**This is a backport of PR #8987 as merged into master
(5c3d50f).**

Co-authored-by: Sam Bull <git@sambull.org>
)

**This is a backport of PR #8991 as merged into master
(1ba3011).**

Co-authored-by: Sam Bull <git@sambull.org>
…se.clone() for absolute URLs (#8997)

**This is a backport of PR #8990 as merged into master
(731ba4d).**

Co-authored-by: Sam Bull <git@sambull.org>
Bumps [setuptools](https://github.com/pypa/setuptools) from 74.0.0 to
74.1.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v74.1.0</h1>
<h2>Features</h2>
<ul>
<li>Added support for defining <code>ext-modules</code> via
<code>pyproject.toml</code>
(<strong>EXPERIMENTAL</strong>, may change in future releases). (<a
href="https://redirect.github.com/pypa/setuptools/issues/4568">#4568</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>Merge with pypa/distutils@3dcdf8567, removing the duplicate vendored
copy of packaging. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4622">#4622</a>)</li>
<li>Restored <code>setuptools.msvc.Environmentinfo</code> as it is used
externally. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4625">#4625</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/1a9d87308dc0d8aabeaae0dce989b35dfb7699f0"><code>1a9d873</code></a>
Bump version: 74.0.0 → 74.1.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/4d9a750695c08fae4d2a40a3b94b718f8ee28c2f"><code>4d9a750</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/setuptools/issues/4626">#4626</a>
from pypa/bugfix/msvc-EnvironmentInfo</li>
<li><a
href="https://github.com/pypa/setuptools/commit/a16582be2518bb53f413e1a4bf76f7014a55e806"><code>a16582b</code></a>
Add a test for construction of EnvironmentInfo.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/616d8735ebe890691b3c78470c40992a7532f11a"><code>616d873</code></a>
Add news fragment.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/242388806a0ac0f47f49020c67befd685a8e4a52"><code>2423888</code></a>
Remove only the monkeypatching, leaving EnvironmentInfo in place.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/7ecbcb0eb8a67a0408e1f6062f6591ea412f4e06"><code>7ecbcb0</code></a>
Revert &quot;Remove monkeypatching of _msvccompiler.&quot;</li>
<li><a
href="https://github.com/pypa/setuptools/commit/5d4473ed6f511ccfd14d65a908f1290e1300cbf5"><code>5d4473e</code></a>
Implement declarative <code>ext-modules</code> in
<code>pyproject.toml</code> (&quot;experimental&quot;) (<a
href="https://redirect.github.com/pypa/setuptools/issues/4568">#4568</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/592d089d2eb8b1e50fdd45d1939f77fe3832a307"><code>592d089</code></a>
Add news fragment</li>
<li><a
href="https://github.com/pypa/setuptools/commit/11731e2950342a3c1d0138fe27d23a4e1e652119"><code>11731e2</code></a>
Add docs about ext-modules in pyproject.toml</li>
<li><a
href="https://github.com/pypa/setuptools/commit/bf768e0cfb2194e554bb268801e249c3e1af2ca6"><code>bf768e0</code></a>
Add experimental warning to ext-modules in pyproject.toml</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v74.0.0...v74.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=setuptools&package-manager=pip&previous-version=74.0.0&new-version=74.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit 1d170d3)
@psf-chronographer psf-chronographer bot added the bot:chronographer:provided There is a change note present in this PR label Sep 3, 2024
@booniepepper
Copy link
Contributor Author

Wrong target branch... will reopen

@booniepepper booniepepper deleted the patchback/backports/3.11/1d170d37f476df705a9dcc3588e192e8ccb871c0/pr-7731 branch September 3, 2024 21:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bot:chronographer:provided There is a change note present in this PR
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants