Bump the pip-minor group across 1 directory with 11 updates

Open dependabot[bot] opened this issue 1 year ago • 0 comments

Bumps the pip-minor group with 11 updates in the / directory:

Package	From	To
sqlalchemy	`2.0.29`	`2.0.30`
cloud-sql-python-connector	`1.8.0`	`1.9.2`
pg8000	`1.31.1`	`1.31.2`
marshmallow	`3.21.1`	`3.21.2`
requests	`2.32.0`	`2.32.2`
okta	`2.9.5`	`2.9.6`
pluggy	`1.4.0`	`1.5.0`
tox	`4.14.2`	`4.15.0`
ruff	`0.3.5`	`0.4.4`
mypy	`1.9.0`	`1.10.0`
types-requests	`2.31.0.20240406`	`2.32.0.20240521`

Updates sqlalchemy from 2.0.29 to 2.0.30

Release notes

Sourced from sqlalchemy's releases.

2.0.30

Released: May 5, 2024

orm

[orm] [bug] Added new attribute _orm.ORMExecuteState.is_from_statement to detect statements created using _sql.Select.from_statement(), and enhanced FromStatement to set _orm.ORMExecuteState.is_select, _orm.ORMExecuteState.is_insert, _orm.ORMExecuteState.is_update, and _orm.ORMExecuteState.is_delete according to the element that is sent to the _sql.Select.from_statement() method itself.

References: #11220

[orm] [bug] Fixed issue in _orm.selectin_polymorphic() loader option where attributes defined with _orm.composite() on a superclass would cause an internal exception on load.

References: #11291

[orm] [bug] [regression] Fixed regression from 1.4 where using _orm.defaultload() in conjunction with a non-propagating loader like _orm.contains_eager() would nonetheless propagate the _orm.contains_eager() to a lazy load operation, causing incorrect queries as this option is only intended to come from an original load.

References: #11292

[orm] [bug] Fixed issue in ORM Annotated Declarative where typing issue where literals defined using PEP 695 type aliases would not work with inference of Enum datatypes. Pull request courtesy of Alc-Alc.

References: #11305

[orm] [bug] Fixed issue in _orm.selectin_polymorphic() loader option where the SELECT emitted would only accommodate for the child-most class among the result rows that were returned, leading intermediary-class attributes to be unloaded if there were no concrete instances of that intermediary-class present in the result. This issue only presented itself for multi-level inheritance hierarchies.

References: #11327

[orm] [bug] Fixed issue in _orm.Session.bulk_save_objects() where the form of the identity key produced when using return_defaults=True would be incorrect. This could lead to an errors during pickling as well as identity map mismatches.

... (truncated)

Commits

See full diff in compare view

Updates cloud-sql-python-connector from 1.8.0 to 1.9.2

Release notes

Sourced from cloud-sql-python-connector's releases.

v1.9.2

1.9.2 (2024-05-14)

Dependencies

update dependency cryptography to v42.0.7 (#1076) (a4aec7e)

v1.9.1

1.9.1 (2024-04-17)

Bug Fixes

add minimum version for google-auth dep (#1065) (b13d172)

Dependencies

update dependency aiohttp to v3.9.5 (#1063) (bd6c323)

v1.9.0

1.9.0 (2024-04-16)

Features

add universe domain support to Connector (TPC) (#1045) (b1e9dee)

Dependencies

update dependency aiohttp to v3.9.4 (#1060) (78b3671)

Update dependency google-auth to v2.29.0 (#1043) (2ac2fd1)

Update dependency pg8000 to v1.31.1 (#1053) (eaa371d)

Changelog

Sourced from cloud-sql-python-connector's changelog.

1.9.2 (2024-05-14)

Dependencies

update dependency cryptography to v42.0.7 (#1076) (a4aec7e)

1.9.1 (2024-04-17)

Bug Fixes

add minimum version for google-auth dep (#1065) (b13d172)

Dependencies

update dependency aiohttp to v3.9.5 (#1063) (bd6c323)

1.9.0 (2024-04-16)

Features

add universe domain support to Connector (TPC) (#1045) (b1e9dee)

Dependencies

update dependency aiohttp to v3.9.4 (#1060) (78b3671)

Update dependency google-auth to v2.29.0 (#1043) (2ac2fd1)

Update dependency pg8000 to v1.31.1 (#1053) (eaa371d)

Commits

e6a2c6f chore(main): release 1.9.2 (#1080)
9a154af chore(deps): Update dependencies for github (#1078)
a4aec7e deps: update dependency cryptography to v42.0.7 (#1076)
ad101a3 chore(deps): bump jinja2 from 3.1.3 to 3.1.4 in /.kokoro (#1077)
3af83c1 chore(deps): update python-nonmajor (#1073)
3a70560 chore(deps): Update dependencies for github (#1069)
2560347 chore: update SQLAlchemy dep to include optional asyncio deps (#1074)
265218d refactor: rename Instance to RefreshAheadCache (#1068)
79a5426 chore(deps): Update dependencies for github (#1067)
c27775a chore(main): release 1.9.1 (#1066)
Additional commits viewable in compare view

Updates pg8000 from 1.31.1 to 1.31.2

Commits

9945228 Prepare for new release
0e6a319 Add tests for Python 3.12
62a90d4 Non-ascii parameter statuses fail
e80fbb1 Update note on IN in README
7ab7148 Add 'author' to pyproject
d0356d5 Tests: fixup for the dbname mentioned in a couple of SCRAM-related test comme...
See full diff in compare view

Updates marshmallow from 3.21.1 to 3.21.2

Changelog

Sourced from marshmallow's changelog.

3.21.2 (2024-05-01)

Bug fixes:

Allow timestamp 0 in fields.DateTime (:issue:2133). Thanks :user:flydzen for reporting.

Commits

511b8c5 Bump version and update changelog
03f56a4 Merge pull request #2264 from marshmallow-code/allow_timestamp_0
58fbbcd Encapsulate timestamp boolean check in utils
6e72beb DateTime field: reject timestamp True/False
845f573 DateTime field: allow timestamp 0
183c411 Merge pull request #2263 from marshmallow-code/pre-commit-ci-update-config
2d6e5c2 Use format specifiers instead of percent format
a2ee924 [pre-commit.ci] pre-commit autoupdate
38dc356 [pre-commit.ci] pre-commit autoupdate
ccc8c72 Bump sphinx from 7.3.6 to 7.3.7
Additional commits viewable in compare view

Updates requests from 2.32.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

Add missing test certs to the sdist distributed on PyPI.

Commits

88dce9d v2.32.2
c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
92075b3 Add deprecation warning
aa1461b Move _get_connection to get_connection_with_tls_context
970e8ce v2.32.1
See full diff in compare view

Updates okta from 2.9.5 to 2.9.6

Changelog

Sourced from okta's changelog.

Okta Python SDK Changelog

Commits

See full diff in compare view

Updates pluggy from 1.4.0 to 1.5.0

Changelog

Sourced from pluggy's changelog.

pluggy 1.5.0 (2024-04-19)

Features

[#178](https://github.com/pytest-dev/pluggy/issues/178) <https://github.com/pytest-dev/pluggy/issues/178>_: Add support for deprecating specific hook parameters, or more generally, for issuing a warning whenever a hook implementation requests certain parameters.

See :ref:warn_on_impl for details.

Bug Fixes

[#481](https://github.com/pytest-dev/pluggy/issues/481) <https://github.com/pytest-dev/pluggy/issues/481>_: PluginManager.get_plugins() no longer returns None for blocked plugins.

Commits

f8aa4a0 Preparing release 1.5.0
b4a8c92 Merge pull request #495 from bluetech/warn-on-impl-args
6f6ea68 Add support deprecating hook parameters
91f88d2 Merge pull request #496 from bluetech/codecov-action
89ce829 ci: replace upload-coverage script with codecov github action
29f104d Lift pluggy (#493)
c2b36b4 Merge pull request #491 from pytest-dev/pre-commit-ci-update-config
2b533c9 [pre-commit.ci] pre-commit autoupdate
04d1bcd [pre-commit.ci] pre-commit autoupdate (#490)
f74e94b [pre-commit.ci] pre-commit autoupdate (#489)
Additional commits viewable in compare view

Updates tox from 4.14.2 to 4.15.0

Release notes

Sourced from tox's releases.

4.15.0

What's Changed

Remove duplicated and misleading configuration section by @jugmac00 in tox-dev/tox#3251

Fix dropped leading characters c from constraints' packages by @jugmac00 in tox-dev/tox#3250

Fix type-checking by @stefanor in tox-dev/tox#3260

Update installation.rst by @shenxianpeng in tox-dev/tox#3257

Allow appending to deps with the command line by @stefanor in tox-dev/tox#3259

Support multiple override appends by @amitschang in tox-dev/tox#3261

Add bang to invert exit code by @sillydan1 in tox-dev/tox#3271

fix(parser): Fix --discover parsed incorrectly from env by @mimre25 in tox-dev/tox#3274

New Contributors

@shenxianpeng made their first contribution in tox-dev/tox#3257

@amitschang made their first contribution in tox-dev/tox#3261

@sillydan1 made their first contribution in tox-dev/tox#3271

@mimre25 made their first contribution in tox-dev/tox#3274

Full Changelog: https://github.com/tox-dev/tox/compare/4.14.2...4.15.0

Changelog

Sourced from tox's changelog.

v4.15.0 (2024-04-26)

Features - 4.15.0
- Add support for multiple appending override options (-x, --override) on command line - by :user:`amitschang`. (:issue:`3261`)
- Add support for inverting exit code success criteria using bang (!) (:issue:`3271`)
Bugfixes - 4.15.0
Fix issue that the leading character c was dropped from packages in constraints files - by :user:jugmac00. (:issue:3247)

Allow appending to deps with --override testenv.deps+=foo - by :user:stefanor. (:issue:3256)

Fix non-existing branch rewrite in the documentation to main. (:issue:3257)

Update test typing for build 1.2.0, which has an explicit Distribution type - by :user:stefanor. (:issue:3260)

Fix broken input parsing for --discover flag. - by :user:mimre25 (:issue:3272)

Improved Documentation - 4.15.0
- Rephrase ``--discover`` flag's description to avoid confusion between paths and executables. - by :user:`mimre25` (:issue:`3274`)

Commits

261b4ca release 4.15.0
c54dfbd fix(parser): Fix --discover parsed incorrectly from env (#3274)
809e10f Add bang to invert exit code (#3271)
822c9d0 [pre-commit.ci] pre-commit autoupdate (#3267)
0e5a3db [pre-commit.ci] pre-commit autoupdate (#3265)
f5850c0 Support multiple override appends (#3261)
c2be629 Allow appending to deps with the command line (#3259)
d28a9ee Update installation.rst (#3257)
a19a946 [pre-commit.ci] pre-commit autoupdate (#3258)
a22fe8f Fix type-checking (#3260)
Additional commits viewable in compare view

Updates ruff from 0.3.5 to 0.4.4

Release notes

Sourced from ruff's releases.

v0.4.4

Changes

Preview features

[pycodestyle] Ignore end-of-line comments when determining blank line rules (#11342)

[pylint] Detect pathlib.Path.open calls in unspecified-encoding (PLW1514) (#11288)

[flake8-pyi] Implement PYI059 (generic-not-last-base-class) (#11233)

[flake8-pyi] Implement PYI062 (duplicate-literal-member) (#11269)

Rule changes

[flake8-boolean-trap] Allow passing booleans as positional-only arguments in code such as set(True) (#11287)

[flake8-bugbear] Ignore enum classes in cached-instance-method (B019) (#11312)

Server

Expand tildes when resolving Ruff server configuration file (#11283)

Fix ruff server hanging after Neovim closes (#11291)

Editor settings are used by default if no file-based configuration exists (#11266)

Bug fixes

[pylint] Consider with statements for too-many-branches (PLR0912) (#11321)

[flake8-blind-except, tryceratops] Respect logged and re-raised expressions in nested statements (BLE001, TRY201) (#11301)

Recognise assignments such as __all__ = builtins.list(["foo", "bar"]) as valid __all__ definitions (#11335)

Contributors

@Abdur-rahmaanJ

@AlexWaygood

@KPCOFGS

@MichaReiser

@augustelalande

@blueraft

@carljm

@carloshbcabral

@charliermarsh

@dhruvmanila

@renovate

@snowsignal

@tusharsadhwani

v0.4.3

Changes

Enhancements

Add support for PEP 696 syntax (#11120)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.4

Preview features

[pycodestyle] Ignore end-of-line comments when determining blank line rules (#11342)

[pylint] Detect pathlib.Path.open calls in unspecified-encoding (PLW1514) (#11288)

[flake8-pyi] Implement PYI059 (generic-not-last-base-class) (#11233)

[flake8-pyi] Implement PYI062 (duplicate-literal-member) (#11269)

Rule changes

[flake8-boolean-trap] Allow passing booleans as positional-only arguments in code such as set(True) (#11287)

[flake8-bugbear] Ignore enum classes in cached-instance-method (B019) (#11312)

Server

Expand tildes when resolving Ruff server configuration file (#11283)

Fix ruff server hanging after Neovim closes (#11291)

Editor settings are used by default if no file-based configuration exists (#11266)

Bug fixes

[pylint] Consider with statements for too-many-branches (PLR0912) (#11321)

[flake8-blind-except, tryceratops] Respect logged and re-raised expressions in nested statements (BLE001, TRY201) (#11301)

Recognise assignments such as __all__ = builtins.list(["foo", "bar"]) as valid __all__ definitions (#11335)

0.4.3

Enhancements

Add support for PEP 696 syntax (#11120)

Preview features

[refurb] Use function range for reimplemented-operator diagnostics (#11271)

[refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)

[refurb] Implement fstring-number-format (FURB116) (#10921)

[ruff] Implement redirected-noqa (RUF101) (#11052)

[pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

[flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)

[flake8-logging] Include inline instantiations when detecting loggers (#11154)

[pylint] Also emit PLR0206 for properties with variadic parameters (#11200)

[ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

Avoid multiline expression if format specifier is present (#11123)

... (truncated)

Commits

3e8878a Bump version to v0.4.4 (#11352)
b6b4ad9 [red-knot] @override lint rule (#11282)
dd42961 [pylint] Detect pathlib.Path.open calls in unspecified-encoding (`PLW15...
c80c171 [red-knot] Vendor typeshed's stdlib (#11340)
e2fe177 Revert "Simplify arithmetic operation in logical lines checker (#11346)" (#11...
e9d1cdd Simplify arithmetic operation in logical lines checker (#11346)
dfe4291 Improve ruff_python_semantic::all::extract_all_names() (#11335)
4541337 [red-knot] Remove \<Db: SemanticDb> contraints in favor of dynamic dispatch ...
8e9ddee Ignore end-of-line comments when determining blank line rules (#11342)
702d2fa Make B024 and B027 documentation more nuanced (#11341)
Additional commits viewable in compare view

Updates mypy from 1.9.0 to 1.10.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.10

We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:
python3 -m pip install -U mypy
You can read the full documentation for this release on Read the Docs.

Support TypeIs (PEP 742)

Mypy now supports TypeIs (PEP 742), which allows functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard, TypeIs can narrow in both the if and else branches of an if statement:
from typing_extensions import TypeIs
def is_str(s: object) -> TypeIs[str]:
return isinstance(s, str)
def f(o: str | int) -> None:
if is_str(o):
# Type of o is 'str'
...
else:
# Type of o is 'int'
...
TypeIs will be added to the typing module in Python 3.13, but it can be used on earlier Python versions by importing it from typing_extensions.

This feature was contributed by Jelle Zijlstra (PR 16898).

Support TypeVar Defaults (PEP 696)

PEP 696 adds support for type parameter defaults. Example:
from typing import Generic
from typing_extensions import TypeVar
</tr></table>

... (truncated)

Commits

3faf0fc Remove +dev for version for release 1.10
a5998d2 Update CHANGELOG.md (#17159)
62ea5b0 Various updates to changelog for 1.10 (#17158)
2f0864c Update CHANGELOG.md with draft for release 1.10 (#17150)
e1443bb fix: incorrect returned type of access descriptors on unions of types (#16604)
5161ac2 Sync typeshed (#17124)
e2fc1f2 Fix crash when expanding invalid Unpack in a Callable alias (#17028)
3ff6e47 Docs: docstrings in checker.py, ast_helpers.py (#16908)
732d98e Fix string formatting for string enums (#16555)
8019010 Narrow individual items when matching a tuple to a sequence pattern (#16905)
Additional commits viewable in compare view

Updates types-requests from 2.31.0.20240406 to 2.32.0.20240521

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

May 22 '24 20:05 dependabot[bot]