chore(deps): bump the pip group across 1 directory with 6 updates

[dependabot[bot]]

Bumps the pip group with 6 updates in the / directory:

Package	From	To
black	24.8.0	24.10.0
configobj	5.0.8	5.0.9
pillow	10.4.0	11.0.0
pyinstaller	6.10.0	6.11.0
pylint	3.3.0	3.3.1
pyside6	6.7.2	6.8.0.1

Updates black from 24.8.0 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

Changelog

Sourced from black's changelog.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

Commits

• 1b2427a Prepare release 24.10.0 (#4471)
• a22b1eb Add mypyc 3.13 wheel build (#4449)
• b7d0e72 Bump AndreMiras/coveralls-python-action from 65c1672f0b8a201702d86c81b79187df...
• f1a2f92 Include --unstable in cache key (#4466)
• 8d9d18c Fix skipping Jupyter cells with unknown %% magic (#4462)
• bbfdba3 Fix docs CI: use venv for uv to fix 'failed to create directory' (#4460)
• 8fb2add Use builtin generics (#4458)
• 2a45cec Fix crashes with comments in parentheses (#4453)
• b4d6d86 Drop Python 3.8 support (#4452)
• ac018c1 Require newer aiohttp for blackd (#4451)
• Additional commits viewable in compare view

Updates configobj from 5.0.8 to 5.0.9

Release notes

Sourced from configobj's releases.

5.0.9

What's Changed

• Address CVE-2023-26112 ReDoS by @​cdcadman in DiffSK/configobj#236
• Drop Python 2 support and compatibility code by @​jelmer in DiffSK/configobj#237
• Extra 2014 by @​jelmer in DiffSK/configobj#245
• setup.py: fix license tag by @​yegorich in DiffSK/configobj#241
• Update minimum python to 3.7 everywhere, and add 3.12 by @​jelmer in DiffSK/configobj#246

New Contributors

• @​cdcadman made their first contribution in DiffSK/configobj#236
• @​yegorich made their first contribution in DiffSK/configobj#241

Full Changelog: https://github.com/DiffSK/configobj/compare/v5.0.8...v5.0.9

Changelog

Sourced from configobj's changelog.

Changelog

Release 5.0.9 """""""""""""

• drop support for Python 2 and <3.7
• fix CVE-2023-26112, ReDoS attack

Release 5.0.8 """""""""""""

• fixing/test for a regression introduced in 5.0.7 that prevented import validate from working

Release 5.0.7 """""""""""""

• update testing to validate against python version 2.7 and 3.5-3.11
• update broken links / non-existent services and references

Older Releases """"""""""""""

• Release 5.0.6 improves error messages in certain edge cases
• Release 5.0.5 corrects a unicode-bug that still existed in writing files
• Release 5.0.4 corrects a unicode-bug that still existed in reading files after fixing lists of string in 5.0.3
• Release 5.0.3 corrects errors related to the incorrectly handling unicode encoding and writing out files
• Release 5.0.2 adds a specific error message when trying to install on Python versions older than 2.5
• Release 5.0.1 fixes a regression with unicode conversion not happening in certain cases PY2
• Release 5.0.0 updates the supported Python versions to 2.6, 2.7, 3.2, 3.3 and is otherwise unchanged
• Release 4.7.2 fixes several bugs in 4.7.1
• Release 4.7.1 fixes a bug with the deprecated options keyword in 4.7.0.
• Release 4.7.0 improves performance adds features for validation and fixes some bugs.

Commits

• 242dfd0 release 5.0.9
• 8857b08 Merge pull request #246 from DiffSK/python-version
• d6f7597 Update minimum python to 3.7 everywhere, and add 3.12
• 8ffcf0c Merge pull request #241 from yegorich/license
• 5e2f143 Merge pull request #245 from jelmer/extra-2014
• fdf3634 Drop extra '2014' in LICENSE file. Fixes #233
• 3480a6e Merge pull request #237 from jelmer/drop-python2
• 008165c Drop python 3.5 from GitHub action, since it now fails to download
• 861383c Drop support for Python < 3.5
• 7c618b0 Merge pull request #236 from cdcadman/cve_2023_26112
• Additional commits viewable in compare view

Updates pillow from 10.4.0 to 11.0.0

Release notes

Sourced from pillow's releases.

11.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/11.0.0.html

Changes

• Do not create core image in TIFF seek() #8392 [@​radarhere]
• Removed custom build_openjpeg #8365 [@​radarhere]
• Support writing LONG8 offsets in AppendingTiffWriter #8417 [@​radarhere]
• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [@​radarhere]
• Always raise warnings for deprecated feature checks #8459 [@​radarhere]
• Do not close provided file handles with libtiff when saving #8458 [@​radarhere]
• Revert "Skip QEMU-emulated wheels on workflow dispatch event" #8455 [@​radarhere]
• Support ImageFilter.BuiltinFilter for I;16* images #8438 [@​radarhere]
• [pre-commit.ci] pre-commit autoupdate #8448 [@​pre-commit-ci]
• Use ImagingCore.ptr instead of ImagingCore.id #8341 [@​homm]
• Simplified code #8445 [@​radarhere]
• Removed unused code #8447 [@​radarhere]
• Updated EPS mode when opening images without transparency #8281 [@​Yay295]
• Use transparency when combining P frames from APNGs #8443 [@​radarhere]
• Generate and upload attestations to PyPI #8441 [@​hugovk]
• Do not convert images unnecessarily in ImageEnhance #8431 [@​radarhere]
• Raise an error if path is compacted during mapping #8416 [@​radarhere]
• Support all resampling filters when resizing I;16* images #8422 [@​radarhere]
• Free memory on early return #8413 [@​radarhere]
• Cast int before potentially exceeding INT_MAX #8402 [@​radarhere]
• Prevent division by zero #8408 [@​radarhere]
• Check image value before use #8400 [@​radarhere]
• Use ruff check #8423 [@​radarhere]
• Change harfbuzz versions in wheels #8421 [@​radarhere]
• Use Capsule for WebP saving #8386 [@​homm]
• Fixed writing multiple StripOffsets to TIFF #8317 [@​Yay295]
• Updated macOS deployment target for PyPy on Intel to 10.15 #8414 [@​radarhere]
• Fix dereference before checking for NULL in ImagingTransformAffine #8398 [@​PavlNekrasov]
• Use transposed size after opening for TIFF images #8390 [@​radarhere]
• Improve ImageFont error messages #8338 [@​yngvem]
• Mention MAX_TEXT_CHUNK limit in PNG error message #8391 [@​radarhere]
• Cast Dib handle to int #8385 [@​radarhere]
• Updated macOS deployment target for Python >= 3.12 on Intel to 10.13 #8379 [@​radarhere]
• Removed unused ImagePath variable #8377 [@​radarhere]
• Change macos-14 to macos-latest #8376 [@​radarhere]
• Accept float stroke widths #8369 [@​radarhere]
• Remove comments #8370 [@​radarhere]
• Removed libffi-dev #8368 [@​radarhere]
• Improved handling of RGBA palettes when saving GIF images #8366 [@​radarhere]
• Support converting more modes to LAB by converting to RGBA first #8358 [@​radarhere]
• Optimize getbbox() and getextrema() routines #8194 [@​homm]
• Removed unused TiffImagePlugin IFD_LEGACY_API #8355 [@​radarhere]
• Handle duplicate EXIF header #8350 [@​zakajd]
• Use (void) for empty function parameters #8002 [@​Yay295]
• Return early from BoxBlur if either width or height is zero #8347 [@​radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

11.0.0 (2024-10-15)

• Update licence to MIT-CMU #8460 [hugovk]

• Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

• Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

• Do not close provided file handles with libtiff when saving #8458 [radarhere]

• Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

• Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

• Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

• Use transparency when combining P frames from APNGs #8443 [radarhere]

• Support all resampling filters when resizing I;16* images #8422 [radarhere]

• Free memory on early return #8413 [radarhere]

• Cast int before potentially exceeding INT_MAX #8402 [radarhere]

• Check image value before use #8400 [radarhere]

• Improved copying imagequant libraries #8420 [radarhere]

• Use Capsule for WebP saving #8386 [homm, radarhere]

• Fixed writing multiple StripOffsets to TIFF #8317 [Yay295, radarhere]

... (truncated)

Commits

• 204aae6 11.0.0 version bump
• f2cc87b Update CHANGES.rst [ci skip]
• c855e8e Merge pull request #8464 from radarhere/imagemath_type_hint
• dc37515 Merge pull request #8463 from hugovk/update-3.13-date
• c3d81d6 Update Python 3.13 release date
• a60610c Added type hints
• a5c58f2 Merge pull request #8460 from hugovk/mit-cmu
• e74994e Update licence to MIT-CMU
• b5e1115 Update CHANGES.rst [ci skip]
• 686b5e2 Merge pull request #8392 from radarhere/tiff_seek
• Additional commits viewable in compare view

Updates pyinstaller from 6.10.0 to 6.11.0

Release notes

Sourced from pyinstaller's releases.

v6.11.0

Please see the v6.11.0 section of the changelog for a list of the changes since v6.10.0.

Changelog

Sourced from pyinstaller's changelog.

6.11.0 (2024-10-15)

Features

* Implement a mechanism that allows hooks to inform PyInstaller's binary
  dependency analysis that it should not create symbolic links to top-level
  application directory for certain shared libraries (applicable to platforms
  where such symbolic links are created in the first place). This mechanism
  is intended as a work around for corner cases when such symbolic links
  disrupt run-time discovery of other shared libraries that are stored in
  the linked library's true location. (:issue:`8761`)
Bugfix

* (Windows) Allow PyInstaller to be launched from SYSTEM user's home
  directory (``%WINDIR%\system32\config\systemprofile``) and its
  sub-directories, as an exception to general prohibition of running
  from Windows directory and its sub-directories (which was introduced
  in :issue:`8570`). (:issue:`8816`)
* (Windows) Attempt to mitigate timing issues that prevented console
  hiding/minimization mechanism (:issue:`7735`) from taking effect when
  Windows Terminal is used as the default terminal app. (:issue:`8798`)
* (Windows) Fix binary dependency analysis for files found under
  SYSTEM user's home directory (``%WINDIR%\system32\config\systemprofile``)
  when running PyInstaller as SYSTEM user. (:issue:`8810`)
* (Windows) Fix regression with PyInstaller 6.x and ``numpy`` < 1.26
  that resulted in duplicated shared libraries bundled with ``numpy``
  PyPI wheels. (:issue:`8736`)
* (Windows) Fix the leak of ``VCRUNTIME140.dll`` in ``onefile`` applications
  with splash screen enabled, this time in scenarios with full application
  restart (regression introduced by :issue:`8650`). (:issue:`8701`)
* Fix a regression when trying to use ``runpy.run_path`` to run a python
  script bundled with the frozen application. (:issue:`8767`)
Hooks

* Add hook for ``PySide6.QtGraphsWidgets``, which was introduced with
  ``PySide6`` v6.8.0. (:issue:`8828`)
* Tweak the ``setuptools`` hook to minimize collection of vendored
  packages/modules and their (meta)data when using ``setuptools`` >= 71.0;
  the aim is to have the run-time behavior of collected vendored package
  closely match the behavior of its non-vendored counterpart. (:issue:`8737`)
* Update ``babel`` hook to collect all submodules that are needed to
  unpickle the bundled locale data files. (:issue:`8750`)
</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>

<ul>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/2996af6ba7615b2b5b822252b51e4d39d1c76f2e"><code>2996af6</code></a> Release v2024.8. [skip ci]</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/a52f9b60ec8a21ffb1066b347a1e4b893c98ddd6"><code>a52f9b6</code></a> tests: have signal-forward/ignore test use a single program build</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/71abbcc91992e97fed859504e7fd57d286fd630a"><code>71abbcc</code></a> tests: rewrite the onefile signal-forward/ignore test</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/67157e4aac509b801f4896eb982b9a2361a488a5"><code>67157e4</code></a> Tests: Requirements: Scheduled weekly dependency update for week 41 (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/8827">#8827</a>)</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/b346ec3c5983ad068c1a994bc9f2d4893b7235a3"><code>b346ec3</code></a> hooks: add hook for PySide6.QtGraphsWidgets</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/9c2bba57bfbd97268f1023ffc394eb6b261c4cf8"><code>9c2bba5</code></a> setup: Fix too-soon check for available bootloaders</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/2ebca31568e4d84371845a9358245aa4b2de0337"><code>2ebca31</code></a> ci: split macOS test workflows between macos-13 and macos-14 runners</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/fcc9526cd77735ba70ecb4d10639f10d20c1f407"><code>fcc9526</code></a> tests: apple events: use UUID for unique URL scheme and file extension</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/1d7fcb32959ae76112456c78ca9a460da47a554f"><code>1d7fcb3</code></a> tests: apple events: fix path to Carbon.framework</li>
<li><a href="https://github.com/pyinstaller/pyinstaller/commit/d5f56ba37291add6139f624cdf1ca3c97be86cd7"><code>d5f56ba</code></a> tests: remove keyring pin for old python + macOS combination</li>
<li>Additional commits viewable in <a href="https://github.com/pyinstaller/pyinstaller/compare/v6.10.0...v6.11.0">compare view</a></li>
</ul>
</details>

<br />
</code></pre>

Updates `pylint` from 3.3.0 to 3.3.1
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pylint-dev/pylint/commit/76bce72bc57cc8089e439cc9d22fed5806341ed4"><code>76bce72</code></a> Bump pylint to 3.3.1, update changelog (<a href="https://redirect.github.com/pylint-dev/pylint/issues/9954">#9954</a>)</li>
<li><a href="https://github.com/pylint-dev/pylint/commit/55ee81651aa98d644e046a0f02f20576ecb3a6dc"><code>55ee816</code></a> Bump astroid to 3.3.4 (<a href="https://redirect.github.com/pylint-dev/pylint/issues/9951">#9951</a>) (<a href="https://redirect.github.com/pylint-dev/pylint/issues/9952">#9952</a>)</li>
<li>See full diff in <a href="https://github.com/pylint-dev/pylint/compare/v3.3.0...v3.3.1">compare view</a></li>
</ul>
</details>
<br />

Updates `pyside6` from 6.7.2 to 6.8.0.1


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions


</details>