{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":787935477,"defaultBranch":"main","name":"example-python-package","ownerLogin":"seumoose","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2024-04-17T13:15:01.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/22810975?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1722433488.0","currentOid":""},"activityList":{"items":[{"before":"3e77c9c4a442e2d464867edc7e6054ec2e717547","after":null,"ref":"refs/heads/dependabot/pip/main/mypy-1.11.0","pushedAt":"2024-07-31T13:44:48.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"f592bf8f487a6f1411f8f8c44004deacf689115d","ref":"refs/heads/dependabot/pip/main/mypy-1.11.1","pushedAt":"2024-07-31T13:44:44.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.10.0 to 1.11.1\n\nBumps [mypy](https://github.com/python/mypy) from 1.10.0 to 1.11.1.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/v1.10.0...v1.11.1)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.10.0 to 1.11.1"}},{"before":"b4bad623c1e098fac86dd15435e4702b5e27e7e8","after":null,"ref":"refs/heads/dependabot/pip/main/mypy-1.10.1","pushedAt":"2024-07-22T13:48:02.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"3e77c9c4a442e2d464867edc7e6054ec2e717547","ref":"refs/heads/dependabot/pip/main/mypy-1.11.0","pushedAt":"2024-07-22T13:47:59.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.10.0 to 1.11.0\n\nBumps [mypy](https://github.com/python/mypy) from 1.10.0 to 1.11.0.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/v1.10.0...v1.11)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.10.0 to 1.11.0"}},{"before":null,"after":"b4bad623c1e098fac86dd15435e4702b5e27e7e8","ref":"refs/heads/dependabot/pip/main/mypy-1.10.1","pushedAt":"2024-06-25T13:47:41.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.10.0 to 1.10.1\n\nBumps [mypy](https://github.com/python/mypy) from 1.10.0 to 1.10.1.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/v1.10.0...v1.10.1)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.10.0 to 1.10.1"}},{"before":null,"after":"c6a69b887fe7864e0ae63ff81c69f3d6b0604062","ref":"refs/heads/dependabot/pip/main/bandit-1.7.9","pushedAt":"2024-06-13T13:53:51.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump bandit from 1.7.8 to 1.7.9\n\nBumps [bandit](https://github.com/PyCQA/bandit) from 1.7.8 to 1.7.9.\n- [Release notes](https://github.com/PyCQA/bandit/releases)\n- [Commits](https://github.com/PyCQA/bandit/compare/1.7.8...1.7.9)\n\n---\nupdated-dependencies:\n- dependency-name: bandit\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump bandit from 1.7.8 to 1.7.9"}},{"before":null,"after":"2952cbb647de7eef34579eea528096c1e047754d","ref":"refs/heads/dependabot/pip/main/typeguard-4.3.0","pushedAt":"2024-05-27T14:08:11.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump typeguard from 4.2.1 to 4.3.0\n\nBumps [typeguard](https://github.com/agronholm/typeguard) from 4.2.1 to 4.3.0.\n- [Release notes](https://github.com/agronholm/typeguard/releases)\n- [Changelog](https://github.com/agronholm/typeguard/blob/master/docs/versionhistory.rst)\n- [Commits](https://github.com/agronholm/typeguard/compare/4.2.1...4.3.0)\n\n---\nupdated-dependencies:\n- dependency-name: typeguard\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump typeguard from 4.2.1 to 4.3.0"}},{"before":null,"after":"42946dacb33c8fa388b5c0b922ce055564b22341","ref":"refs/heads/cleanup","pushedAt":"2024-05-22T15:18:55.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"},"commit":{"message":"Adds basic sonar scanning scripts","shortMessageHtmlLink":"Adds basic sonar scanning scripts"}},{"before":"0282271185a9e652b357e03a554460a5f958edb0","after":null,"ref":"refs/heads/dependabot/pip/main/mypy-1.10.0","pushedAt":"2024-04-29T23:06:31.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"}},{"before":"81c46e0652899269642ad819b8ac6373947a4456","after":"52d8e06bfe2cf0ecc03d7dbc94b92ca15953a9bc","ref":"refs/heads/main","pushedAt":"2024-04-29T23:06:29.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"},"commit":{"message":"Bump mypy from 1.9.0 to 1.10.0 (#11)\n\nBumps [mypy](https://github.com/python/mypy) from 1.9.0 to 1.10.0.\r\n
\r\nChangelog\r\n

Sourced from mypy's\r\nchangelog.

\r\n
\r\n

Mypy Release Notes

\r\n

Next release

\r\n

Mypy 1.10

\r\n

We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type\r\nchecker for Python. This release includes new features, performance\r\nimprovements and bug fixes. You can install it as follows:

\r\n
python3 -m pip install -U mypy\r\n
\r\n

You can read the full documentation for this release on Read the Docs.

\r\n

Support TypeIs (PEP 742)

\r\n

Mypy now supports TypeIs (PEP 742), which allows\r\nfunctions to narrow the type of a value, similar to\r\nisinstance(). Unlike TypeGuard,\r\nTypeIs can narrow in both the if and\r\nelse branches of an if statement:

\r\n
from typing_extensions import TypeIs\r\n
def is_str(s: object) -> TypeIs[str]:\r\nreturn isinstance(s, str)
\r\n
def f(o: str | int) -> None:\r\nif is_str(o):\r\n# Type of o is 'str'\r\n...\r\nelse:\r\n# Type of o is 'int'\r\n...\r\n

\r\n

TypeIs will be added to the typing module\r\nin Python 3.13, but it\r\ncan be used on earlier Python versions by importing it from\r\ntyping_extensions.

\r\n

This feature was contributed by Jelle Zijlstra (PR 16898).

\r\n

Support TypeVar Defaults (PEP 696)

\r\n

PEP 696 adds support\r\nfor type parameter defaults.\r\nExample:

\r\n
from typing import Generic\r\nfrom typing_extensions import TypeVar\r\n
</tr></table>\r\n

\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 3faf0fc\r\nRemove +dev for version for release 1.10
    • \r\n
  • a5998d2\r\nUpdate CHANGELOG.md (#17159)
    • \r\n
  • 62ea5b0\r\nVarious updates to changelog for 1.10 (#17158)
    • \r\n
  • 2f0864c\r\nUpdate CHANGELOG.md with draft for release 1.10 (#17150)
    • \r\n
  • e1443bb\r\nfix: incorrect returned type of access descriptors on unions of types\r\n(#16604)
    • \r\n
  • 5161ac2\r\nSync typeshed (#17124)
    • \r\n
  • e2fc1f2\r\nFix crash when expanding invalid Unpack in a Callable alias\r\n(#17028)
    • \r\n
  • 3ff6e47\r\nDocs: docstrings in checker.py, ast_helpers.py (#16908)
    • \r\n
  • 732d98e\r\nFix string formatting for string enums (#16555)
    • \r\n
  • 8019010\r\nNarrow individual items when matching a tuple to a sequence pattern (#16905)
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mypy&package-manager=pip&previous-version=1.9.0&new-version=1.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump mypy from 1.9.0 to 1.10.0 (#11)"}},{"before":"fb98986adb69f0ca57be14c3e430ea23c6bb3953","after":"0282271185a9e652b357e03a554460a5f958edb0","ref":"refs/heads/dependabot/pip/main/mypy-1.10.0","pushedAt":"2024-04-29T22:13:45.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.9.0 to 1.10.0\n\nBumps [mypy](https://github.com/python/mypy) from 1.9.0 to 1.10.0.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/1.9.0...v1.10.0)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.9.0 to 1.10.0"}},{"before":"614e4f43a33f57cba546b3cf8e2a3a7851427c59","after":null,"ref":"refs/heads/dependabot/pip/main/isort-5.13.2","pushedAt":"2024-04-29T22:13:09.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"}},{"before":"bea9fec42f0a3f75461720dbeb20fabaeba7527e","after":"81c46e0652899269642ad819b8ac6373947a4456","ref":"refs/heads/main","pushedAt":"2024-04-29T22:13:06.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"},"commit":{"message":"Bump isort from 5.12.0 to 5.13.2 (#10)\n\nBumps [isort](https://github.com/pycqa/isort) from 5.12.0 to 5.13.2.\r\n
\r\nRelease notes\r\n

Sourced from isort's\r\nreleases.

\r\n
\r\n

5.13.2

\r\n

Changes

\r\n
    \r\n
  • Apply the bracket fix from issue 471 only for use_parentheses=True\r\n(#2184) @​bp72
    • \r\n
  • confine pre-commit to stages (#2213) @​davidculley
    • \r\n
\r\n

:beetle: Fixes

\r\n
    \r\n
  • Fix colors extras (#2212) @​staticdev
    • \r\n
\r\n

5.13.1

\r\n

Changes

\r\n
    \r\n
  • Fix integration tests (#2208) @​bp72
    • \r\n
  • Added a fix for normalizing imports from more than one level of\r\nparent modules (issue/2152) (#2191) @​bp72
    • \r\n
\r\n

:beetle: Fixes

\r\n
    \r\n
  • Remove optional dependencies without extras (#2207) @​staticdev
    • \r\n
\r\n

5.13.0

\r\n

Changes

\r\n
    \r\n
  • Fix 80 line length for wemake linter (#2183) @​skatromb
    • \r\n
  • Add support for Python 3.12 (#2175) @​hugovk
    • \r\n
  • fix: add newest version to pre-commit docs (#2190) @​AzulGarza
    • \r\n
  • Fix assertions in test_git_hook (#2196) @​mgorny
    • \r\n
  • Removed check for include_trailing_comma for the Hanging Indent wrap\r\nmode (#2192) @​bp72
    • \r\n
  • use the standard library tomllib on sufficiently new python (#2202) @​eli-schwartz
    • \r\n
  • Update pre-commit.md version number (#2197) @​nicobako
    • \r\n
  • doc: Update black_compatibility.md (#2177) @​JSS95
    • \r\n
  • Fix safety sept 2023 (#2178) @​staticdev
    • \r\n
  • docs: fix black profile documentation (#2163) @​nijel
    • \r\n
  • fix typo: indended -> indented (#2161) @​vadimkerr
    • \r\n
  • docs(configuration/options.md): fix missing trailing spaces for hard\r\nlinebreak (#2157) @​JoeyTeng
    • \r\n
  • Update pre-commit.md (#2148) @​godiard
    • \r\n
  • chore: move configurations to pyproject.toml (#2115) @​SauravMaheshkar
    • \r\n
  • Fix typo in README (#2112) @​stefmolin
    • \r\n
  • Update version in pre-commit setup to avoid installation issue with\r\npoetry (#2103) @​stefmolin
    • \r\n
  • Skip .pytype directory by default. (#2098) @​manueljacob
    • \r\n
  • Fix a tip block styling in the Config Files section (#2097) @​Klavionik
    • \r\n
  • Do not cache configuration files (#1995) @​kaste
    • \r\n
  • Derive settings_path from --filename (#1992) @​kaste
    • \r\n
  • Fix year of version 5.12.0 in CHANGELOG.md (#2082) @​DjLegolas
    • \r\n
\r\n

:fire: Removals and Deprecations

\r\n
    \r\n
  • Cleanup deprecated extras (#2089) @​staticdev
    • \r\n
\r\n

:package: Dependencies

\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from isort's\r\nchangelog.

\r\n
\r\n

5.13.2 December 13 2023

\r\n
    \r\n
  • Apply the bracket fix from issue #471 only\r\nfor use_parentheses=True (#2184) @​bp72
    • \r\n
  • Confine pre-commit to stages (#2213) @​davidculley
    • \r\n
  • Fixed colors extras (#2212) @​staticdev
    • \r\n
\r\n

5.13.1 December 11 2023

\r\n
    \r\n
  • Fixed integration tests (#2208) @​bp72
    • \r\n
  • Fixed normalizing imports from more than one level of parent modules\r\n(issue/2152) (#2191) @​bp72
    • \r\n
  • Remove optional dependencies without extras (#2207) @​staticdev
    • \r\n
\r\n

5.13.0 December 9 2023

\r\n
    \r\n
  • Cleanup deprecated extras (#2089) @​staticdev
    • \r\n
  • Fixed #1989:\r\nsettings lookup when working in stream based mode
    • \r\n
  • Fixed 80 line length for wemake linter (#2183) @​skatromb
    • \r\n
  • Add support for Python 3.12 (#2175) @​hugovk
    • \r\n
  • Fixed: add newest version to pre-commit docs (#2190) @​AzulGarza
    • \r\n
  • Fixed assertions in test_git_hook (#2196) @​mgorny
    • \r\n
  • Removed check for include_trailing_comma for the Hanging Indent wrap\r\nmode (#2192) @​bp72
    • \r\n
  • Use the standard library tomllib on sufficiently new python (#2202) @​eli-schwartz
    • \r\n
  • Update pre-commit.md version number (#2197) @​nicobako
    • \r\n
  • doc: Update black_compatibility.md (#2177) @​JSS95
    • \r\n
  • Fixed safety sept 2023 (#2178) @​staticdev
    • \r\n
  • docs: fix black profile documentation (#2163) @​nijel
    • \r\n
  • Fixed typo: indended -> indented (#2161) @​vadimkerr
    • \r\n
  • Docs(configuration/options.md): fix missing trailing spaces for hard\r\nlinebreak (#2157) @​JoeyTeng
    • \r\n
  • Update pre-commit.md (#2148) @​godiard
    • \r\n
  • chore: move configurations to pyproject.toml (#2115) @​SauravMaheshkar
    • \r\n
  • Fixed typo in README (#2112) @​stefmolin
    • \r\n
  • Update version in pre-commit setup to avoid installation issue with\r\npoetry (#2103) @​stefmolin
    • \r\n
  • Skip .pytype directory by default. (#2098) @​manueljacob
    • \r\n
  • Fixed a tip block styling in the Config Files section (#2097) @​Klavionik
    • \r\n
  • Do not cache configuration files (#1995) @​kaste
    • \r\n
  • Derive settings_path from --filename (#1992) @​kaste
    • \r\n
  • Fixed year of version 5.12.0 in CHANGELOG.md (#2082) @​DjLegolas
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • c655831\r\nMerge pull request #2214\r\nfrom PyCQA/version/5.13.2
    • \r\n
  • b4335b4\r\nPrepare version 5.13.2
    • \r\n
  • c36e43c\r\nMerge pull request #2184\r\nfrom bp72/issue/2154
    • \r\n
  • e38702f\r\nMerge pull request #2213\r\nfrom davidculley/confine-precommit-to-stages
    • \r\n
  • ee8d87f\r\nAdd fix for the error found by hypothesis
    • \r\n
  • 5849ec2\r\nApply the bracket fix from issue 471 only for use_parentheses=True
    • \r\n
  • df0e119\r\nconfine pre-commit to stages
    • \r\n
  • 9255bca\r\nMerge pull request #2212\r\nfrom PyCQA/bugfix/#2211-colors-extra
    • \r\n
  • 5336d7d\r\nFix colors extras
    • \r\n
  • 643d9c4\r\nMerge pull request #2210\r\nfrom PyCQA/version/5.13.1
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=isort&package-manager=pip&previous-version=5.12.0&new-version=5.13.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump isort from 5.12.0 to 5.13.2 (#10)"}},{"before":"cce6bf8409c50d77dc7464ba92c4b55fc1e60f1c","after":"614e4f43a33f57cba546b3cf8e2a3a7851427c59","ref":"refs/heads/dependabot/pip/main/isort-5.13.2","pushedAt":"2024-04-29T22:05:52.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump isort from 5.12.0 to 5.13.2\n\nBumps [isort](https://github.com/pycqa/isort) from 5.12.0 to 5.13.2.\n- [Release notes](https://github.com/pycqa/isort/releases)\n- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/pycqa/isort/compare/5.12.0...5.13.2)\n\n---\nupdated-dependencies:\n- dependency-name: isort\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump isort from 5.12.0 to 5.13.2"}},{"before":"4ee28c95238595e150fe7c6ed56d5bf8e039cb72","after":"fb98986adb69f0ca57be14c3e430ea23c6bb3953","ref":"refs/heads/dependabot/pip/main/mypy-1.10.0","pushedAt":"2024-04-29T22:05:37.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.9.0 to 1.10.0\n\nBumps [mypy](https://github.com/python/mypy) from 1.9.0 to 1.10.0.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/1.9.0...v1.10.0)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.9.0 to 1.10.0"}},{"before":"935f634fbb8a03451f8800ce3a135faac37f3f1c","after":null,"ref":"refs/heads/dependabot/pip/main/pytest-xdist-3.6.1","pushedAt":"2024-04-29T22:04:58.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"}},{"before":"4e2e95701e36e62cae5bb301ac02dd08f9a62765","after":"bea9fec42f0a3f75461720dbeb20fabaeba7527e","ref":"refs/heads/main","pushedAt":"2024-04-29T22:04:56.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"},"commit":{"message":"Bump pytest-xdist from 3.3.1 to 3.6.1 (#12)\n\nBumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from\r\n3.3.1 to 3.6.1.\r\n
\r\nChangelog\r\n

Sourced from pytest-xdist's\r\nchangelog.

\r\n
\r\n

pytest-xdist 3.6.1 (2024-04-28)

\r\n

Bug Fixes

\r\n
    \r\n\r\n
  • [#1071](https://github.com/pytest-dev/pytest-xdist/issues/1071)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/1071>_:\r\nAdd backward compatibility for deadlock issue with the\r\nexecnet new main_thread_only\r\n"execmodel" triggered when pytest-cov accesses rinfo.
    • \r\n
\r\n

pytest-xdist 3.6.0 (2024-04-19)

\r\n

This release was YANKED due to a regression fixed in 3.6.1.

\r\n

Features

\r\n
    \r\n\r\n
  • [#1027](https://github.com/pytest-dev/pytest-xdist/issues/1027)\r\n<https://github.com/pytest-dev/pytest-xdist/pull/1027>_:pytest-xdist\r\nworkers now always execute the tests in the main thread.\r\nPreviously some tests might end up executing in a separate thread other\r\nthan main in the workers, due to some internal\r\nexecnet`` details. This can cause problems specially with async\r\nframeworks where the event loop is running in the ``main`` thread (for\r\nexample #620\r\npytest-dev/pytest-xdist#620`__).
    • \r\n
\r\n

Bug Fixes

\r\n
    \r\n
  • \r\n\r\n

    [#1024](https://github.com/pytest-dev/pytest-xdist/issues/1024)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/1024>_:\r\nAdded proper handling of shouldstop (such as set by\r\n--max-fail) and shouldfail conditions in\r\nworkers.\r\nPreviously, a worker might have continued executing further tests before\r\nthe controller could terminate the session.

    \r\n
    • \r\n
  • \r\n\r\n

    [#1028](https://github.com/pytest-dev/pytest-xdist/issues/1028)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/1028>_:\r\nFixed compatibility issue between looponfail and editable\r\ninstalls.

    \r\n
    • \r\n
  • \r\n

    [#620](https://github.com/pytest-dev/pytest-xdist/issues/620)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/620>_:\r\nUse the new main_thread_only execnet\r\n"execmodel" so that code which expects to only run in the main\r\nthread will now work as expected.

    \r\n
    • \r\n
  • \r\n

    [#937](https://github.com/pytest-dev/pytest-xdist/issues/937)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/937>_:\r\nFixed a bug where plugin would raise an incompatibility error with\r\n--pdb despite using -n0.

    \r\n
    • \r\n
\r\n

Removals

\r\n
    \r\n
  • \r\n\r\n

    [#1053](https://github.com/pytest-dev/pytest-xdist/issues/1053)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/1053>_:\r\nDropped support for Python 3.7.

    \r\n
    • \r\n
  • \r\n\r\n

    [#1057](https://github.com/pytest-dev/pytest-xdist/issues/1057)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/1057>_:\r\npytest>=7.0.0 is now required.

    \r\n

    execnet>=2.1.0 is now required.

    \r\n
    • \r\n
\r\n

Trivial Changes

\r\n
    \r\n
  • \r\n\r\n

    [#1020](https://github.com/pytest-dev/pytest-xdist/issues/1020)\r\n<https://github.com/pytest-dev/pytest-xdist/issues/1020>_:\r\npytest-xdist's setup.py file is removed.

    \r\n

    If you relied on this file, e.g. to install pytest using\r\nsetup.py install,\r\nplease see Why you shouldn't invoke setup.py directly\r\n<https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html#summary>_\r\nfor alternatives.

    \r\n
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 4dd2978\r\nRelease 3.6.1
    • \r\n
  • b397288\r\nMerge pull request #1072\r\nfrom zmedico/gateway-cache-rinfo
    • \r\n
  • 12b3cce\r\nCache execnet gateway rinfo during WorkerController setup
    • \r\n
  • c93a106\r\nbuild(deps): bump hynek/build-and-inspect-python-package (#1066)
    • \r\n
  • 52e2022\r\n[pre-commit.ci] pre-commit autoupdate (#1073)
    • \r\n
  • 699f939\r\nMerge pull request #1070\r\nfrom pytest-dev/release-3.6.0
    • \r\n
  • 80bc0b8\r\nRelease 3.6.0
    • \r\n
  • 20e3ac7\r\nUse execnet main_thread_only execmodel (#1027)
    • \r\n
  • 0a4238f\r\nMerge pull request #1067\r\nfrom pytest-dev/pre-commit-ci-update-config
    • \r\n
  • 0686279\r\n[pre-commit.ci] pre-commit autoupdate
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest-xdist&package-manager=pip&previous-version=3.3.1&new-version=3.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump pytest-xdist from 3.3.1 to 3.6.1 (#12)"}},{"before":"e02e23e6f763d0c640a1a39a92a1aad44954760c","after":"cce6bf8409c50d77dc7464ba92c4b55fc1e60f1c","ref":"refs/heads/dependabot/pip/main/isort-5.13.2","pushedAt":"2024-04-29T21:53:51.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump isort from 5.12.0 to 5.13.2\n\nBumps [isort](https://github.com/pycqa/isort) from 5.12.0 to 5.13.2.\n- [Release notes](https://github.com/pycqa/isort/releases)\n- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/pycqa/isort/compare/5.12.0...5.13.2)\n\n---\nupdated-dependencies:\n- dependency-name: isort\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump isort from 5.12.0 to 5.13.2"}},{"before":"a87b143b7bbcabd70b123cc56f87a67794fcf8c1","after":"4ee28c95238595e150fe7c6ed56d5bf8e039cb72","ref":"refs/heads/dependabot/pip/main/mypy-1.10.0","pushedAt":"2024-04-29T21:53:28.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.9.0 to 1.10.0\n\nBumps [mypy](https://github.com/python/mypy) from 1.9.0 to 1.10.0.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/1.9.0...v1.10.0)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.9.0 to 1.10.0"}},{"before":"c4b004a24376b8c2a630209350a18c9608d250f3","after":"935f634fbb8a03451f8800ce3a135faac37f3f1c","ref":"refs/heads/dependabot/pip/main/pytest-xdist-3.6.1","pushedAt":"2024-04-29T21:53:28.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump pytest-xdist from 3.3.1 to 3.6.1\n\nBumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 3.3.1 to 3.6.1.\n- [Release notes](https://github.com/pytest-dev/pytest-xdist/releases)\n- [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst)\n- [Commits](https://github.com/pytest-dev/pytest-xdist/compare/v3.3.1...v3.6.1)\n\n---\nupdated-dependencies:\n- dependency-name: pytest-xdist\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump pytest-xdist from 3.3.1 to 3.6.1"}},{"before":"4c46221e03cd64e738097b1aff23a4fbe9eafd5f","after":null,"ref":"refs/heads/dependabot/pip/main/pytest-7.4.4","pushedAt":"2024-04-29T21:52:54.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"}},{"before":"5a77b046753d0c6407041e6a7ec5dbfb6a73aa28","after":"4e2e95701e36e62cae5bb301ac02dd08f9a62765","ref":"refs/heads/main","pushedAt":"2024-04-29T21:52:50.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"},"commit":{"message":"Bump pytest from 7.4.2 to 7.4.4 (#9)\n\nBumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.2 to\r\n7.4.4.\r\n
\r\nRelease notes\r\n

Sourced from pytest's\r\nreleases.

\r\n
\r\n

pytest 7.4.4 (2023-12-31)

\r\n

Bug Fixes

\r\n
    \r\n
  • #11140:\r\nFix non-string constants at the top of file being detected as docstrings\r\non Python>=3.8.
    • \r\n
  • #11572:\r\nHandle an edge case where sys.stderr{.interpreted-text\r\nrole="data"} and sys.__stderr__{.interpreted-text\r\nrole="data"} might already be closed when\r\nfaulthandler{.interpreted-text role="ref"} is\r\ntearing down.
    • \r\n
  • #11710:\r\nFixed tracebacks from collection errors not getting pruned.
    • \r\n
  • #7966:\r\nRemoved unhelpful error message from assertion rewrite mechanism when\r\nexceptions are raised in __iter__ methods. Now they are\r\ntreated un-iterable instead.
    • \r\n
\r\n

Improved Documentation

\r\n
    \r\n
  • #11091:\r\nUpdated documentation to refer to hyphenated options: replaced\r\n--junitxml with --junit-xml and\r\n--collectonly with --collect-only.
    • \r\n
\r\n

pytest 7.4.3 (2023-10-24)

\r\n

Bug Fixes

\r\n
    \r\n
  • \r\n

    #10447:\r\nMarkers are now considered in the reverse mro order to ensure base class\r\nmarkers are considered first -- this resolves a regression.

    \r\n
    • \r\n
  • \r\n

    #11239:\r\nFixed := in asserts impacting unrelated test cases.

    \r\n
    • \r\n
  • \r\n

    #11439:\r\nHandled an edge case where :data:sys.stderr might already\r\nbe closed when :ref:faulthandler is tearing down.

    \r\n
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 33f694f\r\nPrepare release version 7.4.4
    • \r\n
  • 76c107c\r\nMerge pull request #11751\r\nfrom bluetech/backport-11143-to-7.4.x
    • \r\n
  • 531d76d\r\n[7.4.x] Improve reporting from iter exceptions (#11749)
    • \r\n
  • a0f58fa\r\nMerge pull request #11143\r\nfrom tushar-deepsource/patch-1
    • \r\n
  • b1f3387\r\n[7.4.x] #11091:\r\ndocumentation should use hypthonated properties (#11750)
    • \r\n
  • 2cdd619\r\nMerge pull request #11747\r\nfrom pytest-dev/backport-11711-to-7.4.x
    • \r\n
  • d06c05b\r\n[7.4.x] nodes: fix tracebacks from collection errors are not getting\r\npruned
    • \r\n
  • 5582bfc\r\n[7.4.x] Improves clarity in Sphinx documentation for function signature.\r\n(#11...
    • \r\n
  • 13024ef\r\n[7.4.x] Fix for operation on closed file in faulthandler teardown (#11631)
    • \r\n
  • a40dacf\r\n[7.4.x] XFAIL TestLocalPath.test_make_numbered_dir_multiprocess_safe (#11616)
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest&package-manager=pip&previous-version=7.4.2&new-version=7.4.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump pytest from 7.4.2 to 7.4.4 (#9)"}},{"before":"96a550512405bdd355bcb4c9cda0648ba8d71e8a","after":"4c46221e03cd64e738097b1aff23a4fbe9eafd5f","ref":"refs/heads/dependabot/pip/main/pytest-7.4.4","pushedAt":"2024-04-29T21:50:37.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump pytest from 7.4.2 to 7.4.4\n\nBumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.2 to 7.4.4.\n- [Release notes](https://github.com/pytest-dev/pytest/releases)\n- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)\n- [Commits](https://github.com/pytest-dev/pytest/compare/7.4.2...7.4.4)\n\n---\nupdated-dependencies:\n- dependency-name: pytest\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump pytest from 7.4.2 to 7.4.4"}},{"before":"50959a25efb8601c6dd91f9b151d396f484e53e2","after":"a87b143b7bbcabd70b123cc56f87a67794fcf8c1","ref":"refs/heads/dependabot/pip/main/mypy-1.10.0","pushedAt":"2024-04-29T21:50:26.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump mypy from 1.9.0 to 1.10.0\n\nBumps [mypy](https://github.com/python/mypy) from 1.9.0 to 1.10.0.\n- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/python/mypy/compare/1.9.0...v1.10.0)\n\n---\nupdated-dependencies:\n- dependency-name: mypy\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump mypy from 1.9.0 to 1.10.0"}},{"before":"d989e7c4ab7574991a742ec405fcd82fe8a1ab3e","after":"c4b004a24376b8c2a630209350a18c9608d250f3","ref":"refs/heads/dependabot/pip/main/pytest-xdist-3.6.1","pushedAt":"2024-04-29T21:50:14.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump pytest-xdist from 3.3.1 to 3.6.1\n\nBumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 3.3.1 to 3.6.1.\n- [Release notes](https://github.com/pytest-dev/pytest-xdist/releases)\n- [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst)\n- [Commits](https://github.com/pytest-dev/pytest-xdist/compare/v3.3.1...v3.6.1)\n\n---\nupdated-dependencies:\n- dependency-name: pytest-xdist\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump pytest-xdist from 3.3.1 to 3.6.1"}},{"before":"3bbb93e1c22dacd53a278a0559820e4e0dc34a64","after":"e02e23e6f763d0c640a1a39a92a1aad44954760c","ref":"refs/heads/dependabot/pip/main/isort-5.13.2","pushedAt":"2024-04-29T21:50:12.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump isort from 5.12.0 to 5.13.2\n\nBumps [isort](https://github.com/pycqa/isort) from 5.12.0 to 5.13.2.\n- [Release notes](https://github.com/pycqa/isort/releases)\n- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/pycqa/isort/compare/5.12.0...5.13.2)\n\n---\nupdated-dependencies:\n- dependency-name: isort\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump isort from 5.12.0 to 5.13.2"}},{"before":"68528c5b634a681a52251cdd59d6048a35dd085e","after":null,"ref":"refs/heads/dependabot/pip/main/bandit-1.7.8","pushedAt":"2024-04-29T21:49:34.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"}},{"before":"22101df600098d1ecfdb3c5ccf2eff57312ae2da","after":"5a77b046753d0c6407041e6a7ec5dbfb6a73aa28","ref":"refs/heads/main","pushedAt":"2024-04-29T21:49:31.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"seumoose","name":"Seumas Goddard","path":"/seumoose","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/22810975?s=80&v=4"},"commit":{"message":"Bump bandit from 1.7.5 to 1.7.8 (#8)\n\nBumps [bandit](https://github.com/PyCQA/bandit) from 1.7.5 to 1.7.8.\r\n
\r\nRelease notes\r\n

Sourced from bandit's\r\nreleases.

\r\n
\r\n

1.7.8

\r\n

What's Changed

\r\n
    \r\n
  • Incorrect tag naming in readme by @​lukehinds in PyCQA/bandit#1105
    • \r\n
  • Utilize PyPI's trusted publishing by @​ericwb in PyCQA/bandit#1107
    • \r\n
  • Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by @​dependabot in PyCQA/bandit#1109
    • \r\n
  • Add 1.7.7 to versions of bug template by @​ericwb in PyCQA/bandit#1110
    • \r\n
  • Use datetime to avoid updating copyright year by @​ericwb in PyCQA/bandit#1112
    • \r\n
  • filter data is safe for tarfile extractall by @​etienneschalk\r\nin PyCQA/bandit#1111
    • \r\n
  • Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @​dependabot in PyCQA/bandit#1115
    • \r\n
  • [B605] Add functions that are vulnerable to shell injection. by @​shihai1991 in PyCQA/bandit#1116
    • \r\n
  • Add a SARIF output formatter by @​ericwb in PyCQA/bandit#1113
    • \r\n
\r\n

New Contributors

\r\n
    \r\n
  • @​etienneschalk\r\nmade their first contribution in PyCQA/bandit#1111
    • \r\n
  • @​shihai1991 made\r\ntheir first contribution in PyCQA/bandit#1116
    • \r\n
\r\n

Full Changelog: https://github.com/PyCQA/bandit/compare/1.7.7...1.7.8

\r\n

1.7.7

\r\n

What's Changed

\r\n
    \r\n
  • Add the new release to bandit versions of bug template by @​ericwb in PyCQA/bandit#1075
    • \r\n
  • Bump actions/setup-python from 4 to 5 by @​dependabot in PyCQA/bandit#1076
    • \r\n
  • Handle variant in how policy is passed in paramiko by @​ericwb in PyCQA/bandit#1078
    • \r\n
  • Flag str.replace as possible sql injection by @​costaparas in PyCQA/bandit#1044
    • \r\n
  • defusedxml: Show correct module name by @​kajinamit in PyCQA/bandit#1081
    • \r\n
  • Add tidelift to the sponsor funding list by @​ericwb in PyCQA/bandit#1089
    • \r\n
  • Create a security policy by @​ericwb in PyCQA/bandit#1091
    • \r\n
  • Fix up issues found running Bandit on itself by @​ericwb in PyCQA/bandit#1093
    • \r\n
  • Add random.randbytes to blacklist calls by @​ericwb in PyCQA/bandit#1096
    • \r\n
  • Prepend ./ for files specified as CLI args by @​ericwb in PyCQA/bandit#1094
    • \r\n
  • Rework GitPython dependency to be an extra for bandit-baseline by @​ericwb in PyCQA/bandit#1099
    • \r\n
  • Bump actions/dependency-review-action from 3 to 4 by @​dependabot in PyCQA/bandit#1101
    • \r\n
  • Introduce Official Bandit Images by @​lukehinds in PyCQA/bandit#1088
    • \r\n
  • Remove markdown formatting in reStructuredText formatted README by\r\n@​ericwb in PyCQA/bandit#1103
    • \r\n
  • Downsize the org:repo name by @​lukehinds in PyCQA/bandit#1104
    • \r\n
\r\n

New Contributors

\r\n
    \r\n
  • @​kajinamit\r\nmade their first contribution in PyCQA/bandit#1081
    • \r\n
\r\n

Full Changelog: https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7

\r\n

1.7.6

\r\n

What's Changed

\r\n
    \r\n
  • Update bug report to include version 1.7.5 by @​ericwb in PyCQA/bandit#993
    • \r\n
  • Render Python 3.10 in drop down correctly by @​ericwb in PyCQA/bandit#997
    • \r\n
  • Remove checks for Python2 urllib by @​ericwb in PyCQA/bandit#999
    • \r\n
  • Improper detection of non-requests module by @​ericwb in PyCQA/bandit#1011
    • \r\n
  • xmlrpclib replaced with xmlrpc in Python3 by @​ericwb in PyCQA/bandit#1012
    • \r\n
  • language and linting updates by @​marksmayo in PyCQA/bandit#1015
    • \r\n
  • Adds check for crypt module usage as weak hash by @​ericwb in PyCQA/bandit#1018
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 22b4226\r\nAdd a SARIF output formatter (#1113)
    • \r\n
  • b603dce\r\n[B605] Add functions that are vulnerable to shell injection. (#1116)
    • \r\n
  • a682a18\r\nBump docker/setup-buildx-action from 3.0.0 to 3.1.0 (#1115)
    • \r\n
  • c8d5f77\r\nfilter data is safe for tarfile extractall (#1111)
    • \r\n
  • e041e12\r\nUse datetime to avoid updating copyright year (#1112)
    • \r\n
  • 5b16b6a\r\nAdd 1.7.7 to versions of bug template (#1110)
    • \r\n
  • 858bfd8\r\nBump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#1109)
    • \r\n
  • be5d6ac\r\nUtilize PyPI's trusted publishing (#1107)
    • \r\n
  • c3a07e5\r\nIncorrect tag naming in readme (#1105)
    • \r\n
  • 4c5b3c8\r\nDownsize the org:repo name (#1104)
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit&package-manager=pip&previous-version=1.7.5&new-version=1.7.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"Bump bandit from 1.7.5 to 1.7.8 (#8)"}},{"before":"e4282209914a75e1874e1e1761d21ca42118cb9c","after":null,"ref":"refs/heads/dependabot/pip/main/pytest-xdist-3.5.0","pushedAt":"2024-04-29T13:27:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"d989e7c4ab7574991a742ec405fcd82fe8a1ab3e","ref":"refs/heads/dependabot/pip/main/pytest-xdist-3.6.1","pushedAt":"2024-04-29T13:27:54.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump pytest-xdist from 3.3.1 to 3.6.1\n\nBumps [pytest-xdist](https://github.com/pytest-dev/pytest-xdist) from 3.3.1 to 3.6.1.\n- [Release notes](https://github.com/pytest-dev/pytest-xdist/releases)\n- [Changelog](https://github.com/pytest-dev/pytest-xdist/blob/master/CHANGELOG.rst)\n- [Commits](https://github.com/pytest-dev/pytest-xdist/compare/v3.3.1...v3.6.1)\n\n---\nupdated-dependencies:\n- dependency-name: pytest-xdist\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump pytest-xdist from 3.3.1 to 3.6.1"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNy0zMVQxMzo0NDo0OC4wMDAwMDBazwAAAASOHayV","startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNy0zMVQxMzo0NDo0OC4wMDAwMDBazwAAAASOHayV","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNC0yOVQxMzoyNzo1NC4wMDAwMDBazwAAAAQ9ATxI"}},"title":"Activity · seumoose/example-python-package"}