Bump the python-packages group with 9 updates

[dependabot]

Bumps the python-packages group with 9 updates:

Package	From	To
a2wsgi	1.10.4	1.10.6
twine	5.0.0	5.1.1
ruff	0.3.7	0.5.0
pytest	8.1.1	8.2.2
mypy	1.9.0	1.10.1
cryptography	42.0.5	42.0.8
coverage	7.4.4	7.5.4
mkdocs	1.5.3	1.6.0
mkdocs-material	9.5.17	9.5.27

Updates a2wsgi from 1.10.4 to 1.10.6

Commits

• 5cf9208 v1.10.6
• c3eaee7 fix ASGI app running error message set
• 25f4d08 v1.10.5
• dd66cda Fix ASGIMiddleware Receive (#59)
• aaf1733 Require typing_extensions on Python < 3.11 (#57)
• 2f72570 fix CI
• e416bf7 delete http.disconnect from asgi.py
• See full diff in compare view

Updates twine from 5.0.0 to 5.1.1

Changelog

Sourced from twine's changelog.

Twine 5.1.1 (2024-06-26)

Bugfixes ^^^^^^^^

• Resolve DeprecationWarnings when extracting twine metadata. ([#1115](https://github.com/pypa/twine/issues/1115) <https://github.com/pypa/twine/issues/1115>_)

• Fix bug for Repository URLs with auth where the port was lost. When attempting to prevent printing authentication credentials in URLs provided with username and password, we did not properly handle the case where the URL also contains a port (when reconstructing the URL). This is now handled and tested to ensure no regressions. (#fix-repo-urls-with-auth-and-port <https://github.com/pypa/twine/issues/fix-repo-urls-with-auth-and-port>_)

Twine 5.1.0 (2024-05-15)

Features ^^^^^^^^

• Add the experimental --attestations flag. ([#1095](https://github.com/pypa/twine/issues/1095) <https://github.com/pypa/twine/issues/1095>_)

Twine 5.1.0 (2024-05-15)

Misc ^^^^

• [#1104](https://github.com/pypa/twine/issues/1104) <https://github.com/pypa/twine/issues/1104>_

Commits

• e29791d Prepare for v5.1.1 (#1114)
• f213ede fix: Retrieve metadata correctly from importlib_metadata (#1115)
• 6fbf880 Merge pull request #1112 from pypa/bug/1111
• 3eb9121 Remove extra line from changelog entry
• 0191f0c Preserve ports when munging repository URLs
• c588793 Merge pull request #1110 from DimitriPapadopoulos/principle
• 1fdc197 Fix a couple typos
• 13b07b6 Merge pull request #1109 from pypa/dependabot/github_actions/actions/checkout...
• a3e8373 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
• e9f70cf Merge pull request #1108 from pypa/fix-release-workflow
• Additional commits viewable in compare view

Updates ruff from 0.3.7 to 0.5.0

Release notes

Sourced from ruff's releases.

0.5.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
• Selecting ALL now excludes deprecated rules
• The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
• The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
• The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

• syntax-error (E999): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

• blocking-http-call-in-async-function: ASYNC100 to ASYNC210
• open-sleep-or-subprocess-in-async-function: ASYNC101 split into ASYNC220, ASYNC221, ASYNC230, and ASYNC251
• blocking-os-call-in-async-function: ASYNC102 has been merged into ASYNC220 and ASYNC221
• trio-timeout-without-await: TRIO100 to ASYNC100
• trio-sync-call: TRIO105 to ASYNC105
• trio-async-function-with-timeout: TRIO109 to ASYNC109
• trio-unneeded-sleep: TRIO110 to ASYNC110
• trio-zero-sleep-call: TRIO115 to ASYNC115
• repeated-isinstance-calls: PLR1701 to SIM101

Stabilization

The following rules have been stabilized and are no longer in preview:

• mutable-fromkeys-value (RUF024)
• default-factory-kwarg (RUF026)
• django-extra (S610)
• manual-dict-comprehension (PERF403)
• print-empty-string (FURB105)
• readlines-in-for (FURB129)
• if-expr-min-max (FURB136)
• bit-count (FURB161)
• redundant-log-base (FURB163)
• regex-flag-alias (FURB167)
• isinstance-type-none (FURB168)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.5.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

• Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
• Selecting ALL now excludes deprecated rules
• The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
• The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
• The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

• syntax-error (E999): Syntax errors are now always shown

Remapped rules

The following rules have been remapped to new rule codes:

• blocking-http-call-in-async-function: ASYNC100 to ASYNC210
• open-sleep-or-subprocess-in-async-function: ASYNC101 split into ASYNC220, ASYNC221, ASYNC230, and ASYNC251
• blocking-os-call-in-async-function: ASYNC102 has been merged into ASYNC220 and ASYNC221
• trio-timeout-without-await: TRIO100 to ASYNC100
• trio-sync-call: TRIO105 to ASYNC105
• trio-async-function-with-timeout: TRIO109 to ASYNC109
• trio-unneeded-sleep: TRIO110 to ASYNC110
• trio-zero-sleep-call: TRIO115 to ASYNC115
• repeated-isinstance-calls: PLR1701 to SIM101

Stabilization

The following rules have been stabilized and are no longer in preview:

• mutable-fromkeys-value (RUF024)
• default-factory-kwarg (RUF026)
• django-extra (S610)
• manual-dict-comprehension (PERF403)
• print-empty-string (FURB105)
• readlines-in-for (FURB129)
• if-expr-min-max (FURB136)
• bit-count (FURB161)
• redundant-log-base (FURB163)
• regex-flag-alias (FURB167)
• isinstance-type-none (FURB168)
• type-none-comparison (FURB169)

... (truncated)

Commits

• 244b923 Add necessary permissions for cargo-dist Docker build (#12072)
• a8b48fc Release v0.5.0 (#12068)
• 04c8597 [flake8-simplify] Stabilize detection of Yoda conditions for "constant" col...
• 4029a25 [Ruff v0.5] Stabilise 15 pylint rules (#12051)
• 0917ce1 Update documentation to mention etcetera crate instead of dirs for user c...
• 22cebdf Add server config to filter out syntax error diagnostics (#12059)
• 72b6c26 Simplify LinterResult, avoid cloning ParseError (#11903)
• 73851e7 Avoid displaying syntax error as log message (#11902)
• e7b4969 Remove E999 as a rule, disallow any disablement methods for syntax error (#...
• c98d8a0 [pyflakes] Stabilize detection of is comparisons to lists, etc. (F632) (#...
• Additional commits viewable in compare view

Updates pytest from 8.1.1 to 8.2.2

Release notes

Sourced from pytest's releases.

8.2.2

pytest 8.2.2 (2024-06-04)

Bug Fixes

• #12355: Fix possible catastrophic performance slowdown on a certain parametrization pattern involving many higher-scoped parameters.
• #12367: Fix a regression in pytest 8.2.0 where unittest class instances (a fresh one is created for each test) were not released promptly on test teardown but only on session teardown.
• #12381: Fix possible "Directory not empty" crashes arising from concurent cache dir (.pytest_cache) creation. Regressed in pytest 8.2.0.

Improved Documentation

• #12290: Updated Sphinx theme to use Furo instead of Flask, enabling Dark mode theme.
• #12356: Added a subsection to the documentation for debugging flaky tests to mention lack of thread safety in pytest as a possible source of flakyness.
• #12363: The documentation webpages now links to a canonical version to reduce outdated documentation in search engine results.

8.2.1

pytest 8.2.1 (2024-05-19)

Improvements

• #12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

• #12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
• #12191: Keyboard interrupts and system exits are now properly handled during the test collection.
• #12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
• #12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

• #12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

8.2.0

pytest 8.2.0 (2024-04-27)

Deprecations

• #12069: A deprecation warning is now raised when implementations of one of the following hooks request a deprecated py.path.local parameter instead of the pathlib.Path parameter which replaced it:

... (truncated)

Commits

• 329d371 Prepare release version 8.2.2
• 214d098 Merge pull request #12414 from bluetech/backport-12409
• 153a436 [8.2.x] fixtures: fix catastrophic performance problem in reorder_items
• b41d5a5 Merge pull request #12412 from pytest-dev/backport-12408-to-8.2.x
• 9bb73d7 [8.2.x] cacheprovider: fix "Directory not empty" crash from cache directory c...
• 4569a01 [8.2.x] doc: Update trainings/events (#12402)
• 1d103e5 [8.2.x] Clarify pytest_ignore_collect docs (#12386)
• 240a252 [8.2.x] Add html_baseurl to sphinx conf.py (#12372)
• a5ee3c4 Merge pull request #12370 from pytest-dev/backport-12368-to-8.2.x
• f7358ae [8.2.x] unittest: fix class instances no longer released on test teardown sin...
• Additional commits viewable in compare view

Updates mypy from 1.9.0 to 1.10.1

Changelog

Sourced from mypy's changelog.

Mypy 1.10.1

• Fix error reporting on cached run after uninstallation of third party library (Shantanu, PR 17420)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

• Alex Waygood
• Ali Hamdan
• Edward Paget
• Evgeniy Slobodkin
• Hashem
• hesam
• Hugo van Kemenade
• Ihor
• James Braza
• Jelle Zijlstra
• jhance
• Jukka Lehtosalo
• Loïc Simon
• Marc Mueller
• Matthieu Devlin
• Michael R. Crusoe
• Nikita Sobolev
• Oskari Lehto
• Riccardo Di Maio
• Richard Si
• roberfi
• Roman Solomatin
• Sam Xifaras
• Shantanu
• Spencer Brown
• Srinivas Lade
• Tamir Duberstein
• youkaichao

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.9

We’ve just uploaded mypy 1.9 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Breaking Changes

Because the version of typeshed we use in mypy 1.9 doesn't support 3.7, neither does mypy 1.9. (Jared Hance, PR 16883)

... (truncated)

Commits

• c28b525 [1.10 backport] Fix error reporting on cached run after uninstallation of thi...
• 3faf0fc Remove +dev for version for release 1.10
• a5998d2 Update CHANGELOG.md (#17159)
• 62ea5b0 Various updates to changelog for 1.10 (#17158)
• 2f0864c Update CHANGELOG.md with draft for release 1.10 (#17150)
• e1443bb fix: incorrect returned type of access descriptors on unions of types (#16604)
• 5161ac2 Sync typeshed (#17124)
• e2fc1f2 Fix crash when expanding invalid Unpack in a Callable alias (#17028)
• 3ff6e47 Docs: docstrings in checker.py, ast_helpers.py (#16908)
• 732d98e Fix string formatting for string enums (#16555)
• Additional commits viewable in compare view

Updates cryptography from 42.0.5 to 42.0.8

Changelog

Sourced from cryptography's changelog.

42.0.8 - 2024-06-04

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.2.
.. _v42-0-7:
42.0.7 - 2024-05-06

• Restored Windows 7 compatibility for our pre-built wheels. Note that we do not test on Windows 7 and wheels for our next release will not support it. Microsoft no longer provides support for Windows 7 and users are encouraged to upgrade.

.. _v42-0-6:

42.0.6 - 2024-05-04

* Fixed compilation when using LibreSSL 3.9.1.
.. _v42-0-5:

Commits

• 761ef4b bump for 42.0.8 release (#11072)
• 0cc7fc3 Prepare for 42.0.7 release (#10949)
• cfad004 Prepare backports for 42.0.6 release (#10929)
• See full diff in compare view

Updates coverage from 7.4.4 to 7.5.4

Changelog

Sourced from coverage's changelog.

Version 7.5.4 — 2024-06-22

• If you attempt to combine statement coverage data with branch coverage data, coverage.py used to fail with the message "Can't combine arc data with line data" or its reverse, "Can't combine line data with arc data." These messages used internal terminology, making it hard for people to understand the problem. They are now changed to mention "branch coverage data" and "statement coverage data."

• Fixed a minor branch coverage problem with wildcard match/case cases using names or guard clauses.

• Started testing on 3.13 free-threading (nogil) builds of Python. I'm not claiming full support yet. Closes issue 1799_.

.. _issue 1799: nedbat/coveragepy#1799

.. _changes_7-5-3:

Version 7.5.3 — 2024-05-28

• Performance improvements for combining data files, especially when measuring line coverage. A few different quadratic behaviors were eliminated. In one extreme case of combining 700+ data files, the time dropped from more than three hours to seven minutes. Thanks for Kraken Tech for funding the fix.

• Performance improvements for generating HTML reports, with a side benefit of reducing memory use, closing issue 1791_. Thanks to Daniel Diniz for helping to diagnose the problem.

.. _issue 1791: nedbat/coveragepy#1791

.. _changes_7-5-2:

Version 7.5.2 — 2024-05-24

• Fix: nested matches of exclude patterns could exclude too much code, as reported in issue 1779_. This is now fixed.

• Changed: previously, coverage.py would consider a module docstring to be an executable statement if it appeared after line 1 in the file, but not executable if it was the first line. Now module docstrings are never counted as executable statements. This can change coverage.py's count of the number of statements in a file, which can slightly change the coverage percentage reported.

... (truncated)

Commits

• 22c09c6 docs: sample HTML for 7.5.4
• 9e16381 docs: prep for 7.5.4
• fba9b9e docs: link issue 1799 from the changelog
• f124de8 build: no longer download kits to upload them
• 9516cf6 build: hash-pin all actions
• c6e0985 build: finish up the publish action
• 4a49458 build: get the latest dist run id for publishing
• fb15efa build: pin hashes for publishing actions
• c20af95 build: use the correct item: github.event.action
• ccbab15 build: dump all the github actions data
• Additional commits viewable in compare view

Updates mkdocs from 1.5.3 to 1.6.0

Release notes

Sourced from mkdocs's releases.

1.6.0

Local preview

• mkdocs serve no longer locks up the browser when more than 5 tabs are open. This is achieved by closing the polling connection whenever a tab becomes inactive. Background tabs will no longer auto-reload either - that will instead happen as soon the tab is opened again. Context: #3391

• New flag serve --open to open the site in a browser.
  After the first build is finished, this flag will cause the default OS Web browser to be opened at the home page of the local site.
  Context: #3500

Drafts

[!warning] Changed from version 1.5:

The exclude_docs config was split up into two separate concepts.

The exclude_docs config no longer has any special behavior for mkdocs serve - it now always completely excludes the listed documents from the site.

If you wish to use the "drafts" functionality like the exclude_docs key used to do in MkDocs 1.5, please switch to the new config key draft_docs.

See documentation.

Other changes:

• Reduce warning levels when a "draft" page has a link to a non-existent file. Context: #3449

Update to deduction of page titles

MkDocs 1.5 had a change in behavior in deducing the page titles from the first heading. Unfortunately this could cause unescaped HTML tags or entities to appear in edge cases.

Now tags are always fully sanitized from the title. Though it still remains the case that Page.title is expected to contain HTML entities and is passed directly to the themes.

Images (notably, emojis in some extensions) get preserved in the title only through their alt attribute's value.

Context: #3564, #3578

Themes

• Built-in themes now also support Polish language (#3613)

"readthedocs" theme

• Fix: "readthedocs" theme can now correctly handle deeply nested nav configurations (over 2 levels deep), without confusedly expanding all sections and jumping around vertically. (#3464)

• Fix: "readthedocs" theme now shows a link to the repository (with a generic logo) even when isn't one of the 3 known hosters. (#3435)

• "readthedocs" theme now also has translation for the word "theme" in the footer that mistakenly always remained in English. (#3613, #3625)

"mkdocs" theme

... (truncated)

Commits

• 0998fec Release 1.6.0 (#3631)
• bce85bf Fix for showing repository icon even when a file has no edit_uri (#3657)
• 0ac05da Re-generate localization files (#3634)
• 6244500 Remove jQuery from mkdocs theme (#3649)
• f85d429 Prevent a flash of white color when dark mode is enabled (#3647)
• e39cce2 Fix style of modal close button (#3651)
• 652813d Prevent a crash if stdin is not defined (#3609)
• 59a295f Merge pull request #3493 from waylan/2248
• 6f5e748 Merge pull request #3625 from mkdocs/themepo
• 1451fb3 Babel setuptools frontend is still used in the install hook
• Additional commits viewable in compare view

Updates mkdocs-material from 9.5.17 to 9.5.27

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.5.27

• Updated Estonian translations

Thanks to @​Eilyre for their contributions

mkdocs-material-9.5.26

• Fixed #7232: Tab switches on scroll when linking tabs (9.5.19 regression)
• Fixed #7230: Blog author avatar broken when referring to local file

mkdocs-material-9.5.25

• Fixed #7209: Tags plugin crashing on numeric tags

mkdocs-material-9.5.24

• Fixed #7187: Version selector title rendering issue

mkdocs-material-9.5.23

• Fixed #7183: Edge case in anchor navigation when using instant navigation
• Fixed #6436: Version selector not showing version alias

mkdocs-material-9.5.22

• Fixed #7170: Copy button adds empty lines for line spans (9.5.18 regression)
• Fixed #7160: Version switching doesn't stay on page (9.5.5 regression)
• Fixed #5619: Links in Mermaid.js diagrams not discernible

mkdocs-material-9.5.21

• Fixed #7133: Ensure latest version of Mermaid.js is used
• Fixed #7125: Added warning for dotfiles in info plugin

Thanks to @​kamilkrzyskow for their contributions

mkdocs-material-9.5.20

• Fixed deprecation warning in privacy plugin (9.5.19 regression)
• Fixed #7119: Tags plugin emits deprecation warning (9.5.19 regression)
• Fixed #7118: Social plugin crashes if fonts are disabled (9.5.19 regression)
• Fixed #7085: Social plugin crashes on Windows when downloading fonts

mkdocs-material-9.5.19

• Updated MkDocs to 1.6 and limited version to < 2
• Updated Docker image to latest Alpine Linux
• Removed setup.py, now that GitHub fully understands pyproject.toml
• Improved interop of social plugin with third-party MkDocs themes
• Fixed #7099: Blog reading time not rendered correctly for Japanese
• Fixed #7097: Improved resilience of tags plugin when no tags are given
• Fixed #7090: Active tab indicator in nested content tabs rendering bug

mkdocs-material-9.5.18

• Refactored tooltips implementation to fix positioning issues
• Fixed #7044: Rendering glitch when hovering contributor avatar in Chrome
• Fixed #7043: Highlighted lines in code blocks cutoff on mobile
• Fixed #6910: Incorrect position of tooltip for page status in sidebar

... (truncated)

Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.5.27 (2024-06-16)

• Updated Estonian translations

mkdocs-material-9.5.26 (2024-06-06)

• Fixed #7232: Tab switches on scroll when linking tabs (9.5.19 regression)
• Fixed #7230: Blog author avatar broken when referring to local file

mkdocs-material-9.5.25+insiders-4.53.11 (2024-05-27)

• Fixed projects plugin crashing when serving before building subprojects

mkdocs-material-9.5.25 (2024-05-27)

• Fixed #7209: Tags plugin crashing on numeric tags

mkdocs-material-9.5.24+insiders-4.53.10 (2024-05-20)

• Fixed projects plugin crashing in serve mode when disabled
• Fixed projects plugin crashing when building nested projects

mkdocs-material-9.5.24+insiders-4.53.9 (2024-05-20)

• Fixed #7191: Tags listings not rendering when toc_depth is changed

mkdocs-material-9.5.24 (2024-05-20)

• Fixed #7187: Version selector title rendering issue

mkdocs-material-9.5.23 (2024-05-15)

• Fixed #7183: Edge case in anchor navigation when using instant navigation
• Fixed #6436: Version selector not showing version alias

mkdocs-material-9.5.22 (2024-05-12)

• Fixed #7170: Copy button adds empty lines for line spans (9.5.18 regression)
• Fixed #7160: Version switching doesn't stay on page (9.5.5 regression)
• Fixed #5619: Links in Mermaid.js diagrams not discernible

mkdocs-material-9.5.21 (2024-05-03)

• Fixed #7133: Ensure latest version of Mermaid.js is used
• Fixed #7125: Added warning for dotfiles in info plugin

mkdocs-material-9.5.20 (2024-04-29)

• Fixed deprecation warning in privacy plugin (9.5.19 regression)
• Fixed #7119: Tags plugin emits deprecation warning (9.5.19 regression)

... (truncated)

Commits

• f4adebd Prepare 9.5.27 release
• 9e1f527 Updated dependencies
• f4db9de Updated Estonian translations
• b45c51d Changed Twitter to X (#7266)
• 4ba7a6d Add reference to PlantUML Markdown schema (#7260)
• ccc8d84 Updated dependencies
• 0c54a88 Updated Premium sponsors
• f887197 Updated changelog
• 0d5a08c Prepare 9.5.26 release
• 1cc45d5 Fixed active tab stolen on scroll with linked content tabs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions