search

CSHS-CWRA / RavenPy

A Python wrapper to setup and run the hydrologic modelling framework Raven
https://ravenpy.readthedocs.io
MIT License
26 stars 5 forks source link

Bump flit from 3.9.0 to 3.10.0 #411

Closed dependabot[bot] closed 4 weeks ago

dependabot[bot] commented 1 month ago

Bumps flit from 3.9.0 to 3.10.0.

Changelog

Sourced from flit's changelog.

Release history

Version 3.10

  • flit publish can now use PyPI tokens stored in keyring (:ghpull:649), either project tokens with a 'username' like :samp:pypi_token:project:{project_name} (use the normalised form of the name <https://packaging.python.org/en/latest/specifications/name-normalization/>_) or user tokens (:samp:pypi_token:user:{username}).
  • The --python option can now take the path of a virtualenv folder, as an alternative to a Python executable (:ghpull:667).
  • Flit will work with current development versions of Pythona again (:ghpull:684).
  • The flit command line package now requires Python 3.8 or above (:ghpulL:660). flit_core still works with Python 3.6 or above.
  • The metadata in packages now has the names of optional dependency groups ("extras") normalised, complying with version 2.3 of the metadata standard (:ghpull:676, :ghpull:697).
  • The flit command line package now depends on pip (:ghpull:647).
  • Fix potential substitution of environment variables into passwords read from .pypirc files (:ghpull:652).
  • A warning is now shown when building packages which specify the old flit.buildapi backend, which should be replaced by flit_core.buildapi (:ghpull:674). It's a good idea to always set a maximum version for the build requirement, to protect against changes in future major versions of Flit.
  • Avoid using the deprecated datetime.utcfromtimestamp() (:ghpull:682).
  • Flit now has a SECURITY.md file in the Github repository (:ghpull:665).
  • The tests for flit_core are no longer part of the installed package, reducing the size of the wheels (:ghpull:691).

Version 3.9

  • New options :option:flit build --use-vcs and :option:flit build --no-use-vcs to enable & disable including all committed files in the sdist. For now --use-vcs is the default, but this is likely to change in a future version, to bring flit build in line with standard build frontends like python -m build (:ghpull:625).
  • Sdist file names, and the name of the top-level folder in an sdist, are now normalised, in accordance with :pep:625 (:ghpull:628).
  • A statically defined version number can now be parsed from files called version.py, _version.py or __version__.py inside a package, as well as from __init__.py, so executing code is required in fewer cases (:ghpull:630).
  • Fix setting the flag for regular files in zip metadata (:ghpull:639).
  • The timestamp embedded in the gzip wrapper for sdists now defaults to a fixed date, so building an sdist twice on the same machine should produce identical results, even without any special steps (:ghpull:635). Setting :envvar:SOURCE_DATE_EPOCH is still recommended for properly

... (truncated)

Commits
  • 8066677 Merge pull request #700 from pypa/win-py3.13-tests
  • 34445e9 Better test for absolute Python exe path on Windows
  • d340f1c Fix checks for absolute paths in config on Python 3.13 & Windows
  • c57b101 Ensure CI also runs on tag pushes
  • 5c416e5 Simpler way to ensure dependencies are installed in CI
  • 74ab93b Extend CI to Python 3.13
  • ba39a3f Building Flit may require a not-yet-released version of flit_core; build with...
  • 1195f41 Bump version: 3.9.0 → 3.10.0
  • 29cf661 Merge pull request #695 from pypa/changelog-3.10
  • e99f760 Mention extra name normalisation in changelog
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @Zeitsperre.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
coveralls commented 1 month ago

Coverage Status

coverage: 81.352%. remained the same when pulling 39147482f088f0471b7ac6f3c6e7f249996e4ef0 on dependabot/pip/flit-3.10.0 into cd4e48f1a0b806ddb8f829ac2840ad3185696f46 on master.

dependabot[bot] commented 4 weeks ago

Superseded by #416.