search

CSHS-CWRA / RavenPy

A Python wrapper to setup and run the hydrologic modelling framework Raven
https://ravenpy.readthedocs.io
MIT License
26 stars 5 forks source link

Bump flit from 3.9.0 to 3.10.1 #416

Closed dependabot[bot] closed 4 weeks ago

dependabot[bot] commented 4 weeks ago

Bumps flit from 3.9.0 to 3.10.1.

Changelog

Sourced from flit's changelog.

Version 3.10.1

  • The sdist of flit_core now includes the corresponding tests (:ghpull:704). These were missing in 3.10.

Version 3.10

  • flit publish can now use PyPI tokens stored in keyring (:ghpull:649), either project tokens with a 'username' like :samp:pypi_token:project:{project_name} (use the normalised form of the name <https://packaging.python.org/en/latest/specifications/name-normalization/>_) or user tokens (:samp:pypi_token:user:{username}).
  • The --python option can now take the path of a virtualenv folder, as an alternative to a Python executable (:ghpull:667).
  • Flit will work with current development versions of Pythona again (:ghpull:684).
  • The flit command line package now requires Python 3.8 or above (:ghpulL:660). flit_core still works with Python 3.6 or above.
  • The metadata in packages now has the names of optional dependency groups ("extras") normalised, complying with version 2.3 of the metadata standard (:ghpull:676, :ghpull:697).
  • The flit command line package now depends on pip (:ghpull:647).
  • Fix potential substitution of environment variables into passwords read from .pypirc files (:ghpull:652).
  • A warning is now shown when building packages which specify the old flit.buildapi backend, which should be replaced by flit_core.buildapi (:ghpull:674). It's a good idea to always set a maximum version for the build requirement, to protect against changes in future major versions of Flit.
  • Avoid using the deprecated datetime.utcfromtimestamp() (:ghpull:682).
  • Flit now has a SECURITY.md file in the Github repository (:ghpull:665).
  • The tests for flit_core are no longer part of the installed package, reducing the size of the wheels (:ghpull:691).

Version 3.9

  • New options :option:flit build --use-vcs and :option:flit build --no-use-vcs to enable & disable including all committed files in the sdist. For now --use-vcs is the default, but this is likely to change in a future version, to bring flit build in line with standard build frontends like python -m build (:ghpull:625).
  • Sdist file names, and the name of the top-level folder in an sdist, are now normalised, in accordance with :pep:625 (:ghpull:628).
  • A statically defined version number can now be parsed from files called version.py, _version.py or __version__.py inside a package, as well as from __init__.py, so executing code is required in fewer cases (:ghpull:630).
  • Fix setting the flag for regular files in zip metadata (:ghpull:639).
  • The timestamp embedded in the gzip wrapper for sdists now defaults to a fixed

... (truncated)

Commits
  • 7cc7d33 Bump version: 3.10.0 → 3.10.1
  • 85d0003 Add release note for 3.10.1
  • ab4048a Merge pull request #704 from pypa/flit-core-sdist-tests
  • f6a0989 Include tests in flit_core sdist
  • 2ab70a3 Merge pull request #701 from pypa/codecov-token
  • 7d09966 Provide token to upload coverage data to codecov
  • 8066677 Merge pull request #700 from pypa/win-py3.13-tests
  • 34445e9 Better test for absolute Python exe path on Windows
  • d340f1c Fix checks for absolute paths in config on Python 3.13 & Windows
  • c57b101 Ensure CI also runs on tag pushes
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @Zeitsperre.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
coveralls commented 4 weeks ago

Coverage Status

coverage: 81.352%. remained the same when pulling 41eed8989b3508bf30d421d2ccd3ae88f2cc8057 on dependabot/pip/flit-3.10.1 into 303094ed20e7afa5a0279d9af9c76db0a118b091 on master.