search

MTES-MCT / monitorfish

🎣 Improve control and monitoring of fishing vessels activities.
https://beta.gouv.fr/startups/monitorfish.html
GNU Affero General Public License v3.0
34 stars 7 forks source link

[Tech] Bump the non-major-dependencies group across 1 directory with 8 updates #3855

Open dependabot[bot] opened 1 day ago

dependabot[bot] commented 1 day ago

Bumps the non-major-dependencies group with 8 updates in the /datascience directory:

Package From To
pandas 2.2.2 2.2.3
black 24.4.2 24.10.0
coverage 7.5.1 7.6.4
simplejson 3.19.2 3.19.3
geoalchemy2 0.14.7 0.16.0
rtree 1.2.0 1.3.0
pytest 8.2.1 8.3.3
css-inline 0.11.2 0.14.3

Updates pandas from 2.2.2 to 2.2.3

Release notes

Sourced from pandas's releases.

Pandas 2.2.3

We are pleased to announce the release of pandas 2.2.3. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version.

See the full whatsnew for a list of all the changes. Pandas 2.2.3 supports Python 3.9 and higher.

The release will be available on the defaults and conda-forge channels:

conda install pandas

Or via PyPI:

python3 -m pip install --upgrade pandas

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits


Updates black from 24.4.2 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

  • Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
  • Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
  • Black no longer supports running with Python 3.8 (#4452)

Stable style

  • Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
  • Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

  • Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

  • Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

  • Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
  • blackd now requires a newer version of aiohttp. (#4451)

Output

  • Added Python target version information on parse error (#4378)
  • Add information about Black version to internal error messages (#4457)

24.8.0

Stable style

  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

  • Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)

... (truncated)

Changelog

Sourced from black's changelog.

24.10.0

Highlights

  • Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
  • Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
  • Black no longer supports running with Python 3.8 (#4452)

Stable style

  • Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
  • Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

  • Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

  • Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

  • Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
  • blackd now requires a newer version of aiohttp. (#4451)

Output

  • Added Python target version information on parse error (#4378)
  • Add information about Black version to internal error messages (#4457)

24.8.0

Stable style

  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

  • Fix regression where Black failed to parse a multiline f-string containing another

... (truncated)

Commits


Updates coverage from 7.5.1 to 7.6.4

Changelog

Sourced from coverage's changelog.

Version 7.6.4 — 2024-10-20

  • fix: multi-line with statements could cause contained branches to be incorrectly marked as missing (issue 1880_). This is now fixed.

.. _issue 1880: nedbat/coveragepy#1880

.. _changes_7-6-3:

Version 7.6.3 — 2024-10-13

  • Fix: nested context managers could incorrectly be analyzed to flag a missing branch on the last context manager, as described in issue 1876_. This is now fixed.

  • Fix: the missing branch message about not exiting a module had an extra "didn't," as described in issue 1873_. This is now fixed.

.. _issue 1873: nedbat/coveragepy#1873 .. _issue 1876: nedbat/coveragepy#1876

.. _changes_7-6-2:

Version 7.6.2 — 2024-10-09

  • Dropped support for Python 3.8 and PyPy 3.8.

  • Fix: a final wildcard match/case clause assigning to a name (case _ as value) was incorrectly marked as a missing branch. This is now fixed, closing issue 1860_.

  • Fewer things are considered branches now. Lambdas, comprehensions, and generator expressions are no longer marked as missing branches if they don't complete execution. Closes issue 1852_.

  • Fix: the HTML report didn't properly show multi-line f-strings that end with a backslash continuation. This is now fixed, closing issue 1836, thanks to LiuYinCarl and Marco Ricci <pull 1838_>.

  • Fix: the LCOV report now has correct line numbers (fixing issue 1846) and better branch descriptions for BRDA records (fixing issue 1850). There are other changes to lcov also, including a new configuration option :ref:line_checksums <config_lcov_line_checksums> to control whether line checksums are included in the lcov report. The default is false. To keep checksums set it to true. All this work is thanks to Zack Weinberg

... (truncated)

Commits
  • f24f76b docs: sample HTML for 7.6.4
  • 96e10f7 docs: prep for 7.6.4
  • b8c236a fix: multi-line with-statements exit correctly. #1880
  • 64b7a45 docs: another discord reference
  • 68d7427 docs: Python Discord
  • 43adcea build: include 3.14 in the usual Pythons
  • fb2b49f build: github_releases can update older releases, and pauses to get the sorti...
  • ca550ca 3.0b2 wasn't correctly titled
  • debcc77 build: bump version
  • 342a4cb docs: sample HTML for 7.6.3
  • Additional commits viewable in compare view


Updates simplejson from 3.19.2 to 3.19.3

Release notes

Sourced from simplejson's releases.

v3.19.3

Version 3.19.3 released 2024-08-14

  • Updated test & build matrix to include Python 3.13. Dropped wheel support for Python 2.7 on macOS. simplejson/simplejson#326
Changelog

Sourced from simplejson's changelog.

Version 3.19.3 released 2024-08-14

  • Updated test & build matrix to include Python 3.13. Dropped wheel support for Python 2.7 on macOS. simplejson/simplejson#326

Version 3.19.2 released 2023-10-05

  • Updated test & build matrix to include Python 3.12 and use GitHub Actions as a Trusted Publisher (OIDC) simplejson/simplejson#317

Version 3.19.1 released 2023-04-06

  • This release contains security hardening measures based on recommendations by a security audit sponsored by OSTIF and conducted by X41 D-Sec GmbH. Several of these measures include changing defaults to be more strict, by default simplejson will now only consume and produce compliant JSON, but the flags still exist for any backwards compatibility needs. No high priority issues were discovered, the reference count leak is thought to be unreachable since the digits of the float are checked before PyOS_string_to_double is called. A link to the public version of this report will be included in a future release of simplejson. The following fixes were implemented in one PR: simplejson/simplejson#313
  • Fix invalid handling of unicode escape sequences in the pure Python implementation of the decoder (SJ-PT-23-01)
  • Fix missing reference count decrease if PyOS_string_to_double raises an exception in Python 2.x; was probably unreachable (SJ-PT-23-02)
  • Backport the integer string length limitation from Python 3.11 to limit quadratic number parsing (SJ-PT-23-03)
  • Fix inconsistencies with error messages between the C and Python implementations (SJ-PT-23-100)
  • Remove unused unichr import from encoder (SJ-PT-23-101)
  • Remove unused namedtuple_as_object and tuple_as_array arguments from simplejson.load (SJ-PT-23-102)
  • Remove vestigial _one_shot code from iterencode (SJ-PT-23-103)
  • Change default of allow_nan from True to False and add allow_nan to decoder (SJ-PT-23-107)

Version 3.18.4 released 2023-03-14

Version 3.18.3 released 2023-02-05

  • Fix regression in sdist archive

... (truncated)

Commits


Updates geoalchemy2 from 0.14.7 to 0.16.0

Release notes

Sourced from geoalchemy2's releases.

0.16.0

What's Changed

Full Changelog: https://github.com/geoalchemy/geoalchemy2/compare/0.15.2...0.16.0

0.15.2

What's Changed

Full Changelog: https://github.com/geoalchemy/geoalchemy2/compare/0.15.1...0.15.2

0.15.1

What's Changed

New Contributors

Full Changelog: https://github.com/geoalchemy/geoalchemy2/compare/0.15.0...0.15.1

0.15.0

What's Changed

New Contributors

Full Changelog: https://github.com/geoalchemy/geoalchemy2/compare/0.14.7...0.15.0

Changelog

Sourced from geoalchemy2's changelog.

0.16.0

0.15.2

0.15.1

0.15.0

Commits
  • b51dc36 Release: 0.16.0 (#527)
  • 27712ca Test: Add test in test_functional.py for custom Geometry that uses WKT elemen...
  • b319a15 Add option to ensure all dialects are properly tested in CI (#526)
  • f93cf5a Improve MariaDB support (#524)
  • 4a5887a Release: 0.15.2 (#518)
  • f32331b Fix: Can handle negative coordinates with Spatialite (#517)
  • 8b7a2b1 [pre-commit.ci] pre-commit autoupdate (#514)
  • 653d670 Release: 0.15.1 (#512)
  • 344cb24 Fix: Default SRID is bypassed when using floating point coordinates (#509)
  • 11dadb4 Test: Dispose of the connection pools of the test engines (#511)
  • Additional commits viewable in compare view


Updates rtree from 1.2.0 to 1.3.0

Release notes

Sourced from rtree's releases.

1.3.0

  • Upgrade binary wheels with libspatialindex-2.0.0 (#316)
  • Fix binary wheels for musllinux (#316)
  • Update code style, replace isort and black with ruff, modern numpy rng (#319)
  • Remove libsidx version testing (#313)
Changelog

Sourced from rtree's changelog.

1.3.0: 2024-07-10

  • Upgrade binary wheels with libspatialindex-2.0.0 (:PR:316)
  • Fix binary wheels for musllinux wheels (:PR:316)
  • Update code style, replace isort and black with ruff, modern numpy rng (:PR:319)
  • Remove libsidx version testing (:PR:313)
Commits
  • cffb52e Release 1.3.0 (#320)
  • 86d4e28 CI/RLS: upgrade to libspatialindex-2.0.0 (#316)
  • bb9925a Update code style, replace isort and black with ruff, modern numpy rng (#319)
  • 1b81733 Bump pypa/cibuildwheel from 2.19.1 to 2.19.2 (#318)
  • ffd63b5 Merge pull request #317 from Toblerity/dependabot/github_actions/pypa/cibuild...
  • c121c66 Bump pypa/cibuildwheel from 2.18.1 to 2.19.1
  • 6248b6f Merge pull request #314 from Toblerity/dependabot/github_actions/pypa/cibuild...
  • 3f2605b Bump pypa/cibuildwheel from 2.18.0 to 2.18.1
  • 9a08ab9 drop version testing. not valuable (#313)
  • d91f409 Merge pull request #310 from Toblerity/dependabot/github_actions/pypa/cibuild...
  • Additional commits viewable in compare view


Updates pytest from 8.2.1 to 8.3.3

Release notes

Sourced from pytest's releases.

8.3.3

pytest 8.3.3 (2024-09-09)

Bug fixes

  • #12446: Avoid calling @property (and other instance descriptors) during fixture discovery -- by asottile{.interpreted-text role="user"}

  • #12659: Fixed the issue of not displaying assertion failure differences when using the parameter --import-mode=importlib in pytest>=8.1.

  • #12667: Fixed a regression where type change in [ExceptionInfo.errisinstance]{.title-ref} caused [mypy]{.title-ref} to fail.

  • #12744: Fixed typing compatibility with Python 3.9 or less -- replaced [typing.Self]{.title-ref} with [typing_extensions.Self]{.title-ref} -- by Avasam{.interpreted-text role="user"}

  • #12745: Fixed an issue with backslashes being incorrectly converted in nodeid paths on Windows, ensuring consistent path handling across environments.

  • #6682: Fixed bug where the verbosity levels where not being respected when printing the "msg" part of failed assertion (as in assert condition, msg).

  • #9422: Fix bug where disabling the terminal plugin via -p no:terminal would cause crashes related to missing the verbose option.

    -- by GTowers1{.interpreted-text role="user"}

Improved documentation

  • #12663: Clarify that the [pytest_deselected]{.title-ref} hook should be called from [pytest_collection_modifyitems]{.title-ref} hook implementations when items are deselected.
  • #12678: Remove erroneous quotes from [tmp_path_retention_policy]{.title-ref} example in docs.

Miscellaneous internal changes

  • #12769: Fix typos discovered by codespell and add codespell to pre-commit hooks.

8.3.2

pytest 8.3.2 (2024-07-24)

Bug fixes

  • #12652: Resolve regression [conda]{.title-ref} environments where no longer being automatically detected.

    -- by RonnyPfannschmidt{.interpreted-text role="user"}

8.3.1

pytest 8.3.1 (2024-07-20)

The 8.3.0 release failed to include the change notes and docs for the release. This patch release remedies this. There are no other changes.

... (truncated)

Commits


Updates css-inline from 0.11.2 to 0.14.3

Release notes

Sourced from css-inline's releases.

[C] Release 0.14.3

Fixed

  • Prioritize !important rules when computing element styles. #398

[JavaScript] Release 0.14.3

Added

  • Packages for win32-arm64-msvc. #397

Fixed

  • Prioritize !important rules when computing element styles. #398

[Python] Release 0.14.3

Fixed

  • Prioritize !important rules when computing element styles. #398

[Ruby] Release 0.14.3

Fixed

  • Prioritize !important rules when computing element styles. #398

[Rust] Release 0.14.3

Fixed

  • Prioritize !important rules when computing element styles. #398

[C] Release 0.14.2

Changed

  • Bump MSRV to 1.70.

Fixed

  • Replace double quotes when merging styles. #392

[JavaScript] Release 0.14.2

Changed

  • Bump MSRV to 1.70.

Fixed

  • Build on linux-arm-gnueabihf
  • Replace double quotes when merging styles. #392

[Python] Release 0.14.2

Changed

... (truncated)

Changelog

Sourced from css-inline's changelog.

[0.14.3] - 2024-11-14

Fixed

  • Prioritize !important rules when computing element styles. #398

[0.14.2] - 2024-11-11

Changed

  • Bump MSRV to 1.70.

Fixed

  • Replace double quotes when merging styles. #392

[0.14.1] - 2024-04-27

Fixed

  • Precedence of element styles over other styles. #364

[0.14.0] - 2024-04-01

Added

  • External stylesheet caching. #314
  • Inlining to HTML fragments. #335

Changed

  • Update html5ever to 0.27.
  • Update rayon to 1.10.

[0.13.0] - 2024-01-19

Added

  • A way to customize resolving remote stylesheets.
  • Support for the data-css-inline="keep" attribute to enforce keeping the style tag.

Changed

  • Replace attohttpc with reqwest to simplify implementing non-blocking stylesheet resolving in the future release.

Fixed

  • Lookups for previous / next siblings, affecting selectors like nth-child. #324

Performance

... (truncated)

Commits
  • 6c3d25e chore(c): Release 0.14.3
  • c8fe0af build(js): Add win32-arm64-msvc package
  • 606cc93 fix: prioritize important styles
  • 143cd63 chore(javascript): Update bundled WASM module
  • e38405b chore(javascript): Release 0.14.2
  • 0228eb8 chore(ruby): Release 0.14.2
  • 95b45d3 chore(python): Release 0.14.2
  • 5b3192d chore(c): Release 0.14.2
  • 8410fba build(js): Pin wasm-bindgen
  • bbf6b04 fix: double quote when extending inline styles
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
sonarcloud[bot] commented 1 day ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud