Santandersecurityresearch / DrHeader

drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
MIT License
105 stars 26 forks source link

Bump coverage from 6.3.2 to 7.0.3 #282

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps coverage from 6.3.2 to 7.0.3.

Changelog

Sourced from coverage's changelog.

Version 7.0.3 — 2023-01-03

  • Fix: when using pytest-cov or pytest-xdist, or perhaps both, the combining step could fail with assert row is not None using 7.0.2. This was due to a race condition that has always been possible and is still possible. In 7.0.1 and before, the error was silently swallowed by the combining code. Now it will produce a message "Couldn't combine data file" and ignore the data file as it used to do before 7.0.2. Closes issue 1522_.

.. _issue 1522: nedbat/coveragepy#1522

.. _changes_7-0-2:

Version 7.0.2 — 2023-01-02

  • Fix: when using the [run] relative_files = True setting, a relative [paths] pattern was still being made absolute. This is now fixed, closing issue 1519_.

  • Fix: if Python doesn't provide tomllib, then TOML configuration files can only be read if coverage.py is installed with the [toml] extra. Coverage.py will raise an error if TOML support is not installed when it sees your settings are in a .toml file. But it didn't understand that [tools.coverage] was a valid section header, so the error wasn't reported if you used that header, and settings were silently ignored. This is now fixed, closing issue 1516_.

  • Fix: adjusted how decorators are traced on PyPy 7.3.10, fixing issue 1515_.

  • Fix: the coverage lcov report did not properly implement the --fail-under=MIN option. This has been fixed.

  • Refactor: added many type annotations, including a number of refactorings. This should not affect outward behavior, but they were a bit invasive in some places, so keep your eyes peeled for oddities.

  • Refactor: removed the vestigial and long untested support for Jython and IronPython.

.. _issue 1515: nedbat/coveragepy#1515 .. _issue 1516: nedbat/coveragepy#1516 .. _issue 1519: nedbat/coveragepy#1519

.. _changes_7-0-1:

Version 7.0.1 — 2022-12-23

... (truncated)

Commits
  • 2ff9098 docs: prep for 7.0.3
  • 1f34d8b fix: race condition on data file shouldn't break combining. #1522
  • 85170bf build: two-step combines for speed
  • 1605f07 mypy: misc.py, test_misc.py
  • 4f3ccf2 refactor: a better way to have maybe-importable third-party modules
  • 98301ed mypy: test_config.py, test_context.py
  • 9d2e1b0 mypy: test_concurrency.py, test_python.py
  • c3ee30c refactor(test): use tmp_path instead of tmpdir
  • 0b05b45 mypy: test_annotate.py test_arcs.py test_collector.py
  • 2090f79 style: better
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #283.