search

WardPearce / paaster

Paaster is a secure and user-friendly pastebin application that prioritizes privacy and simplicity. With end-to-end encryption and paste history, Paaster ensures that your pasted code remains confidential and accessible.
https://paaster.io
GNU Affero General Public License v3.0
453 stars 18 forks source link

Bump black from 24.4.2 to 24.8.0 in /backend/paaster #591

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps black from 24.4.2 to 24.8.0.

Release notes

Sourced from black's releases.

24.8.0

Stable style

  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

  • Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
  • Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
  • Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
  • Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
  • Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

  • Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

  • Fix blackd (and all extras installs) for docker container (#4357)
Changelog

Sourced from black's changelog.

24.8.0

Stable style

  • Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

  • Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

  • Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
  • Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
  • Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
  • Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
  • Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

  • Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

  • Fix blackd (and all extras installs) for docker container (#4357)
Commits
  • b965c2a Prepare release 24.8.0 (#4426)
  • 9ccf279 Document find_project_root ignoring pyproject.toml without [tool.black]...
  • 14b6e61 fix: Enhace black efficiently to skip directories listed in .gitignore (#4415)
  • b1c4dd9 fix: respect braces better in f-string parsing (#4422)
  • 4b4ae43 Fix incorrect linenos on fstring tokens with escaped newlines (#4423)
  • 7fa1faf docs: fix the installation command of extra for blackd (#4413)
  • 8827acc Bump sphinx from 7.3.7 to 7.4.0 in /docs (#4404)
  • b0da11d Bump furo from 2024.5.6 to 2024.7.18 in /docs (#4409)
  • 721dff5 fix: avoid formatting backslash strings inside f-strings (#4401)
  • 7e2afc9 Update actions/checkout to v4 to stop node deprecation warnings (#4379)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
vercel[bot] commented 3 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
paaster ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 5, 2024 9:36am
socket-security[bot] commented 3 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher

🚮 Removed packages: pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2, pypi/black@24.4.2

View full report↗︎

socket-security[bot] commented 3 months ago

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report↗︎

WardPearce commented 3 months ago 
@SocketSecurity ignore pypi/h11@0.14.0
@SocketSecurity ignore pypi/markdown-it-py@3.0.0
@SocketSecurity ignore pypi/dnspython@2.6.1
@SocketSecurity ignore pypi/httpcore@1.0.5
@SocketSecurity ignore pypi/idna@3.7
@SocketSecurity ignore pypi/motor@3.5.1
@SocketSecurity ignore pypi/litestar@2.10.0