chore(deps-dev): bump black, bump flake8, remove unused dev-dependencies

[dependabot[bot]]

A summary of the manual updates to this PR:

• In my local setup, I observed a conflict between the behavior of black@v24.8.0 and the existing version of flake8 dependency. I suspect this is because we are using an old version of flake8.
• I have updated flake8 to the latest version which was released 3 months ago. Release History: https://pypi.org/project/flake8/#history
• The existing version of the dependency flake8-annotations is not compatible with flake8@v7.1.1. Ideally, we will need to upgrade it to a compatible version. But that would increase the size of changes in this PR. Removing this dependency has not broken any of the tests. I believe it does not break any functionality of the library either.
• On similar lines, MarkupSafe dev-dependency (https://pypi.org/project/MarkupSafe/) is not used inside the xrpl-py client library. I'd have preferred to remove the dead-dependencies in a separate PR, but this PR was frozen due to an old poetry.lock file after this commit: 0b11443. I took this opportunity to clean up the unused dependency.
• As a result of the black version upgrade, certain files had to undergo minor changes. Please check the last 3 commits for those changes. All the other linter changes were performed by black automatically.

Bumps black from 23.3.0 to 24.8.0.

Release notes

Sourced from black's releases.

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
• Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
• Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
• Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
• Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

• Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

• Fix blackd (and all extras installs) for docker container (#4357)

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

• Fix regression where certain complex f-strings failed to parse (#4332)

Performance

• Fix bad performance on certain complex string literals (#4331)

24.4.1

Highlights

• Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

• Fix crash involving indented dummy functions containing newlines (#4318)

... (truncated)

Changelog

Sourced from black's changelog.

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)
• Fix regression where Black failed to parse an escaped single quote inside an f-string (#4401)
• Fix bug with Black incorrectly parsing empty lines with a backslash (#4343)
• Fix bugs with Black's tokenizer not handling \{ inside f-strings very well (#4422)
• Fix incorrect line numbers in the tokenizer for certain tokens within f-strings (#4423)

Performance

• Improve performance when a large directory is listed in .gitignore (#4415)

Blackd

• Fix blackd (and all extras installs) for docker container (#4357)

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

• Fix regression where certain complex f-strings failed to parse (#4332)

Performance

• Fix bad performance on certain complex string literals (#4331)

24.4.1

Highlights

• Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

... (truncated)

Commits

• b965c2a Prepare release 24.8.0 (#4426)
• 9ccf279 Document find_project_root ignoring pyproject.toml without [tool.black]...
• 14b6e61 fix: Enhace black efficiently to skip directories listed in .gitignore (#4415)
• b1c4dd9 fix: respect braces better in f-string parsing (#4422)
• 4b4ae43 Fix incorrect linenos on fstring tokens with escaped newlines (#4423)
• 7fa1faf docs: fix the installation command of extra for blackd (#4413)
• 8827acc Bump sphinx from 7.3.7 to 7.4.0 in /docs (#4404)
• b0da11d Bump furo from 2024.5.6 to 2024.7.18 in /docs (#4409)
• 721dff5 fix: avoid formatting backslash strings inside f-strings (#4401)
• 7e2afc9 Update actions/checkout to v4 to stop node deprecation warnings (#4379)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
pypi/black@24.8.0	environment, eval, filesystem, network, shell, unsafe	0	6.26 MB	JelleZijlstra, ambv, cooperlees, ...2 more
pypi/mccabe@0.7.0	eval, filesystem	0	36.1 kB	flox
pypi/pycodestyle@2.12.1	environment, filesystem	0	161 kB	IanLee1521, asottile
pypi/pyflakes@3.2.0	environment, eval, filesystem, shell	0	307 kB	asottile, bitglue, flox

🚮 Removed packages: pypi/black@23.3.0, pypi/flake8-absolute-import@1.0.0.1, pypi/flake8-annotations@2.7.0, pypi/flake8@4.0.1, pypi/markupsafe@3.0.2, pypi/mccabe@0.6.1, pypi/pycodestyle@2.8.0, pypi/pyflakes@2.4.0

View full report↗︎

[ckeshava]

@dependabot rebase

[mvadari]

This PR will fail until someone runs black --fix on all the changes

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit , please review it.` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[ckeshava]

@mvadari black does not have a command line option titled --fix. As per their recent release notes, black does not support Python 3.8 anymore.

In my local system, I don't observe these errors, if black is executed with the following environment:

➜  xrpl-py git:(dependabot/pip/black-24.8.0) python --version
Python 3.11.6
➜  xrpl-py git:(dependabot/pip/black-24.8.0) poetry --version
Poetry (version 1.8.3)

Can we upgrade the version of Python and Poetry to more recent values? Is it necessary to set the CI/CD environment to the minimum supported Python version?

[mvadari]

black does not have a command line option titled --fix. As per their recent release notes, black does not support Python 3.8 anymore.

Sorry, I remembered the wrong syntax - just poetry run black xrpl will fix everything.

In my local system, I don't observe these errors, if black is executed with the following environment:

➜  xrpl-py git:(dependabot/pip/black-24.8.0) python --version
Python 3.11.6
➜  xrpl-py git:(dependabot/pip/black-24.8.0) poetry --version
Poetry (version 1.8.3)

I observe the errors with these settings:

xrpl-py % poetry run python --version
Python 3.11.4
xrpl-py % poetry --version
Poetry (version 1.8.4)

Can we upgrade the version of Python and Poetry to more recent values? Is it necessary to set the CI/CD environment to the minimum supported Python version?

We shouldn't remove support for old Python versions without a need. Why remove backwards compatibility if you don't have to?

[ckeshava]

@mvadari I'm unable to replicate the behavior of the CI/CD step. I don't get the BLK100 error message, despite having identical environment installation.

➜  xrpl-py git:(dependabot/pip/black-24.8.0) poetry run flake8 xrpl tests snippets --darglint-ignore-regex="^_(.*)"
➜  xrpl-py git:(dependabot/pip/black-24.8.0) black --version                                                       
black, 24.8.0 (compiled: yes)
Python (CPython) 3.8.18
➜  xrpl-py git:(dependabot/pip/black-24.8.0) python --version
Python 3.8.18
➜  xrpl-py git:(dependabot/pip/black-24.8.0) poetry --version
Poetry (version 1.8.3)
➜  xrpl-py git:(dependabot/pip/black-24.8.0) poetry run flake8 xrpl tests snippets --darglint-ignore-regex="^_(.*)"
➜  xrpl-py git:(dependabot/pip/black-24.8.0) 

As far as I see it, these environment variables are identical to the CI/CD system.(Except for the MacOS and arm64 architecture)

[ckeshava]

I didn't find any usage of @deprecated decorator in the codebase. As indicated in this commit: 02fc14a, we can remove these two dependencies.

Older rippled API versions are indicated by explicit version numbers, rather than a deprecated tag.

[mvadari]

I didn't find any usage of @deprecated decorator in the codebase. As indicated in this commit: 02fc14a, we can remove these two dependencies.

Older rippled API versions are indicated by explicit version numbers, rather than a deprecated tag.

I believe all the @deprecated functions were removed. IMO we shouldn't remove the dependencies, in case we want to deprecate functions in the future.

[ckeshava]

I believe all the @deprecated functions were removed. IMO we shouldn't remove the dependencies, in case we want to deprecate functions in the future.

Are there valid uses for the @deprecated decorator? Won't we gate the "deprecated" methods under older API versions? Why would we need this dependency?

[mvadari]

Are there valid uses for the @deprecated decorator? Won't we gate the "deprecated" methods under older API versions? Why would we need this dependency?

It's used for deprecated xrpl-py things, not deprecated rippled things.