aio-libs / aiohttp-security

auth and permissions for aiohttp
Apache License 2.0
229 stars 68 forks source link

Bump coverage from 7.2.7 to 7.3.0 #643

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps coverage from 7.2.7 to 7.3.0.

Changelog

Sourced from coverage's changelog.

Version 7.3.0 — 2023-08-12

  • Added a :meth:.Coverage.collect context manager to start and stop coverage data collection.

  • Dropped support for Python 3.7.

  • Fix: in unusual circumstances, SQLite cannot be set to asynchronous mode. Coverage.py would fail with the error Safety level may not be changed inside a transaction. This is now avoided, closing issue 1646_. Thanks to Michael Bell for the detailed bug report.

  • Docs: examples of configuration files now include separate examples for the different syntaxes: .coveragerc, pyproject.toml, setup.cfg, and tox.ini.

  • Fix: added nosemgrep comments to our JavaScript code so that semgrep-based SAST security checks won't raise false alarms about security problems that aren't problems.

  • Added a CITATION.cff file, thanks to Ken Schackart <pull 1641_>_.

.. _pull 1641: nedbat/coveragepy#1641 .. _issue 1646: nedbat/coveragepy#1646

.. _changes_7-2-7:

Commits
  • 9c2f924 docs: sample HTML for 7.3.0
  • 0421fdb docs: prep for 7.3.0
  • f2aa871 build: move pylint config into pyproject.toml
  • 1873ccb docs: drop a bunch of badges
  • 5937a62 feat: cov.collect() context manager
  • da7ee52 build(deps): bump sigstore/gh-action-sigstore-python from 2.0.0 to 2.0.1
  • d87f64a test: excluding NotImplementedError excluded too much
  • e51b1f7 test: ensure lines are properly ignored during metacov
  • b02de96 test(refactor): abstract method compatible with both pytest and mypy
  • ada3ade test(build): PytestCollectionWarning should be an error
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #652.