search

blacklanternsecurity / badsecrets

A library for detecting known secrets across many web frameworks
GNU General Public License v3.0
517 stars 44 forks source link

Bump poetry-dynamic-versioning from 0.21.5 to 1.4.1 #137

Closed dependabot[bot] closed 6 days ago

dependabot[bot] commented 1 week ago

Bumps poetry-dynamic-versioning from 0.21.5 to 1.4.1.

Release notes

Sourced from poetry-dynamic-versioning's releases.

v1.4.1 (2024-09-10)

  • Fixed:
    • The enable command would fail when the pyproject.toml tables were out of order.

v1.4.0 (2024-06-17)

  • Added:

    • The plugin now supports Poetry's upcoming PEP-621 functionality. More info here: python-poetry/poetry#3332

      If your pyproject.toml defines tool.poetry.name, then the plugin will preserve its existing behavior.

      However, if your pyproject.toml:

      • does not define tool.poetry.name
      • defines project.name
      • defines project.dynamic to include "version"
      • does not define project.version

      ...then the plugin will enable its PEP-621 functionality.

      Because PEP-621 support is not yet released and finalized in Poetry itself, it is also subject to change in the plugin.

      (Prototyped by edgarrmondragon)

v1.3.0 (2024-04-29)

  • Added:
    • pattern-prefix option to add a prefix to the version tag pattern.
    • ignore-untracked option to control the detection of dirty state.
    • from-file config section to read a version from a file instead of the VCS.
    • POETRY_DYNAMIC_VERSIONING_DEBUG environment variable for some logging.
  • Changed:
    • Updated Dunamai to 1.21.0+ for the latest features.

v1.2.0 (2023-12-02)

  • Added:
    • initial-content-jinja option in tool.poetry-dynamic-versioning.files section.
  • Fixed:
    • Line ending style was not preserved in some cases because of the default behavior of pathlib.Path.read_text. To avoid this, pathlib.Path.read_bytes is used instead now. (Contributed by nardi)

v1.1.1 (2023-10-27)

  • Fixed:
    • Custom substitutions in pyproject.toml weren't cleaned up correctly. This was because the plugin would record the "original" content of the file after the version and enable fields had already been changed. Now, substitutions are reverted first before reverting version and enable.

v1.1.0 (2023-10-01)

  • Added:
    • tool.poetry-dynamic-versioning.files config section. This allows you to create a file in a default state before applying substitutions to it. You can also leave the substitutions in place when the plugin deactivates.

v1.0.1 (2023-08-21)

  • Fixed:
    • Compatibility with poetry-core 1.7.0, which removed the poetry.core.semver module.
    • The enable command now constrains the plugin version to >=1.0.0,<2.0.0 to protect against any potential API changes.

... (truncated)

Changelog

Sourced from poetry-dynamic-versioning's changelog.

v1.4.1 (2024-09-10)

  • Fixed:
    • The enable command would fail when the pyproject.toml tables were out of order.

v1.4.0 (2024-06-17)

  • Added:

    • The plugin now supports Poetry's upcoming PEP-621 functionality. More info here: python-poetry/poetry#3332

      If your pyproject.toml defines tool.poetry.name, then the plugin will preserve its existing behavior.

      However, if your pyproject.toml:

      • does not define tool.poetry.name
      • defines project.name
      • defines project.dynamic to include "version"
      • does not define project.version

      ...then the plugin will enable its PEP-621 functionality.

      Because PEP-621 support is not yet released and finalized in Poetry itself, it is also subject to change in the plugin.

      (Prototyped by edgarrmondragon)

v1.3.0 (2024-04-29)

  • Added:
    • pattern-prefix option to add a prefix to the version tag pattern.
    • ignore-untracked option to control the detection of dirty state.
    • from-file config section to read a version from a file instead of the VCS.
    • POETRY_DYNAMIC_VERSIONING_DEBUG environment variable for some logging.
  • Changed:
    • Updated Dunamai to 1.21.0+ for the latest features.

v1.2.0 (2023-12-02)

  • Added:
    • initial-content-jinja option in tool.poetry-dynamic-versioning.files section.
  • Fixed:
    • Line ending style was not preserved in some cases because of the default behavior of pathlib.Path.read_text. To avoid this, pathlib.Path.read_bytes is used instead now. (Contributed by nardi)

v1.1.1 (2023-10-27)

  • Fixed:

... (truncated)

Commits
  • 54d9d15 Release v1.4.1
  • aa2658a #190: Fix out-of-order tables in TOML edit
  • 84c9338 Temporarily allow failures in the PEP 621 branch of Poetry
  • 8535154 Avoid 'poetry self' in test when managed by Pipx
  • 0a240b0 Allow integration tests to install plugin via Pipx
  • 0aedb7e Add --pipx option to install task
  • 500f406 Fix lock file
  • 8757525 #187: Add manpage
  • b7d1957 Disable Python 3.7 in CI due to Poetry installation errors
  • dd3846a Exclude faulty Poetry versions from CI
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
liquidsec commented 1 week ago

@dependabot recreate

codecov-commenter commented 6 days ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 99.75%. Comparing base (b92163f) to head (f986476). Report is 4 commits behind head on dev.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## dev #137 +/- ## ======================================= Coverage 99.75% 99.75% ======================================= Files 22 22 Lines 1635 1635 ======================================= Hits 1631 1631 Misses 4 4 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.