Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.
Release Notes
python-poetry/poetry (poetry)
### [`v1.8.2`](https://togithub.com/python-poetry/poetry/blob/HEAD/CHANGELOG.md#182---2024-03-02)
[Compare Source](https://togithub.com/python-poetry/poetry/compare/1.8.1...1.8.2)
##### Fixed
- Harden `lazy-wheel` error handling if the index server is behaving badly in an unexpected way ([#9051](https://togithub.com/python-poetry/poetry/pull/9051)).
- Improve `lazy-wheel` error handling if the index server does not handle HTTP range requests correctly ([#9082](https://togithub.com/python-poetry/poetry/pull/9082)).
- Improve `lazy-wheel` error handling if the index server pretends to support HTTP range requests but does not respect them ([#9084](https://togithub.com/python-poetry/poetry/pull/9084)).
- Improve `lazy-wheel` to allow redirects for HEAD requests ([#9087](https://togithub.com/python-poetry/poetry/pull/9087)).
- Improve debug logging for `lazy-wheel` errors ([#9059](https://togithub.com/python-poetry/poetry/pull/9059)).
- Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue ([#9048](https://togithub.com/python-poetry/poetry/pull/9048)).
- Fix an issue where `poetry add` failed in non-package mode if no project name was set ([#9046](https://togithub.com/python-poetry/poetry/pull/9046)).
- Fix an issue where a hint to non-package mode was not compliant with the final name of the setting ([#9073](https://togithub.com/python-poetry/poetry/pull/9073)).
pre-commit/pre-commit (pre-commit)
### [`v3.7.0`](https://togithub.com/pre-commit/pre-commit/blob/HEAD/CHANGELOG.md#370---2024-03-24)
[Compare Source](https://togithub.com/pre-commit/pre-commit/compare/v3.6.2...v3.7.0)
\==================
##### Features
- Use a tty for `docker` and `docker_image` hooks when `--color` is specified.
- [#3122](https://togithub.com/pre-commit/pre-commit/issues/3122) PR by [@glehmann](https://togithub.com/glehmann).
##### Fixes
- Fix `fail_fast` for individual hooks stopping when previous hooks had failed.
- [#3167](https://togithub.com/pre-commit/pre-commit/issues/3167) issue by [@tp832944](https://togithub.com/tp832944).
- [#3168](https://togithub.com/pre-commit/pre-commit/issues/3168) PR by [@asottile](https://togithub.com/asottile).
##### Updating
- The per-hook behaviour of `fail_fast` was fixed. If you want the pre-3.7.0
behaviour, add `fail_fast: true` to all hooks before the last `fail_fast`
hook.
psf/black (psf/black)
### [`v24.3.0`](https://togithub.com/psf/black/blob/HEAD/CHANGES.md#2430)
[Compare Source](https://togithub.com/psf/black/compare/24.2.0...24.3.0)
##### Highlights
This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).
This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.
##### Stable style
- Don't move comments along with delimiters, which could cause crashes ([#4248](https://togithub.com/psf/black/issues/4248))
- Strengthen AST safety check to catch more unsafe changes to strings. Previous versions
of Black would incorrectly format the contents of certain unusual f-strings containing
nested strings with the same quote type. Now, Black will crash on such strings until
support for the new f-string syntax is implemented. ([#4270](https://togithub.com/psf/black/issues/4270))
- Fix a bug where line-ranges exceeding the last code line would not work as expected
([#4273](https://togithub.com/psf/black/issues/4273))
##### Performance
- Fix catastrophic performance on docstrings that contain large numbers of leading tab
characters. This fixes
[CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503).
([#4278](https://togithub.com/psf/black/issues/4278))
##### Documentation
- Note what happens when `--check` is used with `--quiet` ([#4236](https://togithub.com/psf/black/issues/4236))
shellcheck-py/shellcheck-py (shellcheck-py/shellcheck-py)
### [`v0.10.0.1`](https://togithub.com/shellcheck-py/shellcheck-py/compare/v0.9.0.6...v0.10.0.1)
[Compare Source](https://togithub.com/shellcheck-py/shellcheck-py/compare/v0.9.0.6...v0.10.0.1)
Configuration
📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
1.8.1->1.8.2==3.6.2->==3.7.024.2.0->24.3.0v0.9.0.6->v0.10.0.1Note: The
pre-commitmanager in Renovate is not supported by thepre-commitmaintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.Release Notes
python-poetry/poetry (poetry)
### [`v1.8.2`](https://togithub.com/python-poetry/poetry/blob/HEAD/CHANGELOG.md#182---2024-03-02) [Compare Source](https://togithub.com/python-poetry/poetry/compare/1.8.1...1.8.2) ##### Fixed - Harden `lazy-wheel` error handling if the index server is behaving badly in an unexpected way ([#9051](https://togithub.com/python-poetry/poetry/pull/9051)). - Improve `lazy-wheel` error handling if the index server does not handle HTTP range requests correctly ([#9082](https://togithub.com/python-poetry/poetry/pull/9082)). - Improve `lazy-wheel` error handling if the index server pretends to support HTTP range requests but does not respect them ([#9084](https://togithub.com/python-poetry/poetry/pull/9084)). - Improve `lazy-wheel` to allow redirects for HEAD requests ([#9087](https://togithub.com/python-poetry/poetry/pull/9087)). - Improve debug logging for `lazy-wheel` errors ([#9059](https://togithub.com/python-poetry/poetry/pull/9059)). - Fix an issue where the hash of a metadata file could not be calculated correctly due to an encoding issue ([#9048](https://togithub.com/python-poetry/poetry/pull/9048)). - Fix an issue where `poetry add` failed in non-package mode if no project name was set ([#9046](https://togithub.com/python-poetry/poetry/pull/9046)). - Fix an issue where a hint to non-package mode was not compliant with the final name of the setting ([#9073](https://togithub.com/python-poetry/poetry/pull/9073)).pre-commit/pre-commit (pre-commit)
### [`v3.7.0`](https://togithub.com/pre-commit/pre-commit/blob/HEAD/CHANGELOG.md#370---2024-03-24) [Compare Source](https://togithub.com/pre-commit/pre-commit/compare/v3.6.2...v3.7.0) \================== ##### Features - Use a tty for `docker` and `docker_image` hooks when `--color` is specified. - [#3122](https://togithub.com/pre-commit/pre-commit/issues/3122) PR by [@glehmann](https://togithub.com/glehmann). ##### Fixes - Fix `fail_fast` for individual hooks stopping when previous hooks had failed. - [#3167](https://togithub.com/pre-commit/pre-commit/issues/3167) issue by [@tp832944](https://togithub.com/tp832944). - [#3168](https://togithub.com/pre-commit/pre-commit/issues/3168) PR by [@asottile](https://togithub.com/asottile). ##### Updating - The per-hook behaviour of `fail_fast` was fixed. If you want the pre-3.7.0 behaviour, add `fail_fast: true` to all hooks before the last `fail_fast` hook.psf/black (psf/black)
### [`v24.3.0`](https://togithub.com/psf/black/blob/HEAD/CHANGES.md#2430) [Compare Source](https://togithub.com/psf/black/compare/24.2.0...24.3.0) ##### Highlights This release is a milestone: it fixes Black's first CVE security vulnerability. If you run Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings, you are strongly encouraged to upgrade immediately to fix [CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503). This release also fixes a bug in Black's AST safety check that allowed Black to make incorrect changes to certain f-strings that are valid in Python 3.12 and higher. ##### Stable style - Don't move comments along with delimiters, which could cause crashes ([#4248](https://togithub.com/psf/black/issues/4248)) - Strengthen AST safety check to catch more unsafe changes to strings. Previous versions of Black would incorrectly format the contents of certain unusual f-strings containing nested strings with the same quote type. Now, Black will crash on such strings until support for the new f-string syntax is implemented. ([#4270](https://togithub.com/psf/black/issues/4270)) - Fix a bug where line-ranges exceeding the last code line would not work as expected ([#4273](https://togithub.com/psf/black/issues/4273)) ##### Performance - Fix catastrophic performance on docstrings that contain large numbers of leading tab characters. This fixes [CVE-2024-21503](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21503). ([#4278](https://togithub.com/psf/black/issues/4278)) ##### Documentation - Note what happens when `--check` is used with `--quiet` ([#4236](https://togithub.com/psf/black/issues/4236))shellcheck-py/shellcheck-py (shellcheck-py/shellcheck-py)
### [`v0.10.0.1`](https://togithub.com/shellcheck-py/shellcheck-py/compare/v0.9.0.6...v0.10.0.1) [Compare Source](https://togithub.com/shellcheck-py/shellcheck-py/compare/v0.9.0.6...v0.10.0.1)Configuration
📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.