search

canonical / lego-base-k8s-operator

Base library for building Lego Kubernetes operators
https://charmhub.io/lego-base-k8s
Apache License 2.0
0 stars 3 forks source link

chore: bump the pip_dependencies group with 3 updates #147

Closed dependabot[bot] closed 1 week ago

dependabot[bot] commented 1 week ago

Bumps the pip_dependencies group with 3 updates: ops, pyright and ruff.

Updates ops from 2.14.0 to 2.14.1

Release notes

Sourced from ops's releases.

2.14.1 Fix a possible Pebble exec hang and minor other fixes

What's Changed

No new features with this release, but it includes a significant fix for Pebble exec to avoid hanging when Pebble is unable to respond quickly.

We've also corrected the Harness behaviour when working with secrets when the secret does not exist or the charm does not have permission to view/modify it, and also expanded the API reference documentation for secrets.

Fixes

Tests

Documentation

CI

Thanks go to the members of the Canonical security teams who helped out putting the security policy together!

Full Changelog: https://github.com/canonical/operator/compare/2.14.0...2.14.1

Changelog

Sourced from ops's changelog.

2.14.1 - 27 Jun 2024

Fixes

  • Add connect timeout for exec websockets to avoid hanging (#1247)
  • Adjust Harness secret behaviour to align with Juju (#1248)

Tests

  • Fix TypeError when running test.pebble_cli (#1245)
  • Properly clean up after running setup_root_logging in test_log (#1259)
  • Verify that defer() is not usable on stop,remove,secret-expired,secret-rotate (#1233)

Documentation

  • Fix HACKING.md link on PyPI, and internal links (#1261, #1236)
  • Add a section to HACKING.md on PR titles (commit messages to main) (#1252)
  • Add release step to update pinned charm tests (#1213)
  • Add a security policy (#1266)

CI

  • Only run tests once on push to PR (#1242)
  • Validate PR title against conventional commit rules in (#1262)
  • Only update ops, not all dependencies, in charm tests in (#1275)
  • Add artefact attestation (#1267)
Commits
  • 5cc2216 chore: add changelog entries and bump version for 2.14.1 (#1276)
  • 1a11311 docs: add main to ops api reference (#1273)
  • ed90f3e docs: add a basic security policy (#1266)
  • bed3d44 ci: add artefact attestation (using GitHub / SigStore) (#1267)
  • 6a2b165 ci: only update ops, not all dependencies (#1275)
  • 79706f4 fix: adjust Harness secret behaviour to align with Juju (#1248)
  • 89ea7f4 ci: validate PR title against conventional commit rules (#1262)
  • eb52cef chore(deps): bump urllib3 from 2.2.1 to 2.2.2 in /docs (#1264)
  • 808fb8f chore: make dependabot and update-charm-tests only happen monthly (#1260)
  • daa0552 docs: add a section to HACKING.md on PR titles (commit messages to main) (#1252)
  • Additional commits viewable in compare view


Updates pyright from 1.1.368 to 1.1.369

Commits
  • 903dbc6 chore(ci): enable workflow_dispatch for releasing
  • 82d28c7 chore(internal): pin twine dependency
  • ffa917f [pyright updated to 1.1.369] Update Version (#279)
  • See full diff in compare view


Updates ruff from 0.4.10 to 0.5.0

Release notes

Sourced from ruff's releases.

0.5.0

Release Notes

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

  • Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
  • Selecting ALL now excludes deprecated rules
  • The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
  • The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
  • The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

Remapped rules

The following rules have been remapped to new rule codes:

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Changelog

Sourced from ruff's changelog.

0.5.0

Check out the blog post for a migration guide and overview of the changes!

Breaking changes

See also, the "Remapped rules" section which may result in disabled rules.

  • Follow the XDG specification to discover user-level configurations on macOS (same as on other Unix platforms)
  • Selecting ALL now excludes deprecated rules
  • The released archives now include an extra level of nesting, which can be removed with --strip-components=1 when untarring.
  • The release artifact's file name no longer includes the version tag. This enables users to install via /latest URLs on GitHub.
  • The diagnostic ranges for some flake8-bandit rules were modified (#10667).

Deprecations

The following rules are now deprecated:

Remapped rules

The following rules have been remapped to new rule codes:

Stabilization

The following rules have been stabilized and are no longer in preview:

... (truncated)

Commits
  • 244b923 Add necessary permissions for cargo-dist Docker build (#12072)
  • a8b48fc Release v0.5.0 (#12068)
  • 04c8597 [flake8-simplify] Stabilize detection of Yoda conditions for "constant" col...
  • 4029a25 [Ruff v0.5] Stabilise 15 pylint rules (#12051)
  • 0917ce1 Update documentation to mention etcetera crate instead of dirs for user c...
  • 22cebdf Add server config to filter out syntax error diagnostics (#12059)
  • 72b6c26 Simplify LinterResult, avoid cloning ParseError (#11903)
  • 73851e7 Avoid displaying syntax error as log message (#11902)
  • e7b4969 Remove E999 as a rule, disallow any disablement methods for syntax error (#...
  • c98d8a0 [pyflakes] Stabilize detection of is comparisons to lists, etc. (F632) (#...
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions