diginomads / pycensus

Modern Python Package for US Census API
Apache License 2.0
1 stars 0 forks source link

:arrow_up: Bump distlib from 0.3.6 to 0.3.7 #35

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps distlib from 0.3.6 to 0.3.7.

Changelog

Sourced from distlib's changelog.

0.3.7


Released: 2023-07-17
  • database

    • Handle newlines when parsing metadata.
  • markers

    • Use version comparison logic for python_full_version. Thanks to Albert Peschar for the patch.

    • Simplify code with a set comprehension. Thanks to Christian Clauss for the patch.

  • scripts

    • Fix shebang computation for source builds of Python. Thanks to Eli Schwartz for the patch.
  • util

    • Extract tarfiles more safely by incorporating tarfile filters. Thanks to Petr Viktorin for the patch.

    • Check for 'has_cert' attribute before using it. Thanks to Lumir Balhar for the patch.

    • Fix #203: Handle parsing of export entries to allow script names such as "," or ",foo". Thanks to Flavio Amurrio for the report.

  • versions

    • Fix #200: Improve conformance to PEP440. Thanks to GitHub user con-f-use for the report.

In addition to the above, an SPDX license identifier is now used.

Commits
  • ede595b Changes for 0.3.7.
  • e849976 Improve implementation.
  • ac36501 Fix #203: Handle name parsing of export entries correctly.
  • a59c714 Remove CPython 2.7 from GitHub Actions matrix.
  • 37a4fce Extract tarballs more safely on Python with tarfile filters (PEP 706) (GH-201)
  • 0e9bfc0 Pin Sphinx version.
  • 716cdef Update Read The Docs configuration.
  • ffe7838 Remove distutils.sysconfig dependency.
  • 6181c59 Fix #200: Tighten conformance to PEP440.
  • 275a4b6 Check for cert_file attribute before accessing it (#198)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)