Bump the all group with 7 updates

[dependabot[bot]]

Bumps the all group with 7 updates:

Package	From	To
aiohttp	3.9.1	3.9.5
frozenlist	1.4.0	1.4.1
multidict	6.0.4	6.0.5
filelock	3.15.1	3.15.4
pip	24.0	24.1
setuptools	70.0.0	70.1.0
virtualenv	20.26.2	20.26.3

Updates aiohttp from 3.9.1 to 3.9.5

Release notes

Sourced from aiohttp's releases.

3.9.5

Bug fixes

• Fixed "Unclosed client session" when initialization of :py:class:~aiohttp.ClientSession fails -- by :user:NewGlad.

  Related issues and pull requests on GitHub: #8253.

• Fixed regression (from :pr:8280) with adding Content-Disposition to the form-data part after appending to writer -- by :user:Dreamsorcerer/:user:Olegt0rr.

  Related issues and pull requests on GitHub: #8332.

• Added default Content-Disposition in multipart/form-data responses to avoid broken form-data responses -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: #8335.

---

3.9.4

Bug fixes

• The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:webknjaz.

  Related issues and pull requests on GitHub: #8089.

• Treated values of Accept-Encoding header as case-insensitive when checking for gzip files -- by :user:steverep.

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.9.5 (2024-04-16)

Bug fixes

• Fixed "Unclosed client session" when initialization of :py:class:~aiohttp.ClientSession fails -- by :user:NewGlad.

  Related issues and pull requests on GitHub: :issue:8253.

• Fixed regression (from :pr:8280) with adding Content-Disposition to the form-data part after appending to writer -- by :user:Dreamsorcerer/:user:Olegt0rr.

  Related issues and pull requests on GitHub: :issue:8332.

• Added default Content-Disposition in multipart/form-data responses to avoid broken form-data responses -- by :user:Dreamsorcerer.

  Related issues and pull requests on GitHub: :issue:8335.

---

3.9.4 (2024-04-11)

Bug fixes

• The asynchronous internals now set the underlying causes when assigning exceptions to the future objects -- by :user:webknjaz.

  Related issues and pull requests on GitHub: :issue:8089.

... (truncated)

Commits

• b844d42 Release v3.9.5 (#8340)
• 0415a4c Patchback/backports/3.9/5fd29467fb63efdfae1ace280cec36b1f8139567/pr 8290 (#8311)
• f21c6f2 [PR #8335/5a6949da backport][3.9] Add Content-Disposition automatically (#8336)
• 7eecdff [PR #8332/482e6cdf backport][3.9] Add set_content_disposition test (#8333)
• 82fbe64 [PR #8324/4a8fd08b backport][3.9] Add missing changelogs (#8330)
• 01df7ec Bump version
• 7917ae2 Merge 3.1
• b3397c7 Release v3.9.4 (#8201)
• a7e240a [PR #8320/9ba9a4e5 backport][3.9] Fix Python parser to mark responses without...
• 2833552 Escape filenames and paths in HTML when generating index pages (#8317) (#8319)
• Additional commits viewable in compare view

Updates frozenlist from 1.4.0 to 1.4.1

Release notes

Sourced from frozenlist's releases.

1.4.1

Packaging updates and notes for downstreams

• Declared Python 3.12 and PyPy 3.8-3.10 supported officially in the distribution package metadata.

  Related issues and pull requests on GitHub: #553.

• Replaced the packaging is replaced from an old-fashioned :file:setup.py to an in-tree :pep:517 build backend -- by :user:webknjaz.

  Whenever the end-users or downstream packagers need to build frozenlist from source (a Git checkout or an sdist), they may pass a config_settings flag pure-python. If this flag is not set, a C-extension will be built and included into the distribution.

  Here is how this can be done with pip:

  .. code-block:: console

  $ python3 -m pip install . --config-settings=pure-python=
  

  This will also work with -e | --editable.

  The same can be achieved via pypa/build:

  .. code-block:: console

  $ python3 -m build --config-setting=pure-python=
  

  Adding -w | --wheel can force pypa/build produce a wheel from source directly, as opposed to building an sdist and then building from it.

  Related issues and pull requests on GitHub: #560.

Contributor-facing changes

• It is now possible to request line tracing in Cython builds using the with-cython-tracing :pep:517 config setting -- :user:webknjaz.

  This can be used in CI and development environment to measure coverage on Cython modules, but is not normally useful to the end-users or

... (truncated)

Changelog

Sourced from frozenlist's changelog.

1.4.1 (2023-12-15)

Packaging updates and notes for downstreams

• Declared Python 3.12 and PyPy 3.8-3.10 supported officially in the distribution package metadata.

  Related issues and pull requests on GitHub: :issue:553.

• Replaced the packaging is replaced from an old-fashioned :file:setup.py to an in-tree :pep:517 build backend -- by :user:webknjaz.

  Whenever the end-users or downstream packagers need to build frozenlist from source (a Git checkout or an sdist), they may pass a config_settings flag pure-python. If this flag is not set, a C-extension will be built and included into the distribution.

  Here is how this can be done with pip:

  .. code-block:: console

  $ python3 -m pip install . --config-settings=pure-python=
  

  This will also work with -e | --editable.

  The same can be achieved via pypa/build:

  .. code-block:: console

  $ python3 -m build --config-setting=pure-python=
  

  Adding -w | --wheel can force pypa/build produce a wheel from source directly, as opposed to building an sdist and then building from it.

  Related issues and pull requests on GitHub: :issue:560.

Contributor-facing changes

• It is now possible to request line tracing in Cython builds using the with-cython-tracing :pep:517 config setting -- :user:webknjaz.

... (truncated)

Commits

• 457b28e ⇪📦 Bump to v1.4.1
• 4998859 📝 Mark "dev" as a known word
• 3d740da ⇪📦 Bump to v1.4.1.dev0
• d92751c 🧪 Cache pre-commit.com virtualenvs @ CI
• 7394415 🧪🐛 List explicit MyPy coverage.xml paths @ CI
• a26ba84 🧪 Update codecov action input to plural files
• e12ecf6 🧪 Upload MyPy coverage to Codecov
• 59b9a74 🐛🧪 Fix the operator in test_lt
• 01720b2 🧪 Keep building macosx_x86_64 wheels for tests
• d9f5e0c 🧪💅 Add a reusable project name var to CI/CD
• Additional commits viewable in compare view

Updates multidict from 6.0.4 to 6.0.5

Release notes

Sourced from multidict's releases.

6.0.5

Bug fixes

• Upgraded the C-API macros that have been deprecated in Python 3.9 and later removed in 3.13 -- by @​iemelyanov💰.

  Related issues and pull requests on GitHub: #862, #864, #868, #898.

• Reverted to using the public argument parsing API PyArg_ParseTupleAndKeywords() under Python 3.12 -- by @​charles-dyfis-net💰 and @​webknjaz💰.

  The effect is that this change prevents build failures with clang 16.9.6 and gcc-14 reported in #926. It also fixes a segmentation fault crash caused by passing keyword arguments to MultiDict.getall() discovered by @​jonaslb💰 and @​hroncok💰 while examining the problem.

  Related issues and pull requests on GitHub: #862, #909, #926, #929.

• Fixed a SystemError: null argument to internal routine error on a MultiDict.items().isdisjoint() call when using C Extensions.

  Related issues and pull requests on GitHub: #927.

Improved documentation

• On the Contributing docs age, a link to the Towncrier philosophy has been fixed.

  Related issues and pull requests on GitHub: #911.

Packaging updates and notes for downstreams

• Stopped marking all files as installable package data -- by @​webknjaz💰.

  This change helps setuptools understand that C-headers are not to be installed under lib/python3.{x}/site-packages/.

  Related commits on GitHub: 31e1170.

... (truncated)

Changelog

Sourced from multidict's changelog.

6.0.5 (2024-02-01)

Bug fixes

• Upgraded the C-API macros that have been deprecated in Python 3.9 and later removed in 3.13 -- by :user:iemelyanov.

  Related issues and pull requests on GitHub: :issue:862, :issue:864, :issue:868, :issue:898.

• Reverted to using the public argument parsing API :c:func:PyArg_ParseTupleAndKeywords under Python 3.12 -- by :user:charles-dyfis-net and :user:webknjaz.

  The effect is that this change prevents build failures with clang 16.9.6 and gcc-14 reported in :issue:926. It also fixes a segmentation fault crash caused by passing keyword arguments to :py:meth:MultiDict.getall() <multidict.MultiDict.getall> discovered by :user:jonaslb and :user:hroncok while examining the problem.

  Related issues and pull requests on GitHub: :issue:862, :issue:909, :issue:926, :issue:929.

• Fixed a SystemError: null argument to internal routine error on a MultiDict.items().isdisjoint() call when using C Extensions.

  Related issues and pull requests on GitHub: :issue:927.

Improved documentation

• On the Contributing docs <https://github.com/aio-libs/multidict/blob/master/CHANGES/README.rst>_ page, a link to the Towncrier philosophy has been fixed.

  Related issues and pull requests on GitHub:

... (truncated)

Commits

• a9b281b ⇪ 📦 Release v6.0.5
• ed825c8 🧪 Download artifacts to dist/ @ release job
• 7b04a64 🧪 Normalize issue refs @ release action
• 74840e8 🧪 Pass Codecov token to reusable linters job
• 41c133e 🧪 Bump Codecov action to v4
• adb1976 📝 Fix return type @ Sphinx config
• 99e435f 📝 Mention bylines in the changelog guidelines
• 736169e 📝 Clarify need to only ref PR @ change note name
• 887846f 📝 Highlight the RST term @ changelog guide
• 8f57f8a 📝 Add a missing comma @ changelog guide
• Additional commits viewable in compare view

Updates filelock from 3.15.1 to 3.15.4

Release notes

Sourced from filelock's releases.

3.15.4

What's Changed

• Pass file_lock as positional argument by @​kwist-sgr in tox-dev/filelock#347

Full Changelog: https://github.com/tox-dev/filelock/compare/3.15.3...3.15.4

3.15.3

What's Changed

• Add test for virtualenv stability by @​gaborbernat in tox-dev/filelock#344
• Fix TypeError: _CountedFileLock.__init__() got an unexpected keyword argument 'timeout' by @​kwist-sgr in tox-dev/filelock#345

Full Changelog: https://github.com/tox-dev/filelock/compare/3.15.2...3.15.3

3.15.2

What's Changed

• Use a metaclass to implement the singleton pattern by @​kwist-sgr in tox-dev/filelock#340

New Contributors

• @​kwist-sgr made their first contribution in tox-dev/filelock#340

Full Changelog: https://github.com/tox-dev/filelock/compare/3.15.1...3.15.2

Commits

• 9a979df Pass file_lock as positional argument (#347)
• 3a79343 Fix `TypeError: _CountedFileLock.init() got an unexpected keyword argumen...
• 81d4cf9 Add test for virtualenv stability (#344)
• 192f1ef Use a metaclass to implement the singleton pattern (#340)
• 48788c5 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#341)
• 7bd3b7b [pre-commit.ci] pre-commit autoupdate (#342)
• See full diff in compare view

Updates pip from 24.0 to 24.1

Changelog

Sourced from pip's changelog.

24.1 (2024-06-20)

Vendored Libraries

• Upgrade truststore to 0.9.1.

24.1b2 (2024-06-12)

Features

• Report informative messages about invalid requirements. ([#12713](https://github.com/pypa/pip/issues/12713) <https://github.com/pypa/pip/issues/12713>_)

Bug Fixes

• Eagerly import the self version check logic to avoid crashes while upgrading or downgrading pip at the same time. ([#12675](https://github.com/pypa/pip/issues/12675) <https://github.com/pypa/pip/issues/12675>_)
• Accommodate for mismatches between different sources of truth for extra names, for packages generated by setuptools. ([#12688](https://github.com/pypa/pip/issues/12688) <https://github.com/pypa/pip/issues/12688>_)
• Accommodate for development versions of CPython ending in + in the version string. ([#12691](https://github.com/pypa/pip/issues/12691) <https://github.com/pypa/pip/issues/12691>_)

Vendored Libraries

• Upgrade packaging to 24.1

• Upgrade requests to 2.32.0

• Remove vendored colorama

• Remove vendored six

• Remove vendored webencodings

• Remove vendored charset_normalizer

  requests provides optional character detection support on some APIs when processing ambiguous bytes. This isn't relevant for pip to function and we're able to remove it due to recent upstream changes.

24.1b1 (2024-05-06)

Deprecations and Removals

• Drop support for EOL Python 3.7. ([#11934](https://github.com/pypa/pip/issues/11934) <https://github.com/pypa/pip/issues/11934>_)

• Remove support for legacy versions and dependency specifiers.

  Packages with non standard-compliant versions or dependency specifiers are now ignored by the resolver. Already installed packages with non standard-compliant versions or dependency specifiers must be uninstalled before upgrading them. ([#12063](https://github.com/pypa/pip/issues/12063) <https://github.com/pypa/pip/issues/12063>_)

Features

... (truncated)

Commits

• bc877e6 Bump for release
• 075a3dd Merge pull request #12774 from uranusjr/disable-313-uri-test
• 205af8e Upgrade truststore to 0.9.1 (#12707)
• 87f874f Skip until 3.13.0b3 instead
• 596be04 Mark failing tests on Windows + Py3.13 as xfail
• d94806f Merge pull request #12764 from pradyunsg/pause-prepare-release-for-news-edits
• 71b1688 Merge pull request #12763 from pradyunsg/release/24.1.beta2
• b2fdf3b Pause in prepare-release for updating the NEWS file
• 17c938a Bump for development
• ece2255 Bump for release
• Additional commits viewable in compare view

Updates setuptools from 70.0.0 to 70.1.0

Changelog

Sourced from setuptools's changelog.

v70.1.0

Features

• Adopted the bdist_wheel command from the wheel project -- by :user:agronholm (#1386)

• Improve error message when pkg_resources.ZipProvider tries to extract resources with a missing Egg -- by :user:Avasam

  Added variables and parameter type annotations to pkg_resources to be nearly on par with typeshed.* -- by :user:Avasam * Excluding TypeVar and overload. Return types are currently inferred. (#4246)

• Migrated Setuptools' own config to pyproject.toml (#4310)

Bugfixes

• Prevent a TypeError: 'NoneType' object is not callable when shutil_rmtree is called without an onexc parameter on Python<=3.11 -- by :user:Avasam (#4382)
• Replace use of mktemp with can_symlink from the stdlib test suite. (#4403)
• Improvement for attr: directives in configuration to handle more edge cases related to complex package_dir. (#4405)
• Fix accidental implicit string concatenation. (#4411)

Misc

• #4365, #4422

Commits

• 3466f9f Bump version: 70.0.0 → 70.1.0
• 8cc50d4 Attempt to avoid error with _read_utf8_with_fallback by moving code in `pkg...
• a4b15f3 Add comments on test
• 051e70d Simplify integration test for zop interface
• 06fd687 Move integration test to pkg_resources
• 03edaaa Add newsfragment
• b95d168 Move piece of code inside pkg_resources/init.py
• be847e0 Add interop tests for pkg_resources and zope-interface
• 0f8c58d Fix undefined log.warning function in bdist_wheel (#4427)
• 63a2eb3 Fix undefined log function in bdist_wheel
• Additional commits viewable in compare view

Updates virtualenv from 20.26.2 to 20.26.3

Release notes

Sourced from virtualenv's releases.

20.26.3

What's Changed

• release 20.26.2 by @​gaborbernat in pypa/virtualenv#2724
• Bump embeded wheels by @​gaborbernat in pypa/virtualenv#2741

Full Changelog: https://github.com/pypa/virtualenv/compare/20.26.2...20.26.3

Changelog

Sourced from virtualenv's changelog.

v20.26.3 (2024-06-21)

Bugfixes - 20.26.3

- Upgrade embedded wheels:

setuptools to 70.1.0 from 69.5.1
pip to 24.1from 24.0 (:issue:2741)

Commits

• 3185e1f release 20.26.3
• 2a149ec Bump embeded wheels (#2741)
• bd91d48 [pre-commit.ci] pre-commit autoupdate (#2739)
• 8220288 Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 (#2738)
• 429d6a2 [pre-commit.ci] pre-commit autoupdate (#2734)
• c723579 [pre-commit.ci] pre-commit autoupdate (#2730)
• e35ece8 [pre-commit.ci] pre-commit autoupdate (#2727)
• 0646a05 Merge pull request #2724 from pypa/release-20.26.2
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions