search

edgarrmondragon / citric

A client to the LimeSurvey Remote Control API 2, written in modern Python.
https://citric.rtfd.io
MIT License
26 stars 8 forks source link

ci: bump the ci-dependencies group in /.github/workflows with 3 updates #1167

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the ci-dependencies group in /.github/workflows with 3 updates: griffe, pip and uv.

Updates griffe from 0.45.2 to 0.47.0

Release notes

Sourced from griffe's releases.

0.47.0

0.47.0 - 2024-06-18

Compare with 0.46.1

WARNING: ⚡ Imminent v1! ⚡🚀 See v0.46.

Deprecations

  • The has_private_name and has_special_name properties on objects and aliases have been renamed is_private and is_special. The is_private property now only returns true if the name is not special.

Features

  • Add deprecated attribute and is_deprecated property to objects/aliases (2a75d84 by Timothée Mazzucotelli).
  • Add is_imported property to objects/aliases (de926cc by Timothée Mazzucotelli).
  • Add is_class_private property to objects/aliases (491b6c4 by Timothée Mazzucotelli).

Code Refactoring

  • Rename has_private_name and has_special_name to is_private and is_special (ae7c7e7 by Timothée Mazzucotelli).

0.46.1

0.46.1 - 2024-06-17

Compare with 0.46.0

WARNING: ⚡ Imminent v1! ⚡🚀 See v0.46.

Bug Fixes

  • Always consider special objects ("dunder" attributes/methods/etc.) to be public (3319410 by Timothée Mazzucotelli). Issue-294, Issue-295
  • Don't consider imported objects as public (ea90952 by Timothée Mazzucotelli). Discussion-169

0.46.0

0.46.0 - 2024-06-16

Compare with 0.45.3

WARNING: ⚡ Imminent v1! ⚡🚀 We are working on v1, and it will come soon, so we recommend that you consider adding an upper bound on Griffe. Version 1 will remove all legacy code! There will be a couple more v0 before so that you get all the deprecation warnings needed to upgrade your code using Griffe before upgrading to v1. See breaking changes and deprecations for v0.46 below.

Breaking Changes

We are still in v0, so no major bump yet.

  • Calling objects' [has_labels()][griffe.Object.has_labels] method with a labels keyword argument is not supported anymore. The parameter became a variadic positional parameter, so it cannot be used as a keyword argument anymore. Passing a sequence instead of multiple positional arguments still works but will emit a deprecation warning.
  • Calling the [load_extensions()][griffe.load_extensions] function with an exts keyword argument is not supported anymore. The parameter became a variadic positional parameter, so it cannot be used as a keyword argument anymore. Passing a sequence instead of multiple positional arguments still works but will emit a deprecation warning.

Deprecations

... (truncated)

Changelog

Sourced from griffe's changelog.

0.47.0 - 2024-06-18

Compare with 0.46.1

WARNING: ⚡ Imminent v1! ⚡🚀 See v0.46.

Deprecations

  • The has_private_name and has_special_name properties on objects and aliases have been renamed is_private and is_special. The is_private property now only returns true if the name is not special.

Features

  • Add deprecated attribute and is_deprecated property to objects/aliases (2a75d84 by Timothée Mazzucotelli).
  • Add is_imported property to objects/aliases (de926cc by Timothée Mazzucotelli).
  • Add is_class_private property to objects/aliases (491b6c4 by Timothée Mazzucotelli).

Code Refactoring

  • Rename has_private_name and has_special_name to is_private and is_special (ae7c7e7 by Timothée Mazzucotelli).

0.46.1 - 2024-06-17

Compare with 0.46.0

WARNING: ⚡ Imminent v1! ⚡🚀 See v0.46.

Bug Fixes

  • Always consider special objects ("dunder" attributes/methods/etc.) to be public (3319410 by Timothée Mazzucotelli). Issue-294, Issue-295
  • Don't consider imported objects as public (ea90952 by Timothée Mazzucotelli). Discussion-169

0.46.0 - 2024-06-16

Compare with 0.45.3

WARNING: ⚡ Imminent v1! ⚡🚀 We are working on v1, and it will come soon, so we recommend that you consider adding an upper bound on Griffe. Version 1 will remove all legacy code! There will be a couple more v0 before so that you get all the deprecation warnings needed to upgrade your code using Griffe before upgrading to v1. See breaking changes and deprecations for v0.46 below.

Breaking Changes

We are still in v0, so no major bump yet.

  • Calling objects' [has_labels()][griffe.Object.has_labels] method with a labels keyword argument is not supported anymore. The parameter became a variadic positional parameter, so it cannot be used as a keyword argument anymore. Passing a sequence instead of multiple positional arguments still works but will emit a deprecation warning.
  • Calling the [load_extensions()][griffe.load_extensions] function with an exts keyword argument is not supported anymore. The parameter became a variadic positional parameter, so it cannot be used as a keyword argument anymore. Passing a sequence instead of multiple positional arguments still works but will emit a deprecation warning.

Deprecations

  • As seen above in the breaking changes section, the only parameters of [Object.has_labels()][griffe.Object.has_labels] and [load_extensions()][griffe.load_extensions] both became variadic positional parameters. Passing a sequence as single argument is deprecated in favor of passing multiple arguments. This is an ergonomic change: I myself often forgot to wrap extensions in a list. Passing sequences of labels (lists, sets, tuples) is also difficult from Jinja templates.
  • The following methods and properties on objects and aliases are deprecated: [member_is_exported()][griffe.Object.member_is_exported], [is_explicitely_exported][griffe.mixins.ObjectAliasMixin.is_explicitely_exported], [is_implicitely_exported][griffe.mixins.ObjectAliasMixin.is_implicitely_exported]. Use the [is_exported][griffe.mixins.ObjectAliasMixin.is_exported] property instead. See issue 281.
  • The [is_exported()][griffe.mixins.ObjectAliasMixin.is_exported] and [is_public()][griffe.mixins.ObjectAliasMixin.is_public] methods became properties. They can still be called like methods, but will emit deprecation warnings when doing so. See issue 281.

... (truncated)

Commits
  • ce186a4 chore: Prepare release 0.47.0
  • 2a75d84 feat: Add deprecated attribute and is_deprecated property to objects/aliases
  • 1982023 docs: Add comments to is_wildcard_exposed
  • de926cc feat: Add is_imported property to objects/aliases
  • 491b6c4 feat: Add is_class_private property to objects/aliases
  • ae7c7e7 refactor: Rename has_private_name and has_special_name to is_private an...
  • 1ebfa63 style: Spacing
  • 40ebec0 chore: Prepare release 0.46.1
  • 3319410 fix: Always consider special objects ("dunder" attributes/methods/etc.) to be...
  • ea90952 fix: Don't consider imported objects as public
  • Additional commits viewable in compare view


Updates pip from 24.0 to 24.1.1

Changelog

Sourced from pip's changelog.

24.1.1 (2024-06-26)

Bug Fixes

  • Actually use system trust stores when the truststore feature is enabled.

Vendored Libraries

  • Upgrade requests to 2.32.3

24.1 (2024-06-20)

Vendored Libraries

  • Upgrade truststore to 0.9.1.

24.1b2 (2024-06-12)

Features

  • Report informative messages about invalid requirements. ([#12713](https://github.com/pypa/pip/issues/12713) <https://github.com/pypa/pip/issues/12713>_)

Bug Fixes

  • Eagerly import the self version check logic to avoid crashes while upgrading or downgrading pip at the same time. ([#12675](https://github.com/pypa/pip/issues/12675) <https://github.com/pypa/pip/issues/12675>_)
  • Accommodate for mismatches between different sources of truth for extra names, for packages generated by setuptools. ([#12688](https://github.com/pypa/pip/issues/12688) <https://github.com/pypa/pip/issues/12688>_)
  • Accommodate for development versions of CPython ending in + in the version string. ([#12691](https://github.com/pypa/pip/issues/12691) <https://github.com/pypa/pip/issues/12691>_)

Vendored Libraries

  • Upgrade packaging to 24.1

  • Upgrade requests to 2.32.0

  • Remove vendored colorama

  • Remove vendored six

  • Remove vendored webencodings

  • Remove vendored charset_normalizer

    requests provides optional character detection support on some APIs when processing ambiguous bytes. This isn't relevant for pip to function and we're able to remove it due to recent upstream changes.

... (truncated)

Commits


Updates uv from 0.2.5 to 0.2.18

Release notes

Sourced from uv's releases.

0.2.18

Release Notes

CLI

  • Make --universal and --python-platform mutually exclusive (#4598)
  • Add --depth and --prune support to pip tree (#4440)

Bug fixes

  • Handle cycles when propagating markers (#4595)
  • Ignore py not found errors during interpreter discovery (#4620)
  • Merge markers when applying constraints (#4648)
  • Retry on spurious failures when caching built wheels (#4605)
  • Sort indexes during graph edge removal (#4649)
  • Treat Python version as a lower bound in --universal (#4597)
  • Fix the incorrect handling of markers in pip tree (#4611)
  • Improve toolchain and environment missing error messages (#4596)

Documentation

  • Explicitly mention use of seed packages during uv venv --seed (#4588)

Install uv 0.2.18

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.2.18/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -c "irm https://github.com/astral-sh/uv/releases/download/0.2.18/uv-installer.ps1 | iex"

Download uv 0.2.18

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
uv-x86_64-pc-windows-msvc.zip x64 Windows checksum
uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum
uv-powerpc64-unknown-linux-gnu.tar.gz PPC64 Linux checksum
uv-powerpc64le-unknown-linux-gnu.tar.gz PPC64LE Linux checksum
uv-s390x-unknown-linux-gnu.tar.gz S390x Linux checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.2.18

CLI

  • Make --universal and --python-platform mutually exclusive (#4598)
  • Add --depth and --prune support to pip tree (#4440)

Bug fixes

  • Handle cycles when propagating markers (#4595)
  • Ignore py not found errors during interpreter discovery (#4620)
  • Merge markers when applying constraints (#4648)
  • Retry on spurious failures when caching built wheels (#4605)
  • Sort indexes during graph edge removal (#4649)
  • Treat Python version as a lower bound in --universal (#4597)
  • Fix the incorrect handling of markers in pip tree (#4611)
  • Improve toolchain and environment missing error messages (#4596)

Documentation

  • Explicitly mention use of seed packages during uv venv --seed (#4588)

0.2.17

Bug fixes

  • Avoid enforcing extra-only constraints (#4570)

0.2.16

Enhancements

  • Add a universal resolution mode to uv pip compile with --universal (#4505)
  • Add support for --no-strip-markers in uv pip compile output (#4503)
  • Add --no-dedupe support to uv pip tree (#4449)

Bug fixes

  • Enable more precise environment locking with --prefix (#4506)
  • Allow local index references in requirements.txt files (#4525)
  • Allow non-file:// paths to serve as --index-url values (#4524)
  • Make .egg-info filename parsing spec compliant (#4533)
  • Gracefully handle non-existent packages in local indexes (#4545)
  • Read content length from response rather than request (#4488)
  • Read persistent configuration from non-workspace pyproject.toml (#4526)
  • Avoid panic for invalid, non-base index URLs (#4527)

Performance

  • Skip submodule update for fresh clones (#4482)

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

📚 Documentation preview 📚: https://citric--1167.org.readthedocs.build/en/1167/

sonarcloud[bot] commented 3 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 100.00%. Comparing base (26236e4) to head (b1e6e35). Report is 19 commits behind head on main.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1167 +/- ## ========================================= Coverage 100.00% 100.00% ========================================= Files 10 10 Lines 482 482 Branches 25 25 ========================================= Hits 482 482 ``` | [Flag](https://app.codecov.io/gh/edgarrmondragon/citric/pull/1167/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n) | Coverage Δ | | |---|---|---| | [integration](https://app.codecov.io/gh/edgarrmondragon/citric/pull/1167/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n) | `91.28% <ø> (ø)` | | | [unit](https://app.codecov.io/gh/edgarrmondragon/citric/pull/1167/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n) | `93.77% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

edgarrmondragon commented 3 months ago

@dependabot merge