ci: bump the ci-dependencies group in /.github/workflows with 3 updates

dependabot[bot] commented 2 weeks ago

Bumps the ci-dependencies group in /.github/workflows with 3 updates: nox, pip and uv.

Updates nox from 2024.4.15 to 2024.10.9

Release notes

2024.10.09 🎃

This release adds explicit support for Python 3.13 and drops support for running Nox itself under Python 3.7. Note that you can still use 3.7 in your Nox sessions, we just dropped support for installing & running nox itself in 3.7.

We'd like to thank the following folks who conributed to this release:

@edgarrmondragon

@ember91

@henryiii

@hmd101

@KasperZutterman

@living180

@mayeut

@saucoide

@Wurstnase

New features:

Allow setting tags on parametrized sessions by @living180 in wntrblm/nox#832

Added support for uv-installed pythons by @saucoide in wntrblm/nox#842

Added session.install_and_run_script by @henryiii in wntrblm/nox#847

Bugfixes:

Updated type annotation of stderr parameter to make it optional by @edgarrmondragon in wntrblm/nox#835

Removed add_timestamp from noxfile.options by @Wurstnase in wntrblm/nox#856

Documentation:

Added warning about uv and local packages by @henryiii in wntrblm/nox#830

Fixed contribution guidelines by @Wurstnase in wntrblm/nox#850

Fixed typos by @ember91 in wntrblm/nox#839

Fixed typoss in cookbook by @hmd101 in wntrblm/nox#837

Added missing cookbook recipe snippet imports by @KasperZutterman in wntrblm/nox#853

Cleaned up dev recipe by @henryiii in wntrblm/nox#862

Added note about uv reinstall by @henryiii in wntrblm/nox#863

Added uv sync example by @henryiii in wntrblm/nox#864

Internal changes:

Use default action tests for macos-14 by @mayeut in wntrblm/nox#824

Added 3.13 to the action defaults by @henryiii in wntrblm/nox#846

Dropped Python 3.7 by @henryiii in wntrblm/nox#822

Included 3.13 in classifiers by @henryiii in wntrblm/nox#851

Use uv if available in action by @henryiii in wntrblm/nox#831

Run tests with Python 3.13 by @edgarrmondragon in wntrblm/nox#834

Updated macos-latest to macos-14 by @henryiii in wntrblm/nox#821

Use miniforge by @henryiii in wntrblm/nox#854

Use astral-sh/setup-uv by @henryiii in wntrblm/nox#859

Dropped PyPy 3.9 from test matrix by @henryiii in wntrblm/nox#858

Changelog

Sourced from nox's changelog.

Changelog

2024.10.09

This release adds explicit support for Python 3.13 and drops support for running Nox itself under Python 3.7. Note that you can still use 3.7 in your Nox sessions, we just dropped support for installing & running nox itself in 3.7.

We'd like to thank the following folks who contributed to this release:

@edgarrmondragon

@ember91

@henryiii

@hmd101

@KasperZutterman

@living180

@mayeut

@saucoide

@Wurstnase

New features:

Allow setting tags on parametrized sessions by @living180 in wntrblm/nox#832

Added support for uv-installed pythons by @saucoide in wntrblm/nox#842

Added session.install_and_run_script by @henryiii in wntrblm/nox#847

Bugfixes:

Updated type annotation of stderr parameter to make it optional by @edgarrmondragon in wntrblm/nox#835

Removed add_timestamp from noxfile.options by @Wurstnase in wntrblm/nox#856

Documentation:

Added warning about uv and local packages by @henryiii in wntrblm/nox#830

Fixed contribution guidelines by @Wurstnase in wntrblm/nox#850

Fixed typos by @ember91 in wntrblm/nox#839

Fixed typoss in cookbook by @hmd101 in wntrblm/nox#837

Added missing cookbook recipe snippet imports by @KasperZutterman in wntrblm/nox#853

Cleaned up dev recipe by @henryiii in wntrblm/nox#862

Added note about uv reinstall by @henryiii in wntrblm/nox#863

Added uv sync example by @henryiii in wntrblm/nox#864

Internal changes:

Use default action tests for macos-14 by @mayeut in wntrblm/nox#824

Added 3.13 to the action defaults by @henryiii in wntrblm/nox#846

Dropped Python 3.7 by @henryiii in wntrblm/nox#822

Included 3.13 in classifiers by @henryiii in wntrblm/nox#851

Use uv if available in action by @henryiii in wntrblm/nox#831

Run tests with Python 3.13 by @edgarrmondragon in wntrblm/nox#834

Updated macos-latest to macos-14 by @henryiii in wntrblm/nox#821

Use miniforge by @henryiii in wntrblm/nox#854

Use astral-sh/setup-uv by @henryiii in wntrblm/nox#859

Dropped PyPy 3.9 from test matrix by @henryiii in wntrblm/nox#858

... (truncated)

Commits

1199ab3 Release 2024.10.09
6f295da docs: add uv sync example (#864)
57825e8 docs: note about uv reinstall (#863)
57a65d8 docs: clean up dev recipe (#862)
40d6b49 feat: install_and_run_script (PEP 721) (#847)
9058e72 fix: remove add_timestamp from noxfile.options (#856)
19655f4 chore: PyPy no longer supports 3.9 (#858)
1806181 ci: use astral-sh's setup-uv (#859)
d7072e3 chore: include 3.13 in classifiers (#851)
a49c730 feat: support for uv-installed pythons (#842)
Additional commits viewable in compare view

Updates pip from 24.2 to 24.3.1

Changelog

Sourced from pip's changelog.

24.3.1 (2024-10-27)

Bug Fixes

Allow multiple nested inclusions of the same requirements file again. ([#13046](https://github.com/pypa/pip/issues/13046) <https://github.com/pypa/pip/issues/13046>_)

24.3 (2024-10-27)

Deprecations and Removals

Deprecate wheel filenames that are not compliant with :pep:440. ([#12918](https://github.com/pypa/pip/issues/12918) <https://github.com/pypa/pip/issues/12918>_)

Features

Detect recursively referencing requirements files and help users identify the source. ([#12653](https://github.com/pypa/pip/issues/12653) <https://github.com/pypa/pip/issues/12653>_)

Support for :pep:730 iOS wheels. ([#12961](https://github.com/pypa/pip/issues/12961) <https://github.com/pypa/pip/issues/12961>_)

Bug Fixes

Display a better error message when an already installed package has an invalid requirement. ([#12953](https://github.com/pypa/pip/issues/12953) <https://github.com/pypa/pip/issues/12953>_)

Ignore PIP_TARGET and pip.conf global.target when preparing a build environment. ([#8438](https://github.com/pypa/pip/issues/8438) <https://github.com/pypa/pip/issues/8438>_)

Restore support for macOS 10.12 and older (via truststore). ([#12901](https://github.com/pypa/pip/issues/12901) <https://github.com/pypa/pip/issues/12901>_)

Allow installing pip in editable mode in a virtual environment on Windows. ([#12666](https://github.com/pypa/pip/issues/12666) <https://github.com/pypa/pip/issues/12666>_)

Vendored Libraries

Upgrade certifi to 2024.8.30

Upgrade distlib to 0.3.9

Upgrade truststore to 0.10.0

Upgrade urllib3 to 1.26.20

Commits

05293b6 Bump for release
6a5db8b Merge pull request #13047 from sbidoul/fix-13046
7be54ce Don't fail when the same req file is included more than once
4f6aeb1 Merge pull request #13044 from sbidoul/release/24.3
e1b1d51 Bump for development
cdba22f Bump for release
27f8374 Update AUTHORS.txt
c79d019 Merge pull request #13033 from sbidoul/vendoring-24.3-sbi
3ca8921 Merge pull request #13041 from sethmlarson/truststore-0.10.0
0cc7375 Upgrade vendored truststore to 0.10.0
Additional commits viewable in compare view

Updates uv from 0.4.17 to 0.4.29

Release notes

Sourced from uv's releases.

0.4.29

Release Notes

Enhancements

Sort errors during display in uv python install (#8684)

Update resolver to use disjointness checks instead of marker equality (#8661)

Add riscv64 to supported Python platform tags (#8660)

Bug fixes

Fix hard and soft float libc detection for managed Python distributions on ARM (#8498)

Handle cycles in uv pip tree (#8689)

Respect dependency group markers in uv export (#8659)

Support transitive dependencies in Git workspaces (#8665)

Use portable paths for subdirectories in lock URLs (#8707)

Update uv init --virtual to imply --no-package (#8595)

Preview

Install versioned Python executables into the bin directory during uv python install (Unix only) (#8458)

Documentation

Clarify relationship between specifiers and requires-python range (#8688)

Fix broken link in docs (#8552)

Fix outdated documentation on Requires-Python (#8679)

Add Google Artifact Registry index authentication guide (#8579)

Install uv 0.4.29

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/uv/releases/download/0.4.29/uv-installer.sh | sh
Install prebuilt binaries via powershell script
powershell -ExecutionPolicy ByPass -c "irm https://github.com/astral-sh/uv/releases/download/0.4.29/uv-installer.ps1 | iex"
Download uv 0.4.29

File Platform Checksum

uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum

uv-x86_64-apple-darwin.tar.gz Intel macOS checksum

uv-i686-pc-windows-msvc.zip x86 Windows checksum

File	Platform	Checksum
uv-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
uv-x86_64-apple-darwin.tar.gz	Intel macOS	checksum
uv-i686-pc-windows-msvc.zip	x86 Windows	checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.4.29

Enhancements

Sort errors during display in uv python install (#8684)

Update resolver to use disjointness checks instead of marker equality (#8661)

Add riscv64 to supported Python platform tags (#8660)

Bug fixes

Fix hard and soft float libc detection for managed Python distributions on ARM (#8498)

Handle cycles in uv pip tree (#8689)

Respect dependency group markers in uv export (#8659)

Support transitive dependencies in Git workspaces (#8665)

Use portable paths for subdirectories in lock URLs (#8707)

Update uv init --virtual to imply --no-package (#8595)

Preview

Install versioned Python executables into the bin directory during uv python install (Unix only) (#8458)

Documentation

Clarify relationship between specifiers and requires-python range (#8688)

Fix broken link in docs (#8552)

Fix outdated documentation on Requires-Python (#8679)

Add Google Artifact Registry index authentication guide (#8579)

0.4.28

Enhancements

Add support for requesting free-threaded builds via +freethreaded (#8645)

Improve trusted publishing error messages (#8633)

Remove unneeded return from Maturin project template (#8604)

Skip Python interpreter discovery for uv export (#8638)

Hint about missing trusted publishing permission (#8632)

Configuration

Add environment variable to disable progress output (#8600)

Bug fixes

Fork when minimum Python version increases (#8628)

Ignore empty groups when validating lock (#8598)

Remove duplicate word in error message (#8589)

Support cyclic dependencies in uv tree (#8564)

Update uv init to imply --package when using --build-backend (#8593)

Restore use of dev-dependencies and requires-dev for lockfile compatibility (#8599)

... (truncated)

Commits

85f9a0d Bump version to 0.4.29 (#8711)
9953077 Clarify preview requirement for relevance of uv python dir --bin (#8709)
47eb66b Add test coverage for uv python install with invalid requests (#8708)
893257b Refactor uv python install (#8701)
bed47d5 Use portable paths for subdirectories in lock URLs (#8707)
4a5a79e Support transitive dependencies in Git workspaces (#8665)
4dd36b7 Install versioned Python executables into the bin directory during `uv python...
94fc35e Fix feature scoping for pep508 wasm32 support for ruff (#8694)
c1a0fb3 Simplify pep440 -> version ranges conversion (#8683)
d0afd10 Update windows-registry to 0.3.0 (#8696)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

📚 Documentation preview 📚: https://citric--1214.org.readthedocs.build/en/1214/

codecov[bot] commented 2 weeks ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 100.00%. Comparing base (85a1c62) to head (670fde2). Report is 1 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #1214 +/- ## ========================================= Coverage 100.00% 100.00% ========================================= Files 10 10 Lines 489 489 Branches 13 13 ========================================= Hits 489 489 ``` | [Flag](https://app.codecov.io/gh/edgarrmondragon/citric/pull/1214/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n) | Coverage Δ | | |---|---|---| | [integration](https://app.codecov.io/gh/edgarrmondragon/citric/pull/1214/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n) | `91.41% <ø> (ø)` | | | [unit](https://app.codecov.io/gh/edgarrmondragon/citric/pull/1214/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n) | `93.25% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Edgar+Ram%C3%ADrez+Mondrag%C3%B3n#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.