Bump the python-packages group across 1 directory with 6 updates

[dependabot[bot]]

Bumps the python-packages group with 6 updates in the / directory:

Package	From	To
h5py	3.10.0	3.11.0
black	24.3.0	24.4.2
pytest	8.1.1	8.2.1
requests	2.31.0	2.32.2
pylint	3.1.0	3.2.2
mypy	1.9.0	1.10.0

Updates h5py from 3.10.0 to 3.11.0

Commits

• 2c80981 Merge pull request #2405 from takluyver/rever-3.11
• 76afe10 Add HDF5 1.14.4 fixes to release notes
• 0090479 Merge pull request #2406 from ajelenak/libhdf5-1.14.4
• 0f071a4 Merge pull request #2407 from h5py/dependabot/github_actions/actions-45223d3826
• 944a4a6 Bump peaceiris/actions-gh-pages from 3 to 4 in the actions group
• 8f513ce Clean up release notes
• 62bd813 Rename new whatsnew file, add to index
• 9c305e2 Updated CHANGELOG for 3.11.0
• 9e107c4 bumped version to 3.11.0
• 71af64d Merge pull request #2360 from loichuder/visit-links
• Additional commits viewable in compare view

Updates black from 24.3.0 to 24.4.2

Release notes

Sourced from black's releases.

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

• Fix regression where certain complex f-strings failed to parse (#4332)

Performance

• Fix bad performance on certain complex string literals (#4331)

24.4.1

Highlights

• Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

• Fix crash involving indented dummy functions containing newlines (#4318)

Parser

• Add support for type parameter defaults, a new syntactic feature added to Python 3.13 by PEP 696 (#4327)

Integrations

• Github Action now works even when git archive is skipped (#4313)

24.4.0

Stable style

• Fix unwanted crashes caused by AST equivalency check (#4290)

Preview style

• if guards in case blocks are now wrapped in parentheses when the line is too long. (#4269)
• Stop moving multiline strings to a new line unless inside brackets (#4289)

Integrations

• Add a new option use_pyproject to the GitHub Action psf/black. This will read the Black version from pyproject.toml. (#4294)

Changelog

Sourced from black's changelog.

24.4.2

This is a bugfix release to fix two regressions in the new f-string parser introduced in 24.4.1.

Parser

• Fix regression where certain complex f-strings failed to parse (#4332)

Performance

• Fix bad performance on certain complex string literals (#4331)

24.4.1

Highlights

• Add support for the new Python 3.12 f-string syntax introduced by PEP 701 (#3822)

Stable style

• Fix crash involving indented dummy functions containing newlines (#4318)

Parser

• Add support for type parameter defaults, a new syntactic feature added to Python 3.13 by PEP 696 (#4327)

Integrations

• Github Action now works even when git archive is skipped (#4313)

24.4.0

Stable style

• Fix unwanted crashes caused by AST equivalency check (#4290)

Preview style

• if guards in case blocks are now wrapped in parentheses when the line is too long. (#4269)
• Stop moving multiline strings to a new line unless inside brackets (#4289)

Integrations

• Add a new option use_pyproject to the GitHub Action psf/black. This will read the Black version from pyproject.toml. (#4294)

Commits

• 3702ba2 Prepare release 24.4.2 (#4335)
• e4aaa8a Fix incorrect f-string tokenization (#4332)
• ba88fc3 Simplify string tokenization regexes (#4331)
• 5683242 New release template
• e7fb048 Prepare release 24.4.1 (#4328)
• 3f0f8f1 Support PEP 696 (#4327)
• 2f88085 Github Action: Directly install from repo if export-subst is skipped (#4313)
• 12ce3db Move changelog entry to right section (#4326)
• 1354be2 Add support to style function definitions with newlines before function stubs...
• f4b644b Prevent wrapping of multiline fstrings in parens (#4325)
• Additional commits viewable in compare view

Updates pytest from 8.1.1 to 8.2.1

Release notes

Sourced from pytest's releases.

8.2.1

pytest 8.2.1 (2024-05-19)

Improvements

• #12334: Support for Python 3.13 (beta1 at the time of writing).

Bug Fixes

• #12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
• #12191: Keyboard interrupts and system exits are now properly handled during the test collection.
• #12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
• #12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.

Trivial/Internal Changes

• #12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.

8.2.0

pytest 8.2.0 (2024-04-27)

Deprecations

• #12069: A deprecation warning is now raised when implementations of one of the following hooks request a deprecated py.path.local parameter instead of the pathlib.Path parameter which replaced it:

  • pytest_ignore_collect{.interpreted-text role="hook"} - the path parameter - use collection_path instead.
  • pytest_collect_file{.interpreted-text role="hook"} - the path parameter - use file_path instead.
  • pytest_pycollect_makemodule{.interpreted-text role="hook"} - the path parameter - use module_path instead.
  • pytest_report_header{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.
  • pytest_report_collectionfinish{.interpreted-text role="hook"} - the startdir parameter - use start_path instead.

  The replacement parameters are available since pytest 7.0.0. The old parameters will be removed in pytest 9.0.0.

  See legacy-path-hooks-deprecated{.interpreted-text role="ref"} for more details.

Features

• #11871: Added support for reading command line arguments from a file using the prefix character @, like e.g.: pytest @tests.txt. The file must have one argument per line.

  See Read arguments from file <args-from-file>{.interpreted-text role="ref"} for details.

Improvements

... (truncated)

Commits

• 66ff8df Prepare release version 8.2.1
• 3ffcfd1 Merge pull request #12340 from pytest-dev/backport-12334-to-8.2.x
• 0b28313 [8.2.x] Add Python 3.13 (beta) support
• f3dd93a [8.2.x] Attest package provenance (#12335)
• bb5a125 [8.2.x] Spelling (#12331)
• f179bf2 Merge pull request #12327 from pytest-dev/backport-12325-to-8.2.x
• 2b671b5 [8.2.x] cacheprovider: fix .pytest_cache not being world-readable
• 65ab7cb Merge pull request #12324 from pytest-dev/backport-12320-to-8.2.x
• 4d5fb7d Merge pull request #12319 from pytest-dev/backport-12311-to-8.2.x
• cbe5996 [8.2.x] changelog: document unittest 8.2 change as breaking
• Additional commits viewable in compare view

Updates requests from 2.31.0 to 2.32.2

Release notes

Sourced from requests's releases.

v2.32.2

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

v2.32.1

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

v2.32.0

2.32.0 (2024-05-20)

🐍 PYCON US 2024 EDITION 🐍

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

... (truncated)

Changelog

Sourced from requests's changelog.

2.32.2 (2024-05-21)

Deprecations

• To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0.

  A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710)

2.32.1 (2024-05-20)

Bugfixes

• Add missing test certs to the sdist distributed on PyPI.

2.32.0 (2024-05-20)

Security

• Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, regardless of the value of verify. (https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56)

Improvements

• verify=True now reuses a global SSLContext which should improve request time variance between first and subsequent requests. It should also minimize certificate load time on Windows systems when using a Python version built with OpenSSL 3.x. (#6667)
• Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their vendoring surface area. The Response.text() and apparent_encoding APIs will default to utf-8 if neither library is present. (#6702)

Bugfixes

• Fixed bug in length detection where emoji length was incorrectly calculated in the request content-length. (#6589)
• Fixed deserialization bug in JSONDecodeError. (#6629)
• Fixed bug where an extra leading / (path separator) could lead urllib3 to unnecessarily reparse the request URI. (#6644)

Deprecations

... (truncated)

Commits

• 88dce9d v2.32.2
• c98e4d1 Merge pull request #6710 from nateprewitt/api_rename
• 92075b3 Add deprecation warning
• aa1461b Move _get_connection to get_connection_with_tls_context
• 970e8ce v2.32.1
• d6ebc4a v2.32.0
• 9a40d12 Avoid reloading root certificates to improve concurrent performance (#6667)
• 0c030f7 Merge pull request #6702 from nateprewitt/no_char_detection
• 555b870 Allow character detection dependencies to be optional in post-packaging steps
• d6dded3 Merge pull request #6700 from franekmagiera/update-redirect-to-invalid-uri-test
• Additional commits viewable in compare view

Updates pylint from 3.1.0 to 3.2.2

Commits

• 769ffd2 Bump pylint to 3.2.2, update changelog (#9658)
• 98c5af9 Fix false-positive with contextmanager missing cleanup (#9654) (#9657)
• 9a9db8f Update astroid to 3.2.2 (#9655) (#9656)
• 9223172 Bump pylint to 3.2.1, update changelog
• 926547b [trailing-comma-tuple] Fix enabling with message control locally when disable...
• 1498675 Fix linterstats.get_module_message_count() (#9146) (#9648)
• aed496a Fix FP for possibly-used-before-assignment with assert_never() (#9645) (#...
• 9dae975 [Backport maintenance/3.2.x] Add --prefer-stubs=y option (#9646)
• a03ceae Add --prefer-stubs=y option (#9632)
• b2ea316 [Backport maintenance/3.2.x] Don't emit incorrect-variance for type parameter...
• Additional commits viewable in compare view

Updates mypy from 1.9.0 to 1.10.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.10

We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support TypeIs (PEP 742)

Mypy now supports TypeIs (PEP 742), which allows functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard, TypeIs can narrow in both the if and else branches of an if statement:

from typing_extensions import TypeIs
def is_str(s: object) -> TypeIs[str]:
return isinstance(s, str)
def f(o: str | int) -> None:
if is_str(o):
# Type of o is 'str'
...
else:
# Type of o is 'int'
...

TypeIs will be added to the typing module in Python 3.13, but it can be used on earlier Python versions by importing it from typing_extensions.

This feature was contributed by Jelle Zijlstra (PR 16898).

Support TypeVar Defaults (PEP 696)

PEP 696 adds support for type parameter defaults. Example:

from typing import Generic
from typing_extensions import TypeVar
</tr></table>

... (truncated)

Commits

• 3faf0fc Remove +dev for version for release 1.10
• a5998d2 Update CHANGELOG.md (#17159)
• 62ea5b0 Various updates to changelog for 1.10 (#17158)
• 2f0864c Update CHANGELOG.md with draft for release 1.10 (#17150)
• e1443bb fix: incorrect returned type of access descriptors on unions of types (#16604)
• 5161ac2 Sync typeshed (#17124)
• e2fc1f2 Fix crash when expanding invalid Unpack in a Callable alias (#17028)
• 3ff6e47 Docs: docstrings in checker.py, ast_helpers.py (#16908)
• 732d98e Fix string formatting for string enums (#16555)
• 8019010 Narrow individual items when matching a tuple to a sequence pattern (#16905)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Superseded by #277.