Resolve DeprecationWarnings when extracting twine metadata. ([#1115](https://github.com/pypa/twine/issues/1115) <https://github.com/pypa/twine/issues/1115>_)
Fix bug for Repository URLs with auth where the port was lost. When attempting
to prevent printing authentication credentials in URLs provided with username
and password, we did not properly handle the case where the URL also contains
a port (when reconstructing the URL). This is now handled and tested to
ensure no regressions. (#fix-repo-urls-with-auth-and-port <https://github.com/pypa/twine/issues/fix-repo-urls-with-auth-and-port>_)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot]
commented
1 month ago
Bumps the python-packages group with 4 updates in the / directory: importlib-metadata, readme-renderer, setuptools and twine.
Updates
importlib-metadatafrom 7.2.1 to 8.1.0Changelog
Sourced from importlib-metadata's changelog.
Commits
4bcda08Finalizea65c29aPrioritize valid dists to invalid dists when retrieving by name.48f6b14Add test capturing failed expectation. Ref #489.9693e99Merge https://github.com/jaraco/skeletonab34814Re-enable preview, this time not for one specific feature, but for all featur...c7c7b64Merge https://github.com/jaraco/skeleton30f940ejaraco/skeleton#132f087fb4jaraco/skeleton#13333c4896Exclude pytest-ruff (and thus ruff), which cannot build on cygwin.f390168FinalizeUpdates
readme-rendererfrom 43.0 to 44.0Release notes
Sourced from readme-renderer's releases.
Changelog
Sourced from readme-renderer's changelog.
Commits
1d0497cRelease 44 (#316)09620a6Lazy open output files, and always close them (#314)6061b3eExclude .gitpod.yml by default with check-manifest (#307)749204bUpdate .gitpod.yml to replace deprecated extension (#306)e84ded1Build a wheel once, for all test environments (#308)b447d5dLint specific directories (#312)0817204Resolve Node 16 deprecation warnings in CI (#309)fefd285Support newer docutils versions (#315)Updates
setuptoolsfrom 70.1.1 to 71.1.0Changelog
Sourced from setuptools's changelog.
... (truncated)
Commits
08bd311Bump version: 71.0.4 → 71.1.0e3fd44aMerge pull request #4492 from mgorny/core-deps-spec022cedbSwitch to uv for vendoring.3fca249Merge pull request #4500 from Avasam/Update-mypy-to-1.11e7575aeUpdate pyproject.tomlb078d6eMerge pull request #4409 from Avasam/pkg_resources-explicit-public-return-ann...3aba4d4Update mypy to 1.11deb0aa8Merge branch 'main' of https://github.com/pypa/setuptools into pkg_resources-...48f95c0Bump version: 71.0.3 → 71.0.47d0178eMerge pull request #4493 from pypa/debt/4489-patched-distUpdates
twinefrom 5.1.0 to 5.1.1Changelog
Sourced from twine's changelog.
Commits
e29791dPrepare for v5.1.1 (#1114)f213edefix: Retrieve metadata correctly from importlib_metadata (#1115)6fbf880Merge pull request #1112 from pypa/bug/11113eb9121Remove extra line from changelog entry0191f0cPreserve ports when munging repository URLsc588793Merge pull request #1110 from DimitriPapadopoulos/principle1fdc197Fix a couple typos13b07b6Merge pull request #1109 from pypa/dependabot/github_actions/actions/checkout...a3e8373build(deps): bump actions/checkout from 4.1.5 to 4.1.6Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show