search

mozilla-services / telescope

A dumb auditing service
Mozilla Public License 2.0
21 stars 10 forks source link

Bump the minor-patch-dependencies group with 3 updates #1479

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the minor-patch-dependencies group with 3 updates: ruff, websockets and taskcluster.

Updates ruff from 0.6.2 to 0.6.3

Release notes

Sourced from ruff's releases.

0.6.3

Release Notes

Preview features

  • [flake8-simplify] Extend open-file-with-context-handler to work with dbm.sqlite3 (SIM115) (#13104)
  • [pycodestyle] Disable E741 in stub files (.pyi) (#13119)
  • [pydoclint] Avoid DOC201 on explicit returns in functions that only return None (#13064)

Rule changes

  • [flake8-async] Disable check for asyncio before Python 3.11 (ASYNC109) (#13023)

Bug fixes

  • [FastAPI] Avoid introducing invalid syntax in fix for fast-api-non-annotated-dependency (FAST002) (#13133)
  • [flake8-implicit-str-concat] Normalize octals before merging concatenated strings in single-line-implicit-string-concatenation (ISC001) (#13118)
  • [flake8-pytest-style] Improve help message for pytest-incorrect-mark-parentheses-style (PT023) (#13092)
  • [pylint] Avoid autofix for calls that aren't min or max as starred expression (PLW3301) (#13089)
  • [ruff] Add datetime.time, datetime.tzinfo, and datetime.timezone as immutable function calls (RUF009) (#13109)
  • [ruff] Extend comment deletion for RUF100 to include trailing text from noqa directives while preserving any following comments on the same line, if any (#13105)
  • Fix dark theme on initial page load for the Ruff playground (#13077)

Contributors

Install ruff 0.6.3

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/ruff/releases/download/0.6.3/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

... (truncated)

Changelog

Sourced from ruff's changelog.

0.6.3

Preview features

  • [flake8-simplify] Extend open-file-with-context-handler to work with dbm.sqlite3 (SIM115) (#13104)
  • [pycodestyle] Disable E741 in stub files (.pyi) (#13119)
  • [pydoclint] Avoid DOC201 on explicit returns in functions that only return None (#13064)

Rule changes

  • [flake8-async] Disable check for asyncio before Python 3.11 (ASYNC109) (#13023)

Bug fixes

  • [FastAPI] Avoid introducing invalid syntax in fix for fast-api-non-annotated-dependency (FAST002) (#13133)
  • [flake8-implicit-str-concat] Normalize octals before merging concatenated strings in single-line-implicit-string-concatenation (ISC001) (#13118)
  • [flake8-pytest-style] Improve help message for pytest-incorrect-mark-parentheses-style (PT023) (#13092)
  • [pylint] Avoid autofix for calls that aren't min or max as starred expression (PLW3301) (#13089)
  • [ruff] Add datetime.time, datetime.tzinfo, and datetime.timezone as immutable function calls (RUF009) (#13109)
  • [ruff] Extend comment deletion for RUF100 to include trailing text from noqa directives while preserving any following comments on the same line, if any (#13105)
  • Fix dark theme on initial page load for the Ruff playground (#13077)
Commits
  • ee258ca Bump version to 0.6.3 (#13152)
  • b4d9d26 Update faq.md to highlight changes to src (#13145)
  • a998320 [ruff] - extend comment deletions for unused-noqa (RUF100) (#13105)
  • 770ef2a [red-knot] support deferred evaluation of type expressions (#13131)
  • c6023c0 [red-knot] Add docs on using RAYON_NUM_THREADS for better logging (#13140)
  • df694ca [FastAPI] Avoid introducing invalid syntax in fix for `fast-api-non-annotat...
  • 2e75cfb Format PYI examples in docs as .pyi-file snippets (#13116)
  • cfafaa7 [red-knot] Remove very noisy tracing call when resolving ImportFrom stateme...
  • 3e9c7ad Replace crates by dependi for VS Code Dev Container (#13125)
  • 81cd438 red-knot: infer and display ellipsis type (#13124)
  • Additional commits viewable in compare view


Updates websockets from 13.0 to 13.0.1

Release notes

Sourced from websockets's releases.

13.0.1

See https://websockets.readthedocs.io/en/stable/project/changelog.html for details.

Commits
  • 157f790 Add provenance attestations.
  • 62d70f4 Restore speedups.c in source distribution.
  • 16456e2 Restore id-token permission.
  • ed2f21e Attempt to fix automatic creation of GitHub release.
  • See full diff in compare view


Updates taskcluster from 68.0.0 to 68.0.3

Release notes

Sourced from taskcluster's releases.

v68.0.3

WORKER-DEPLOYERS

▶ [patch] #7218 Generic Worker Multiuser engine on Linux, macOS and FreeBSD now waits for the required task user to be logged in to the console session, rather than waiting for any user to be logged in, and then checking whether it is the anticipated user. This subtle change in behaviour means that temporarily a different user may be (or appear to be) logged into the console session without causing Generic Worker to panic. It is hoped that this will reduce intermittent issues where a different user appears to be logged in (such as gdm user on Linux) since it is suspected that this might just be a fleeting login that passes due to some race condition in the start up of the Gnome Desktop.

If this doesn't resolve the issue, and under certain circumstances, the gdm user instead remains logged in, i.e. it is not a fleeting login, we may need to restore the previous behaviour, since otherwise when the issue does occur, it would take a full 5 minutes before timing out, adding to costs unnecessarily. However, we hope that that will not be the case.

v68.0.2

WORKER-DEPLOYERS

▶ [patch] #7012 Generic Worker retains the interactive username it determines inside WaitForLoginCompletion (by returning it) to avoid needing to re-determine it later. The intention is to reduce intermittent errors caused by the underlying method to determine the interactive username itself intermittently failing. So long as the interactive username can be determined just once during the specidied timeout period, the value can be retained and used when required.

v68.0.1

GENERAL

▶ [patch] #7172 Fixes UI js error on dashboard on some deployments

USERS

▶ [patch] #6304 GitHub service no longer skips CI based on PR description. It will only skip CI based on the PR title or the commit message, as GitHub does.

Automated Package Updates

  • build(deps-dev): bump the client-web-node-deps group across 1 directory with 3 updates (74c56a294)
  • build(deps): bump the client-node-deps group across 1 directory with 4 updates (2f9e3602b)
  • build(deps): bump the ui-node-deps group across 1 directory with 7 updates (e21bc7c47)
  • build(deps): bump taskcluster-taskgraph in /taskcluster (65efa87a0)
  • build(deps): bump pyyaml (74e680c54)
  • build(deps): bump the go-deps group across 1 directory with 7 updates (c02a2eec9)
  • build(deps): bump elliptic from 6.5.4 to 6.5.7 in /clients/client-web (00e31a477)

... (truncated)

Changelog

Sourced from taskcluster's changelog.

v68.0.3

WORKER-DEPLOYERS

▶ [patch] #7218 Generic Worker Multiuser engine on Linux, macOS and FreeBSD now waits for the required task user to be logged in to the console session, rather than waiting for any user to be logged in, and then checking whether it is the anticipated user. This subtle change in behaviour means that temporarily a different user may be (or appear to be) logged into the console session without causing Generic Worker to panic. It is hoped that this will reduce intermittent issues where a different user appears to be logged in (such as gdm user on Linux) since it is suspected that this might just be a fleeting login that passes due to some race condition in the start up of the Gnome Desktop.

If this doesn't resolve the issue, and under certain circumstances, the gdm user instead remains logged in, i.e. it is not a fleeting login, we may need to restore the previous behaviour, since otherwise when the issue does occur, it would take a full 5 minutes before timing out, adding to costs unnecessarily. However, we hope that that will not be the case.

v68.0.2

WORKER-DEPLOYERS

▶ [patch] #7012 Generic Worker retains the interactive username it determines inside WaitForLoginCompletion (by returning it) to avoid needing to re-determine it later. The intention is to reduce intermittent errors caused by the underlying method to determine the interactive username itself intermittently failing. So long as the interactive username can be determined just once during the specidied timeout period, the value can be retained and used when required.

v68.0.1

GENERAL

▶ [patch] #7172 Fixes UI js error on dashboard on some deployments

USERS

▶ [patch] #6304 GitHub service no longer skips CI based on PR description. It will only skip CI based on the PR title or the commit message, as GitHub does.

Automated Package Updates

  • build(deps-dev): bump the client-web-node-deps group across 1 directory with 3 updates (74c56a294)
  • build(deps): bump the client-node-deps group across 1 directory with 4 updates (2f9e3602b)
  • build(deps): bump the ui-node-deps group across 1 directory with 7 updates (e21bc7c47)
  • build(deps): bump taskcluster-taskgraph in /taskcluster (65efa87a0)
  • build(deps): bump pyyaml (74e680c54)

... (truncated)

Commits
  • 485329f v68.0.3
  • 089a684 Merge pull request #7219 from taskcluster/issue7218
  • 4ba2820 Merge branch 'main' into issue7218
  • 600e3b2 Merge pull request #7220 from taskcluster/simple-fix
  • eb6e569 Remove ineffective and inaccurate build constraint
  • 773e652 Issue 7218: Generic Worker waits for expected task user to login, rather than...
  • 542c891 v68.0.2
  • 1adfb92 Merge pull request #7215 from taskcluster/issue7012
  • 5746056 Issue 7012: cache interactive username once successfully determined, for good...
  • 8a9681f Issue 7012: Generic Worker: retain interactive username once determined to re...
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions