We're adding support for Python 3.10, 3.11 and 3.12 and we dropped support for Python 3.6 and 3.7! We hope this won't be too disruptive for you all. Be aware that in a next release, we'll remove support for Python 3.8 too, as it'll reach EOL in October 2024.
:mega: Release Highlights
Added support for OS-agnostic baseline files (#586)
We apologise for the extreme delay in publishing a new release for our beloved detect-secrets. We at Yelp appreciate your continued support and your contributions to this valuable project!
:newspaper: News
We're adding support for Python 3.10, 3.11 and 3.12 and we dropped support for Python 3.6 and 3.7! We hope this won't be too disruptive for you all. Be aware that in a next release, we'll remove support for Python 3.8 too, as it'll reach EOL in October 2024.
:mega: Release Highlights
Added support for OS-agnostic baseline files (#586)
#12334: Support for Python 3.13 (beta1 at the time of writing).
Bug Fixes
#12120: Fix [PermissionError]{.title-ref} crashes arising from directories which are not selected on the command-line.
#12191: Keyboard interrupts and system exits are now properly handled during the test collection.
#12300: Fixed handling of 'Function not implemented' error under squashfuse_ll, which is a different way to say that the mountpoint is read-only.
#12308: Fix a regression in pytest 8.2.0 where the permissions of automatically-created .pytest_cache directories became rwx------ instead of the expected rwxr-xr-x.
Trivial/Internal Changes
#12333: pytest releases are now attested using the recent Artifact Attestation support from GitHub, allowing users to verify the provenance of pytest's sdist and wheel artifacts.
Silence deprecation warnings about unclosed event loops that occurred with certain CPython patch releases #817
Known issues
As of v0.23, pytest-asyncio attaches an asyncio event loop to each item of the test suite (i.e. session, packages, modules, classes, functions) and allows tests to be run in those loops when marked accordingly. Pytest-asyncio currently assumes that async fixture scope is correlated with the new event loop scope. This prevents fixtures from being evaluated independently from the event loop scope and breaks some existing test suites (see #706). For example, a test suite may require all fixtures and tests to run in the same event loop, but have async fixtures that are set up and torn down for each module. If you're affected by this issue, please continue using the v0.21 release, until it is resolved.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the minor-patch group with 5 updates in the / directory:
3.7.0
3.7.1
1.4.0
1.5.0
8.2.0
8.2.1
0.4.3
0.4.4
0.23.6
0.23.7
Updates
pre-commit
from 3.7.0 to 3.7.1Release notes
Sourced from pre-commit's releases.
Changelog
Sourced from pre-commit's changelog.
Commits
9ee0768
v3.7.1eeac061
Merge pull request #3201 from pre-commit/rust-default-language-version296f592
determine rust default language version independent of rust-toolchain.toml1602328
Merge pull request #3193 from pre-commit/pre-commit-ci-update-config0142f45
[pre-commit.ci] pre-commit autoupdated7e21cd
Merge pull request #3194 from pre-commit/handle-readonly-3-125c3d006
use a simpler gem for testing additional_dependencies0d4c6da
adjust _handle_readonly for typeshed updates85fe182
Merge pull request #3176 from pre-commit/pre-commit-ci-update-config74d05b4
[pre-commit.ci] pre-commit autoupdateUpdates
detect-secrets
from 1.4.0 to 1.5.0Release notes
Sourced from detect-secrets's releases.
Changelog
Sourced from detect-secrets's changelog.
... (truncated)
Commits
01886c8
Bump version: 1.4.0 → 1.5.0cb271be
Update changelog v1.5.0 release (#829)81157d0
Merge pull request #828 from Yelp/dependabot/pip/coverage-7.5.17237fda
Merge pull request #827 from Yelp/dependabot/pip/packaging-24.08f4f823
Bump coverage from 7.4.0 to 7.5.1adfe36f
Bump packaging from 23.2 to 24.0928f03a
Revert "Changelog for v1.5.0 release"98b0e9f
Revert "Updated baseline file"89cdc79
Revert "Fixed version in baseline file"16e3452
Fixed version in baseline fileUpdates
pytest
from 8.2.0 to 8.2.1Release notes
Sourced from pytest's releases.
Commits
66ff8df
Prepare release version 8.2.13ffcfd1
Merge pull request #12340 from pytest-dev/backport-12334-to-8.2.x0b28313
[8.2.x] Add Python 3.13 (beta) supportf3dd93a
[8.2.x] Attest package provenance (#12335)bb5a125
[8.2.x] Spelling (#12331)f179bf2
Merge pull request #12327 from pytest-dev/backport-12325-to-8.2.x2b671b5
[8.2.x] cacheprovider: fix.pytest_cache
not being world-readable65ab7cb
Merge pull request #12324 from pytest-dev/backport-12320-to-8.2.x4d5fb7d
Merge pull request #12319 from pytest-dev/backport-12311-to-8.2.xcbe5996
[8.2.x] changelog: document unittest 8.2 change as breakingUpdates
ruff
from 0.4.3 to 0.4.4Release notes
Sourced from ruff's releases.
Changelog
Sourced from ruff's changelog.
Commits
3e8878a
Bump version to v0.4.4 (#11352)b6b4ad9
[red-knot]@override
lint rule (#11282)dd42961
[pylint
] Detectpathlib.Path.open
calls inunspecified-encoding
(`PLW15...c80c171
[red-knot] Vendor typeshed's stdlib (#11340)e2fe177
Revert "Simplify arithmetic operation in logical lines checker (#11346)" (#11...e9d1cdd
Simplify arithmetic operation in logical lines checker (#11346)dfe4291
Improveruff_python_semantic::all::extract_all_names()
(#11335)4541337
[red-knot] Remove\<Db: SemanticDb>
contraints in favor of dynamic dispatch ...8e9ddee
Ignore end-of-line comments when determining blank line rules (#11342)702d2fa
Make B024 and B027 documentation more nuanced (#11341)Updates
pytest-asyncio
from 0.23.6 to 0.23.7Release notes
Sourced from pytest-asyncio's releases.
Commits
eb63d5a
docs: Prepared for release of v0.23.7.da04a7a
Build(deps): Bump exceptiongroup in /dependencies/default00c667a
Build(deps): Bump pytest from 8.1.1 to 8.2.0 in /dependencies/default3bd9cd8
[docs] Add changelog entry.15544f0
Revert GitHub Actions and Tox changes.6316b28
Deduplicate simplefilter snippet.3ffdfc5
asyncio.run(port_afinalizer())0107fd7
Remove extra space.3bf700a
Fix GH Action mapping.d15dc31
Fix 3109/3108 typo.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show