Skip to content

Comments

Deps: Bump the python-packages group across 1 directory with 4 updates#348

Merged
greenbonebot merged 1 commit intomainfrom
dependabot/pip/python-packages-a1ef97bec3
Feb 3, 2026
Merged

Deps: Bump the python-packages group across 1 directory with 4 updates#348
greenbonebot merged 1 commit intomainfrom
dependabot/pip/python-packages-a1ef97bec3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 2, 2026

Bumps the python-packages group with 4 updates in the / directory: packaging, pathspec, pytokens and rich.

Updates packaging from 25.0 to 26.0

Release notes

Sourced from packaging's releases.

26.0

Read about the performance improvements here: https://iscinumpy.dev/post/packaging-faster.

What's Changed

Features:

Behavior adaptations:

Fixes:

Performance:

... (truncated)

Changelog

Sourced from packaging's changelog.

26.0 - 2026-01-20


Features:

    

  • PEP 751: support pylock (:pull:900)
    • 

  • PEP 794: import name metadata (:pull:948)
    • 

  • Support for writing metadata to a file (:pull:846)
    • 

  • Support __replace__ on Version (:pull:1003)
    • 

  • Support positional pattern matching for Version and SpecifierSet (:pull:1004)
    • 



Behavior adaptations:


    

  • PEP 440 handling of prereleases for Specifier.contains, SpecifierSet.contains, and SpecifierSet.filter (:pull:897)
    • 

  • Handle PEP 440 edge case in SpecifierSet.filter (:pull:942)
    • 

  • Adjust arbitrary equality intersection preservation in SpecifierSet (:pull:951)
    • 

  • Return False instead of raising for .contains with invalid version (:pull:932)
    • 

  • Support arbitrary equality on arbitrary strings for Specifier and SpecifierSet's filter and contains method. (:pull:954)
    • 

  • Only try to parse as Version on certain marker keys, return False on unequal ordered comparisons (:pull:939)
    • 



Fixes:


    

  • Update _hash when unpickling Tag() (:pull:860)
    • 

  • Correct comment and simplify implicit prerelease handling in Specifier.prereleases (:pull:896)
    • 

  • Use explicit _GLibCVersion NamedTuple in _manylinux (:pull:868)
    • 

  • Detect invalid license expressions containing () (:pull:879)
    • 

  • Correct regex for metadata 'name' format (:pull:925)
    • 

  • Improve the message around expecting a semicolon (:pull:833)
    • 

  • Support nested parens in license expressions (:pull:931)
    • 

  • Add space before at symbol in Requirements string (:pull:953)
    • 

  • A root logger use found, use a packaging logger instead (:pull:965)
    • 

  • Better support for subclassing Marker and Requirement (:pull:1022)
    • 

  • Normalize all extras, not just if it comes first (:pull:1024)
    • 

  • Don't produce a broken repr if Marker fails to construct (:pull:1033)
    • 



Performance:


    

  • Avoid recompiling regexes in the tokenizer for a 3x speedup (:pull:1019)
    • 

  • Improve performance in _manylinux.py (:pull:869)
    • 

  • Minor cleanups to Version (:pull:913)
    • 

  • Skip redundant creation of Version's in specifier comparison (:pull:986)
    • 

  • Cache the Specifier's Version (:pull:985)
    • 

  • Make Version a little faster (:pull:987)
    • 

  • Minor Version regex cleanup (:pull:990)
    • 

  • Faster regex on Python 3.11.5+ for Version (:pull:988, :pull:1055)
    • 

  • Lazily calculate _key in Version (:pull:989, :pull:1048)
    • 

  • Faster canonicalize_version (:pull:993)
    • 

  • Use re.fullmatch in a couple more places (:pull:992, :pull:1029)
    • 

  • Use map instead of generator (:pull:996)
    • 

  • Deprecate ._version (_Version, a NamedTuple) (:pull:995, :pull:1062)
    
</tr></table>

... (truncated)

Commits

Updates pathspec from 1.0.3 to 1.0.4

Release notes

Sourced from pathspec's releases.

v1.0.4

Release v1.0.4. See CHANGES.rst.

Changelog

Sourced from pathspec's changelog.

1.0.4 (2026-01-26)

  • Issue [#103](https://github.com/cpburnz/python-pathspec/issues/103)_: Using re2 fails if pyre2 is also installed.

.. _Issue [#103](https://github.com/cpburnz/python-pathspec/issues/103): cpburnz/python-pathspec#103

Commits

Updates pytokens from 0.3.0 to 0.4.1

Commits

Updates rich from 14.2.0 to 14.3.2

Release notes

Sourced from rich's releases.

The ZWJy release

A fix for cell_len edge cases

[14.3.2] - 2026-02-01

Fixed

The Nerdy Fix release

Fixed issue with characters outside of unicode range reporting 0 cell size

[14.3.1] - 2026-01-24

Fixed

The more emojis release

Rich now has support for multi-codepoint emojis. There have also been some Markdown improvements, and a number of fixes. See the release notes below for details.

[14.3.0] - 2026-01-24

Fixed

Added

Changed

Changelog

Sourced from rich's changelog.

[14.3.2] - 2026-02-01

Fixed

[14.3.1] - 2026-01-24

Fixed

[14.3.0] - 2026-01-24

Fixed

Added

Changed

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Deps: Bump the python-packages group across 1 directory with 4 updates
b3ef41c 
Bumps the python-packages group with 4 updates in the / directory: [packaging](https://github.com/pypa/packaging), [pathspec](https://github.com/cpburnz/python-pathspec), [pytokens](https://github.com/tusharsadhwani/pytokens) and [rich](https://github.com/Textualize/rich).


Updates `packaging` from 25.0 to 26.0
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@25.0...26.0)

Updates `pathspec` from 1.0.3 to 1.0.4
- [Release notes](https://github.com/cpburnz/python-pathspec/releases)
- [Changelog](https://github.com/cpburnz/python-pathspec/blob/master/CHANGES.rst)
- [Commits](cpburnz/python-pathspec@v1.0.3...v1.0.4)

Updates `pytokens` from 0.3.0 to 0.4.1
- [Commits](tusharsadhwani/pytokens@0.3.0...0.4.1)

Updates `rich` from 14.2.0 to 14.3.2
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v14.2.0...v14.3.2)

---
updated-dependencies:
- dependency-name: packaging
  dependency-version: '26.0'
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: python-packages
- dependency-name: pathspec
  dependency-version: 1.0.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: python-packages
- dependency-name: pytokens
  dependency-version: 0.4.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
- dependency-name: rich
  dependency-version: 14.3.2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: python-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 2, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 2, 2026 04:08
@dependabot dependabot bot added the python Pull requests that update Python code label Feb 2, 2026
@greenbonebot greenbonebot enabled auto-merge (rebase) February 2, 2026 04:09
@github-actions
Copy link

github-actions bot commented Feb 2, 2026

Conventional Commits Report

Type Number
Dependencies 1

🚀 Conventional commits found.

@greenbonebot greenbonebot merged commit 65b0c63 into main Feb 3, 2026
22 checks passed
@greenbonebot greenbonebot deleted the dependabot/pip/python-packages-a1ef97bec3 branch February 3, 2026 13:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@henning henning henning approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@henning @greenbonebot