Skip to content

Bump the python group across 1 directory with 6 updates #473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 2 commits into from
Closed

Bump the python group across 1 directory with 6 updates #473

dependabot wants to merge 2 commits into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 15, 2025
edited
Loading

Bumps the python group with 6 updates in the / directory:

Package From To
platformdirs 4.5.0 4.5.1
bump-my-version 1.2.4 1.2.5
pip 25.2 25.3
tox 4.30.3 4.32.0
exceptiongroup 1.3.0 1.3.1
tox-gh 1.5.0 1.6.1

Updates platformdirs from 4.5.0 to 4.5.1

Release notes

Sourced from platformdirs's releases.

4.5.1

What's Changed

Full Changelog: tox-dev/platformdirs@4.5.0...4.5.1

Commits

Updates bump-my-version from 1.2.4 to 1.2.5

Release notes

Sourced from bump-my-version's releases.

1.2.5

Compare the full difference.

Fixes

  • Refactor: Simplify Mercurial test skip condition using pytest.mark.skipif. a596f61

  • Fix: Skip Mercurial tests if Mercurial is not available. bb5ff24

  • Fix README.md's workflow permissions and token usage. bf4397e

    • Added explicit permissions for id-token, pull-requests, and contents in the build job.
    • Replaced GH_TOKEN with GITHUB_TOKEN for consistency.
    • Clarified documentation on using personal access tokens (PAT).
    • Removed unused MANIFEST.in file.

  • Fix outdated link URL in docs leading to a 404. 440300a

Other

  • Compatibility with click 8.3, handle Sentinel values. 554922d

  • [pre-commit.ci] pre-commit autoupdate. 4b844b5

  • Bump actions/download-artifact from 5 to 6 in the github-actions group. f2613d7

    Bumps the github-actions group with 1 update: actions/download-artifact.

    Updates actions/download-artifact from 5 to 6

    updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions

    signed-off-by: dependabot[bot] support@github.com

  • Bump python from 3.12-slim-bookworm to 3.14-slim-bookworm. 1d1d0fe

    Bumps python from 3.12-slim-bookworm to 3.14-slim-bookworm.

    updated-dependencies: - dependency-name: python dependency-version: 3.14-slim-bookworm dependency-type: direct:production

... (truncated)

Changelog

Sourced from bump-my-version's changelog.

1.2.5 (2025-12-13)

Compare the full difference.

Fixes

  • Refactor: Simplify Mercurial test skip condition using pytest.mark.skipif. a596f61

  • Fix: Skip Mercurial tests if Mercurial is not available. bb5ff24

  • Fix README.md's workflow permissions and token usage. bf4397e

    • Added explicit permissions for id-token, pull-requests, and contents in the build job.
    • Replaced GH_TOKEN with GITHUB_TOKEN for consistency.
    • Clarified documentation on using personal access tokens (PAT).
    • Removed unused MANIFEST.in file.

  • Fix outdated link URL in docs leading to a 404. 440300a

Other

  • Compatibility with click 8.3, handle Sentinel values. 554922d

  • [pre-commit.ci] pre-commit autoupdate. 4b844b5

  • Bump actions/download-artifact from 5 to 6 in the github-actions group. f2613d7

    Bumps the github-actions group with 1 update: actions/download-artifact.

    Updates actions/download-artifact from 5 to 6

    updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions

    signed-off-by: dependabot[bot] support@github.com

  • Bump python from 3.12-slim-bookworm to 3.14-slim-bookworm. 1d1d0fe

    Bumps python from 3.12-slim-bookworm to 3.14-slim-bookworm.

    updated-dependencies: - dependency-name: python dependency-version: 3.14-slim-bookworm dependency-type: direct:production

... (truncated)

Commits
  • 6c5ee4c Version updated from 1.2.4 to 1.2.5
  • a7e7861 Merge pull request #391 from callowayproject/fix-click
  • 21a0c6e Remove unused Python inventory references from mkdocs.yml
  • 502f050 Merge pull request #390 from getzze/fix-click
  • 554922d compatibility with click 8.3, handle Sentinel values
  • 55da80f Merge pull request #386 from callowayproject/384-update-readme
  • a596f61 Refactor: Simplify Mercurial test skip condition using pytest.mark.skipif
  • bb5ff24 Fix: Skip Mercurial tests if Mercurial is not available
  • 3ec922b Remove Python 3.8 support and comment out Mercurial installation steps on Win...
  • bf4397e Fix README.md's workflow permissions and token usage
  • Additional commits viewable in compare view

Updates pip from 25.2 to 25.3

Changelog

Sourced from pip's changelog.

25.3 (2025-10-24)

Deprecations and Removals

  • Remove support for the legacy setup.py develop editable method in setuptools editable installs; setuptools >= 64 is now required. ([#11457](https://github.com/pypa/pip/issues/11457) <https://github.com/pypa/pip/issues/11457>_)

  • Remove the deprecated --global-option and --build-option. --config-setting is now the only way to pass options to the build backend. ([#11859](https://github.com/pypa/pip/issues/11859) <https://github.com/pypa/pip/issues/11859>_)

  • Deprecate the PIP_CONSTRAINT environment variable for specifying build constraints.

    Use the --build-constraint option or the PIP_BUILD_CONSTRAINT environment variable instead. When build constraints are used, PIP_CONSTRAINT no longer affects isolated build environments. To enable this behavior without specifying any build constraints, use --use-feature=build-constraint. ([#13534](https://github.com/pypa/pip/issues/13534) <https://github.com/pypa/pip/issues/13534>_)

  • Remove support for non-standard legacy wheel filenames. ([#13581](https://github.com/pypa/pip/issues/13581) <https://github.com/pypa/pip/issues/13581>_)

  • Remove support for the deprecated setup.py bdist_wheel mechanism. Consequently, --use-pep517 is now always on, and --no-use-pep517 has been removed. ([#6334](https://github.com/pypa/pip/issues/6334) <https://github.com/pypa/pip/issues/6334>_)

Features

  • When :pep:658 metadata is available, full distribution files are no longer downloaded when using pip lock or pip install --dry-run. ([#12603](https://github.com/pypa/pip/issues/12603) <https://github.com/pypa/pip/issues/12603>_)
  • Add support for installing an editable requirement written as a Direct URL (PackageName @ URL). ([#13495](https://github.com/pypa/pip/issues/13495) <https://github.com/pypa/pip/issues/13495>_)
  • Add support for build constraints via the --build-constraint option. This allows constraining the versions of packages used during the build process (e.g., setuptools) without affecting the final installation. ([#13534](https://github.com/pypa/pip/issues/13534) <https://github.com/pypa/pip/issues/13534>_)
  • On ResolutionImpossible errors, include a note about causes with no candidates. ([#13588](https://github.com/pypa/pip/issues/13588) <https://github.com/pypa/pip/issues/13588>_)
  • Building pip itself from source now uses flit-core instead of setuptools. This does not affect how pip installs or builds packages you use. ([#13473](https://github.com/pypa/pip/issues/13473) <https://github.com/pypa/pip/issues/13473>_)

Bug Fixes

  • Handle malformed Version metadata entries and show a sensible error message instead of crashing. ([#13443](https://github.com/pypa/pip/issues/13443) <https://github.com/pypa/pip/issues/13443>_)
  • Permit spaces between a filepath and extras in an install requirement. ([#13523](https://github.com/pypa/pip/issues/13523) <https://github.com/pypa/pip/issues/13523>_)
  • Ensure the self-check files in the cache have the same permissions as the rest of the cache. ([#13528](https://github.com/pypa/pip/issues/13528) <https://github.com/pypa/pip/issues/13528>_)
  • Avoid concurrency issues and improve performance when caching locally built wheels, especially when the temporary build directory is on a different filesystem than the cache. The wheel directory passed to the build backend is now a temporary subdirectory inside the cache directory. ([#13540](https://github.com/pypa/pip/issues/13540) <https://github.com/pypa/pip/issues/13540>_)
  • Include relevant user-supplied constraints in logs when reporting dependency conflicts. ([#13545](https://github.com/pypa/pip/issues/13545) <https://github.com/pypa/pip/issues/13545>_)
  • Fix a regression in configuration parsing that was turning a single value into a list and thus leading to a validation error. ([#13548](https://github.com/pypa/pip/issues/13548) <https://github.com/pypa/pip/issues/13548>_)
  • For Python versions that do not support :pep:706, pip will now raise an installation error for a source distribution when it includes a symlink that points outside the source distribution archive. ([#13550](https://github.com/pypa/pip/issues/13550) <https://github.com/pypa/pip/issues/13550>_)
  • Prevent --user installs if site.ENABLE_USER_SITE is set to False. ([#8794](https://github.com/pypa/pip/issues/8794) <https://github.com/pypa/pip/issues/8794>_)

... (truncated)

Commits
  • a520693 Bump for release
  • 0f2973e Fix up authors by adding entry to .mailmap
  • 87828dc Update AUTHORS.txt
  • ce6a38c Merge pull request #13628 from sbidoul/imp-doc-pep517-sbi
  • ee16c81 Merge pull request #13629 from notatallshaw/bump-gone_in="25.3"
  • 3e227aa Bump gone_in="25.3"
  • 4ad1828 Merge pull request #13495 from ichard26/feat/direct-editables
  • 66ded3b Merge pull request #13570 from ShubhamNagure/fix-constraint-reporting-13545
  • 67e8ac2 Merge pull request #13588 from notatallshaw/hint-on-resolution-impossible-whe...
  • 990ca8a Merge pull request #8796 from pelson/honour_user_site
  • Additional commits viewable in compare view

Updates tox from 4.30.3 to 4.32.0

Release notes

Sourced from tox's releases.

4.32.0

What's Changed

New Contributors

Full Changelog: tox-dev/tox@4.31.0...4.32.0

4.31.0

What's Changed

Full Changelog: tox-dev/tox@4.30.3...4.31.0

Changelog

Sourced from tox's changelog.

v4.32.0 (2025-10-24)

Bugfixes - 4.32.0

- Expand braced range syntax in all internal sections of ``tox.ini`` (e.g. ``deps``, ``testenv``). Syntax like py3{10-14} can be used in those sections now.
  - by :user:`marcosboger` (:issue:`3571`)

Improved Documentation - 4.32.0

  • Add Python 3.14 and 3.14t to config examples
    • by :user:cclauss (:issue:3626)

Misc - 4.32.0

- :issue:`3629`

v4.31.0 (2025-10-09)


No significant changes.

Commits
  • 511782e release 4.32.0
  • d5035fa TST: add weekly compatibility checks for CPython 3.15 (#3629)
  • 5220e07 fix: ensure log folder is created before writing the execution logs (#3633)
  • f8a88c1 Allow braced range syntax in internal sections of tox.ini file (#3631)
  • 6432872 Fix broken log message (in that branch it did not match the arguments). (#3634)
  • b036f7d [pre-commit.ci] pre-commit autoupdate (#3630)
  • 5d73948 [pre-commit.ci] pre-commit autoupdate (#3627)
  • 95f15ad docs: Add Python 3.14 and 3.14t to config examples (#3626)
  • 5b0f7e4 Fix release changelog generation config
  • eac78c1 release 4.31.0
  • Additional commits viewable in compare view

Updates exceptiongroup from 1.3.0 to 1.3.1

Release notes

Sourced from exceptiongroup's releases.

1.3.1

  • Fixed AttributeError: 'TracebackException' object has no attribute 'exceptions' when formatting unpickled TBEs from another Python process which did not apply the exceptiongroup patches (#144)
Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.3.1

  • Fixed AttributeError: 'TracebackException' object has no attribute 'exceptions' when formatting unpickled TBEs from another Python process which did not apply the exceptiongroup patches ([#144](https://github.com/agronholm/exceptiongroup/issues/144) <https://github.com/agronholm/exceptiongroup/issues/144>_)

1.3.0

  • Added **kwargs to function and method signatures as appropriate to match the signatures in the standard library
  • In line with the stdlib typings in typeshed, updated (Base)ExceptionGroup generic types to define defaults for their generic arguments (defaulting to BaseExceptionGroup[BaseException] and ExceptionGroup[Exception]) (PR by @​mikenerone)
  • Changed BaseExceptionGroup.__init__() to directly call BaseException.__init__() instead of the superclass __init__() in order to emulate the CPython behavior (broken or not) (PR by @​cfbolz)
  • Changed the exceptions attribute to always return the same tuple of exceptions, created from the original exceptions sequence passed to BaseExceptionGroup to match CPython behavior ([#143](https://github.com/agronholm/exceptiongroup/issues/143) <https://github.com/agronholm/exceptiongroup/issues/143>_)

1.2.2

  • Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry ([#123](https://github.com/agronholm/exceptiongroup/issues/123) <https://github.com/agronholm/exceptiongroup/issues/123>_)

1.2.1

  • Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
  • Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
  • Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

  • Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
  • Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
  • Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except*

... (truncated)

Commits
  • ddddb6f Added the release version
  • 49c5e60 Fixed AttributeError when formatting unpickled TBEs from an unpatched process
  • 1be517f [pre-commit.ci] pre-commit autoupdate (#152)
  • af0ea2f [pre-commit.ci] pre-commit autoupdate (#149)
  • 7c980a8 Removed pin on pyright version
  • ef85336 Fixed typing job not finding Python 3.14
  • 080b3f4 Pinned pyright version to fix typeshed related failure
  • ac66090 Added Python 3.14 to the test matrix
  • a0da94d Fixed test failures on Python 3.14
  • See full diff in compare view

Updates tox-gh from 1.5.0 to 1.6.1

Release notes

Sourced from tox-gh's releases.

1.6.1

What's Changed

New Contributors

Full Changelog: tox-dev/tox-gh@1.6.0...1.6.1

1.6.0

What's Changed

Full Changelog: tox-dev/tox-gh@1.5.0...1.6.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @Zeitsperre.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the python group across 1 directory with 6 updates
6e7cf8a 
Bumps the python group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.5.0` | `4.5.1` |
| [bump-my-version](https://github.com/callowayproject/bump-my-version) | `1.2.4` | `1.2.5` |
| [pip](https://github.com/pypa/pip) | `25.2` | `25.3` |
| [tox](https://github.com/tox-dev/tox) | `4.30.3` | `4.32.0` |
| [exceptiongroup](https://github.com/agronholm/exceptiongroup) | `1.3.0` | `1.3.1` |
| [tox-gh](https://github.com/tox-dev/tox-gh) | `1.5.0` | `1.6.1` |



Updates `platformdirs` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/tox-dev/platformdirs/releases)
- [Changelog](https://github.com/tox-dev/platformdirs/blob/main/CHANGES.rst)
- [Commits](tox-dev/platformdirs@4.5.0...4.5.1)

Updates `bump-my-version` from 1.2.4 to 1.2.5
- [Release notes](https://github.com/callowayproject/bump-my-version/releases)
- [Changelog](https://github.com/callowayproject/bump-my-version/blob/master/CHANGELOG.md)
- [Commits](callowayproject/bump-my-version@1.2.4...1.2.5)

Updates `pip` from 25.2 to 25.3
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@25.2...25.3)

Updates `tox` from 4.30.3 to 4.32.0
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.30.3...4.32.0)

Updates `exceptiongroup` from 1.3.0 to 1.3.1
- [Release notes](https://github.com/agronholm/exceptiongroup/releases)
- [Changelog](https://github.com/agronholm/exceptiongroup/blob/main/CHANGES.rst)
- [Commits](agronholm/exceptiongroup@1.3.0...1.3.1)

Updates `tox-gh` from 1.5.0 to 1.6.1
- [Release notes](https://github.com/tox-dev/tox-gh/releases)
- [Commits](tox-dev/tox-gh@1.5.0...1.6.1)

---
updated-dependencies:
- dependency-name: platformdirs
  dependency-version: 4.5.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python
- dependency-name: bump-my-version
  dependency-version: 1.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python
- dependency-name: pip
  dependency-version: '25.3'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python
- dependency-name: tox
  dependency-version: 4.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python
- dependency-name: exceptiongroup
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python
- dependency-name: tox-gh
  dependency-version: 1.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Dec 15, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

Zeitsperre
Zeitsperre approved these changes Dec 15, 2025
View reviewed changes
Copy link
Collaborator

@Zeitsperre Zeitsperre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Beginning January 27, 2026, Dependabot will no longer support the @dependabot merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

@Zeitsperre
Copy link
Collaborator

Zeitsperre commented Dec 15, 2025

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@Zeitsperre
Copy link
Collaborator

Zeitsperre commented Dec 15, 2025

@dependabot recreate

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

@Zeitsperre
Copy link
Collaborator

Zeitsperre commented Dec 15, 2025

@dependabot recreate

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@Zeitsperre
Copy link
Collaborator

Zeitsperre commented Dec 15, 2025

@dependabot close

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Beginning January 27, 2026, Dependabot will no longer support the @dependabot close command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

@dependabot dependabot bot closed this Dec 15, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/pip/python-dfa5027a0f branch December 15, 2025 16:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Zeitsperre Zeitsperre Zeitsperre approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Zeitsperre