Sourced from rich's releases.

Vertical alignment in tables

The headline feature of this reach is vertical alignment in tables.

Note: as a major version bump, this version has some breaking changes. These changes won't affect many people, but we like to be strict about semver. See the release notes below.

[11.0.0] - 2022-01-09

Added

• Added max_depth arg to pretty printing Textualize/rich#1585
• Added vertical_align to Table.add_row Textualize/rich#1590

Fixed

• Fixed issue with pretty repr in jupyter notebook Textualize/rich#1717
• Fix Traceback theme defaults override user supplied styles Textualize/rich#1786

Changed

• breaking Deprecated rich.console.RenderGroup, now named rich.console.Group
• breaking Syntax.__init__ parameter lexer_name renamed to lexer
• Syntax constructor accepts both str and now a pygments lexer Textualize/rich#1748

Sourced from rich's changelog.

[11.0.0] - 2022-01-09

Added

• Added max_depth arg to pretty printing Textualize/rich#1585
• Added vertical_align to Table.add_row Textualize/rich#1590

Fixed

• Fixed issue with pretty repr in jupyter notebook Textualize/rich#1717
• Fix Traceback theme defaults override user supplied styles Textualize/rich#1786

Changed

• breaking Deprecated rich.console.RenderGroup, now named rich.console.Group
• breaking Syntax.__init__ parameter lexer_name renamed to lexer
• Syntax constructor accepts both str and now a pygments lexer Textualize/rich#1748

• 5f02197 Merge branch 'master' of github.com:willmcgugan/rich
• fb4f424 Version bump
• ac10ac7 Merge pull request #1815 from Textualize/dependabot/pip/types-dataclasses-0.6.3
• d81cef7 changelog
• 5a457bf Merge pull request #1816 from Textualize/table-vertical-align
• 44a715d Merge pull request #1819 from Textualize/deprecate-render-group
• 4abbbd1 eof
• ad9debf remove render_group
• 7b85151 rendergroup
• 408b3bc whitespace
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from coverage's changelog.

Version 7.0.1 — 2022-12-23

• When checking if a file mapping resolved to a file that exists, we weren't considering files in .whl files. This is now fixed, closing issue 1511_.

• File pattern rules were too strict, forbidding plus signs and curly braces in directory and file names. This is now fixed, closing issue 1513_.

• Unusual Unicode or control characters in source files could prevent reporting. This is now fixed, closing issue 1512_.

• The PyPy wheel now installs on PyPy 3.7, 3.8, and 3.9, closing issue 1510_.

.. _issue 1510: nedbat/coveragepy#1510 .. _issue 1511: nedbat/coveragepy#1511 .. _issue 1512: nedbat/coveragepy#1512 .. _issue 1513: nedbat/coveragepy#1513

.. _changes_7-0-0:

Version 7.0.0 — 2022-12-18

Nothing new beyond 7.0.0b1.

.. _changes_7-0-0b1:

Version 7.0.0b1 — 2022-12-03

A number of changes have been made to file path handling, including pattern matching and path remapping with the [paths] setting (see :ref:config_paths). These changes might affect you, and require you to update your settings.

(This release includes the changes from 6.6.0b1 <changes_6-6-0b1_>_, since 6.6.0 was never released.)

• Changes to file pattern matching, which might require updating your configuration:

  • Previously, * would incorrectly match directory separators, making precise matching difficult. This is now fixed, closing issue 1407_.

  • Now ** matches any number of nested directories, including none.

• Improvements to combining data files when using the

... (truncated)

• c5cda3a docs: releases take a little bit longer now
• 9d4226e docs: latest sample HTML report
• 8c77758 docs: prep for 7.0.1
• da1b282 fix: also look into .whl files for source
• d327a70 fix: more information when mapping rules aren't working right.
• 35e249f fix: certain strange characters caused reporting to fail. #1512
• 152cdc7 fix: don't forbid plus signs in file names. #1513
• 31513b4 chore: make upgrade
• 873b059 test: don't run tests on Windows PyPy-3.9
• 5c5caa2 build: PyPy wheel now installs on 3.7, 3.8, and 3.9. #1510
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/cache's releases.

v3.2.1

What's Changed

• Release compression related changes for windows by @​Phantsure in actions/cache#1039
• Upgrade codeql to v2 by @​Phantsure in actions/cache#1023

Full Changelog: https://github.com/actions/cache/compare/v3.2.0...v3.2.1

v3.2.0

What's Changed

• fix wrong timeout env var key in README.md by @​walterddr in actions/cache#959
• Updated release doc with correct env variable by @​kotewar in actions/cache#960
• Create pull_request_template.md by @​pdotl in actions/cache#963
• Update README with clearer info about cache-hit and its value by @​kotewar in actions/cache#961
• Change datadog/squid to Ubuntu/squid in CI check by @​bishal-pdMSFT in actions/cache#976
• Add more details to version section in readme by @​bishal-pdMSFT in actions/cache#971
• Update hashFiles documentation reference by @​asaf400 in actions/cache#979
• Updated link for cache segment download info by @​kotewar in actions/cache#986
• Readme update for deleting caches by @​t-dedah in actions/cache#981
• Add oncall logic to assign issues and PRs by @​vsvipul in actions/cache#997
• Bump minimatch from 3.0.4 to 3.1.2 by @​dependabot in actions/cache#998
• Revert "Bump minimatch from 3.0.4 to 3.1.2" by @​vsvipul in actions/cache#1005
• Fix npm vulnerability by @​Phantsure in actions/cache#1007
• refactor: Use early return pattern to avoid nested conditions by @​jongwooo in actions/cache#1013
• Use cache in check-dist.yml by @​jongwooo in actions/cache#1004
• chore: Use built-in cache action to cache dependencies by @​jongwooo in actions/cache#1014
• Updated node example by @​t-dedah in actions/cache#1008
• Fix: Node npm doc example by @​apascualm in actions/cache#1026
• docs: fix an invalid link in workarounds.md by @​teatimeguest in actions/cache#929
• General Availability release for granular cache by @​kotewar in actions/cache#1035 More details here on beta release.

New Contributors

• @​walterddr made their first contribution in actions/cache#959
• @​asaf400 made their first contribution in actions/cache#979
• @​jongwooo made their first contribution in actions/cache#1013
• @​apascualm made their first contribution in actions/cache#1026
• @​teatimeguest made their first contribution in actions/cache#929

Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0

v3.2.0-beta.1

What's Changed

• Actions Cache Granular Control Implementation by @​kotewar in actions/cache#1006

v3.1.0-beta.3

What's Changed

• Bug fixes for bsdtar fallback, if gnutar not available, and gzip fallback, if cache saved using old cache action, on windows.

Full Changelog: https://github.com/actions/cache/compare/v3.1.0-beta.2...v3.1.0-beta.3

... (truncated)

Sourced from actions/cache's changelog.

3.2.1

• Update @actions/cache on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. (issue)
• Added support for fallback to gzip to restore old caches on windows.
• Added logs for cache version in case of a cache miss.

• c1a5de8 Upgrade codeql to v2 (#1023)
• 9b0be58 Release compression related changes for windows (#1039)
• c17f4bf GA for granular cache (#1035)
• ac25611 docs: fix an invalid link in workarounds.md (#929)
• dc097e3 Update examples.md (#1026)
• fb86cbf Updated node example (#1008)
• a57932f Merge pull request #1014 from jongwooo/chore/use-built-in-cache-action
• 04b13ca chore: Use built-in cache action to cache dependencies
• 941bc71 Merge pull request #1004 from jongwooo/chore/use-cache-in-check-dist
• 08d8639 Merge branch 'main' into chore/use-cache-in-check-dist
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/cache's releases.

v3.2.0

What's Changed

• fix wrong timeout env var key in README.md by @​walterddr in actions/cache#959
• Updated release doc with correct env variable by @​kotewar in actions/cache#960
• Create pull_request_template.md by @​pdotl in actions/cache#963
• Update README with clearer info about cache-hit and its value by @​kotewar in actions/cache#961
• Change datadog/squid to Ubuntu/squid in CI check by @​bishal-pdMSFT in actions/cache#976
• Add more details to version section in readme by @​bishal-pdMSFT in actions/cache#971
• Update hashFiles documentation reference by @​asaf400 in actions/cache#979
• Updated link for cache segment download info by @​kotewar in actions/cache#986
• Readme update for deleting caches by @​t-dedah in actions/cache#981
• Add oncall logic to assign issues and PRs by @​vsvipul in actions/cache#997
• Bump minimatch from 3.0.4 to 3.1.2 by @​dependabot in actions/cache#998
• Revert "Bump minimatch from 3.0.4 to 3.1.2" by @​vsvipul in actions/cache#1005
• Fix npm vulnerability by @​Phantsure in actions/cache#1007
• refactor: Use early return pattern to avoid nested conditions by @​jongwooo in actions/cache#1013
• Use cache in check-dist.yml by @​jongwooo in actions/cache#1004
• chore: Use built-in cache action to cache dependencies by @​jongwooo in actions/cache#1014
• Updated node example by @​t-dedah in actions/cache#1008
• Fix: Node npm doc example by @​apascualm in actions/cache#1026
• docs: fix an invalid link in workarounds.md by @​teatimeguest in actions/cache#929
• General Availability release for granular cache by @​kotewar in actions/cache#1035 More details here on beta release.

New Contributors

• @​walterddr made their first contribution in actions/cache#959
• @​asaf400 made their first contribution in actions/cache#979
• @​jongwooo made their first contribution in actions/cache#1013
• @​apascualm made their first contribution in actions/cache#1026
• @​teatimeguest made their first contribution in actions/cache#929

Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0

v3.2.0-beta.1

What's Changed

• Actions Cache Granular Control Implementation by @​kotewar in actions/cache#1006

v3.1.0-beta.3

What's Changed

• Bug fixes for bsdtar fallback, if gnutar not available, and gzip fallback, if cache saved using old cache action, on windows.

Full Changelog: https://github.com/actions/cache/compare/v3.1.0-beta.2...v3.1.0-beta.3

v3.1.0-beta.2

What's Changed

• Updated node example by @​t-dedah in actions/cache#1008
• Release cache 3.1.0-beta.2 with gzip fallback for old cache by @​Phantsure in actions/cache#1022

Full Changelog: https://github.com/actions/cache/compare/v3.1.0-beta.1...v3.1.0-beta.2

... (truncated)

Sourced from actions/cache's changelog.

3.2.0

• Released the two new actions - restore and save for granular control on cache

• c17f4bf GA for granular cache (#1035)
• ac25611 docs: fix an invalid link in workarounds.md (#929)
• dc097e3 Update examples.md (#1026)
• fb86cbf Updated node example (#1008)
• a57932f Merge pull request #1014 from jongwooo/chore/use-built-in-cache-action
• 04b13ca chore: Use built-in cache action to cache dependencies
• 941bc71 Merge pull request #1004 from jongwooo/chore/use-cache-in-check-dist
• 08d8639 Merge branch 'main' into chore/use-cache-in-check-dist
• a2f324e Merge pull request #1013 from jongwooo/refactor/use-early-return-pattern-to-a...
• 35f4702 refactor: Use early return pattern to avoid nested conditions
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from coverage's changelog.

Version 7.0.0 — 2022-12-18

Nothing new beyond 7.0.0b1.

.. _changes_7-0-0b1:

Version 7.0.0b1 — 2022-12-03

A number of changes have been made to file path handling, including pattern matching and path remapping with the [paths] setting (see :ref:config_paths). These changes might affect you, and require you to update your settings.

(This release includes the changes from 6.6.0b1 <changes_6-6-0b1_>_, since 6.6.0 was never released.)

• Changes to file pattern matching, which might require updating your configuration:

  • Previously, * would incorrectly match directory separators, making precise matching difficult. This is now fixed, closing issue 1407_.

  • Now ** matches any number of nested directories, including none.

• Improvements to combining data files when using the :ref:config_run_relative_files setting, which might require updating your configuration:

  • During coverage combine, relative file paths are implicitly combined without needing a [paths] configuration setting. This also fixed issue 991_.

  • A [paths] setting like */foo will now match foo/bar.py so that relative file paths can be combined more easily.

  • The :ref:config_run_relative_files setting is properly interpreted in more places, fixing issue 1280_.

• When remapping file paths with [paths], a path will be remapped only if the resulting path exists. The documentation has long said the prefix had to exist, but it was never enforced. This fixes issue 608, improves issue 649, and closes issue 757_.

• Reporting operations now implicitly use the [paths] setting to remap file paths within a single data file. Combining multiple files still requires the coverage combine step, but this simplifies some single-file situations. Closes issue 1212_ and issue 713_.

... (truncated)

• df3f2bf docs: latest sample HTML report
• 52b5680 docs: prep for 7.0.0
• be5f556 chore: make upgrade
• d20c1d0 docs: #1024 was also fixed
• 5feb451 chore: make upgrade
• 84749fd build: use tox.pip to ensure all tox pins are the same
• 3cd0bc6 test: this was wrong?
• c053b7f chore: make upgrade
• 7e0e072 build: a target to summarize make upgrade
• 18681c4 build: this link could be useful in the future
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from importlib-metadata's changelog.

v5.2.0

• #371: Deprecated expectation that PackageMetadata.__getitem__ will return None for missing keys. In the future, it will raise a KeyError.

v5.1.0

• #415: Instrument SimplePath with generic support.

v5.0.0

• #97, #284, #300: Removed compatibility shims for deprecated entry point interfaces.

v4.13.0

• #396: Added compatibility for PathDistributions originating from Python 3.8 and 3.9.

v4.12.0

• py-93259: Now raise ValueError when None or an empty string are passed to Distribution.from_name (and other callers).

v4.11.4

• #379: In PathDistribution._name_from_stem, avoid including parts of the extension in the result.
• #381: In PathDistribution._normalized_name, ensure names loaded from the stem of the filename are also normalized, ensuring duplicate entry points by packages varying only by non-normalized name are hidden.

v4.11.3

• #372: Removed cast of path items in FastPath, not needed.

v4.11.2

• #369: Fixed bug where EntryPoint.extras was returning

... (truncated)

• 4fe7502 Merge pull request #417 from python/debt/deprecate-getitem-none
• 880a621 Mark PackageMetadata.__getitem__ as deprecated for missing values. Ref #371.
• 747e081 Merge https://github.com/jaraco/skeleton
• 82465b9 Build docs in CI, including sphinx-lint.
• 7662a60 Merge https://github.com/jaraco/skeleton
• c68ac3b Prevent Python 3.12 from blocking checks.
• ef52139 Remove unnecessary shebang and encoding header in docs conf.
• 86a55c8 tox 4 requires a boolean value, so use '1' to FORCE_COLOR. Fixes jaraco/skele...
• 9708c37 Honor ResourceWarnings. Fixes jaraco/skeleton#73.
• b74765d Add note to docs about limitation of packages_distributions. Fixes #402.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 297950f v2.5.10
• e834194 Merge pull request #352 from andrewring/patch-1
• e2201fc Add ppm file to extensions
• eb54678 Merge pull request #351 from pre-commit/pre-commit-ci-update-config
• 587e55d [pre-commit.ci] pre-commit autoupdate
• 8413d2b Merge pull request #349 from pre-commit/pre-commit-ci-update-config
• eb5e3c2 [pre-commit.ci] pre-commit autoupdate
• 404ffb5 Merge pull request #347 from pre-commit/pre-commit-ci-update-config
• a9da367 [pre-commit.ci] pre-commit autoupdate
• 358110c Merge pull request #346 from pre-commit/pre-commit-ci-update-config
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from black's releases.

22.12.0

Preview style

• Enforce empty lines before classes and functions with sticky leading comments (#3302)
• Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
• Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
• Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

Configuration

• Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)
• Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

Parser

• Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

Integrations

• Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

22.10.0

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

Preview style

... (truncated)

Sourced from black's changelog.

22.12.0

Preview style

• Enforce empty lines before classes and functions with sticky leading comments (#3302)
• Reformat empty and whitespace-only files as either an empty file (if no newline is present) or as a single newline character (if a newline is present) (#3348)
• Implicitly concatenated strings used as function args are now wrapped inside parentheses (#3307)
• Correctly handle trailing commas that are inside a line's leading non-nested parens (#3370)

Configuration

• Fix incorrectly applied .gitignore rules by considering the .gitignore location and the relative path to the target file (#3338)
• Fix incorrectly ignoring .gitignore presence when more than one source directory is specified (#3336)

Parser

• Parsing support has been added for walruses inside generator expression that are passed as function args (for example, any(match := my_re.match(text) for text in texts)) (#3327).

Integrations

• Vim plugin: Optionally allow using the system installation of Black via let g:black_use_virtualenv = 0(#3309)

22.10.0

Highlights

• Runtime support for Python 3.6 has been removed. Formatting 3.6 code will still be supported until further notice.

Stable style

• Fix a crash when # fmt: on is used on a different block level than # fmt: off (#3281)

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from safety's releases.

2.3.4

No release notes provided.

2.3.3

No release notes provided.

2.3.2

• Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.
• Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.
• Fixed telemetry data missing when the CLI mode is used.
• Fixed wrong database fetching when the KEY and the database arguments are used at the same time.
• Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

2.3.1

No release notes provided.

2.3.0

What's Changed

• Safety Alerts: GitHub PRs and GitHub issues support by @​cb22 in pyupio/safety#411
• Safety 2.3.0 patch by @​cb22 in pyupio/safety#415

Full Changelog: https://github.com/pyupio/safety/compare/2.2.1...2.3.0

2.2.1

What's Changed

• Pull from Master by @​yeisonvargasf in pyupio/safety#410
• Common fixes for next release by @​yeisonvargasf in pyupio/safety#412
• 2.2.1 Patch by @​yeisonvargasf in pyupio/safety#414

Full Changelog: https://github.com/pyupio/safety/compare/2.2.0...2.2.1

2.2.0

What's Changed

• Eat stderr messages from git commands. by @​tarmack in pyupio/safety#399
• Update from master branch by @​yeisonvargasf in pyupio/safety#404
• Remove AppVeyor and Travis by @​yeisonvargasf in pyupio/safety#405
• Using dparse to read requirements and fixes for custom integrations by @​yeisonvargasf in pyupio/safety#406
• Safety 2.2.0 patch by @​yeisonvargasf in pyupio/safety#407

New Contributors

• @​tarmack made their first contribution in pyupio/safety#399

Full Changelog: https://github.com/pyupio/safety/compare/2.1.1...2.2.0

Safety 2.0.0 and Safety GitHub Action - Python Dependency Scanner

PyUp is excited to release Safety 2.0 CLI and Safety as a GitHub Action!

Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs. The new GitHub Action enables you to configure Python dependency security and compliance scans on your repositories on new commits, new branches, pull requests, and more.

... (truncated)

Sourced from safety's changelog.

[2.3.4] - 2022-12-07

• Removed LegacyVersion use; this fixes the issue with packaging 22.0.
• Fixed typos in the README.
• Added Python 3.11 to the classifiers in the setup.cfg.

[2.3.3] - 2022-11-27

• Fixed recursive requirements issue when an unpinned package is found.

[2.3.2] - 2022-11-21

• Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.
• Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.
• Fixed telemetry data missing when the CLI mode is used.
• Fixed wrong database fetching when the KEY and the database arguments are used at the same time.
• Added SAFETY_PURE_YAML env var, used for cases that require pure Python in the YAML parser.

[2.3.1] - 2022-10-05

• Add safety.alerts module to setup.cfg

[2.3.0] - 2022-10-05

• Safety can now create GitHub PRs and Issues for vulnerabilities directly, with the new safety alert subcommand.
• Support for GitHub PR and Issue alerting has been added to the GitHub Action.

[2.2.1] - 2022-10-04

• Fixed the use of the SAFETY_COLOR environment variable
• Fixed bug in the case of vulnerabilities without a CVE linked
• Fixed GitHub version in the README

[2.2.0] - 2022-09-19

• Safety starts to use dparse to parse files, now Safety supports mainly Poetry and Pipenv lock files plus other files supported by dparse.
• Added logic for custom integrations like pipenv check.
• The --db flag is compatible remote sources too.
• Added more logging
• Upgrade dparse dependency to avoid a possible ReDos security issue
• Removed Travis and Appveyor, the CI/CD was migrated to GitHub Actions

[2.1.1] - 2022-07-18

• Fix crash when running on systems without git present (Thanks @​andyjones)

[2.1.0] - 2022-07-14

Summary:

• Improved error messages & fixed issues with proxies
• Fixed license command
• Added the ability for scan outputs to be sent to pyup.io. This will only take effect if using an API key, the feature is enabled on your profile, and the --disable-audit-and-monitor is not set
• Added the ability to have a Safety policy file set centrally on your pyup.io profile. This remote policy file will be used if there's no local policy file present, otherwise a warning will be issued.

Updated outputs:

• Text & screen output: If a scan has been logged, this is now mentioned in the output.
• JSON output: The JSON output now includes git metadata about the folder Safety was run in. It also includes a version field, and telemetry information that would be sent separately. There are no breaking changes in the output.

... (truncated)

• 46d54bc Version 2.3.4
• 9e4f843 Merge pull request #440 from pyupio/develop
• 68049bb Merge pull request #433 from cclauss/patch-1
• 7c72120 Merge pull request #439 from pyupio/fix/packaging-LegacyVersion
• 2c4bb4b Remove the LegacyVersion import.
• a9da481 Merge pull request #434 from cclauss/patch-2
• 2105d42 Starting 2.3.4.dev version.
• 8b6b34f Merge pull request #436 from pyupio/main
• 6e5f76a setup.cfg: Programming Language :: Python :: 3.11
• 34827f3 Fix typos
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

Improve error handling and messages

In scope of this release we added improved error message to put operating system and its version in the logs (actions/setup-python#559). Besides, the release

• fixes issue about specifying architecture for pypy-nightly on Windows with related pull request.
• improves error handling for Http Errors (actions/setup-python#511).
• updates minimatch (actions/setup-python#558).

v4.3.0

• Update @​actions/core to 1.10.0 version #517
• Update @​actions/cache to 3.0.4 version #499
• Only use github.token on github.com #443
• Improvement of documentation #477 #479 #491 #492

Add check-latest input and bug fixes

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, the version will then be downloaded from python-versions repository. By default check-latest is set to false. For PyPy it will to try to reach https://downloads.python.org/pypy/versions.json

Example of usage:

steps:
  - uses: actions/checkout@v3
  - uses: actions/setup-python@v4
    with:
      python-version: '3.9'
      check-latest: true
  - run: python --version

Besides, it includes such changes as

• Resolved logs for python-version and file inputs: actions/setup-python#465
• Added linux os release info to primary key: actions/setup-python#467
• Added fix to change Python versions for poetry: actions/setup-python#445
• Fix Tool Path handling for self-hosted runners: actions/setup-python#466

v4.1.0

In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

Update-environment input

    - name: setup-python 3.9
      uses: actions/setup-python@v4
      with:
        python-version: 3.9
        update-environment: false

Besides, we added such changes as:

• Allow python-version-file to be a relative path: actions/setup-python#431
• Added new environment variables for Cmake: actions/setup-python#440
• Updated error message for resolveVersion: actions/setup-python#450
• Assign default value of AGENT_TOOLSDIRECTORY if not set: actions/setup-python#394

... (truncated)

• 2c3dd9e Add OS info to the error message (#559)
• 76bbdfa Update minimatch (#558)
• 1aafadc Caching projects that use setup.py (#549)
• b80efd6 Update to latest actions/publish-action (#546)
• 5cddb27 Recommend setting python-version (#545)
• 47c4a7a fix(ci): run .github/workflows/workflow.yml on ubuntu-20.04 (#535)
• af57b64 Extend docu regarding rate limit issues. (#510)
• 4818a5a Handle download HTTP error (#511)
• 8bcd256 Add architecture input check for PyPy for Windows platform (#520)
• 13ae5bb Merge pull request #517 from rentziass/rentziass/update-actions-core
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from platformdirs's releases.

2.6.0

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#107
• Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.5.2 by @​dependabot in platformdirs/platformdirs#111
• Bump pypa/gh-action-pypi-publish from 1.5.2 to 1.6.1 by @​dependabot in platformdirs/platformdirs#113
• Change user_log_dir to point to user_state_dir on Linux per the XDG spec by @​lordwelch in platformdirs/platformdirs#108

New Contributors

• @​lordwelch made their first contribution in platformdirs/platformdirs#108

Full Changelog: https://github.com/platformdirs/platformdirs/compare/2.5.4...2.6.0

2.5.4

Full Changelog: https://github.com/platformdirs/platformdirs/compare/2.5.3...2.5.4

2.5.3

What's Changed

• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#80
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#82
• Bump pre-commit/action from 2.0.3 to 3.0.0 by @​dependabot in platformdirs/platformdirs#87
• Bump actions/upload-artifact from 2 to 3 by @​dependabot in platformdirs/platformdirs#86
• Bump actions/download-artifact from 2 to 3 by @​dependabot in platformdirs/platformdirs#85
• Bump actions/setup-python from 2 to 4 by @​dependabot in platformdirs/platformdirs#84
• Bump actions/checkout from 2 to 3 by @​dependabot in platformdirs/platformdirs#83
• Docs: platformdirs is a package by @​chanicpanic in platformdirs/platformdirs#88
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#89
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#91
• Check 3.11 support by @​gaborbernat in platformdirs/platformdirs#92
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#93
• Bump tools by @​gaborbernat in platformdirs/platformdirs#94
• Bump dependencies by @​gaborbernat in platformdirs/platformdirs#95
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#96
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#99
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#100
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#101
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in platformdirs/platformdirs#102
• Declare support for Python 3.11 by @​hugovk in platformdirs/platformdirs#103

New Contributors

• @​dependabot made their first contribution in platformdirs/platformdirs#87
• @​chanicpanic made their first contribution in platformdirs/platformdirs#88
• @​hugovk made their first contribution in platformdirs/platformdirs#103

Full Changelog: https://github.com/platformdirs/platformdirs/compare/2.5.2...2.5.3

2.5.2

No release notes provided.

2.5.1

No release notes provided.

... (truncated)

Sourced from platformdirs's changelog.

platformdirs 2.6.0 (2022-12-06)

• BREAKING Correct the log directory on Linux/Unix from XDG_CACHE_HOME to XDG_STATE_HOME per the XDG spec

platformdirs 2.5.4 (2022-11-12)

• Fix licesing metadata

platformdirs 2.5.3 (2022-11-06)

• Support 3.11
• Bump dependencies

platformdirs 2.5.2 (2022-04-18)

• Move packaging to hatcling from setuptools
• Treat android shells as unix

platformdirs 2.5.2 (2022-04-18)

• Move packaging to hatcling from setuptools
• Treat android shells as unix

platformdirs 2.5.1 (2022-02-19)

• Add native support for nuitka

platformdirs 2.5.0 (2022-02-09)

• Add support for Termux subsystems

• 1433ba9 Change user_log_dir to point to user_state_dir on Linux per the XDG spec (#108)
• 1992217 Bump pypa/gh-action-pypi-publish from 1.5.2 to 1.6.1 (#113)
• c8b6926 Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.5.2 (#111)
• 1e2bc05 [pre-commit.ci] pre-commit autoupdate (#107)
• a1b0d73 Update CHANGES.rst
• 4f30455 Update check.yml
• 511b43a Update check.yml
• 7f607b6 Update pyproject.toml
• 84211ed Declare support for Python 3.11 (#103)
• f2582af [pre-commit.ci] pre-commit autoupdate (#102)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from coverage's changelog.

Version 7.0.2 — 2023-01-02

• Fix: when using the [run] relative_files = True setting, a relative [paths] pattern was still being made absolute. This is now fixed, closing issue 1519_.

• Fix: if Python doesn't provide tomllib, then TOML configuration files can only be read if coverage.py is installed with the [toml] extra. Coverage.py will raise an error if TOML support is not installed when it sees your settings are in a .toml file. But it didn't understand that [tools.coverage] was a valid section header, so the error wasn't reported if you used that header, and settings were silently ignored. This is now fixed, closing issue 1516_.

• Fix: adjusted how decorators are traced on PyPy 7.3.10, fixing issue 1515_.

• Fix: the coverage lcov report did not properly implement the --fail-under=MIN option. This has been fixed.

• Refactor: added many type annotations, including a number of refactorings. This should not affect outward behavior, but they were a bit invasive in some places, so keep your eyes peeled for oddities.

• Refactor: removed the vestigial and long untested support for Jython and IronPython.

.. _issue 1515: nedbat/coveragepy#1515 .. _issue 1516: nedbat/coveragepy#1516 .. _issue 1519: nedbat/coveragepy#1519

.. _changes_7-0-1:

Version 7.0.1 — 2022-12-23

• When checking if a file mapping resolved to a file that exists, we weren't considering files in .whl files. This is now fixed, closing issue 1511_.

• File pattern rules were too strict, forbidding plus signs and curly braces in directory and file names. This is now fixed, closing issue 1513_.

• Unusual Unicode or control characters in source files could prevent reporting. This is now fixed, closing issue 1512_.

• The PyPy wheel now installs on PyPy 3.7, 3.8, and 3.9, closing issue 1510_.

.. _issue 1510: nedbat/coveragepy#1510 .. _issue 1511: nedbat/coveragepy#1511

... (truncated)

• 2f731e2 docs: sample HTML
• dbbd5b7 docs: prep for 7.0.2
• d08e6d0 fix: relative_files should keep relative path maps. #1519
• 3f0bce2 mypy: partial debug.py and pytracer.py
• ffc701a mypy: test_xml.py
• 5580cf8 mypy: xmlreport.py
• 0c9b5e0 mypy: check collector.py and plugin_support.py
• 8f4d404 refactor: a better way to filter coverage debug pybehave
• a3f3841 mypy: add cmdline.py and test_cmdline.py
• 09f9188 mypy: add env.py
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from shellingham's releases.

Release 1.5.0.post1

What's Changed

• Add syntax highlighting to readme by @​swaldhoer in sarugaku/shellingham#63
• Limit package installation to Python >= 3.7 by @​hswong3i in sarugaku/shellingham#62

New Contributors

• @​swaldhoer made their first contribution in sarugaku/shellingham#63
• @​hswong3i made their first contribution in sarugaku/shellingham#62

Full Changelog: https://github.com/sarugaku/shellingham/compare/1.5.0...1.5.0.post1

1.5.0

What's Changed

• Bump bleach from 3.2.1 to 3.3.0 by @​dependabot in sarugaku/shellingham#44
• Bump cryptography from 3.3.1 to 3.3.2 by @​dependabot in sarugaku/shellingham#45
• Bump urllib3 from 1.26.3 to 1.26.4 by @​dependabot in sarugaku/shellingham#46
• Modern python by @​JeppeKlitgaard in sarugaku/shellingham#50
• Update README.rst by @​davidlatwe in sarugaku/shellingham#51
• Bump urllib3 from 1.26.4 to 1.26.5 by @​dependabot in sarugaku/shellingham#54
• Add "nu" to _core.py to support detect NuShell by @​gunungpw in sarugaku/shellingham#56
• Fix typos by @​kianmeng in sarugaku/shellingham#58
• Add release job by @​ofek in sarugaku/shellingham#59
• chore: prepare for release 1.5.0 by @​frostming in sarugaku/shellingham#60

New Contributors

• @​JeppeKlitgaard made their first contribution in sarugaku/shellingham#50
• @​davidlatwe made their first contribution in sarugaku/shellingham#51
• @​gunungpw made their first contribution in sarugaku/shellingham#56
• @​kianmeng made their first contribution in sarugaku/shellingham#58
• @​ofek made their first contribution in sarugaku/shellingham#59
• @​frostming made their first contribution in sarugaku/shellingham#60

Full Changelog: https://github.com/sarugaku/shellingham/compare/1.4.0...1.5.0

Sourced from shellingham's changelog.

1.5.0.post1 (2023-01-03)

• Fix package metadata to disallow installation on Python prior to 3.7. This was already done in 1.5.0, but the metadata of the release was incorrectly set to >=3.4.

1.5.0 (2022-08-04)

Features

• Drop support for Python version older than 3.7. [#50](https://github.com/sarugaku/shellingham/issues/50) <https://github.com/sarugaku/shellingham/issues/50>_
• Support detecting NuShell. [#56](https://github.com/sarugaku/shellingham/issues/56) <https://github.com/sarugaku/shellingham/issues/56>_

• 7646358 Prepare for release 1.5.0.post1
• eb61246 Merge pull request #62 from alvistack/python_ge_37
• 57ed4fe Add syntax highlighting to readme (#63)
• ee99294 Add syntax highlighting
• 32bcc83 [1.5.0] Incorrectly List by Pypi as Available for Python < 3.7
• ace4525 chore: prepare for release 1.5.0 (#60)
• b68e3df Add release job (#59)
• 6025d91 Fix typos (#58)
• 23cb5cb Add "nu" to _core.py to support detect NuShell (#56)
• 325c643 Bump urllib3 from 1.26.4 to 1.26.5 (#54)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from release-drafter/release-drafter's releases.

v5.22.0

What's Changed

New

• Only use last full release when drafting (#1240) @​ssbarnea

Full Changelog: https://github.com/release-drafter/release-drafter/compare/v5.21.1...v5.22.0

v5.21.1

What's Changed

Dependency Updates

• Address set-output deprecation (#1247) @​NotMyFault

Full Changelog: https://github.com/release-drafter/release-drafter/compare/v5.21.0...v5.21.1

v5.21.0

What's Changed

New

• fetch 100 labels for pull requests instead of 10 (#1220) @​matoubidou

Full Changelog: https://github.com/release-drafter/release-drafter/compare/v5.20.1...v5.21.0

v5.20.1

What's Changed

Bug Fixes

• Add missing inputs to action config (#1202) @​gilbertsoft

Documentation

• Add more comments about pull requests permission (#1187) @​Kirade
• Fix Vercel link (#1188) @​shinshin86
• Add permissions to README (#1132) @​danyeaw

Dependency Updates

• Bump eslint-plugin-unicorn from 42.0.0 to 43.0.2 (#1192) @​dependabot
• Bump node from af50279 to 4c8f734 (#1191) @​dependabot
• Bump node from 17.9.0-alpine to 18.7.0-alpine (#1190) @​dependabot
• Bump jest from 28.1.0 to 28.1.3 (#1182) @​dependabot
• Bump eslint from 8.16.0 to 8.20.0 (#1185) @​dependabot

... (truncated)

• cfc5540 v5.22.0
• 7ef15e2 Only use last full release when drafting (#1240)
• 6df64e4 v5.21.1
• 26be07d Address set-output deprecation (#1247)
• df69d58 v5.21.0
• ecbbed9 fetch 100 labels for pull requests instead of 10 (#1220)
• 06a49bf v5.20.1
• 6e6a13c Add missing inputs to action config (#1202)
• 0e58cd4 Bump eslint-plugin-unicorn from 42.0.0 to 43.0.2 (#1192)
• c3d9042 quote schema defaults that contain *
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from importlib-metadata's changelog.

v6.0.0

• #419: Declared Distribution as an abstract class, enforcing definition of abstract methods in instantiated subclasses. It's no longer possible to instantiate a Distribution or any subclasses unless they define the abstract methods.

  Please comment in the issue if this change breaks any projects. This change will likely be rolled back if it causes significant disruption.

v5.2.0

• #371: Deprecated expectation that PackageMetadata.__getitem__ will return None for missing keys. In the future, it will raise a KeyError.

v5.1.0

• #415: Instrument SimplePath with generic support.

v5.0.0

• #97, #284, #300: Removed compatibility shims for deprecated entry point interfaces.

v4.13.0

• #396: Added compatibility for PathDistributions originating from Python 3.8 and 3.9.

v4.12.0

• py-93259: Now raise ValueError when None or an empty string are passed to Distribution.from_name (and other callers).

v4.11.4

• #379: In PathDistribution._name_from_stem, avoid including parts of the extension in the result.
• #381: In PathDistribution._normalized_name, ensure names loaded from the stem of the filename are also normalized, ensuring

... (truncated)

• d66e35a Merge pull request #420 from python/bugfix/419
• 2d52ecd Update changelog. Ref #419.
• 8a9d169 Add ABCMeta to Distribution. Fixes #419.
• 1bf8a7a Add xfail test capturing desired expectation.
• 4a4f062 Correct typo
• cd68fe5 Remove test for 'new style classes', no longer relevant in a world where all ...
• 35da17c Merge https://github.com/jaraco/tidelift
• a6c6660 Put tidelift docs dependency in its own section to limit merge conflicts.
• 4fe7502 Merge pull request #417 from python/debt/deprecate-getitem-none
• 880a621 Mark PackageMetadata.__getitem__ as deprecated for missing values. Ref #371.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pygments's releases.

2.14.0

• Added lexers:

  • Arturo (#2259)
  • GAP session (#2211)
  • Fift (#2249)
  • func (#2232)
  • Jsonnet (#2239)
  • Minecraft schema (#2276)
  • MIPS (#2228)
  • Phix (#2222)
  • Portugol (#2300)
  • TL-b (#2247)
  • World of Warcraft TOC format (#2244, #2245)
  • Wren (#2271)

• Updated lexers:

  • Abap: Update keywords (#2281)

  • Alloy: Update for Alloy 6 (#1963)

  • C family (C, C++ and many others):

    • Fix an issue where a chunk would be wrongly recognized as a function definition due to braces in comments (#2210)
    • Improve parantheses handling for function definitions (#2207, #2208)

  • C#: Fix number and operator recognition (#2256, #2257)

  • CSound: Updated builtins (#2268)

  • F#: Add .fsx file extension (#2282)

  • gas (GNU assembler): recognize braces as punctuation (#2230)

  • HTTP: Add CONNECT keyword (#2242)

  • Inform 6: Fix lexing of properties and doubles (#2214)

  • INI: Allow comments that are not their own line (#2217, #2161)

  • Java properties: Fix issue with whitespace-delimited keys, support comments starting with ! and escapes, no longer support undocumented ; and // comments (#2241)

  • LilyPond: Improve heuristics, add \maxima duration (#2283)

  • LLVM: Add opaque pointer type (#2269)

  • Macaulay2: Update keywords (#2305)

  • Minecraft-related lexers (SNB and Minecraft function) moved to pygments.lexers.minecraft (#2276)

  • Nim: General improvements (#1970)

  • Nix: Fix single quotes inside indented strings (#2289)

  • Objective J: Fix catastrophic backtracking (#2225)

  • NASM: Add support for SSE/AVX/AVX-512 registers as well as 'rel' and 'abs' address operators (#2212)

  • Powershell:

    • Add local: keyword (#2254)
    • Allow continuations without markers (#2262, #2263)

  • Solidity: Add boolean operators (#2292)

  • Spice: Add enum keyword and fix a bug regarding binary, hexadecimal and octal number tokens (#2227)

  • YAML: Accept colons in key names (#2277)

... (truncated)

Sourced from pygments's changelog.

Version 2.14.0

(released January 1st, 2023)

• Added lexers:

  • Arturo (#2259)
  • GAP session (#2211)
  • Fift (#2249)
  • func (#2232)
  • Jsonnet (#2239)
  • Minecraft schema (#2276)
  • MIPS (#2228)
  • Phix (#2222)
  • Portugol (#2300)
  • TL-b (#2247)
  • World of Warcraft TOC format (#2244, #2245)
  • Wren (#2271)

• Updated lexers:

  • Abap: Update keywords (#2281)

  • Alloy: Update for Alloy 6 (#1963)

  • C family (C, C++ and many others):

    • Fix an issue where a chunk would be wrongly recognized as a function definition due to braces in comments (#2210)
    • Improve parantheses handling for function definitions (#2207, #2208)

  • C#: Fix number and operator recognition (#2256, #2257)

  • CSound: Updated builtins (#2268)

  • F#: Add .fsx file extension (#2282)

  • gas (GNU assembler): recognize braces as punctuation (#2230)

  • HTTP: Add CONNECT keyword (#2242)

  • Inform 6: Fix lexing of properties and doubles (#2214)

  • INI: Allow comments that are not their own line (#2217, #2161)

  • Java properties: Fix issue with whitespace-delimited keys, support comments starting with ! and escapes, no longer support undocumented ; and // comments (#2241)

  • LilyPond: Improve heuristics, add \maxima duration (#2283)

  • LLVM: Add opaque pointer type (#2269)

  • Macaulay2: Update keywords (#2305)

  • Minecraft-related lexers (SNB and Minecraft function) moved to pygments.lexers.minecraft (#2276)

  • Nim: General improvements (#1970)

  • Nix: Fix single quotes inside indented strings (#2289)

  • Objective J: Fix catastrophic backtracking (#2225)

  • NASM: Add support for SSE/AVX/AVX-512 registers as well as 'rel' and 'abs' address operators (#2212)

  • Powershell:

... (truncated)

• 77a939e Prepare for 2.14.0 release.
• b52ecf0 Update CHANGES.
• dd52102 Improve the Smithy metadata matcher.
• 92b77b2 Merge pull request #2311 from not-my-profile/styles-pep257
• 61fd608 styles gallery: Make docstring in example follow PEP 257
• b710ccf Update CHANGES.
• 55a3b46 Merge pull request #2308 from sol/sol-patch-1
• dbc177c Add filenames pattern for HspecLexer
• f0afb01 Update CHANGES
• d5203d9 Update Macaulay2 symbols for version 1.21 (#2305)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from rich's releases.

Dropped Python3.6 support

Some relatively minor fixes and improvements. The most significant update (and the reason for the major version bump) is that Rich has dropped Python3.6 support.

If you are a Python3.6 user and can't upgrade for whatever reason, pin to version 12.6.0.

[13.0.0] - 2022-12-30

Fixed

• Reversed pre and code tags in base HTML format Textualize/rich#2642
• Improved detection of attrs library, that isn't confused by the presence of the attr library.
• Fixed issue with locals_max_length parameter not being respected in Traceback Textualize/rich#2649
• Handling of broken fileno made more robust. Fixes Textualize/rich#2645
• Fixed missing fileno on FileProxy

Changed

• Bumped minimum Python version to 3.7 Textualize/rich#2567
• Pretty-printing of "tagged" __repr__ results is now greedy when matching tags Textualize/rich#2565
• progress.track now supports deriving total from __length_hint__

Added

• Add type annotation for key_separator of pretty.Node Textualize/rich#2625

The FORCE_COLOR edition

NOTE: 12.6.0 may be the last version to support Python3.6. The next version will be 13.0.0, and will be Python3.7+

[12.6.0] - 2022-10-02

Added

• Parse ANSI escape sequences in pretty repr Textualize/rich#2470
• Add support for FORCE_COLOR env var Textualize/rich#2449
• Allow a max_depth argument to be passed to the install() hook Textualize/rich#2486
• Document using None as name in __rich_repr__ for tuple positional args Textualize/rich#2379
• Add font_aspect_ratio parameter in SVG export Textualize/rich#2539
• Added Table.add_section method. Textualize/rich#2544

Fixed

• Handle stdout/stderr being null Textualize/rich#2513
• Fix NO_COLOR support on legacy Windows Textualize/rich#2458
• Fix pretty printer handling of cyclic references Textualize/rich#2524
• Fix missing mode property on file wrapper breaking uploads via requests Textualize/rich#2495
• Fix mismatching default value of parameter ensure_ascii Textualize/rich#2538
• Remove unused height parameter in Layout class Textualize/rich#2540
• Fixed exception in Syntax.rich_measure for empty files

... (truncated)

Sourced from rich's changelog.

[13.0.0] - 2022-12-30

Fixed

• Reversed pre and code tags in base HTML format Textualize/rich#2642
• Improved detection of attrs library, that isn't confused by the presence of the attr library.
• Fixed issue with locals_max_length parameter not being respected in Traceback Textualize/rich#2649
• Handling of broken fileno made more robust. Fixes Textualize/rich#2645
• Fixed missing fileno on FileProxy

Changed

• Bumped minimum Python version to 3.7 Textualize/rich#2567
• Pretty-printing of "tagged" __repr__ results is now greedy when matching tags Textualize/rich#2565
• progress.track now supports deriving total from __length_hint__

Added

• Add type annotation for key_separator of pretty.Node Textualize/rich#2625

[12.6.0] - 2022-10-02

Added

• Parse ANSI escape sequences in pretty repr Textualize/rich#2470
• Add support for FORCE_COLOR env var Textualize/rich#2449
• Allow a max_depth argument to be passed to the install() hook Textualize/rich#2486
• Document using None as name in __rich_repr__ for tuple positional args Textualize/rich#2379
• Add font_aspect_ratio parameter in SVG export Textualize/rich#2539
• Added Table.add_section method. Textualize/rich#2544

Fixed

• Handle stdout/stderr being null Textualize/rich#2513
• Fix NO_COLOR support on legacy Windows Textualize/rich#2458
• Fix pretty printer handling of cyclic references Textualize/rich#2524
• Fix missing mode property on file wrapper breaking uploads via requests Textualize/rich#2495
• Fix mismatching default value of parameter ensure_ascii Textualize/rich#2538
• Remove unused height parameter in Layout class Textualize/rich#2540
• Fixed exception in Syntax.rich_measure for empty files

Changed

• Removed border from code blocks in Markdown

[12.5.2] - 2022-07-18

Added

... (truncated)

• d14b304 Merge pull request #2727 from Textualize/v13.0.0
• 7cf0797 changelog
• 245c737 release in changelog
• b2fa5f1 changelog
• 7601290 Merge pull request #2715 from Textualize/win-batch
• e833da9 don't reraise
• b66f1f0 comment
• c8c116c fix typing
• 1f3f18c try new poetry
• 497177f better batching
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)