Sourced from poetry's releases.

1.1.9

Fixed

• Fixed a security issue where file hashes were not checked prior to installation. (#4420, #4444, python-poetry/poetry-core#193)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4507)
• Fixed an issue where unsafe parameters could be passed to git commands. (python-poetry/poetry-core#203)
• Fixed an issue where the wrong git executable could be used on Windows. (python-poetry/poetry-core#205)

1.1.8

Fixed

• Fixed an error with repository prioritization when specifying secondary repositories. (#4241)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4330, #4407)
• Fixed the evaluation of relative path dependencies. (#4246)
• Fixed environment detection for Python 3.10 environments. (#4387)
• Fixed an error in the evaluation of in/not in markers (python-poetry/poetry-core#189)

1.1.7

Note: Lock files might need to be regenerated for the first fix below to take effect. You can use poetry lock to do so without the --no-update option.

Changed

• This release is compatible with the install-poetry.py installation script to ease the migration path from 1.1 releases to 1.2 releases. (#4192)

Fixed

• Fixed an issue where transitive dependencies of directory or VCS dependencies were not installed or otherwise removed. (#4203)
• Fixed an issue where the combination of the --tree and --no-dev options for the show command was still displaying development dependencies. (#3992)

1.1.6

Fixed

• Fixed export format for path dependencies. (#3121)
• Fixed errors caused by environment modification when executing some commands. (#3253)
• Fixed handling of wheel files with single-digit versions. (#3338)
• Fixed an error when handling single-digit Python markers. (poetry-core#156)
• Fixed dependency markers not being properly copied when changing the constraint leading to resolution errors. (poetry-core#163)
• Fixed an error where VCS dependencies were always updated. (#3947)
• Fixed an error where the incorrect version of a package was locked when using environment markers. (#3945)

1.1.5

Fixed

• Fixed an error in the export command when no lock file existed and a verbose flag was passed to the command. (#3310)
• Fixed an error where the pyproject.toml was not reverted when using the add command. (#3622)
• Fixed errors when using non-HTTPS indices. (#3622)
• Fixed errors when handling simple indices redirection. (#3622)
• Fixed errors when trying to handle newer wheels by using the latest version of poetry-core and packaging. (#3677)
• Fixed an error when using some versions of poetry-core due to an incorrect import . (#3696)

... (truncated)

Sourced from poetry's changelog.

[1.1.9] - 2021-09-18

Fixed

• Fixed a security issue where file hashes were not checked prior to installation. (#4420, #4444, python-poetry/poetry-core#193)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4507)
• Fixed an issue where unsafe parameters could be passed to git commands. (python-poetry/poetry-core#203)
• Fixed an issue where the wrong git executable could be used on Windows. (python-poetry/poetry-core#205)

[1.1.8] - 2021-08-19

Fixed

• Fixed an error with repository prioritization when specifying secondary repositories. (#4241)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4330, #4407)
• Fixed the evaluation of relative path dependencies. (#4246)
• Fixed environment detection for Python 3.10 environments. (#4387)
• Fixed an error in the evaluation of in/not in markers (python-poetry/poetry-core#189)

[1.2.0a2] - 2021-08-01

Added

• Poetry now supports dependency groups. (#4260)
• The install command now supports a --sync option to synchronize the environment with the lock file. (#4336)

Changed

• Improved the way credentials are retrieved to better support keyring backends. (#4086)
• The --remove-untracked option of the install command is now deprecated in favor of the new --sync option. (#4336)
• The user experience when installing dependency groups has been improved. (#4336)

Fixed

• Fixed performance issues when resolving dependencies. (#3839)
• Fixed an issue where transitive dependencies of directory or VCS dependencies were not installed or otherwise removed. (#4202)
• Fixed the behavior of the init command in non-interactive mode. (#2899)
• Fixed the detection of the system environment when the setting virtualenvs.create is deactivated. (#4329)
• Fixed the display of possible solutions for some common errors. (#4332)

[1.1.7] - 2021-06-25

Note: Lock files might need to be regenerated for the first fix below to take effect.
You can use poetry lock to do so without the --no-update option.

Changed

• This release is compatible with the install-poetry.py installation script to ease the migration path from 1.1 releases to 1.2 releases. (#4192)

Fixed

... (truncated)

• 69bd682 Bump version to 1.1.9
• 9d8aed4 Update lock file
• a9e59ed Merge pull request #4507 from python-poetry/1.1-fix-system-env-detection
• 459c8c9 Fix system env detection
• 634bb23 Merge pull request #4420 from pietrodn/fix/hash-check-backport-1.1
• d033cba style: linting
• 8268795 Merge pull request #4444 from python-poetry/1.1-fix-archive-hash-generation
• 8238cab Fix archive hash generation
• 8956a0c fix: python 2.7 syntax
• 435ff81 Throw a RuntimeError on hash mismatch in Chooser._get_links (#3885)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from sphinx's changelog.

Release 3.1.1 (released Jun 14, 2020)

Incompatible changes

• #7808: napoleon: a type for attribute are represented as typed field

Features added

• #7807: autodoc: Show detailed warning when type_comment is mismatched with its signature

Bugs fixed

• #7808: autodoc: Warnings raised on variable and attribute type annotations
• #7802: autodoc: EOFError is raised on parallel build
• #7821: autodoc: TypeError is raised for overloaded C-ext function
• #7805: autodoc: an object which descriptors returns is unexpectedly documented
• #7807: autodoc: wrong signature is shown for the function using contextmanager
• #7812: autosummary: generates broken stub files if the target code contains an attribute and module that are same name
• #7808: napoleon: Warnings raised on variable and attribute type annotations
• #7811: sphinx.util.inspect causes circular import problem

Release 3.1.0 (released Jun 08, 2020)

Dependencies

• #7746: mathjax: Update to 2.7.5

Incompatible changes

• #7477: imgconverter: Invoke "magick convert" command by default on Windows

Deprecated

• The first argument for sphinx.ext.autosummary.generate.AutosummaryRenderer has been changed to Sphinx object
• sphinx.ext.autosummary.generate.AutosummaryRenderer takes an object type as an argument
• The ignore argument of sphinx.ext.autodoc.Documenter.get_doc()
• The template_dir argument of sphinx.ext.autosummary.generate. AutosummaryRenderer

... (truncated)

• e7c2949 Bump to 3.1.1 final
• d2cec67 Merge pull request #7831 from tk0miya/7807_contextmanager
• 941e340 Merge branch '3.1.x' into 7807_contextmanager
• b567721 Merge pull request #7829 from tk0miya/7805_retval_of_descriptors
• 6c3db6d Fix #7805: autodoc: an object which descriptors returns is documented
• 02acad6 Merge pull request #7827 from tk0miya/7808_napoleon_nitpicky_warning
• 6eb43ba Merge pull request #7823 from tk0miya/7821_overload_builtin_function
• d77622b Fix #7807: autodoc: wrong signature is shown for the function using contextma...
• b3affa6 Fix autodoc: Show detailed warning when type_comment is mismatched (refs: #7807)
• e983189 Update CHANGES
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from pytest-cov's changelog.

2.10.0 (2020-06-12)

• Improved the --no-cov warning. Now it's only shown if --no-cov is present before --cov.
• Removed legacy pytest support. Changed setup.py so that pytest>=4.6 is required.

2.9.0 (2020-05-22)

• Fixed RemovedInPytest4Warning when using Pytest 3.10. Contributed by Michael Manganiello in #354.
• Made pytest startup faster when plugin not active by lazy-importing. Contributed by Anders Hovmöller in #339.
• Various CI improvements. Contributed by Daniel Hahler in #363 and #364.
• Various Python support updates (drop EOL 3.4, test against 3.8 final). Contributed by Hugo van Kemenade in #336 and #367.
• Changed --cov-append to always enable data_suffix (a coverage setting). Contributed by Harm Geerts in #387.
• Changed --cov-append to handle loading previous data better (fixes various path aliasing issues).
• Various other testing improvements, github issue templates, example updates.
• Fixed internal failures that are caused by tests that change the current working directory by ensuring a consistent working directory when coverage is called. See #306 and coveragepy#881

• 694f7fd Bump version: 2.9.0 → 2.10.0
• 4cbd3bb Update changelog.
• 45731f3 Rework assertion to work on old pytest.
• 1689c9a Implement better --no-cov warning: only do it if --no-cov is present before -...
• c5623ec Bump version: 2.8.1 → 2.9.0
• cd6ca2e Update changelog.
• daacd76 Skip horrendous breakage on pypy and windows.
• b1ac198 More blissful ignorance (windows doesn't allow deleting while in cwd use).
• 2612d2c Make test portable.
• fa4bb12 Remove unused var.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• 181bb46 Release 3.8.3
• 3d68da9 Merge branch 'doctests-flag-desc' into 'master'
• e817c63 Help clarify the option behaviour
• b6d3fca Merge branch 'issues/665' into 'master'
• 9b8f908 fix JobsArgument --help output
• 94304de Merge branch 'issue-662' into 'master'
• a68d4d0 processor: Catch SyntaxError also when generating tokens for a file
• 4071645 Release 3.8.2
• b9fe4d6 Merge branch 'extend_exclude_is_files' into 'master'
• 31c2f9f treat --extend-exclude as a file list
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from pytest-mock's releases.

3.1.0 (2020-04-18)

• New mocker fixtures added that allow using mocking functionality in other scopes:

  • class_mocker
  • module_mocker
  • package_mocker
  • session_mocker

  Added by @scorphus in #182.

3.0.0 (2020-03-31)

• Python 2.7 and 3.4 are no longer supported. Users using pip 9 or later will install a compatible version automatically.
• mocker.spy now also works with async def functions (#179). Thanks @frankie567 for the PR!

2.0.0 (2020-01-04)

Breaking Changes

• mocker.spy attributes for tracking returned values and raised exceptions of its spied functions are now called spy_return and spy_exception, instead of reusing the existing MagicMock attributes return_value and side_effect.

  Version 1.13 introduced a serious regression: after a spied function using mocker.spy raises an exception, further calls to the spy will not call the spied function, always raising the first exception instead: assigning to side_effect causes unittest.mock to behave this way (#175).

• The deprecated mock alias to the mocker fixture has finally been removed.

Sourced from pytest-mock's changelog.

3.1.1 (2020-05-31)

• Fixed performance regression caused by the ValueError raised when mocker is used as context manager (#191).

3.1.0 (2020-04-18)

• New mocker fixtures added that allow using mocking functionality in other scopes:

  • class_mocker
  • module_mocker
  • package_mocker
  • session_mocker

  Added by @scorphus in #182.

3.0.0 (2020-03-31)

• Python 2.7 and 3.4 are no longer supported. Users using pip 9 or later will install a compatible version automatically.
• mocker.spy now also works with async def functions (#179). Thanks @frankie567 for the PR!

2.0.0 (2020-01-04)

Breaking Changes

• mocker.spy attributes for tracking returned values and raised exceptions of its spied functions are now called spy_return and spy_exception, instead of reusing the existing MagicMock attributes return_value and side_effect.

  Version 1.13 introduced a serious regression: after a spied function using mocker.spy raises an exception, further calls to the spy will not call the spied function, always raising the first exception instead: assigning to side_effect causes unittest.mock to behave this way (#175).

• The deprecated mock alias to the mocker fixture has finally been removed.

• 55c11a9 Fix performance when raising ValueError when used as context-manager
• e6a1d0a Update pre-commit config
• 7cc9e5d Merge pull request #187 from daa/do-not-mark-wheel-as-universal
• 5d532ff Do not mark wheel as universal (fixes #186)
• 81a35cf Merge pull request #184 from nicoddemus/release-3.1.0
• f1759fd Add CHANGELOG and README about other-scoped mocker fixtures
• e43552a Merge pull request #182 from scorphus/scoped-mockers
• 762f907 Add mocker for class, module, package and session scopes
• d0cceef Merge pull request #181 from nicoddemus/release-3.0.0
• 7849964 Update CHANGELOG for 3.0.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• 9e9e840 2022.12.07
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.