Bump the python-root group with 7 updates

[dependabot]

Bumps the python-root group with 7 updates:

Package	From	To
flake8	3.8.4	6.1.0
isort	5.7.0	5.12.0
build	0.3.0	1.0.3
twine	3.3.0	4.0.2
wheel	0.38.1	0.41.3
setuptools	65.5.1	69.0.2
protobuf	3.20.2	4.25.1

Updates flake8 from 3.8.4 to 6.1.0

Commits

• 7ef0350 Release 6.1.0
• 354f873 Merge pull request #1852 from PyCQA/setup-cfg-fmt
• 24be8ad Merge pull request #1851 from PyCQA/pylint-warnings
• 5233d88 use setup-cfg-fmt
• d4d1552 Merge pull request #1849 from PyCQA/handle-multiline-fstrings-in-312
• cc301ed fix pylintrc warnings
• 1ed78d5 handle multiline fstrings in 3.12
• f264195 Merge pull request #1850 from PyCQA/312-test
• acca35b add 3.12 to ci matrix
• 579f9f6 Merge pull request #1848 from PyCQA/upgrade-pycodestyle
• Additional commits viewable in compare view

Updates isort from 5.7.0 to 5.12.0

Release notes

Sourced from isort's releases.

5.12.0

Changes

• Fix poetry pip-shims extras dependency (#2078) @​jooola
• Add the ability to restrict which directories isort works against (#1967) @​vkomarov-r7
• docs: fix simple typo, detrmination -> determination (#1948) @​timgates42
• updated format strings to fstrings (#2076) @​marksmayo
• Simplify typeshed integration test (#2075) @​AlexWaygood
• Fix re-export sorter (#2065) @​parafoxia
• Add more docs about filter-files option (#2074) @​micahjsmith
• Removal Python 3.7 (#2064) @​staticdev
• Added test case and fix for cython pure python import (#2063) @​jtoledo1974

5.11.5 January 30 2023 [hotfix]

• Fixed incompatiblity with latest poetry version

5.11.4

Changes

• Remove obsolete toml import from the test suite (#1978) @​mgorny
• Stop installing documentation files to top-level site-packages (#2057) @​mgorny
• Only run release workflows for upstream (#2052) @​hugovk

📦 Dependencies

• Bump Poetry 1.3.1 (#2058) @​staticdev

5.11.3

Changes

• Renable portray (#2043) @​timothycrosley
• chore(ci): add minimum GitHub token permissions for workflows (#1969) @​varunsh-coder

🪲 Fixes

• Fix packaging pypoetry (#2042) @​staticdev
• Fix settings for py3.11 (#2040) @​staticdev

👷 Continuous Integration

• General CI improvements (#2041) @​staticdev
• Add release workflow (#2026) @​staticdev

v5.11.3

Changes

• Renable portray (#2043) @​timothycrosley
• chore(ci): add minimum GitHub token permissions for workflows (#1969) @​varunsh-coder

🪲 Fixes

... (truncated)

Changelog

Sourced from isort's changelog.

5.12.0 January 28 2023

• Removed support for Python 3.7
• Fixed incompatiblity with latest poetry version
• Added support for directory limitations within built in git hook

5.11.5 January 30 2023 [hotfix]

• Fixed incompatiblity with latest poetry version

5.11.4 December 21 2022

• Fixed #2038 (again): stop installing documentation files to top-level site-packages (#2057) @​mgorny
• CI: only run release workflows for upstream (#2052) @​hugovk
• Tests: remove obsolete toml import from the test suite (#1978) @​mgorny
• CI: bump Poetry 1.3.1 (#2058) @​staticdev

5.11.3 December 16 2022

• Fixed #2007: settings for py3.11 (#2040) @​staticdev
• Fixed #2038: packaging pypoetry (#2042) @​staticdev
• Docs: renable portray (#2043) @​timothycrosley
• Ci: add minimum GitHub token permissions for workflows (#1969) @​varunsh-coder
• Ci: general CI improvements (#2041) @​staticdev
• Ci: add release workflow (#2026) @​staticdev

5.11.2 December 12 2022

• Hotfix #2034: isort --version is not accurate on 5.11.x releases (#2034) @​gschaffner

5.11.1 December 12 2022

• Hotfix #2031: only call colorama.init if colorama is available (#2032) @​tomaarsen

5.11.0 December 12 2022

• Added official support for Python 3.11 (#1996, #2008, #2011) @​staticdev
• Dropped support for Python 3.6 (#2019) @​barrelful
• Fixed problematic tests (#2021, #2022) @​staticdev
• Fixed #1960: Rich compatibility (#1961) @​ofek
• Fixed #1945, #1986: Python 4.0 upper bound dependency resolving issues @​staticdev
• Fixed Pyodide CDN URL (#1991) @​andersk
• Docs: clarify description of use_parentheses (#1941) @​mgedmin
• Fixed #1976: black compatibility for .pyi files @​XuehaiPan
• Implemented #1683: magic trailing comma option (#1876) @​legau
• Add missing space in unrecoverable exception message (#1933) @​andersk
• Fixed #1895: skip-gitignore: use allow list, not deny list @​bmalehorn
• Fixed #1917: infinite loop for unmatched parenthesis (#1919) @​anirudnits
• Docs: shared profiles (#1896) @​matthewhughes934
• Fixed build-backend values in the example plugins (#1892) @​mgorny
• Remove reference to jamescurtin/isort-action (#1885) @​AndrewLane

... (truncated)

Commits

• e44834b Fix changelog / version to a minor bump due to the size of the change
• 82569d9 Bump version to 5.11.5
• e00db96 Formatting fix
• e833931 Merge pull request #2078 from jooola/fix_poetry_validation
• 0d219a6 fix: poetry pip-shims extras dependency
• ae0cc1c Merge pull request #1967 from vkomarov-r7/feature/directory-hooks
• 06d8ef5 Merge pull request #1948 from timgates42/bugfix_typo_determination
• 0c8a8b8 Merge pull request #2076 from marksmayo/main
• 5b63fba Clean up
• a0cb1b8 Fix tmuxp test
• Additional commits viewable in compare view

Updates build from 0.3.0 to 1.0.3

Release notes

Sourced from build's releases.

Version 1.0.3

What's Changed

• fix: avoid bug in various patch releases of Python by @​henryiii in pypa/build#675
• changelog: fix issue reference by @​michael-k in pypa/build#671
• tox: format file by @​henryiii in pypa/build#678
• chore: bump to 1.0.3 by @​henryiii in pypa/build#681
• chore: release 1.0.1 by @​henryiii in pypa/build#677

New Contributors

• @​michael-k made their first contribution in pypa/build#671

Full Changelog: pypa/build@1.0.0...1.0.3

Version 1.0.0

What's Changed

• infra: replace flake8 with ruff by @​layday in pypa/build#565
• Refactor IsolatedEnv, take two by @​layday in pypa/build#537
• util: allow passing alternative runner to project_wheel_metadata by @​q0w in pypa/build#566
• ci: do not trigger workflow for RST file changes by @​layday in pypa/build#568
• build: drop toml fallback by @​layday in pypa/build#567
• infra: fix ruff configuration and add a few checks by @​henryiii in pypa/build#573
• Minor doc fixes by @​layday in pypa/build#574
• docs: reorder installation instructions by @​hauntsaninja in pypa/build#575
• Specify encoding by @​jaraco in pypa/build#578
• infra: use latest Ruff instead of isort by @​henryiii in pypa/build#581
• tests: report installed versions of common packages by @​henryiii in pypa/build#588
• tests: strip formatting from stderr (pip 23) by @​henryiii in pypa/build#589
• docs: remove direct references to PEP 517 in docs landing page by @​pradyunsg in pypa/build#562
• docs: use sphinx-issues by @​FFY00 in pypa/build#590
• config: support running Ruff 0.258+ directly on source by @​henryiii in pypa/build#591
• tests: useless .stdout detected by Ruff PR by @​henryiii in pypa/build#594
• Fix link to installation page in docs by @​atugushev in pypa/build#597
• fix: mypy update by @​henryiii in pypa/build#606
• chore: minor cleanup by @​henryiii in pypa/build#605
• chore: isort Ruff code was missing by @​henryiii in pypa/build#604
• 🎨🧪 Modularize GHA workflow through reuse by @​webknjaz in pypa/build#618
• Improve CLI help text by @​layday in pypa/build#616
• ci: add 3.12 beta testing by @​henryiii in pypa/build#624
• chore: remove unneeded target-version by @​henryiii in pypa/build#634
• pre-commit: ruff moved to astral-sh by @​henryiii in pypa/build#635
• main: filter out malicious files when extracting tar archives by @​layday in pypa/build#609
• main: avoid cost of importing virtualenv if not using it by @​henryiii in pypa/build#636
• Bump importlib metadata dependency by @​jaraco in pypa/build#631
• main: ensure config_settings are passed to get_requires_for_build by @​jameshilliard in pypa/build#627
• tests: add network marker by @​henryiii in pypa/build#649
• chore: use 2x faster black mirror by @​henryiii in pypa/build#652
• docs: bump furo/sphinx by @​henryiii in pypa/build#660

... (truncated)

Changelog

Sourced from build's changelog.

1.0.3 (2023-09-06)

• Avoid CPython 3.8.17, 3.9.17, 3.10.12, and 3.11.4 tarfile symlink bug triggered by adding data_filter in 1.0.0. (PR :pr:675, fixes issue :issue:674)

1.0.0 (2023-09-01)

• Removed the toml library fallback; toml can no longer be used as a substitute for tomli (PR :pr:567)
• Added runner parameter to util.project_wheel_metadata (PR :pr:566, fixes issue :issue:553)
• Modified ProjectBuilder constructor signature, added alternative ProjectBuilder.from_env constructor, redefined env.IsolatedEnv interface, and exposed env.DefaultIsolatedEnv, replacing env.IsolatedEnvBuilder. The aim has been to shift responsibility for modifying the environment from the project builder to the IsolatedEnv entirely and to ensure that the builder will be initialised from an IsolatedEnv in a consistent manner. Mutating the project builder is no longer supported. (PR :pr:537)
• virtualenv is no longer imported when using -n, for faster builds (PR :pr:636, fixes issue :issue:510)
• The SDist now contains the repository contents, including tests. Flit-core 3.8+ required. (PR :pr:657, :pr:661, fixes issue :issue:656)
• The minimum version of importlib-metadata has been increased to 4.6 and Python 3.10 due to a bug in the standard library version with URL requirements in extras. This is still not required for 3.8 when bootstrapping (as long as you don't have URL requirements in extras). (PR :pr:631, fixes issue :issue:630)
• Docs now built with Sphinx 7 (PR :pr:660)
• Tests now contain a network marker (PR :pr:649, fixes issue :issue:648)
• Config-settings are now passed to get_requires* hooks, fixing a long standing bug. If this affects your setuptools build, you can use -C--build-option=<cmd> -C--build-option=<option> to workaround an issue with Setuptools not allowing unrecognised build options when running this hook. (PR :pr:627, fixes issue :issue:[#264](https://github.com/pypa/build/issues/264))
• Test on Python 3.12 betas/RCs (PR :pr:624)
• Filter out malicious files when extracting tar archives when Python supports it (PR :pr:609)
• Specify encoding, fixing issues when PYTHONWARNDEFAULTENCODING is set.

... (truncated)

Commits

• 38d1a68 chore: bump to 1.0.3
• 17cefaf tox: format file
• c48f4ca chore: release 1.0.1
• 4b61b8e Apply suggestions from code review
• d6138f5 fix: avoid bug in various patch releases of Python
• eada811 build(deps): bump actions/checkout from 3 to 4 (#673)
• 955e697 pre-commit: bump repositories (#672)
• f51c089 changelog: fix issue reference
• 1fff01e style: ignore W005, since we are build
• 06e0481 ci: build and test SDist/wheels
• Additional commits viewable in compare view

Updates twine from 3.3.0 to 4.0.2

Release notes

Sourced from twine's releases.

4.0.2

https://pypi.org/project/twine/4.0.2/

Changelog

4.0.1

https://pypi.org/project/twine/4.0.1/

Changelog

4.0.0

https://pypi.org/project/twine/4.0.0/

Changelog

3.8.0

https://pypi.org/project/twine/3.8.0/

Changelog

3.7.1

https://pypi.org/project/twine/3.7.1/

Changelog

3.7.0

https://pypi.org/project/twine/3.7.0/

Changelog

3.6.0

https://pypi.org/project/twine/3.6.0/

Changelog

3.5.0

https://pypi.org/project/twine/3.5.0/

Changelog

3.4.2

https://pypi.org/project/twine/3.4.2/

Changelog

Changelog

Sourced from twine's changelog.

Twine 4.0.2 (2022-11-30)

Bugfixes ^^^^^^^^

• Remove deprecated function to fix twine check with pkginfo 1.9.0. ([#941](https://github.com/pypa/twine/issues/941) <https://github.com/pypa/twine/issues/941>_)

Twine 4.0.1 (2022-06-01)

Bugfixes ^^^^^^^^

• Improve logging when keyring fails. ([#890](https://github.com/pypa/twine/issues/890) <https://github.com/pypa/twine/issues/890>_)
• Reconfgure root logger to show all log messages. ([#896](https://github.com/pypa/twine/issues/896) <https://github.com/pypa/twine/issues/896>_)

Twine 4.0.0 (2022-03-31)

Features ^^^^^^^^

• Drop support for Python 3.6. ([#869](https://github.com/pypa/twine/issues/869) <https://github.com/pypa/twine/issues/869>_)
• Use Rich to add color to upload output. ([#851](https://github.com/pypa/twine/issues/851) <https://github.com/pypa/twine/issues/851>_)
• Use Rich to add color to check output. ([#874](https://github.com/pypa/twine/issues/874) <https://github.com/pypa/twine/issues/874>_)
• Use Rich instead of tqdm for upload progress bar. ([#877](https://github.com/pypa/twine/issues/877) <https://github.com/pypa/twine/issues/877>_)

Bugfixes ^^^^^^^^

• Remove Twine's dependencies from the User-Agent header when uploading. ([#871](https://github.com/pypa/twine/issues/871) <https://github.com/pypa/twine/issues/871>_)
• Improve detection of disabled BLAKE2 hashing due to FIPS mode. ([#879](https://github.com/pypa/twine/issues/879) <https://github.com/pypa/twine/issues/879>_)
• Restore warning for missing long_description. ([#887](https://github.com/pypa/twine/issues/887) <https://github.com/pypa/twine/issues/887>_)

Twine 3.8.0 (2022-02-02)

Features ^^^^^^^^

• Add --verbose logging for querying keyring credentials. ([#849](https://github.com/pypa/twine/issues/849) <https://github.com/pypa/twine/issues/849>_)
• Log all upload responses with --verbose. ([#859](https://github.com/pypa/twine/issues/859) <https://github.com/pypa/twine/issues/859>_)
• Show more helpful error message for invalid metadata. ([#861](https://github.com/pypa/twine/issues/861) <https://github.com/pypa/twine/issues/861>_)

... (truncated)

Commits

• 75c3d86 Release 4.0.2 (#946)
• 5b5d081 Fix twine( check) with the newly released pkginfo 1.9. (#941)
• 717ae3d Fix failing CI (#943)
• bb51e46 Remove unused mypy ignores (#927)
• 8f5e5d6 Update changelog for 4.0.1 (#904)
• 62f3c67 Log keyring tracebacks (#890)
• d30df70 Update links to requests docs (#899)
• 5525a2a Restore missing __main__ logs (#896)
• b0b932f Fix typos in tests (#898)
• 4223ee1 Require latest version of readme_renderer (#892)
• Additional commits viewable in compare view

Updates wheel from 0.38.1 to 0.41.3

Release notes

Sourced from wheel's releases.

0.41.3

• Updated vendored packaging to 23.2
• Fixed ABI tag generation for CPython 3.13a1 on Windows (PR by Sam Gross)

Changelog

Sourced from wheel's changelog.

Release Notes

0.41.3 (2023-10-30)

• Updated vendored packaging to 23.2
• Fixed ABI tag generation for CPython 3.13a1 on Windows (PR by Sam Gross)

0.41.2 (2023-08-22)

• Fixed platform tag detection for GraalPy and 32-bit python running on an aarch64 kernel (PR by Matthieu Darbois)
• Fixed wheel tags to not list directories in RECORD files (PR by Mike Taves)
• Fixed ABI tag generation for GraalPy (PR by Michael Simacek)

0.41.1 (2023-08-05)

• Fixed naming of the data_dir directory in the presence of local version segment given via egg_info.tag_build (PR by Anderson Bravalheri)
• Fixed version specifiers in Requires-Dist being wrapped in parentheses

0.41.0 (2023-07-22)

• Added full support of the build tag syntax to wheel tags (you can now set a build tag like 123mytag)
• Fixed warning on Python 3.12 about onerror deprecation. (PR by Henry Schreiner)
• Support testing on Python 3.12 betas (PR by Ewout ter Hoeven)

0.40.0 (2023-03-14)

• Added a wheel tags command to modify tags on an existing wheel (PR by Henry Schreiner)
• Updated vendored packaging to 23.0
• wheel unpack now preserves the executable attribute of extracted files
• Fixed spaces in platform names not being converted to underscores (PR by David Tucker)
• Fixed RECORD files in generated wheels missing the regular file attribute
• Fixed DeprecationWarning about the use of the deprecated pkg_resources API (PR by Thomas Grainger)
• Wheel now uses flit-core as a build backend (PR by Henry Schreiner)

0.38.4 (2022-11-09)

• Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

0.38.3 (2022-11-08)

• Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

... (truncated)

Commits

• a899f1c Fixed parameter for release-notes
• 254ba46 Created a new release
• 6f33736 Updated actions and added GitHub release automation
• 83b77e5 Replaced black with ruff-format
• 3f829cc Updated vendored packaging to 23.2
• e59ae03 Also test on Python 3.13 (#580)
• 0833f0e Fix ABI tag for CPython 3.13 on Windows (#578)
• 5960057 [pre-commit.ci] pre-commit autoupdate (#579)
• dc1b9f9 [pre-commit.ci] pre-commit autoupdate (#574)
• d9e5029 [pre-commit.ci] pre-commit autoupdate (#572)
• Additional commits viewable in compare view

Updates setuptools from 65.5.1 to 69.0.2

Changelog

Sourced from setuptools's changelog.

v69.0.2

Bugfixes

• Added missing estimated date for removing setuptools.dep_util (deprecated in v69.0.0). (#4131)

v69.0.1

Bugfixes

• Fixed imports of setuptools.dep_util.newer_group. A deprecation warning is issued instead of a hard failure. (#4126)

v69.0.0

Features

• Include type information (py.typed, *.pyi) by default (#3136) -- by :user:Danie-1, EXPERIMENTAL. (#3136)
• Exported distutils.dep_util and setuptools.dep_util through setuptools.modified -- by :user:Avasam (#4069)
• Merged with pypa/distutils@7a04cbda0fc714.

Bugfixes

• Replaced hardcoded numeric values with :obj:dis.opmap, fixing problem with 3.13.0a1. (#4094)

Deprecations and Removals

• Configuring project version and egg_info.tag_* in such a way that results in invalid version strings (according to :pep:440) is no longer permitted. (#4066)
• Removed deprecated egg_base option from dist_info. Note that the dist_info command is considered internal to the way setuptools build backend works and not intended for public usage. (#4066)
• The parsing of the deprecated metadata.license_file and metadata.requires fields in setup.cfg is no longer supported. Users are expected to move to metadata.license_files and

... (truncated)

Commits

• 4f6449f Bump version: 69.0.1 → 69.0.2
• a4298d1 Add missing estimated date for removing setuptools.dep_util (#4132)
• 1495738 Add news fragment
• c836172 Improve warning visibility with due date and reference url
• d148d9e Bump version: 69.0.0 → 69.0.1
• 28775f3 Allow imports of setuptools.dep_util.newer_group with deprecation warning (#4...
• 7d90e9f Add newsfragment
• e1f8783 Allow imports of setuptools.dep_util.newer_group with deprecation warning
• 536d4a8 Bump version: 68.2.2 → 69.0.0
• b8992ad Mark flaky test on PyPy with xfail (#4124)
• Additional commits viewable in compare view

Updates protobuf from 3.20.2 to 4.25.1

Release notes

Sourced from protobuf's releases.

Protocol Buffers v3.20.3

Java

• Refactoring java full runtime to reuse sub-message builders and prepare to migrate parsing logic from parse constructor to builder.
• Move proto wireformat parsing functionality from the private "parsing constructor" to the Builder class.
• Change the Lite runtime to prefer merging from the wireformat into mutable messages rather than building up a new immutable object before merging. This way results in fewer allocations and copy operations.
• Make message-type extensions merge from wire-format instead of building up instances and merging afterwards. This has much better performance.
• Fix TextFormat parser to build up recurring (but supposedly not repeated) sub-messages directly from text rather than building a new sub-message and merging the fully formed message into the existing field.
• This release addresses a Security Advisory for Java users

Commits

• 7f94235 Updating version.json and repo version numbers to: 25.1
• e4b00c7 Add support for extensions in CRuby, JRuby, and FFI Ruby (#14703) (#14756)
• 2495d4f Add support for options in CRuby, JRuby and FFI (#14594) (#14739)
• a29f47d Bump mac PHP version to 8.2 to fix non-hermetic breakages. (#14741)
• f36432a Merge pull request #14674 from anandolee/25.x
• 74f5cf4 Raise warnings for python syntax usages
• edb1afd Move python/BUILD to python/BUILD.bazel (#14658)
• 666689e Merge pull request #14620 from protocolbuffers/win2019-25.x
• 1577c30 Error on staleness failure
• 1155c80 Update cc_file_list_aspect to handle targets with missing hdrs/textual_hdrs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #1031.