Bump the python-root group with 7 updates

[dependabot]

Bumps the python-root group with 7 updates:

Package	From	To
flake8	3.8.4	6.1.0
isort	5.7.0	5.13.2
build	0.3.0	1.0.3
twine	3.3.0	4.0.2
wheel	0.38.1	0.42.0
setuptools	65.5.1	69.0.2
protobuf	3.20.2	4.25.1

Updates flake8 from 3.8.4 to 6.1.0

Commits

• 7ef0350 Release 6.1.0
• 354f873 Merge pull request #1852 from PyCQA/setup-cfg-fmt
• 24be8ad Merge pull request #1851 from PyCQA/pylint-warnings
• 5233d88 use setup-cfg-fmt
• d4d1552 Merge pull request #1849 from PyCQA/handle-multiline-fstrings-in-312
• cc301ed fix pylintrc warnings
• 1ed78d5 handle multiline fstrings in 3.12
• f264195 Merge pull request #1850 from PyCQA/312-test
• acca35b add 3.12 to ci matrix
• 579f9f6 Merge pull request #1848 from PyCQA/upgrade-pycodestyle
• Additional commits viewable in compare view

Updates isort from 5.7.0 to 5.13.2

Release notes

Sourced from isort's releases.

5.13.2

Changes

• Apply the bracket fix from issue 471 only for use_parentheses=True (#2184) @​bp72
• confine pre-commit to stages (#2213) @​davidculley

🪲 Fixes

• Fix colors extras (#2212) @​staticdev

5.13.1

Changes

• Fix integration tests (#2208) @​bp72
• Added a fix for normalizing imports from more than one level of parent modules (issue/2152) (#2191) @​bp72

🪲 Fixes

• Remove optional dependencies without extras (#2207) @​staticdev

5.13.0

Changes

• Fix 80 line length for wemake linter (#2183) @​skatromb
• Add support for Python 3.12 (#2175) @​hugovk
• fix: add newest version to pre-commit docs (#2190) @​AzulGarza
• Fix assertions in test_git_hook (#2196) @​mgorny
• Removed check for include_trailing_comma for the Hanging Indent wrap mode (#2192) @​bp72
• use the standard library tomllib on sufficiently new python (#2202) @​eli-schwartz
• Update pre-commit.md version number (#2197) @​nicobako
• doc: Update black_compatibility.md (#2177) @​JSS95
• Fix safety sept 2023 (#2178) @​staticdev
• docs: fix black profile documentation (#2163) @​nijel
• fix typo: indended -> indented (#2161) @​vadimkerr
• docs(configuration/options.md): fix missing trailing spaces for hard linebreak (#2157) @​JoeyTeng
• Update pre-commit.md (#2148) @​godiard
• chore: move configurations to pyproject.toml (#2115) @​SauravMaheshkar
• Fix typo in README (#2112) @​stefmolin
• Update version in pre-commit setup to avoid installation issue with poetry (#2103) @​stefmolin
• Skip .pytype directory by default. (#2098) @​manueljacob
• Fix a tip block styling in the Config Files section (#2097) @​Klavionik
• Do not cache configuration files (#1995) @​kaste
• Derive settings_path from --filename (#1992) @​kaste
• Fix year of version 5.12.0 in CHANGELOG.md (#2082) @​DjLegolas

🔥 Removals and Deprecations

• Cleanup deprecated extras (#2089) @​staticdev

📦 Dependencies

... (truncated)

Changelog

Sourced from isort's changelog.

5.13.2 December 13 2023

• Apply the bracket fix from issue #471 only for use_parentheses=True (#2184) @​bp72
• Confine pre-commit to stages (#2213) @​davidculley
• Fixed colors extras (#2212) @​staticdev

5.13.1 December 11 2023

• Fixed integration tests (#2208) @​bp72
• Fixed normalizing imports from more than one level of parent modules (issue/2152) (#2191) @​bp72
• Remove optional dependencies without extras (#2207) @​staticdev

5.13.0 December 9 2023

• Cleanup deprecated extras (#2089) @​staticdev
• Fixed #1989: settings lookup when working in stream based mode
• Fixed 80 line length for wemake linter (#2183) @​skatromb
• Add support for Python 3.12 (#2175) @​hugovk
• Fixed: add newest version to pre-commit docs (#2190) @​AzulGarza
• Fixed assertions in test_git_hook (#2196) @​mgorny
• Removed check for include_trailing_comma for the Hanging Indent wrap mode (#2192) @​bp72
• Use the standard library tomllib on sufficiently new python (#2202) @​eli-schwartz
• Update pre-commit.md version number (#2197) @​nicobako
• doc: Update black_compatibility.md (#2177) @​JSS95
• Fixed safety sept 2023 (#2178) @​staticdev
• docs: fix black profile documentation (#2163) @​nijel
• Fixed typo: indended -> indented (#2161) @​vadimkerr
• Docs(configuration/options.md): fix missing trailing spaces for hard linebreak (#2157) @​JoeyTeng
• Update pre-commit.md (#2148) @​godiard
• chore: move configurations to pyproject.toml (#2115) @​SauravMaheshkar
• Fixed typo in README (#2112) @​stefmolin
• Update version in pre-commit setup to avoid installation issue with poetry (#2103) @​stefmolin
• Skip .pytype directory by default. (#2098) @​manueljacob
• Fixed a tip block styling in the Config Files section (#2097) @​Klavionik
• Do not cache configuration files (#1995) @​kaste
• Derive settings_path from --filename (#1992) @​kaste
• Fixed year of version 5.12.0 in CHANGELOG.md (#2082) @​DjLegolas

5.12.0 January 28 2023

• Removed support for Python 3.7
• Fixed incompatiblity with latest poetry version
• Added support for directory limitations within built in git hook

5.11.5 January 30 2023 [hotfix]

• Fixed incompatiblity with latest poetry version

5.11.4 December 21 2022

• Fixed #2038 (again): stop installing documentation files to top-level site-packages (#2057) @​mgorny

... (truncated)

Commits

• c655831 Merge pull request #2214 from PyCQA/version/5.13.2
• b4335b4 Prepare version 5.13.2
• c36e43c Merge pull request #2184 from bp72/issue/2154
• e38702f Merge pull request #2213 from davidculley/confine-precommit-to-stages
• ee8d87f Add fix for the error found by hypothesis
• 5849ec2 Apply the bracket fix from issue 471 only for use_parentheses=True
• df0e119 confine pre-commit to stages
• 9255bca Merge pull request #2212 from PyCQA/bugfix/#2211-colors-extra
• 5336d7d Fix colors extras
• 643d9c4 Merge pull request #2210 from PyCQA/version/5.13.1
• Additional commits viewable in compare view

Updates build from 0.3.0 to 1.0.3

Release notes

Sourced from build's releases.

Version 1.0.3

What's Changed

• fix: avoid bug in various patch releases of Python by @​henryiii in pypa/build#675
• changelog: fix issue reference by @​michael-k in pypa/build#671
• tox: format file by @​henryiii in pypa/build#678
• chore: bump to 1.0.3 by @​henryiii in pypa/build#681
• chore: release 1.0.1 by @​henryiii in pypa/build#677

New Contributors

• @​michael-k made their first contribution in pypa/build#671

Full Changelog: pypa/build@1.0.0...1.0.3

Version 1.0.0

What's Changed

• infra: replace flake8 with ruff by @​layday in pypa/build#565
• Refactor IsolatedEnv, take two by @​layday in pypa/build#537
• util: allow passing alternative runner to project_wheel_metadata by @​q0w in pypa/build#566
• ci: do not trigger workflow for RST file changes by @​layday in pypa/build#568
• build: drop toml fallback by @​layday in pypa/build#567
• infra: fix ruff configuration and add a few checks by @​henryiii in pypa/build#573
• Minor doc fixes by @​layday in pypa/build#574
• docs: reorder installation instructions by @​hauntsaninja in pypa/build#575
• Specify encoding by @​jaraco in pypa/build#578
• infra: use latest Ruff instead of isort by @​henryiii in pypa/build#581
• tests: report installed versions of common packages by @​henryiii in pypa/build#588
• tests: strip formatting from stderr (pip 23) by @​henryiii in pypa/build#589
• docs: remove direct references to PEP 517 in docs landing page by @​pradyunsg in pypa/build#562
• docs: use sphinx-issues by @​FFY00 in pypa/build#590
• config: support running Ruff 0.258+ directly on source by @​henryiii in pypa/build#591
• tests: useless .stdout detected by Ruff PR by @​henryiii in pypa/build#594
• Fix link to installation page in docs by @​atugushev in pypa/build#597
• fix: mypy update by @​henryiii in pypa/build#606
• chore: minor cleanup by @​henryiii in pypa/build#605
• chore: isort Ruff code was missing by @​henryiii in pypa/build#604
• 🎨🧪 Modularize GHA workflow through reuse by @​webknjaz in pypa/build#618
• Improve CLI help text by @​layday in pypa/build#616
• ci: add 3.12 beta testing by @​henryiii in pypa/build#624
• chore: remove unneeded target-version by @​henryiii in pypa/build#634
• pre-commit: ruff moved to astral-sh by @​henryiii in pypa/build#635
• main: filter out malicious files when extracting tar archives by @​layday in pypa/build#609
• main: avoid cost of importing virtualenv if not using it by @​henryiii in pypa/build#636
• Bump importlib metadata dependency by @​jaraco in pypa/build#631
• main: ensure config_settings are passed to get_requires_for_build by @​jameshilliard in pypa/build#627
• tests: add network marker by @​henryiii in pypa/build#649
• chore: use 2x faster black mirror by @​henryiii in pypa/build#652
• docs: bump furo/sphinx by @​henryiii in pypa/build#660

... (truncated)

Changelog

Sourced from build's changelog.

1.0.3 (2023-09-06)

• Avoid CPython 3.8.17, 3.9.17, 3.10.12, and 3.11.4 tarfile symlink bug triggered by adding data_filter in 1.0.0. (PR :pr:675, fixes issue :issue:674)

1.0.0 (2023-09-01)

• Removed the toml library fallback; toml can no longer be used as a substitute for tomli (PR :pr:567)
• Added runner parameter to util.project_wheel_metadata (PR :pr:566, fixes issue :issue:553)
• Modified ProjectBuilder constructor signature, added alternative ProjectBuilder.from_env constructor, redefined env.IsolatedEnv interface, and exposed env.DefaultIsolatedEnv, replacing env.IsolatedEnvBuilder. The aim has been to shift responsibility for modifying the environment from the project builder to the IsolatedEnv entirely and to ensure that the builder will be initialised from an IsolatedEnv in a consistent manner. Mutating the project builder is no longer supported. (PR :pr:537)
• virtualenv is no longer imported when using -n, for faster builds (PR :pr:636, fixes issue :issue:510)
• The SDist now contains the repository contents, including tests. Flit-core 3.8+ required. (PR :pr:657, :pr:661, fixes issue :issue:656)
• The minimum version of importlib-metadata has been increased to 4.6 and Python 3.10 due to a bug in the standard library version with URL requirements in extras. This is still not required for 3.8 when bootstrapping (as long as you don't have URL requirements in extras). (PR :pr:631, fixes issue :issue:630)
• Docs now built with Sphinx 7 (PR :pr:660)
• Tests now contain a network marker (PR :pr:649, fixes issue :issue:648)
• Config-settings are now passed to get_requires* hooks, fixing a long standing bug. If this affects your setuptools build, you can use -C--build-option=<cmd> -C--build-option=<option> to workaround an issue with Setuptools not allowing unrecognised build options when running this hook. (PR :pr:627, fixes issue :issue:[#264](https://github.com/pypa/build/issues/264))
• Test on Python 3.12 betas/RCs (PR :pr:624)
• Filter out malicious files when extracting tar archives when Python supports it (PR :pr:609)
• Specify encoding, fixing issues when PYTHONWARNDEFAULTENCODING is set.

... (truncated)

Commits

• 38d1a68 chore: bump to 1.0.3
• 17cefaf tox: format file
• c48f4ca chore: release 1.0.1
• 4b61b8e Apply suggestions from code review
• d6138f5 fix: avoid bug in various patch releases of Python
• eada811 build(deps): bump actions/checkout from 3 to 4 (#673)
• 955e697 pre-commit: bump repositories (#672)
• f51c089 changelog: fix issue reference
• 1fff01e style: ignore W005, since we are build
• 06e0481 ci: build and test SDist/wheels
• Additional commits viewable in compare view

Updates twine from 3.3.0 to 4.0.2

Release notes

Sourced from twine's releases.

4.0.2

https://pypi.org/project/twine/4.0.2/

Changelog

4.0.1

https://pypi.org/project/twine/4.0.1/

Changelog

4.0.0

https://pypi.org/project/twine/4.0.0/

Changelog

3.8.0

https://pypi.org/project/twine/3.8.0/

Changelog

3.7.1

https://pypi.org/project/twine/3.7.1/

Changelog

3.7.0

https://pypi.org/project/twine/3.7.0/

Changelog

3.6.0

https://pypi.org/project/twine/3.6.0/

Changelog

3.5.0

https://pypi.org/project/twine/3.5.0/

Changelog

3.4.2

https://pypi.org/project/twine/3.4.2/

Changelog

Changelog

Sourced from twine's changelog.

Twine 4.0.2 (2022-11-30)

Bugfixes ^^^^^^^^

• Remove deprecated function to fix twine check with pkginfo 1.9.0. ([#941](https://github.com/pypa/twine/issues/941) <https://github.com/pypa/twine/issues/941>_)

Twine 4.0.1 (2022-06-01)

Bugfixes ^^^^^^^^

• Improve logging when keyring fails. ([#890](https://github.com/pypa/twine/issues/890) <https://github.com/pypa/twine/issues/890>_)
• Reconfgure root logger to show all log messages. ([#896](https://github.com/pypa/twine/issues/896) <https://github.com/pypa/twine/issues/896>_)

Twine 4.0.0 (2022-03-31)

Features ^^^^^^^^

• Drop support for Python 3.6. ([#869](https://github.com/pypa/twine/issues/869) <https://github.com/pypa/twine/issues/869>_)
• Use Rich to add color to upload output. ([#851](https://github.com/pypa/twine/issues/851) <https://github.com/pypa/twine/issues/851>_)
• Use Rich to add color to check output. ([#874](https://github.com/pypa/twine/issues/874) <https://github.com/pypa/twine/issues/874>_)
• Use Rich instead of tqdm for upload progress bar. ([#877](https://github.com/pypa/twine/issues/877) <https://github.com/pypa/twine/issues/877>_)

Bugfixes ^^^^^^^^

• Remove Twine's dependencies from the User-Agent header when uploading. ([#871](https://github.com/pypa/twine/issues/871) <https://github.com/pypa/twine/issues/871>_)
• Improve detection of disabled BLAKE2 hashing due to FIPS mode. ([#879](https://github.com/pypa/twine/issues/879) <https://github.com/pypa/twine/issues/879>_)
• Restore warning for missing long_description. ([#887](https://github.com/pypa/twine/issues/887) <https://github.com/pypa/twine/issues/887>_)

Twine 3.8.0 (2022-02-02)

Features ^^^^^^^^

• Add --verbose logging for querying keyring credentials. ([#849](https://github.com/pypa/twine/issues/849) <https://github.com/pypa/twine/issues/849>_)
• Log all upload responses with --verbose. ([#859](https://github.com/pypa/twine/issues/859) <https://github.com/pypa/twine/issues/859>_)
• Show more helpful error message for invalid metadata. ([#861](https://github.com/pypa/twine/issues/861) <https://github.com/pypa/twine/issues/861>_)

... (truncated)

Commits

• 75c3d86 Release 4.0.2 (#946)
• 5b5d081 Fix twine( check) with the newly released pkginfo 1.9. (#941)
• 717ae3d Fix failing CI (#943)
• bb51e46 Remove unused mypy ignores (#927)
• 8f5e5d6 Update changelog for 4.0.1 (#904)
• 62f3c67 Log keyring tracebacks (#890)
• d30df70 Update links to requests docs (#899)
• 5525a2a Restore missing __main__ logs (#896)
• b0b932f Fix typos in tests (#898)
• 4223ee1 Require latest version of readme_renderer (#892)
• Additional commits viewable in compare view

Updates wheel from 0.38.1 to 0.42.0

Release notes

Sourced from wheel's releases.

0.42.0

• Allowed removing build tag with wheel tags --build ""
• Fixed wheel pack and wheel tags writing updated WHEEL fields after a blank line, causing other tools to ignore them
• Fixed wheel pack and wheel tags writing WHEEL with CRLF line endings or a mix of CRLF and LF
• Fixed wheel pack --build-number "" not removing build tag from WHEEL (above changes by Benjamin Gilbert)

0.41.3

• Updated vendored packaging to 23.2
• Fixed ABI tag generation for CPython 3.13a1 on Windows (PR by Sam Gross)

Changelog

Sourced from wheel's changelog.

Release Notes

0.42.0 (2023-11-26)

• Allowed removing build tag with wheel tags --build ""
• Fixed wheel pack and wheel tags writing updated WHEEL fields after a blank line, causing other tools to ignore them
• Fixed wheel pack and wheel tags writing WHEEL with CRLF line endings or a mix of CRLF and LF
• Fixed wheel pack --build-number "" not removing build tag from WHEEL (above changes by Benjamin Gilbert)

0.41.3 (2023-10-30)

• Updated vendored packaging to 23.2
• Fixed ABI tag generation for CPython 3.13a1 on Windows (PR by Sam Gross)

0.41.2 (2023-08-22)

• Fixed platform tag detection for GraalPy and 32-bit python running on an aarch64 kernel (PR by Matthieu Darbois)
• Fixed wheel tags to not list directories in RECORD files (PR by Mike Taves)
• Fixed ABI tag generation for GraalPy (PR by Michael Simacek)

0.41.1 (2023-08-05)

• Fixed naming of the data_dir directory in the presence of local version segment given via egg_info.tag_build (PR by Anderson Bravalheri)
• Fixed version specifiers in Requires-Dist being wrapped in parentheses

0.41.0 (2023-07-22)

• Added full support of the build tag syntax to wheel tags (you can now set a build tag like 123mytag)
• Fixed warning on Python 3.12 about onerror deprecation. (PR by Henry Schreiner)
• Support testing on Python 3.12 betas (PR by Ewout ter Hoeven)

0.40.0 (2023-03-14)

• Added a wheel tags command to modify tags on an existing wheel (PR by Henry Schreiner)
• Updated vendored packaging to 23.0
• wheel unpack now preserves the executable attribute of extracted files
• Fixed spaces in platform names not being converted to underscores (PR by David Tucker)
• Fixed RECORD files in generated wheels missing the regular file attribute
• Fixed DeprecationWarning about the use of the deprecated pkg_resources API (PR by Thomas Grainger)
• Wheel now uses flit-core as a build backend (PR by Henry Schreiner)

... (truncated)

Commits

• 63a09bb Created a new release
• f4b8e48 Several fixes to WHEEL metadata handling (#588)
• 11e5732 [pre-commit.ci] pre-commit autoupdate (#586)
• fe6bb82 [pre-commit.ci] pre-commit autoupdate (#584)
• b90a4bc [pre-commit.ci] pre-commit autoupdate (#581)
• 56de2eb Added a link to the GitHub repository to pyproject.toml (#563)
• a899f1c Fixed parameter for release-notes
• 254ba46 Created a new release
• 6f33736 Updated actions and added GitHub release automation
• 83b77e5 Replaced black with ruff-format
• Additional commits viewable in compare view

Updates setuptools from 65.5.1 to 69.0.2

Changelog

Sourced from setuptools's changelog.

v69.0.2

Bugfixes

• Added missing estimated date for removing setuptools.dep_util (deprecated in v69.0.0). (#4131)

v69.0.1

Bugfixes

• Fixed imports of setuptools.dep_util.newer_group. A deprecation warning is issued instead of a hard failure. (#4126)

v69.0.0

Features

• Include type information (py.typed, *.pyi) by default (#3136) -- by :user:Danie-1, EXPERIMENTAL. (#3136)
• Exported distutils.dep_util and setuptools.dep_util through setuptools.modified -- by :user:Avasam (#4069)
• Merged with pypa/distutils@7a04cbda0fc714.

Bugfixes

• Replaced hardcoded numeric values with :obj:dis.opmap, fixing problem with 3.13.0a1. (#4094)

Deprecations and Removals

• Configuring project version and egg_info.tag_* in such a way that results in invalid version strings (according to :pep:440) is no longer permitted. (#4066)
• Removed deprecated egg_base option from dist_info. Note that the dist_info command is considered internal to the way setuptools build backend works and not intended for public usage. (#4066)
• The parsing of the deprecated metadata.license_file and metadata.requires fields in setup.cfg is no longer supported. Users are expected to move to metadata.license_files and

... (truncated)

Commits

• 4f6449f Bump version: 69.0.1 → 69.0.2
• a4298d1 Add missing estimated date for removing setuptools.dep_util (#4132)
• 1495738 Add news fragment
• c836172 Improve warning visibility with due date and reference url
• d148d9e Bump version: 69.0.0 → 69.0.1
• 28775f3 Allow imports of setuptools.dep_util.newer_group with deprecation warning (#4...
• 7d90e9f Add newsfragment
• e1f8783 Allow imports of setuptools.dep_util.newer_group with deprecation warning
• 536d4a8 Bump version: 68.2.2 → 69.0.0
• b8992ad Mark flaky test on PyPy with xfail (#4124)
• Additional commits viewable in compare view

Updates protobuf from 3.20.2 to 4.25.1

Release notes

Sourced from protobuf's releases.

Protocol Buffers v3.20.3

Java

• Refactoring java full runtime to reuse sub-message builders and prepare to migrate parsing logic from parse constructor to builder.
• Move proto wireformat parsing functionality from the private "parsing constructor" to the Builder class.
• Change the Lite runtime to prefer merging from the wireformat into mutable messages rather than building up a new immutable object before merging. This way results in fewer allocations and copy operations.
• Make message-type extensions merge from wire-format instead of building up instances and merging afterwards. This has much better performance.
• Fix TextFormat parser to build up recurring (but supposedly not repeated) sub-messages directly from text rather than building a new sub-message and merging the fully formed message into the existing field.
• This release addresses a Security Advisory for Java users

Commits

• 7f94235 Updating version.json and repo version numbers to: 25.1
• e4b00c7 Add support for extensions in CRuby, JRuby, and FFI Ruby (#14703) (#14756)
• 2495d4f Add support for options in CRuby, JRuby and FFI (#14594) (#14739)
• a29f47d Bump mac PHP version to 8.2 to fix non-hermetic breakages. (#14741)
• f36432a Merge pull request #14674 from anandolee/25.x
• 74f5cf4 Raise warnings for python syntax usages
• edb1afd Move python/BUILD to python/BUILD.bazel (#14658)
• 666689e Merge pull request #14620 from protocolbuffers/win2019-25.x
• 1577c30 Error on staleness failure
• 1155c80 Update cc_file_list_aspect to handle targets with missing hdrs/textual_hdrs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #1043.