fix(deps): update minor dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update	Pending
@chromatic-com/storybook	5.1.2 → 5.2.1			devDependencies	minor
@eslint/compat (source)	2.0.5 → 2.1.0			devDependencies	minor
@reduxjs/toolkit (source)	2.11.2 → 2.12.0			dependencies	minor
actions/setup-python	v4.3.0 → v4.9.1			action	minor
axios (source)	1.15.2 → 1.16.1			dependencies	minor
black (changelog)	==26.3.1 → ==26.5.1			dev-packages	minor
click (changelog)	==8.3.3 → ==8.4.1			packages	minor
cypress (source)	15.14.2 → 15.15.0			devDependencies	minor	15.16.0
deepdiff	==9.0.0 → ==9.1.0			packages	minor
docker/build-push-action	v7.1.0 → v7.2.0			action	minor
docker/login-action	v4.1.0 → v4.2.0			action	minor
docker/metadata-action	v6.0.0 → v6.1.0			action	minor
docker/setup-buildx-action	v4.0.0 → v4.1.0			action	minor
filelock	==3.20.3 → ==3.29.0			dev-packages	minor
globals	17.5.0 → 17.6.0			devDependencies	minor
locust	==2.43.4 → ==2.44.0			dev-packages	minor
pytest-xdist (changelog)	==3.5.0 → ==3.8.0			dev-packages	minor
react-redux	9.2.0 → 9.3.0			dependencies	minor
renovatebot/pre-commit-hooks	43.141.2 → 43.150.0			repository	minor	43.200.1
requests (changelog)	==2.33.1 → ==2.34.2			packages	minor
sass	1.99.0 → 1.100.0			dependencies	minor

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

---

Release Notes

chromaui/addon-visual-tests (@​chromatic-com/storybook)

v5.2.1

Compare Source

🐛 Bug Fix

• Widen peer-dependency range for storybook #​434 (@​valentinpalkovic)

Authors: 1

• Valentin Palkovic (@​valentinpalkovic)

v5.2.0

Compare Source

🚀 Enhancement

• Add missing ChromaticTypes export to support composite mode #​410 (@​jdpnielsen @​ghengeveld)
• Add Share tool to quickly publish a Storybook #​418 (@​valentinpalkovic @​ghengeveld @​kylegach)
• Add refresh-token auth flow and harden HTML injection paths #​425 (@​ghengeveld @​valentinpalkovic)
• Replace device_code OAuth flow with authorization_code flow #​424 (@​ghengeveld @​valentinpalkovic)

🐛 Bug Fix

• Refresh auth preemptively before token expiry #​431 (@​ghengeveld)
• Merge remote-tracking branch 'origin/valentin/viral-sharing-2' into valentin/viral-sharing-2 #​429 (@​valentinpalkovic)
• Consolidate auth state into a single AuthStore #​430 (@​valentinpalkovic)
• Show share expiry based on daysToExpire from CLI #​428 (@​ghengeveld @​valentinpalkovic)
• Fix OAuth authorization_code flow #​427 (@​ghengeveld)

Authors: 5

• Gert Hengeveld (@​ghengeveld)
• Joshua Daniel Pratt Nielsen (@​jdpnielsen)
• Kyle Gach (@​kylegach)
• Piotr Wysocki (@​piwysocki)
• Valentin Palkovic (@​valentinpalkovic)

eslint/rewrite (@​eslint/compat)

v2.1.0

Compare Source

Features

• Add new includeIgnoreFile() to config-helpers (#​430) (9b51352)

reduxjs/redux-toolkit (@​reduxjs/toolkit)

v2.12.0

Compare Source

This feature release adds RTK usage skills files (via TanStack Intent) exports the RTK Query hook options types for reusability, fixes issues with infinite query status flags and batching handling, and makes some small TS improvements.

Changelog

Skills Files

We've generated agent skill files that are now included in the RTK package itself in a skills folder. They cover using and migrating to modern RTK, client and server state management, and handling side effects. You can point your agent at these skills yourself, or use TanStack Intent to pick them up.

TypeScript Improvements

The types for our RTK Query hook options are now exported, which lets you stop using Parameters to extract those types for use in your own code.

The types for listener middleware matchers were tweaked to allow interface-based type guards, not just type-based definitions.

The internal IgnorePaths type was renamed to IgnoredPaths for consistency.

We now use the built-in NoInfer util that comes with TS 5.4+.

Fixes

We fixed handling of the isSuccess status flag when switching infinite query cache entries. This should prevent accidental UI flashes that were occurring due to this flag accidentally flipping.

We've added a 100ms timeout fallback to the autoBatch enhancer's requestAnimationFrame timer. We had several reports that rAF didn't work correctly when used in background tabs / opened windows, and that RTK never updated the UI. This should ensure that the updates flush correctly.

What's Changed

• Export hook options types for RTK Query hooks by @​veeceey in #​5218
• Add TanStack Intent skills for Redux Toolkit by @​phryneas in #​5249
• Keep isSuccess: true when switching infinite query cache entries by @​riqts in #​5268
• fix: allow interface-based type guards as listener matcher by @​riqts in #​5269
• fix: add setTimeout fallback to raf autoBatch strategy for background tabs by @​riqts in #​5273
• chore(toolkit): rename IgnorePaths type to IgnoredPaths by @​Ri5ha6h in #​5284
• feat(toolkit)!: switch to native NoInfer utility type by @​aryaemami59 in #​5289

Full Changelog: reduxjs/redux-toolkit@v2.11.2...v2.12.0

actions/setup-python (actions/setup-python)

v4.9.1

Compare Source

What's Changed

• Add workflow file for publishing releases to immutable action package by @​aparnajyothi-y in #​1084

Full Changelog: actions/setup-python@v4...v4.9.1

v4.9.0

Compare Source

What's Changed

• Upgrade actions/cache to 4.0.3 by @​priya-kinthali in #​1073
  In scope of this release we updated actions/cache package to ensure continued support and compatibility, as older versions of the package are now deprecated. For more information please refer to the toolkit/cache.

Full Changelog: actions/setup-python@v4.8.0...v4.9.0

v4.8.0

Compare Source

What's Changed

In scope of this release we added support for GraalPy (#​694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

• Trim python version when reading from file by @​FerranPares in #​628
• Use non-deprecated versions in examples by @​jeffwidman in #​724
• Change deprecation comment to past tense by @​jeffwidman in #​723
• Bump @​babel/traverse from 7.9.0 to 7.23.2 by @​dependabot in #​743
• advanced-usage.md: Encourage the use actions/checkout@​v4 by @​cclauss in #​729
• Examples now use checkout@​v4 by @​simonw in #​738
• Update actions/checkout to v4 by @​dmitry-shibanov in #​761

New Contributors

• @​FerranPares made their first contribution in #​628
• @​timfel made their first contribution in #​694
• @​jeffwidman made their first contribution in #​724

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

Compare Source

What's Changed

• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in #​702
• Add range validation for toml files by @​dmitry-shibanov in #​726

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

Compare Source

In scope of this release, the support for reading python version from pyproject.toml was added (#​669).

      - name: Setup Python
        uses: actions/setup-python@v4
        with:
          python-version-file: pyproject.toml

Besides, it includes such changes as:

• Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in #​697
• Bump semver from 7.3.8 to 7.5.2 by @​dependabot in #​692
• Fix typos found by codespell by @​DimitriPapadopoulos in #​650

New Contributors

• @​dariocurr made their first contribution in #​669
• @​DimitriPapadopoulos made their first contribution in #​650

Full Changelog: actions/setup-python@v4...v4.7.0

v4.6.1

Compare Source

What's Changed

• Fix allow-prereleases sample configuration by @​mayeut in #​615
• Fix a incorrect link advanced-usage.md by @​siyuan0322 in #​657
• Remove implicit dependency by @​nikolai-laevskii in #​668
• Automatic update of configuration files from 05/23/2023 by @​github-actions in #​671
• Add warning for python 2.7 on release/v4 by @​dmitry-shibanov in #​673

New Contributors

• @​siyuan0322 made their first contribution in #​657
• @​nikolai-laevskii made their first contribution in #​668

Full Changelog: actions/setup-python@v4...v4.6.1

v4.6.0: Add allow-prereleases input

Compare Source

In scope of this release we added a new input (allow-prereleases) to allow falling back to pre-release versions of Python when a matching GA version of Python is not available

steps:
  - uses: actions/checkout@v3
  - uses: actions/setup-python@v4
    with:
      python-version: 3.12
      allow-prereleases: true

Besides, we added such changes as:

• Fix bug to trim new line for PyPy version: #​610
• Added pip dependency file to generate hash from it: #​604
• Improved error handling for saving and restoring cache: #​618
• Add warning if cache paths are empty: #​642

v4.5.0: Fix cache issue for Poetry projects located in subfolders

Compare Source

In scope of this release we fixed cache issue for Poetry projects located in subfolders (#​446). Besides that we updated json5 version from 2.2.0 to 2.2.3 (#​579).

v4.4.0: Add support to install multiple python versions

Compare Source

In scope of this release we added support to install multiple python versions. For this you can try to use this snippet:

    - uses: actions/setup-python@v4
      with:
        python-version: |
            3.8
            3.9
            3.10

Besides, we changed logic with throwing the error for GHES if cache is unavailable to warn (#​566).

v4.3.1: Improve error handling and messages

Compare Source

In scope of this release we added improved error message to put operating system and its version in the logs (#​559). Besides, the release

• fixes issue about specifying architecture for pypy-nightly on Windows with related pull request.
• improves error handling for Http Errors (#​511).
• updates minimatch (#​558).

axios/axios (axios)

v1.16.1

Compare Source

v1.16.0

Compare Source

v1.16.0 — May 2, 2026

This release adds support for the QUERY HTTP method and a new ECONNREFUSED error constant, lands a substantial wave of HTTP, fetch, and XHR adapter bug fixes around redirects, aborts, headers, and timeouts, and welcomes 23 new contributors.

⚠️ Notable Changes

A handful of fixes in this release are either security-adjacent or change observable behaviour. Please review before upgrading:

• Fetch adapter now enforces maxBodyLength and maxContentLength. These limits were silently ignored on the fetch adapter prior to 1.16.0 — anyone relying on them as a safety net (DoS protection, accidental large uploads) had no protection. (#​10795)
• Proxy requests now preserve user-supplied Host headers. Previously, the proxy path could overwrite a custom Host. Virtual-host-style routing through a proxy will now behave correctly. (#​10822)
• Basic auth credentials embedded in URLs are now URL-decoded. If you have percent-encoded credentials in a URL (e.g. https://user:p%40ss@host), the decoded value is what now goes on the wire. (#​10825)
• parseProtocol now strictly requires a colon in the protocol separator. Strings that loosely parsed as protocols before may no longer match. (#​10729)
• Deprecated unescape() replaced with modern UTF-8 encoding. Non-ASCII URL handling is now spec-correct; consumers depending on legacy unescape() quirks may see different output bytes. (#​7378)
• transformRequest input typing change was reverted. The typing change introduced in #​10745 was reverted in #​10810 after follow-up review — net behavior is unchanged from 1.15.2. (#​10745, #​10810)

🚀 New Features

• QUERY HTTP Method: Added support for the QUERY HTTP method across adapters and type definitions. (#​10802)
• ECONNREFUSED Error Constant: Exposed ECONNREFUSED as a constant on AxiosError so callers can match connection-refused failures without comparing string literals (closes #​6485). (#​10680)
• Encode Helper Export: Exported the internal encode helper from buildURL so userland param serializers can reuse the same encoding logic that axios uses internally. (#​6897)

🐛 Bug Fixes

• HTTP Adapter — Redirects & Headers: Cleared stale headers when a redirect targets a no-proxy host, fixed the redirect listener chain so listeners no longer stack across hops, restored the missing requestDetails argument on beforeRedirect, preserved user-supplied Host headers when forwarding through a proxy, and properly URL-decoded basic auth credentials. (#​10794, #​10800, #​6241, #​10822, #​10825)
• HTTP Adapter — Streams & Timeouts: Preserved the partial response object on AxiosError when a stream is aborted after headers arrive, honoured the timeout option during the connect phase when redirects are disabled, and resolved an unsettled-promise hang when an aborted request was combined with compression and maxRedirects: 0. (#​10708, #​10819, #​7149)
• Fetch Adapter: Enforced maxBodyLength / maxContentLength in the fetch adapter, set the User-Agent header to match the HTTP adapter, preserved the original abort reason instead of replacing it with a generic error, and deferred global access so importing the module no longer throws a TypeError in restricted environments. (#​10795, #​10772, #​10806, #​7260)
• XHR Adapter: Unsubscribed the cancelToken and AbortSignal listeners on the error, timeout, and abort code paths to prevent leaked subscriptions. (#​10787)
• Error Handling: Attached the parsed response to AxiosError when JSON.parse fails inside dispatchRequest, prevented settle from emitting undefined error codes, and tightened the parseProtocol regex to require a colon in the protocol separator. (#​10724, #​7276, #​10729)
• Types & Exports: Aligned the CommonJS CancelToken typings with the ESM build, fixed a compiler error caused by RawAxiosHeaders, and re-exported create from the package index. (#​7414, #​6389, #​6460)
• UTF-8 Encoding: Replaced the deprecated unescape() call with a modern UTF-8 encoding implementation. (#​7378)
• Misc Cleanup: Resolved a batch of small inconsistencies and gadget-level issues across the codebase. (#​10833)

🔧 Maintenance & Chores

• Refactor — ES6 Modernisation: Modernised the utils module and XHR adapter to use ES6 features, and tidied the multipart boundary error message. (#​10588, #​7419)
• Tests: Hardened the HTTP test server lifecycle to fix flaky FormData EPIPE failures, fixed Win32 platform support for the pipe tests, and corrected an incorrect test assumption. (#​10820, #​10791, #​10796)
• Docs: Documented paramsSerializer.encode for strict RFC 3986 query encoding, updated the parseReviver TypeScript definitions and configuration docs for ES2023, added timeout guidance to the README's first async example, and expanded notes around the recent type changes. (#​10821, #​10782, #​10759, #​10804)
• Reverted: Reverted the transformRequest input typing change from #​10745 after follow-up review. (#​10745, #​10810)
• Dependencies: Bumped actions/setup-node, the github-actions group, and postcss (in /docs) to their latest versions. (#​10785, #​10813, #​10814)
• Release: Updated changelog and packages, and prepared the 1.16.0 release. (#​10790, #​10834)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

• @​singhankit001 (#​10588)
• @​cuiweixie (#​7419)
• @​iruizsalinas (#​10787)
• @​MarcosNocetti (#​10680)
• @​deepview-autofix (#​10729)
• @​atharvasingh7007 (#​10745)
• @​OfekDanny (#​10772)
• @​mnahkies (#​7414)
• @​tboyila (#​10759)
• @​Kingo64 (#​6897)
• @​ramram1048 (#​6389)
• @​FLNacif (#​6460)
• @​zozo123 (#​10806)
• @​pierluigilenoci (#​10802)
• @​afurm (#​10708)
• @​karan-lrn (#​7378)
• @​ebeigarts (#​7149)
• @​Raymondo97 (#​10782)
• @​mixelburg (#​10821)
• @​ashishkr96 (#​10822)
• @​cyphercodes (#​10819)
• @​Jye10032 (#​7260)
• @​VeerShah41 (#​7276)

Full Changelog

psf/black (black)

v26.5.1

Compare Source

Stable style

• Fix unstable formatting of annotated assignments whose subscript annotation contains
  an inline comment (e.g. x: list[ # pyright: ignore[...]) (#​5130)
• Preserve inline comments (including # type: ignore) immediately before a
  # fmt: skip line, avoiding AST equivalence failures (#​5139)

Packaging

• Correct the version in the published executables (#​5137)

Documentation

• Add Neovim integration guide covering conform.nvim, ALE, and simple command approaches
  (#​5124)

v26.5.0

Compare Source

Highlights

• Add support for unpacking in comprehensions (PEP 798) and for lazy imports (PEP 810),
  both new syntactic features in Python 3.15 (#​5048)
• Python 3.15 is now supported. Compiled wheels are not yet provided for Python 3.15, so
  performance may be slower than on existing Python versions. Wheels will be provided
  once Python 3.15 is later in its release cycle. (#​5127)

Stable style

• Fix # fmt: skip being ignored in nested if expressions with parenthesized in
  clauses (#​4903)
• Add syntactic support for Python 3.15 (#​5048)
• Fix crash when an f-string follows a # fmt: off comment inside brackets (#​5097)
• Preserve multiline compound statement headers when # fmt: skip is placed on the
  colon line (#​5117)

Preview style

• Improve heuristics around whether blank lines should appear before, within and after
  groups of same-name decorated functions (such as @overload groups) in .pyi stub
  files (#​5021)
• Fix blank lines being removed between a function and a decorated class in .pyi stub
  files (#​5092)
• Prevent string merger from creating unsplittable long lines when a pragma comment
  (e.g. # type: ignore) follows the closing bracket (#​5096)

Packaging

• Run CI on 3.15 (#​5127)

Output

• Improve parse error readability by showing multi-line output with an error pointer.
  (#​5068)
• Add SourceASTParseError to distinguish source parse failures from internal safety
  errors, improving error reporting when Black's lenient parser accepts input that
  ast.parse() rejects (#​5080)

Blackd

• Return HTTP 400 (Bad Request) for source parse failures instead of HTTP 500, keeping
  HTTP 500 only for genuine internal safety errors (#​5080)

Integrations

• Added documentation for doctest formatting tools and updated the integrations index to
  match (#​4916)

Documentation

• Use "Version X.Y.Z" headings in changelog for stable permalink anchors on ReadTheDocs
  (#​5063)
• Note in the editor integrations that the SublimeText sublack plugin is archived and
  unmaintained (#​5082)

pallets/click (click)

v8.4.1

Compare Source

Released 2026-05-21

• get_parameter_source() is available during eager callbacks and type
  conversion again. :issue:3458 :issue:3484
• Zsh completion scripts parse correctly on Windows. :issue:3277 :pr:3466
• Shell completion of Choice Enum values produces a valid completion
  result. :issue:3015
• Fix empty byte-string handling in echo. :issue:3487
• Fix closed file error with echo_via_pager. :issue:3449

v8.4.0

Compare Source

Released 2026-05-17

• :class:ParamType typing improvements. :pr:3371

  • :class:ParamType is now a generic abstract base class,
    parameterized by its converted value type.
  • :meth:~ParamType.convert return types are narrowed on all
    concrete types (str for :class:STRING, int for
    :class:INT, etc.).
  • :meth:~ParamType.to_info_dict returns specific
    :class:~typing.TypedDict subclasses instead of
    dict[str, Any].
  • :class:CompositeParamType and the number-range base are now
    generic with abstract methods.

• Refactor convert_type to extract type inference into a private
  _guess_type helper, and add :func:typing.overload signatures.
  :pr:3372

• :class:Parameter typing improvements. :pr:2805

  • :class:Parameter is now an abstract base class, making explicit
    that it cannot be instantiated directly.
  • :attr:Parameter.name is now str instead of str | None.
    When expose_value=False, the name is set to "" instead
    of None.
  • The ctx parameter of :meth:Parameter.get_error_hint is now
    typed as Context | None, matching the runtime behavior.

• Split string values from default_map for parameters with nargs > 1
  or :class:Tuple type, matching environment variable behavior.
  :issue:2745 :pr:3364

• Auto-detect type=UNPROCESSED for flag_value of non-basic types
  (not str, int, float, or bool), so programmer-provided
  Python objects like classes and enum members are passed through unchanged
  instead of being stringified. Previously type=click.UNPROCESSED had
  to be set explicitly. :issue:2012 :pr:3363

• The error hint now uses :meth:Command.get_help_option_names to pick
  non-shadowed help option names, so Try '... -h' no longer points to a
  subcommand option that shadows -h. The longest surviving name is
  shown (--help over -h) for readability. :issue:2790 :pr:3208

• Fix readline functionality on non-Windows platforms. Prompt text is now
  passed directly to readline instead of being printed separately, allowing
  proper backspace, line editing, and line wrapping behavior. :issue:2968
  :pr:2969

• Use :func:os.startfile on Windows to open URLs in :func:open_url,
  replacing the start built-in which cannot be invoked without
  shell=True. :issue:3164 :pr:3186

• Fix Fish shell completion errors when option help text contains newlines.
  :issue:3043 :pr:3126

• Add :class:NoSuchCommand exception with suggestions for misspelled
  commands. :issue:3107 :pr:3228

• Use :class:ValueError message when conversion in :class:FuncParamType would
  fail. :issue:3105 :pr:3211

• Add click.get_pager_file for file-like access to an output
  pager. :pr:1572 :pr:3405

• :func:~click.formatting.wrap_text now measures line width in visible
  characters, ignoring ANSI escape sequences. :pr:3420

• Fix :meth:HelpFormatter.write_usage emitting only a blank line when
  called without args. The usage prefix and program name are now
  written even when no arguments follow, and the trailing separator
  space is stripped so the line ends at the program name.
  :issue:3360 :pr:3434

• Show custom error messages from types when :func:prompt with
  hide_input=True fails validation, instead of always showing a
  generic message. Built-in type messages mask the input value.
  :issue:2809 :pr:3256

• Add capture parameter to :class:CliRunner with two modes: sys
  (default) and fd. fd redirects file descriptors 1 and 2
  via :func:os.dup2 so output that bypasses sys.stdout (stale stream
  references, C extensions, subprocesses, faulthandler) is captured
  with proper isolation. :issue:854 :issue:2412 :issue:2468
  :issue:2497 :issue:2761 :issue:2827 :issue:2865 :pr:3391

• Revert the 8.3.3 change that exposed the original file descriptor
  via fileno() on the redirected CliRunner streams in the default
  capture mode. os.dup2(w, sys.stdout.fileno()) calls inside a CLI no
  longer mutate the host runner's stdout, which broke Pytest's fd-level
  capture teardown. C-level consumers that need a real fd should use
  capture="fd". :issue:3384 :pr:3391

• Mark additional built-in strings with gettext() to extend translation
  coverage. :pr:2902

• Fix feature switch groups (several flag_value options sharing one
  parameter name) silently dropping an explicit default when a sibling
  option without an explicit default was declared first. Arbitration is now
  source-aware: a more explicit :class:ParameterSource always wins, and
  within ParameterSource.DEFAULT, an option that received an explicit
  default= keyword wins over a sibling whose default was auto-derived.
  The 8.3.x first-wins fallback for remaining ties was reverted to the
  pre-8.3.x last-wins fallback. :issue:3403 :pr:3404

• Fix missing space between option help text and the (DEPRECATED)
  label, and localize the option label so it matches the command label.
  The label and the DeprecationWarning reason suffix are now produced
  by shared helpers. :pr:3423

• Document short option stacking (-abc is parsed as -a -b -c) and
  clarify that multi-character short option names are not supported.
  :issue:2779 :pr:3431

cypress-io/cypress (cypress)

v15.15.0

Compare Source

Changelog: https://docs.cypress.io/app/references/changelog#15-15-0

docker/build-push-action (docker/build-push-action)

v7.2.0

Compare Source

docker/login-action (docker/login-action)

v4.2.0

Compare Source

• Bump @​actions/core from 3.0.0 to 3.0.1 in #​976
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.1050.0 in #​960
• Bump @​docker/actions-toolkit from 0.86.0 to 0.90.0 in #​970
• Bump brace-expansion from 2.0.1 to 5.0.6 in #​993
• Bump fast-xml-builder from 1.1.4 to 1.2.0 in #​985
• Bump fast-xml-parser from 5.3.6 to 5.8.0 in #​963
• Bump http-proxy-agent and https-proxy-agent to 9.0.0 in #​961
• Bump postcss from 8.5.6 to 8.5.10 in #​979
• Bump tar from 6.2.1 to 7.5.15 in #​991
• Bump vite from 7.3.1 to 7.3.3 in #​986

Full Changelog: docker/login-action@v4.1.0...v4.2.0

docker/metadata-action (docker/metadata-action)

v6.1.0

Compare Source

• Bump @​docker/actions-toolkit from 0.79.0 to 0.90.0 in #​613
• Bump brace-expansion from 1.1.12 to 5.0.6 in #​658 #​630
• Bump csv-parse from 6.1.0 to 6.2.1 in #​617
• Bump fast-xml-parser from 5.4.2 to 5.8.0 in #​620
• Bump flatted from 3.3.3 to 3.4.2 in #​623
• Bump glob from 10.3.15 to 10.5.0 in #​621
• Bump handlebars from 4.7.8 to 4.7.9 in #​629
• Bump lodash from 4.17.23 to 4.18.1 in #​639
• Bump moment-timezone from 0.6.0 to 0.6.1 in #​619
• Bump picomatch from 4.0.3 to 4.0.4 in #​626
• Bump postcss from 8.5.6 to 8.5.10 in #​649
• Bump tar from 6.2.1 to 7.5.15 in #​657
• Bump undici from 6.23.0 to 6.25.0 in #​614
• Bump vite from 7.3.1 to 7.3.2 in #​637

Full Changelog: docker/metadata-action@v6.0.0...v6.1.0

docker/setup-buildx-action (docker/setup-buildx-action)

v4.1.0

Compare Source

• Bump @​docker/actions-toolkit from 0.79.0 to 0.90.0 in #​489
• Bump brace-expansion from 1.1.12 to 5.0.6 in #​547 #​508
• Bump fast-xml-builder from 1.0.0 to 1.2.0 in #​540
• Bump fast-xml-parser from 5.4.2 to 5.8.0 in #​496
• Bump flatted from 3.3.3 to 3.4.2 in #​499
• Bump glob from 10.3.12 to 13.0.6 in #​495
• Bump handlebars from 4.7.8 to 4.7.9 in #​504
• Bump lodash from 4.17.23 to 4.18.1 in #​523
• Bump picomatch from 4.0.3 to 4.0.4 in #​503
• Bump postcss from 8.5.6 to 8.5.10 in #​537
• Bump tar from 6.2.1 to 7.5.15 in #​545
• Bump undici from 6.23.0 to 6.25.0 in #​492
• Bump vite from 7.3.1 to 7.3.2 in #​520

Full Changelog: docker/setup-buildx-action@v4.0.0...v4.1.0

tox-dev/py-filelock (filelock)

v3.29.0

Compare Source

What's Changed

• 🐛 fix(async): use single-thread executor for lock consistency by @​gaborbernat in tox-dev/filelock#533
• ✨ feat(soft): enable stale lock detection on Windows by @​gaborbernat in tox-dev/filelock#534

Full Changelog: tox-dev/filelock@3.28.0...3.29.0

v3.28.0

Compare Source

What's Changed

• 🐛 fix(ci): unbreak release workflow, publish to PyPI again by @​gaborbernat in tox-dev/filelock#529

Full Changelog: tox-dev/filelock@3.27.0...3.28.0

[v3.25.2](https://redirect.github.com/tox-dev

✂ Note

PR body was truncated to here.