Skip to content

🔖 Promote 1.1.21: test → prod#125

Closed
JuanVilla424 wants to merge 16 commits into
prodfrom
test
Closed

🔖 Promote 1.1.21: test → prod#125
JuanVilla424 wants to merge 16 commits into
prodfrom
test

Conversation

@JuanVilla424

Copy link
Copy Markdown
Owner

Promote version 1.1.21 (deps split, changelog generator fix) from test to prod.

JuanVilla424 and others added 16 commits May 25, 2026 15:48
Updates the requirements on
[pytest](https://github.com/pytest-dev/pytest) to permit the latest
version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>9.0.3</h2>
<h1>pytest 9.0.3 (2026-04-07)</h1>
<h2>Bug fixes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/12444">#12444</a>:
Fixed <code>pytest.approx</code> which now correctly takes into account
<code>~collections.abc.Mapping</code> keys order to compare them.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13634">#13634</a>:
Blocking a <code>conftest.py</code> file using the <code>-p no:</code>
option is now explicitly disallowed.</p>
<p>Previously this resulted in an internal assertion failure during
plugin loading.</p>
<p>Pytest now raises a clear <code>UsageError</code> explaining that
conftest files are not plugins and cannot be disabled via
<code>-p</code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13734">#13734</a>:
Fixed crash when a test raises an exceptiongroup with
<code>__tracebackhide__ = True</code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14195">#14195</a>:
Fixed an issue where non-string messages passed to <!-- raw HTML omitted
-->unittest.TestCase.subTest()<!-- raw HTML omitted --> were not
printed.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a>:
Fixed use of insecure temporary directory (CVE-2025-71176).</p>
</li>
</ul>
<h2>Improved documentation</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13388">#13388</a>:
Clarified documentation for <code>-p</code> vs
<code>PYTEST_PLUGINS</code> plugin loading and fixed an incorrect
<code>-p</code> example.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/13731">#13731</a>:
Clarified that capture fixtures (e.g. <code>capsys</code> and
<code>capfd</code>) take precedence over the <code>-s</code> /
<code>--capture=no</code> command-line options in <code>Accessing
captured output from a test function
&lt;accessing-captured-output&gt;</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14088">#14088</a>:
Clarified that the default <code>pytest_collection</code> hook sets
<code>session.items</code> before it calls
<code>pytest_collection_finish</code>, not after.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/14255">#14255</a>:
TOML integer log levels must be quoted: Updating reference
documentation.</li>
</ul>
<h2>Contributor-facing changes</h2>
<ul>
<li>
<p><a
href="https://redirect.github.com/pytest-dev/pytest/issues/12689">#12689</a>:
The test reports are now published to Codecov from GitHub Actions.
The test statistics is visible <a
href="https://app.codecov.io/gh/pytest-dev/pytest/tests">on the web
interface</a>.</p>
<p>-- by <code>aleguy02</code></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pytest/commit/a7d58d7a21b78581e636bbbdea13c66ad1657c1e"><code>a7d58d7</code></a>
Prepare release version 9.0.3</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/089d98199c253d8f89a040243bc4f2aa6cd5ab22"><code>089d981</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14366">#14366</a>
from bluetech/revert-14193-backport</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/8127eaf4ab7f6b2fdd0dc1b38343ec97aeef05ac"><code>8127eaf</code></a>
Revert &quot;Fix: assertrepr_compare respects dict insertion order (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14050">#14050</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14193">#14193</a>)&quot;</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/99a7e6029e7a6e8d53e5df114b1346e035370241"><code>99a7e60</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14363">#14363</a>
from pytest-dev/patchback/backports/9.0.x/95d8423bd...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/ddee02a578da30dd43aedc39c1c1f1aaadfcee95"><code>ddee02a</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14343">#14343</a>
from bluetech/cve-2025-71176-simple</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/74eac6916fee34726cb194f16c516e96fbd29619"><code>74eac69</code></a>
doc: Update training info (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14298">#14298</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14301">#14301</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/f92dee777cfdb77d1c43633d02766ddf1f07c869"><code>f92dee7</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14267">#14267</a>
from pytest-dev/patchback/backports/9.0.x/d6fa26c62...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/7ee58acc8777c31ac6cf388d01addf5a414a7439"><code>7ee58ac</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/12378">#12378</a>
from Pierre-Sassoulas/fix-implicit-str-concat-and-d...</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/37da870d37e3a2f5177cae075c7b9ae279432bf8"><code>37da870</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/14259">#14259</a>
from mitre88/patch-4 (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14268">#14268</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/c34bfa3b7acb65b594707c714f1d8461b0304eed"><code>c34bfa3</code></a>
Add explanation for string context diffs (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14257">#14257</a>)
(<a
href="https://redirect.github.com/pytest-dev/pytest/issues/14266">#14266</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/8.3.1...9.0.3">compare
view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
)

Updates the requirements on
[bump2version](https://github.com/c4urself/bump2version) to permit the
latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/c4urself/bump2version/blob/master/CHANGELOG.md">bump2version's
changelog</a>.</em></p>
<blockquote>
<p><strong>unreleased</strong>
<strong>v1.0.2-dev</strong></p>
<ul>
<li>Declare <code>bump2version</code> as unmaintained</li>
<li>Housekeeping: migrated from travis+appveyor to GitHub Actions for
CI, thanks <a
href="https://github.com/clbarnes"><code>@​clbarnes</code></a></li>
</ul>
<p><strong>v1.0.1</strong></p>
<ul>
<li>Added: enable special characters in search/replace, thanks <a
href="https://github.com/mckelvin"><code>@​mckelvin</code></a></li>
<li>Added: allow globbing a pattern to match multiple files, thanks <a
href="https://github.com/balrok"><code>@​balrok</code></a></li>
<li>Added: way to only bump a specified file via --no-configured-files,
thanks <a
href="https://github.com/balrok"><code>@​balrok</code></a></li>
<li>Fixed: dry-run now correctly outputs, thanks <a
href="https://github.com/fmigneault"><code>@​fmigneault</code></a></li>
<li>Housekeeping: documentation for lightweight tags improved, thanks <a
href="https://github.com/GreatBahram"><code>@​GreatBahram</code></a></li>
<li>Housekeeping: added related tools document, thanks <a
href="https://github.com/florisla"><code>@​florisla</code></a></li>
<li>Fixed: no more falling back to default search, thanks <a
href="https://github.com/florisla"><code>@​florisla</code></a></li>
</ul>
<p><strong>v1.0.0</strong></p>
<ul>
<li>Fix the spurious newline that bump2version adds when writing to
bumpversion.cfg, thanks <a
href="https://github.com/kyluca"><code>@​kyluca</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/58">#58</a></li>
<li>Add Python3.8 support, thanks <a
href="https://github.com/florisla"><code>@​florisla</code></a></li>
<li>Drop Python2 support, thanks <a
href="https://github.com/hugovk"><code>@​hugovk</code></a></li>
<li>Allow additional arguments to the commit call, thanks <a
href="https://github.com/lubomir"><code>@​lubomir</code></a></li>
<li>Various documentation improvements, thanks <a
href="https://github.com/lubomir"><code>@​lubomir</code></a> <a
href="https://github.com/florisla"><code>@​florisla</code></a> <a
href="https://github.com/padamstx"><code>@​padamstx</code></a> <a
href="https://github.com/glotis"><code>@​glotis</code></a></li>
<li>Housekeeping, move changelog into own file</li>
</ul>
<p><strong>v0.5.11</strong></p>
<ul>
<li>Housekeeping, also publish an sdist</li>
<li>Housekeeping, fix appveyor builds</li>
<li>Housekeeping, <code>make lint</code> now lints with pylint</li>
<li>Drop support for Python3.4, thanks <a
href="https://github.com/hugovk"><code>@​hugovk</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/79">#79</a></li>
<li>Enhance missing VCS command detection (errno 13), thanks <a
href="https://github.com/lowell80"><code>@​lowell80</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/75">#75</a></li>
<li>Add environment variables for other scripts to use, thanks <a
href="https://github.com/mauvilsa"><code>@​mauvilsa</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/70">#70</a></li>
<li>Refactor, cli.main is now much more readable, thanks <a
href="https://github.com/florisla"><code>@​florisla</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/68">#68</a></li>
<li>Fix, retain file newlines for Windows, thanks <a
href="https://github.com/hesstobi"><code>@​hesstobi</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/59">#59</a></li>
<li>Add support (tests) for Pythno3.7, thanks <a
href="https://github.com/florisla"><code>@​florisla</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/49">#49</a></li>
<li>Allow any part to be configured in configurable strings such as
tag_name etc., thanks <a
href="https://github.com/florisla"><code>@​florisla</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/41">#41</a></li>
</ul>
<p><strong>v0.5.10</strong></p>
<ul>
<li>Housekeeping, use twine</li>
</ul>
<p><strong>v0.5.9</strong></p>
<ul>
<li>Fixed windows appveyor-based testing, thanks: <a
href="https://github.com/jeremycarroll"><code>@​jeremycarroll</code></a>
<a
href="https://redirect.github.com/c4urself/bump2version/issues/33">#33</a>
and <a
href="https://redirect.github.com/c4urself/bump2version/issues/34">#34</a></li>
<li>Fixed interpolating correctly when using setup.cfg for config,
thanks: <a
href="https://github.com/SethMMorton"><code>@​SethMMorton</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/32">#32</a></li>
<li>Improve tox/travis testing, thanks: <a
href="https://github.com/ekohl"><code>@​ekohl</code></a> <a
href="https://redirect.github.com/c4urself/bump2version/issues/27">#27</a></li>
<li>Fixed markdown formatting in setup.py for pypi.org documentation,
thanks: <a
href="https://github.com/florisla"><code>@​florisla</code></a>, <a
href="https://github.com/Mattwmaster58"><code>@​Mattwmaster58</code></a>
<a
href="https://redirect.github.com/c4urself/bump2version/issues/26">#26</a></li>
</ul>
<p><strong>v0.5.8</strong></p>
<ul>
<li>Updated the readme to markdown for easier maintainability</li>
<li>Fixed travis testing, thanks: <a
href="https://github.com/sharksforarms"><code>@​sharksforarms</code></a>
<a
href="https://redirect.github.com/c4urself/bump2version/issues/15">#15</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/c4urself/bump2version/commit/14fa60386d05b7971bcf2b76878da9e3c87760b5"><code>14fa603</code></a>
Bump version: 1.0.1-dev → 1.0.1</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/2051c96f888466e0ffa12bbe57339d92f0f65427"><code>2051c96</code></a>
update changelog</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/8e6db2370a683f17a4188d8b4cc8968bac881c56"><code>8e6db23</code></a>
Merge pull request <a
href="https://redirect.github.com/c4urself/bump2version/issues/135">#135</a>
from mckelvin/handle-special-char</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/78c4f4bf706baa7656654507e94c579ef5a4e67e"><code>78c4f4b</code></a>
Merge pull request <a
href="https://redirect.github.com/c4urself/bump2version/issues/149">#149</a>
from balrok/cli-option-no-configured-files</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/4fe92774d6dfec259017a941d03551ab2caed843"><code>4fe9277</code></a>
Merge pull request <a
href="https://redirect.github.com/c4urself/bump2version/issues/158">#158</a>
from mbarkhau/patch-1</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/c6847476e12839cbd90d19a2a672e2e971f0fdd5"><code>c684747</code></a>
Add PyCalVer to RELATED.md</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/0a38097b1c0944d19ba996650c0b8188f5a6b837"><code>0a38097</code></a>
Merge pull request <a
href="https://redirect.github.com/c4urself/bump2version/issues/150">#150</a>
from balrok/glob-keyword-in-configfile</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/dc7cead00f86864276a619fec8fd048ef0a89214"><code>dc7cead</code></a>
DOC: Update note about bumpversion</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/0bd8d8373b8b9bd383dcef4d54c59e8044e2edc6"><code>0bd8d83</code></a>
also allow recursive glob with **</li>
<li><a
href="https://github.com/c4urself/bump2version/commit/a96ebf4ca55d97eab1a7ff9dd4169232875d229d"><code>a96ebf4</code></a>
support glob keyword in configfile</li>
<li>Additional commits viewable in <a
href="https://github.com/c4urself/bump2version/compare/v1.0.0...v1.0.1">compare
view</a></li>
</ul>
</details>
<br />


You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Updates the requirements on [requests](https://github.com/psf/requests)
to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.34.2</h2>
<h2>2.34.2 (2026-05-14)</h2>
<ul>
<li>Moved <code>headers</code> input type back to <code>Mapping</code>
to avoid invariance issues with <code>MutableMapping</code> and inferred
dict types. Users calling <code>Request.headers.update()</code> may need
to narrow typing in their code. (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14">https://github.com/psf/requests/blob/main/HISTORY.md#2342-2026-05-14</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.34.2 (2026-05-14)</h2>
<ul>
<li>Moved <code>headers</code> input type back to <code>Mapping</code>
to avoid invariance issues
with <code>MutableMapping</code> and inferred dict types. Users calling
<code>Request.headers.update()</code> may need to narrow typing in their
code. (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
</ul>
<h2>2.34.1 (2026-05-13)</h2>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Widened <code>json</code> input type from <code>dict</code> and
<code>list</code> to <code>Mapping</code>
and <code>Sequence</code>. (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li>Changed <code>headers</code> input type to MutableMapping and
removed <code>None</code> from
<code>Request.headers</code> typing to improve handling for users. (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><code>Response.reason</code> moved from <code>str | None</code> to
<code>str</code> to improve handling
for users. (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li>Fixed a bug where some bodies with custom <code>__getattr__</code>
implementations
weren't being properly detected as Iterables. (<a
href="https://redirect.github.com/psf/requests/issues/7433">#7433</a>)</li>
</ul>
<h2>2.34.0 (2026-05-11)</h2>
<p><strong>Announcements</strong></p>
<ul>
<li>
<p>Requests 2.34.0 introduces inline types, replacing those provided by
typeshed. Public API types should be fully compatible with mypy,
pyright,
and ty. We believe types are comprehensive but if you find issues,
please
report them to the pinned tracking issue.</p>
<p>Special thanks to <a
href="https://github.com/bastimeyer"><code>@​bastimeyer</code></a>, <a
href="https://github.com/cthoyt"><code>@​cthoyt</code></a>, <a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>,
and <a href="https://github.com/srittau"><code>@​srittau</code></a> for
helping review and test the types ahead of the release. (<a
href="https://redirect.github.com/psf/requests/issues/7272">#7272</a>)</p>
</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li>Digest Auth hashing algorithms have added
<code>usedforsecurity=False</code> to clarify
security considerations. (<a
href="https://redirect.github.com/psf/requests/issues/7310">#7310</a>)</li>
<li>Requests added support for Python 3.15 based on beta1. Downstream
projects
should be able to start testing prior to its release in October. (<a
href="https://redirect.github.com/psf/requests/issues/7422">#7422</a>)</li>
<li>Requests added support for Python 3.14t. (<a
href="https://redirect.github.com/psf/requests/issues/7419">#7419</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li><code>Response.history</code> no longer contains a reference to
itself, preventing
accidental looping when traversing the history list. (<a
href="https://redirect.github.com/psf/requests/issues/7328">#7328</a>)</li>
<li>Requests no longer performs greedy matching on no_proxy domains. The
proxy_bypass implementation has been updated with CPython's fix from
bpo-39057. (<a
href="https://redirect.github.com/psf/requests/issues/7427">#7427</a>)</li>
<li>Requests no longer incorrectly strips duplicate leading slashes in
URI paths. This should address user issues with specific presigned
URLs. Note the full fix requires urllib3 2.7.0+. (<a
href="https://redirect.github.com/psf/requests/issues/7315">#7315</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/requests/commit/6e83187b8feb273ed4c6cdab5efd8d54901dfab3"><code>6e83187</code></a>
v2.34.2</li>
<li><a
href="https://github.com/psf/requests/commit/84d10f0be83e8f6aeca8a05230c52216431c4d0b"><code>84d10f0</code></a>
Move Request.headers back to Mapping (<a
href="https://redirect.github.com/psf/requests/issues/7441">#7441</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/b7b549b54571d03950b16afd2d01bc6ff0348224"><code>b7b549b</code></a>
v2.34.1</li>
<li><a
href="https://github.com/psf/requests/commit/e511bc72777a94c45d004e010c597925092e1efe"><code>e511bc7</code></a>
Fix mutability issues with headers input types (<a
href="https://redirect.github.com/psf/requests/issues/7431">#7431</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/5691f596134c2feb121e595c77a0178921fcce61"><code>5691f59</code></a>
Update JsonType containers to read-based collections (<a
href="https://redirect.github.com/psf/requests/issues/7436">#7436</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/2144213c307691710c9d665700860fc4993c3035"><code>2144213</code></a>
Constrain Response.reason to str (<a
href="https://redirect.github.com/psf/requests/issues/7437">#7437</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/6404f345e562d962abe6700a1c357ec1e7e18232"><code>6404f34</code></a>
Fix <code>prepare_body</code> stream detection for
<code>__getattr__</code>-based file wrappers (<a
href="https://redirect.github.com/psf/requests/issues/7">#7</a>...</li>
<li><a
href="https://github.com/psf/requests/commit/0b401c76b6e80a4eecf3c690085b2553f6e261ca"><code>0b401c7</code></a>
v2.34.0</li>
<li><a
href="https://github.com/psf/requests/commit/86b378d3f60f828daa13ca50aa82e287ff7b66b4"><code>86b378d</code></a>
Align Session.get parameters with requests.get (<a
href="https://redirect.github.com/psf/requests/issues/7429">#7429</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/a4f9a5999bdb9bf2d6e7c8aa973b28cacb17134f"><code>a4f9a59</code></a>
Port bpo-39057 to Requests (<a
href="https://redirect.github.com/psf/requests/issues/7427">#7427</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.32.4...v2.34.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
)

Updates the requirements on
[setuptools](https://github.com/pypa/setuptools) to permit the latest
version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v82.0.1</h1>
<h2>Bugfixes</h2>
<ul>
<li>Fix the loading of <code>launcher manifest.xml</code> file. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5047">#5047</a>)</li>
<li>Replaced deprecated <code>json.__version__</code> with fixture in
tests. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5186">#5186</a>)</li>
</ul>
<h2>Improved Documentation</h2>
<ul>
<li>Add advice about how to improve predictability when installing
sdists. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5168">#5168</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/pypa/setuptools/issues/4941">#4941</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/5157">#5157</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/5169">#5169</a>,
<a
href="https://redirect.github.com/pypa/setuptools/issues/5175">#5175</a></li>
</ul>
<h1>v82.0.0</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li><code>pkg_resources</code> has been removed from Setuptools. Most
common uses of <code>pkg_resources</code> have been superseded by the
<code>importlib.resources
&lt;https://docs.python.org/3/library/importlib.resources.html&gt;</code>_
and <code>importlib.metadata
&lt;https://docs.python.org/3/library/importlib.metadata.html&gt;</code>_
projects. Projects and environments relying on
<code>pkg_resources</code> for namespace packages or other behavior
should depend on older versions of <code>setuptools</code>. (<a
href="https://redirect.github.com/pypa/setuptools/issues/3085">#3085</a>)</li>
</ul>
<h1>v81.0.0</h1>
<h2>Deprecations and Removals</h2>
<ul>
<li>Removed support for the --dry-run parameter to setup.py. This one
feature by its nature threads through lots of core and ancillary
functionality, adding complexity and friction. Removal of this parameter
will help decouple the compiler functionality from distutils and thus
the eventual full integration of distutils. These changes do affect some
class and function signatures, so any derivative functionality may
require some compatibility shims to support their expected interface.
Please report any issues to the Setuptools project for investigation.
(<a
href="https://redirect.github.com/pypa/setuptools/issues/4872">#4872</a>)</li>
</ul>
<h1>v80.10.2</h1>
<h2>Bugfixes</h2>
<ul>
<li>Update vendored dependencies. (<a
href="https://redirect.github.com/pypa/setuptools/issues/5159">#5159</a>)</li>
</ul>
<p>Misc</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/5a13876673a41e3cd21d4d6e587f53d0fb4fd8e5"><code>5a13876</code></a>
Bump version: 82.0.0 → 82.0.1</li>
<li><a
href="https://github.com/pypa/setuptools/commit/51ab8f183f1c4112675d8d6ec6b004406d518ee8"><code>51ab8f1</code></a>
Avoid using (deprecated) 'json.<strong>version</strong>' in tests (<a
href="https://redirect.github.com/pypa/setuptools/issues/5194">#5194</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/f9c37b20bb0ed11203f676f9683452a4c3ace6f6"><code>f9c37b2</code></a>
Docs/CI: Fix intersphinx references (<a
href="https://redirect.github.com/pypa/setuptools/issues/5195">#5195</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/8173db2a4fc0f6cb28926b3dba59116b79f435c8"><code>8173db2</code></a>
Docs: Fix intersphinx references</li>
<li><a
href="https://github.com/pypa/setuptools/commit/09bafbc74923f2a3591b5b098be75d6af6ca5141"><code>09bafbc</code></a>
Fix past tense on newsfragment</li>
<li><a
href="https://github.com/pypa/setuptools/commit/461ea56c8e629819a23920f44d9298d4f041abde"><code>461ea56</code></a>
Add news fragment</li>
<li><a
href="https://github.com/pypa/setuptools/commit/c4ffe535b58235ff9f9ebe90d24a2cffb57e70ae"><code>c4ffe53</code></a>
Avoid using (deprecated) 'json.<strong>version</strong>' in tests</li>
<li><a
href="https://github.com/pypa/setuptools/commit/749258b1a96c7accc05ea7d842fb19fc378866fe"><code>749258b</code></a>
Cleanup <code>pkg_resources</code> dependencies and configuration (<a
href="https://redirect.github.com/pypa/setuptools/issues/5175">#5175</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/2019c16701667db1010c62ec11c6ef78c2e58206"><code>2019c16</code></a>
Parse <code>ext-module.define-macros</code> from
<code>pyproject.toml</code> as list of tuples (<a
href="https://redirect.github.com/pypa/setuptools/issues/5169">#5169</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/b809c86a37d97fcce290d5f51d4c293ab40bc685"><code>b809c86</code></a>
Sync setuptools schema with validate-pyproject (<a
href="https://redirect.github.com/pypa/setuptools/issues/5157">#5157</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v82.0.0...v82.0.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Automatically created pull request for release v1.1.20-dev into test
branch.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Juan Villa <juan.villa@quipux.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mmm, right, may a god can review this one... Lets take a rest, gods working!

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8a29ff706d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +639 to +640
if history:
commits_dict, tag_dates = build_from_history(history)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Preserve versions absent from squash history

When a release is promoted as a squash commit, any earlier bump history makes this branch run even if the current version's bump commit is absent. That is the case for this commit: pyproject.toml is 1.1.21, but its ancestry ends with the 1.1.19 bump. Consequently, the next generate-changelog pre-commit hook regenerates CHANGELOG.md only through 1.1.19, deleting the committed 1.1.20 and 1.1.21 entries and omitting all changes after that bump.

Useful? React with 👍 / 👎.

Comment thread crypto_controller/main.py
Comment on lines +543 to +545
if os.path.isdir(cert_location):
for fname in os.listdir(cert_location):
match = re.match(r"^Crypto-Key-Pair-(\d{4})-(\d{4})\.kp$", fname)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Continue recognizing legacy key-pair filenames

Existing installations created by the previous default use Crypto-Key-Pair-<YEAR>.kp, but this regex recognizes only the new two-year-range format. After upgrading, a vault containing (for example) Crypto-Key-Pair-2026.kp is ignored and the CLI selects a new Crypto-Key-Pair-2026-2027 name, causing default status, encrypt, and decrypt operations to fail verification and init to create a different key pair instead of reusing the existing keys.

Useful? React with 👍 / 👎.

Comment on lines +255 to +259
logger.warning(
f"Amend attempt {attempt} aborted by pre-commit hooks modifying files; "
"re-staging tracked changes and retrying."
)
except subprocess.CalledProcessError as e:
logger.error(f"Failed to amend the commit: {e}")
sys.exit(1)
subprocess.run(["git", "add", "-u"], check=True, encoding="utf-8")

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Avoid staging unrelated tracked work during amend retries

If the first amend fails because a hook rewrites CHANGELOG.md, git add -u stages every tracked modification in the user's worktree, not just files changed by that hook. Because this runs from the pre-push hook, any unrelated tracked work made after the original commit is silently folded into the amended version-bump commit on the retry; capture the pre-amend state or explicitly stage only the hook outputs instead.

Useful? React with 👍 / 👎.

Comment thread crypto_controller/main.py
Comment on lines 577 to 579
"--key-pair-name",
default=f"Crypto-Key-Pair-{datetime.now().year}",
default=_resolve_key_pair_name(os.path.join(os.getcwd(), "certs")),
help="Name of the key pair. Defaults to 'Crypto-Key-Pair-<YEAR>'.",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Resolve the default key name from the selected vault

When callers pass --cert-location without also passing --key-pair-name, this default is computed from the hard-coded current-directory certs path before argparse knows the selected location. An active ranged key in the requested vault is therefore ignored, and a similarly named key in the default vault may even determine the name used against the wrong directory; derive the default after parsing args.cert_location.

Useful? React with 👍 / 👎.

Comment on lines 106 to +110
- name: Push Tag
id: push_tag
if: steps.check_arrow.outputs.contains_arrow == 'true'
if: steps.check_arrow.outputs.contains_arrow == 'true' && steps.create_tag.outputs.tag_name != ''
run: |
git push origin "${{ steps.create_tag.outputs.tag_name }}"
git push origin "${{ steps.create_tag.outputs.tag_name }}" || echo "Tag already on remote — skipping"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Propagate non-duplicate tag push failures

The || echo converts every failed tag push—including authentication, permission, network, and remote-hook failures—into a successful workflow step, after which the workflow still creates the promotion PR. Checked git push -h, whose documented invocation is git push [<options>] [<repository> [<refspec>...]]; nothing here restricts the fallback to an already-existing ref. Detect that specific condition explicitly and let all other failures stop the workflow.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant