Bump setuptools-scm from 9.2.2 to 10.0.2

[dependabot]

Bumps setuptools-scm from 9.2.2 to 10.0.2.

Release notes

Sourced from setuptools-scm's releases.

setuptools-scm v10.0.2

Fixed

• Fix version file not generated for editable installs. Version files are now written to the source tree by default during inference (restoring pre-10.x behavior), and also registered as build_py outputs so strict editable installs include them in the persistent auxiliary directory. Set SETUPTOOLS_SCM_WRITE_TO_SOURCE=0 to disable source-tree writing (e.g., for read-only source directories). (#1298)

setuptools-scm v10.0.1

Miscellaneous

• Simplify release tag creation to use a single createRelease API call instead of separate createTag/createRef/createRelease calls, avoiding dangling tag objects on partial failures. (#release-pipeline)

setuptools-scm v10.0.0

Removed

• Drop Python 3.8 and 3.9 support. Minimum Python version is now 3.10. (#1228)

Added

• setuptools-scm now depends on vcs-versioning for core version inference logic. This enables other build backends to use the same version inference without setuptools dependency. (#1228)

• Version files (write_to and version_file) are now written to the build directory during build_py instead of the source tree during version inference. This enables installing packages from read-only source directories (e.g., Bazel builds).

  Path transformation is automatically applied for src/ layouts - a configured path like src/mypackage/_version.py is correctly written to mypackage/_version.py in the build directory based on the package_dir configuration.

  To restore the old behavior of writing version files at inference time (useful for development workflows), set the environment variable SETUPTOOLS_SCM_WRITE_TO_SOURCE=1. (#1252)

Fixed

• Fix issue #1231: Don't warn about tool.setuptools.dynamic.version conflict when only using file finder without version inference. (#1231)

Miscellaneous

• Refactored should_infer from method to standalone function for better code organization. (#1228)
• Updated mypy version template test to use uvx, ensuring generated version files remain compatible with Python 3.8+ consumers. (#1228)
• Refactored TestBuildPackageWithExtra into parametrized function with custom INI-based decorator for cleaner test data specification. (#1228)
• Internal refactoring: modernized type annotations, improved CLI type safety, and enhanced release automation infrastructure. (#1228)

v9.2.2

Fixed

• fix #1231: don't warn about tool.setuptools.dynamic.version when only using file finder. The warning about combining version guessing with setuptools dynamic versions should only be issued when setuptools-scm is performing version inference, not when it's only being

... (truncated)

Commits

• d6f8df2 Merge pull request #1304 from pypa/release/main
• 81eea6d Prepare release: setuptools-scm v10.0.2
• 0df426a Merge pull request #1300 from RonnyPfannschmidt/fix/1298-editable-version-file
• e3c712d test: extract _run_setuptools_setup helper with non-zero assertion
• edddf09 refactor: extract ScmVersionFileMixin for cooperative build_py composition
• 480110b fix: write version files to source by default and register in editable wheel ...
• 80c74ce Merge pull request #1293 from pypa/dependabot/uv/pynacl-1.6.2
• 31246d9 Merge pull request #1294 from pypa/dependabot/github_actions/github-actions-6...
• 86837f2 Merge pull request #1290 from pypa/dependabot/uv/pyjwt-2.12.0
• 6d7302e Merge pull request #1291 from pypa/dependabot/uv/cryptography-46.0.5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)