Bump the dependencies group in /.config with 5 updates #275

dependabot · 2025-01-05T01:43:54Z

Bumps the dependencies group in /.config with 5 updates:

Package	From	To
pillow	`11.0.0`	`11.1.0`
gitpython	`3.1.43`	`3.1.44`
gitdb	`4.0.11`	`4.0.12`
smmap	`5.0.1`	`5.0.2`
virtualenv	`20.28.0`	`20.28.1`

Updates pillow from 11.0.0 to 11.1.0

Release notes

Sourced from pillow's releases.

11.1.0

https://pillow.readthedocs.io/en/stable/releasenotes/11.1.0.html

Documentation

Added release notes for writing XMP bytes to JPEG and MPO #8627 [@radarhere]

Added release notes for using zlib-ng instead of zlib #8599 [@radarhere]

Replace python-pillow.org with python-pillow.github.io #8586 [@hugovk]

ImageFile tile is never None #8582 [@radarhere]

Only use start year in copyright, remove end years #8577 [@hugovk]

Python 3.12 is tested on MinGW #8575 [@radarhere]

Use brew formula to install libraqm #8574 [@radarhere]

Added link to GitHub releases in CHANGES #8571 [@radarhere]

Release drafter: move removals, deprecations, documentation up, and uncategorised changes last #8570 [@hugovk]

Updated macOS tested Pillow versions #8538 [@radarhere]

Use test image filename #8534 [@radarhere]

Update Windows 11 Arm64 tested versions #8523 [@nulano]

Move MPO into "Fully supported formats" #8504 [@radarhere]

Update license to MIT-CMU #8490 [@radarhere]

Dependencies

Update dependency mypy to v1.14.1 #8643 [@renovate]

Update dependency mypy to v1.14.0 #8613 [@renovate]

Updated libwebp to 1.5.0 #8612 [@radarhere]

Updated libXau to 1.0.12 #8598 [@radarhere]

Updated libjpeg-turbo to 3.1.0 #8595 [@radarhere]

Updated harfbuzz to 10.1.0 #8533 [@radarhere]

Updated openjpeg to 2.5.3 #8591 [@radarhere]

Update dependency cibuildwheel to v2.22.0 #8580 [@renovate]

Update codecov/codecov-action action to v5 #8557 [@renovate]

Migrate renovate config #8527 [@renovate]

Update dependency mypy to v1.13.0 #8491 [@renovate]

Update dependency mypy to v1.12.1 #8487 [@renovate]

Testing

Added CentOS Stream 10 #8646 [@radarhere]

Use monkeypatch #8628 [@radarhere]

Pass file handle to ContainerIO #8625 [@radarhere]

Use register_handler #8499 [@radarhere]

Use monkeypatch #8626 [@radarhere]

Test libjpeg-turbo on macOS #8596 [@radarhere]

Test 3.13t (free-threaded) from Quansight-Labs/setup-python on Linux and macOS #8565 [@hugovk]

Run gcc problem matcher on Python 3.13 #8541 [@radarhere]

Add trove-classifiers>=2024.10.12 to 'tests' extra and use for Windows CI #8514 [@hugovk]

Apply security fixes to GitHub Actions #8526 [@hugovk]

Remove unused gcov: true for codecov-action@v4 #8521 [@hugovk]

Added Fedora 41 #8520 [@radarhere]

Do not repeatedly save to the same path #8512 [@radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

11.1.0 and newer

See GitHub Releases:

https://github.com/python-pillow/Pillow/releases

Commits

4c1aed8 11.1.0 version bump
dfb368a Merge pull request #8651 from radarhere/blp
5d998d3 Improved coverage
6b75e06 Do not reread start of header in decoder
b89cc09 Corrected BLP1 alpha depth handling
aa0f412 Merge pull request #8646 from radarhere/centos
e344271 Added CentOS Stream 10
17f09f3 Merge pull request #8644 from radarhere/c99
d42f22b Added release notes
c7026d9 Merge pull request #8642 from radarhere/bigtiff
Additional commits viewable in compare view

Updates gitpython from 3.1.43 to 3.1.44

Release notes

Sourced from gitpython's releases.

3.1.44

What's Changed

Fix typo in _get_exe_extensions PATHEXT fallback by @EliahKagan in gitpython-developers/GitPython#1890

Don't suppress pytest warning summaries by @EliahKagan in gitpython-developers/GitPython#1892

Update the comment about --mixed and paths by @EliahKagan in gitpython-developers/GitPython#1894

Fixed an error updating shallow submodules by @EduardTalanov in gitpython-developers/GitPython#1899

Initial Migration of Fuzz Tests & Integration Scripts From the OSS-Fuzz Project Repo by @DaveLak in gitpython-developers/GitPython#1901

Fuzzer Migration Follow-ups by @DaveLak in gitpython-developers/GitPython#1903

Dockerize "Direct Execution of Fuzz Targets" by @DaveLak in gitpython-developers/GitPython#1904

Fix Fuzzer Crash in ClusterFuzz Due to Missing Git Executable by @DaveLak in gitpython-developers/GitPython#1906

Add GitPython's Standard License Header Comments to Shell Scripts by @DaveLak in gitpython-developers/GitPython#1907

Fix IndexError in GitConfigParser When a Quoted Config Value Contains a Trailing New Line by @DaveLak in gitpython-developers/GitPython#1908

Attempt 2 - Fix Missing Git Executable Causing ClusterFuzz Crash by @DaveLak in gitpython-developers/GitPython#1909

Replace the Suboptimal fuzz_tree.py Harness With a Better Alternative by @DaveLak in gitpython-developers/GitPython#1910

Add git.Blob Fuzz Target by @DaveLak in gitpython-developers/GitPython#1911

lint: switch order Ruff's hooks fix -> format by @Borda in gitpython-developers/GitPython#1912

Update OSS-Fuzz Scripts to Use New QA-Assets Repo Structure by @DaveLak in gitpython-developers/GitPython#1913

Add Diff Fuzz Target by @DaveLak in gitpython-developers/GitPython#1914

Instrument test utility functions to increase fuzzer efficiency by @DaveLak in gitpython-developers/GitPython#1915

Add the .git subdir as another safe.directory on Cygwin CI by @EliahKagan in gitpython-developers/GitPython#1916

Bump Vampire/setup-wsl from 3.0.0 to 3.1.0 by @dependabot in gitpython-developers/GitPython#1917

Add Submodules Fuzz Target by @DaveLak in gitpython-developers/GitPython#1919

Add graceful handling of expected exceptions in fuzz_submodule.py by @DaveLak in gitpython-developers/GitPython#1922

precommit: enable validate-pyproject by @Borda in gitpython-developers/GitPython#1921

typing fixes - DiffIndex generic type and IndexFile items by @Andrej730 in gitpython-developers/GitPython#1925

Fix Improper Import Order Breaking fuzz_submodule Fuzzer by @DaveLak in gitpython-developers/GitPython#1926

Fix iter_change_type diff renamed property to prevent warning by @kamilkrzyskow in gitpython-developers/GitPython#1918

fixed doc to not faulty do #1924 by @zerothi in gitpython-developers/GitPython#1932

fix: fix incoherent beginning whitespace by @cardoeng in gitpython-developers/GitPython#1933

Change aliases to work around mypy issue. by @PatrickMassot in gitpython-developers/GitPython#1935

precommit: enable end-of-file-fixer by @Borda in gitpython-developers/GitPython#1920

lint: add typos check by @Borda in gitpython-developers/GitPython#1888

Add type of change to files_dict of a commit by @JonasScharpf in gitpython-developers/GitPython#1943

Enable Python 3.8 and 3.9 on M1 runners by @EliahKagan in gitpython-developers/GitPython#1944

Use Alpine Linux in WSL on CI by @EliahKagan in gitpython-developers/GitPython#1945

Remove the non-ARM macOS CI jobs by @EliahKagan in gitpython-developers/GitPython#1946

Fix Several Bugs in the fuzz_submodule Causing a lot of False Alarms in the OSS-Fuzz Bug Tracker by @DaveLak in gitpython-developers/GitPython#1950

Gracefully handle PermissionError exceptions that crash fuzzer by @DaveLak in gitpython-developers/GitPython#1951

Fuzzing: Gracefully Handle Uninteresting Error to Fix OSS-Fuzz Issue by @DaveLak in gitpython-developers/GitPython#1952

Update and adjust pre-commit hooks by @EliahKagan in gitpython-developers/GitPython#1953

Upgrade sphinx to ~7.1.2 by @EliahKagan in gitpython-developers/GitPython#1954

Don't support building documentation on Python 3.7 by @EliahKagan in gitpython-developers/GitPython#1956

_to_relative_path to support mixing slashes and backslashes by @Andrej730 in gitpython-developers/GitPython#1961

Update base.py by @alex20230721 in gitpython-developers/GitPython#1965

Fix Fetch progress bar by @fvalette-ledger in gitpython-developers/GitPython#1971

New Contributors

@EduardTalanov made their first contribution in gitpython-developers/GitPython#1899

@DaveLak made their first contribution in gitpython-developers/GitPython#1901

@Andrej730 made their first contribution in gitpython-developers/GitPython#1925

... (truncated)

Commits

fb1b051 bump patch level to prepare new version
e51bf80 update GitDB submodule to latest pubslished version
a527224 Merge pull request #1971 from fvalette-ledger/fix-fetch-progress-bar
d6cdb67 See if python 3.7 still works when using an older Ubuntu version.
52cceaf git,cmd: add encoding arg to popen if universal newlines is True
1bb4651 git,remote: use universal new lines for fetch/pull stderr capture
49ca909 Update base.py (#1965)
3470fb3 Merge pull request #1961 from Andrej730/main
8327b82 Fix test failing on unix
4674059 Remove redundant path normalization for working_tree_dir
Additional commits viewable in compare view

Updates gitdb from 4.0.11 to 4.0.12

Release notes

Sourced from gitdb's releases.

4.0.12

What's Changed

Never add a vendored smmap directory to sys.path by @EliahKagan in gitpython-developers/gitdb#102

Revise and update the readme by @EliahKagan in gitpython-developers/gitdb#103

Set Dependabot submodule update cadence to weekly by @EliahKagan in gitpython-developers/gitdb#104

Add missing asserts in test_base.py by @Clavss in gitpython-developers/gitdb#109

Use contextlib.suppress instead of except: pass by @blablatdinov in gitpython-developers/gitdb#113

Add support for Python 3.13 by @edgarrmondragon in gitpython-developers/gitdb#114

Potential Race Condition Fix - OS Rename & Chmod - PermissionError by @DEKHTIARJonathan in gitpython-developers/gitdb#115

Bump gitdb/ext/smmap from 256c5a2 to 04dd210 by @dependabot in gitpython-developers/gitdb#112

Bump actions/setup-python from 4 to 5 by @dependabot in gitpython-developers/gitdb#111

New Contributors

@Clavss made their first contribution in gitpython-developers/gitdb#109

@blablatdinov made their first contribution in gitpython-developers/gitdb#113

@edgarrmondragon made their first contribution in gitpython-developers/gitdb#114

@DEKHTIARJonathan made their first contribution in gitpython-developers/gitdb#115

Full Changelog: gitpython-developers/gitdb@4.0.11...4.0.12

Commits

104138c bump patch level to prepare for next release
bcbe5df Merge pull request #111 from gitpython-developers/dependabot/github_actions/a...
be483fc Merge pull request #112 from gitpython-developers/dependabot/submodules/gitdb...
38b5c38 Merge pull request #115 from DEKHTIARJonathan/patch-1
b71e273 Update gitdb/db/loose.py
74a0eab Potential Race Condition Fix - OS Rename & Chmod
a8c894f Merge pull request #114 from edgarrmondragon/cp313
b38cbc4 Use older ubuntu to get Python 3.7
5bc9504 Add support for Python 3.13
88da5ef Merge pull request #113 from blablatdinov/use-contextlib-suppress
Additional commits viewable in compare view

Updates smmap from 5.0.1 to 5.0.2

Release notes

Sourced from smmap's releases.

v5.0.2

What's Changed

Update CI, in line with gitdb by @EliahKagan in gitpython-developers/smmap#53

No longer treat 3.12 as experimental on smmap CI by @EliahKagan in gitpython-developers/smmap#54

Bump actions/setup-python from 4 to 5 by @dependabot in gitpython-developers/smmap#55

Replace use of mktemp by @EliahKagan in gitpython-developers/smmap#56

Use SPDX identifier by @Shortfinga in gitpython-developers/smmap#57

New Contributors

@dependabot made their first contribution in gitpython-developers/smmap#55

@Shortfinga made their first contribution in gitpython-developers/smmap#57

Full Changelog: gitpython-developers/smmap@v5.0.1...v5.0.2

Commits

f31bfa3 bump patch level prior to new release
59c88c0 Merge pull request #57 from Shortfinga/master
f71bbd4 Use SPDX identifier
04dd210 Merge pull request #56 from EliahKagan/no-mktemp
a315725 Replace use of mktemp
7d6f97c Merge pull request #55 from gitpython-developers/dependabot/github_actions/ac...
36dd418 Bump actions/setup-python from 4 to 5
f1ace75 Merge pull request #54 from EliahKagan/312stable
44ac30a No longer treat 3.12 as experimental on CI
69cd90f Run CI on all branches
Additional commits viewable in compare view

Updates virtualenv from 20.28.0 to 20.28.1

Release notes

Sourced from virtualenv's releases.

20.28.1

What's Changed

release 20.28.0 by @gaborbernat in pypa/virtualenv#2807

Skip tcsh tests on broken tcsh versions by @gaborbernat in pypa/virtualenv#2817

Full Changelog: pypa/virtualenv@20.28.0...20.28.1

Changelog

Sourced from virtualenv's changelog.

v20.28.1 (2025-01-02)

Bugfixes - 20.28.1
- Skip tcsh tests on broken tcsh versions - by :user:`gaborbernat`. (:issue:`2814`)

Commits

25f5615 release 20.28.1
eb8c7c3 Skip tcsh tests on broken tcsh versions (#2817)
baf2da4 [pre-commit.ci] pre-commit autoupdate (#2810)
2f5569c Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#2813)
9098223 Merge pull request #2807 from pypa/release-20.28.0
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group in /.config with 5 updates: | Package | From | To | | --- | --- | --- | | [pillow](https://github.com/python-pillow/Pillow) | `11.0.0` | `11.1.0` | | [gitpython](https://github.com/gitpython-developers/GitPython) | `3.1.43` | `3.1.44` | | [gitdb](https://github.com/gitpython-developers/gitdb) | `4.0.11` | `4.0.12` | | [smmap](https://github.com/gitpython-developers/smmap) | `5.0.1` | `5.0.2` | | [virtualenv](https://github.com/pypa/virtualenv) | `20.28.0` | `20.28.1` | Updates `pillow` from 11.0.0 to 11.1.0 - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](python-pillow/Pillow@11.0.0...11.1.0) Updates `gitpython` from 3.1.43 to 3.1.44 - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.43...3.1.44) Updates `gitdb` from 4.0.11 to 4.0.12 - [Release notes](https://github.com/gitpython-developers/gitdb/releases) - [Commits](gitpython-developers/gitdb@4.0.11...4.0.12) Updates `smmap` from 5.0.1 to 5.0.2 - [Release notes](https://github.com/gitpython-developers/smmap/releases) - [Commits](gitpython-developers/smmap@v5.0.1...v5.0.2) Updates `virtualenv` from 20.28.0 to 20.28.1 - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](pypa/virtualenv@20.28.0...20.28.1) --- updated-dependencies: - dependency-name: pillow dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: gitpython dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: gitdb dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: smmap dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: virtualenv dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-01-05T01:43:56Z

The following labels could not be found: dependabot-deps-updates.

dependabot bot requested a review from ssbarnea as a code owner January 5, 2025 01:43

dependabot bot added the skip-changelog label Jan 5, 2025

dependabot bot temporarily deployed to ack January 5, 2025 01:43 Inactive

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependencies group in /.config with 5 updates #275

Bump the dependencies group in /.config with 5 updates #275

dependabot bot commented on behalf of github Jan 5, 2025

dependabot bot commented on behalf of github Jan 5, 2025

Bump the dependencies group in /.config with 5 updates #275

Are you sure you want to change the base?

Bump the dependencies group in /.config with 5 updates #275

Conversation

dependabot bot commented on behalf of github Jan 5, 2025

11.1.0

Documentation

Dependencies

Testing

11.1.0 and newer

3.1.44

What's Changed

New Contributors

4.0.12

What's Changed

New Contributors

v5.0.2

What's Changed

New Contributors

20.28.1

What's Changed

v20.28.1 (2025-01-02)

dependabot bot commented on behalf of github Jan 5, 2025