Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deps: Bump the dependencies group with 5 updates #376

Merged
merged 1 commit into from
Nov 20, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2023

Bumps the dependencies group with 5 updates:

Package From To
pontos 23.11.1 23.11.4
certifi 2023.7.22 2023.11.17
pygments 2.16.1 2.17.1
rich 13.6.0 13.7.0
tomlkit 0.12.2 0.12.3

Updates pontos from 23.11.1 to 23.11.4

Release notes

Sourced from pontos's releases.

pontos 23.11.4

23.11.4 - 2023-11-17

Added

  • Introduce a StrEnum class for Models 3073728

Changed

  • Use a UUID for cpe_name_id at NIST CPE API and models 790781d
  • Use StrEnum for all GitHub models a4df543
  • Update NIST models to use StrEnums d98108e
  • Use StrEnum for CVE Change EventName 4bb0657
  • Shrink the signature of all Model classes b1d96b0

Bug Fixes

  • Fix typo in CVE Change EventName enum 0ca44ec
  • Update pack_extended_attributes cpe function signature 11e8cdd

pontos 23.11.3

23.11.3 - 2023-11-15

Bug Fixes

  • Missing event name d9d20e6
  • add 'documentation' to Classification enum in models/code_scanning.py 0a530b7

pontos 23.11.2

23.11.2 - 2023-11-13

Bug Fixes

  • CVE api MAX_CVES_PER_PAGE to 2k; As per docs 74e0fa4

Dependencies

  • Bump the python-packages group with 5 updates fd0e4cb
Commits
  • e058f9b Automatic release to 23.11.4
  • 790781d Change: Use a UUID for cpe_name_id at NIST CPE API and models
  • 0ca44ec Fix: Fix typo in CVE Change EventName enum
  • a4df543 Change: Use StrEnum for all GitHub models
  • d98108e Change: Update NIST models to use StrEnums
  • 4bb0657 Change: Use StrEnum for CVE Change EventName
  • 3073728 Add: Introduce a StrEnum class for Models
  • b1d96b0 Change: Shrink the signature of all Model classes
  • 11e8cdd Fix: Update pack_extended_attributes cpe function signature
  • b3c8872 Automatic adjustments after release
  • Additional commits viewable in compare view

Updates certifi from 2023.7.22 to 2023.11.17

Commits
  • 515962b Merge pull request #252 from certifi/create-pull-request/patch
  • 28b2a0d 2023.11.17
  • 7ccda9f Bump actions/checkout from 4.1.0 to 4.1.1 (#251)
  • 5e4bb9e Bump actions/setup-python from 4.7.0 to 4.7.1 (#248)
  • 610354f Bump actions/checkout from 4.0.0 to 4.1.0 (#247)
  • 2d98c76 Bump actions/upload-artifact from 3.1.2 to 3.1.3 (#246)
  • 7f0e639 ci: add minimal permissions to workflows bump.yml and release.yml (#245)
  • 600713d Bump actions/checkout from 3.6.0 to 4.0.0 (#244)
  • 0435b2a Bump actions/checkout from 3.5.3 to 3.6.0 (#242)
  • 25ea83a Fix bash
  • Additional commits viewable in compare view

Updates pygments from 2.16.1 to 2.17.1

Release notes

Sourced from pygments's releases.

2.17.1

  • Updated lexers:

    • TOML: Fix bug making lexing of single-quoted strings too eager

2.17.0

  • New lexers:

  • Updated lexers:

    • Cypher: fix comment matching, add missing keywords (#2504)
    • Fortran: add elseif keyword (#2528)
    • Lean: make it available as lean3, in preparation for a possible switch to lean highlighting as Lean 4 (#2546)
    • JSON: add MIME types and file extensions for several line-delimited JSON formats (#2490)
    • Nix: many improvements (#2551, #1800)
    • OCaml: Add and keyword, remove value from keywords (#2521)
    • Python: add starlark and bazel aliases (#2517, #2516)
    • Snowball: Treat len like size (#2508)
    • Spice: add panic keyword and -> operator (#2510)
    • squid.conf: fix catastrophic backtracking (#2583)
    • TOML: rewritten, with many fixes (#2576)
    • Turtle: support blank nodes (#2581)
    • Wikitext: fix erroneous highlighting of LanguageConverter markup (#2493), add missing variant languages (#2494)
    • CMake: support [=[ bracketed arguments ]=] (#2549)
  • Fix ctags support and tests (#2487)

  • Include Lexer.add_filter in the documentation (#2519)

  • Add a Lean3Lexer alias (#2546)

  • The pygments.styles module contains a new STYLES variable with a dictionary of built-in styles. The old STYLE_MAP variable, which uses a different format, is kept for backwards compatibility.

  • On Windows, add a new installation extra (windows-terminal) which pulls in dependencies for colored console output. See :doc:cmdline for more details. (#2505)

  • Support more file types in autopygmentize script (#2513)

  • Change color of numbers in rrt style (#2526)

  • Fix error when trying to look up plugin formatters by file extension of the output format (#2563)

  • Use Hatchling as a build backend instead of setuptools. This change is transparent to most users. Distribution packagers who build without build isolation need to add hatchling as a build dependency and remove setuptools. People downloading source distributions and wheels from PyPI directly should note that they now have pygments in their file names instead of Pygments. (#2573)

  • Improve the test framework to also check for lost tokens when processing the snippets and example files (#2582.)

  • Improve the Dracula style definition to make it easier to maintain (#2575)

Changelog

Sourced from pygments's changelog.

Version 2.17.1

(released November 19, 2023)

  • Updated lexers:

    • TOML: Fix bug making lexing of single-quoted strings too eager

Version 2.17.0

(released November 18, 2023)

  • New lexers:

  • Updated lexers:

    • Cypher: fix comment matching, add missing keywords (#2504)
    • Fortran: add elseif keyword (#2528)
    • Lean: make it available as lean3, in preparation for a possible switch to lean highlighting as Lean 4 (#2546)
    • JSON: add MIME types and file extensions for several line-delimited JSON formats (#2490)
    • Nix: many improvements (#2551, #1800)
    • OCaml: Add and keyword, remove value from keywords (#2521)
    • Python: add starlark and bazel aliases (#2517, #2516)
    • Snowball: Treat len like size (#2508)
    • Spice: add panic keyword and -> operator (#2510)
    • squid.conf: fix catastrophic backtracking (#2583)
    • TOML: rewritten, with many fixes (#2576)
    • Turtle: support blank nodes (#2581)
    • Wikitext: fix erroneous highlighting of LanguageConverter markup (#2493), add missing variant languages (#2494)
    • CMake: support [=[ bracketed arguments ]=] (#2549)
  • Fix ctags support and tests (#2487)

  • Include Lexer.add_filter in the documentation (#2519)

  • Add a Lean3Lexer alias (#2546)

  • The pygments.styles module contains a new STYLES variable with a dictionary of built-in styles. The old STYLE_MAP variable, which uses a different format, is kept for backwards compatibility.

  • On Windows, add a new installation extra (windows-terminal) which pulls in dependencies for colored console output. See :doc:cmdline for more details.

... (truncated)

Commits
  • f5eb039 Prepare 2.17.1 hotfix release.
  • 0c66899 Update CHANGES
  • 220a2a9 TOML: fix bug with eager literal strings
  • 5cf7389 Another formatting fix in CHANGES.
  • 5874c34 Fix code formatting in the CHANGES file.
  • 49090a3 Prepare for next release.
  • 26e29a6 Bump version number.
  • a7d537b Use 3.12 final release in CI.
  • 89ea036 Prepare for 2.17 release.
  • 333e5b9 Update CHANGES for the next release.
  • Additional commits viewable in compare view

Updates rich from 13.6.0 to 13.7.0

Release notes

Sourced from rich's releases.

The "It's a wrap" release

[13.7.0] - 2023-11-15

Added

Fixed

  • Some text goes missing during wrapping when it contains double width characters Textualize/rich#3176
  • Ensure font is correctly inherited in exported HTML Textualize/rich#3104
  • Fixed typing for FloatPrompt.
Changelog

Sourced from rich's changelog.

[13.7.0] - 2023-11-15

Added

Fixed

  • Some text goes missing during wrapping when it contains double width characters Textualize/rich#3176
  • Ensure font is correctly inherited in exported HTML Textualize/rich#3104
  • Fixed typing for FloatPrompt.
Commits

Updates tomlkit from 0.12.2 to 0.12.3

Release notes

Sourced from tomlkit's releases.

0.12.3

What's Changed

Full Changelog: python-poetry/tomlkit@0.12.2...0.12.3

Changelog

Sourced from tomlkit's changelog.

[0.12.3] - 2023-11-15

Fixed

  • Improve the performance when parsing a table with nested dotted keys. (#193)
  • Keep the newlines when replacing a table. (#323)
Commits
  • a678c2f chore: bump version to 0.12.3
  • 238fec1 fix: Significant slowdown on nested tables depending on syntax (#324)
  • e9ccbe7 fix: Newline lost when updating a table (#323)
  • 524995d chore(deps-dev): bump urllib3 from 1.26.17 to 1.26.18 (#320)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [pontos](https://github.com/greenbone/pontos) | `23.11.1` | `23.11.4` |
| [certifi](https://github.com/certifi/python-certifi) | `2023.7.22` | `2023.11.17` |
| [pygments](https://github.com/pygments/pygments) | `2.16.1` | `2.17.1` |
| [rich](https://github.com/Textualize/rich) | `13.6.0` | `13.7.0` |
| [tomlkit](https://github.com/sdispater/tomlkit) | `0.12.2` | `0.12.3` |


Updates `pontos` from 23.11.1 to 23.11.4
- [Release notes](https://github.com/greenbone/pontos/releases)
- [Commits](greenbone/pontos@v23.11.1...v23.11.4)

Updates `certifi` from 2023.7.22 to 2023.11.17
- [Commits](certifi/python-certifi@2023.07.22...2023.11.17)

Updates `pygments` from 2.16.1 to 2.17.1
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](pygments/pygments@2.16.1...2.17.1)

Updates `rich` from 13.6.0 to 13.7.0
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](Textualize/rich@v13.6.0...v13.7.0)

Updates `tomlkit` from 0.12.2 to 0.12.3
- [Release notes](https://github.com/sdispater/tomlkit/releases)
- [Changelog](https://github.com/sdispater/tomlkit/blob/master/CHANGELOG.md)
- [Commits](python-poetry/tomlkit@0.12.2...0.12.3)

---
updated-dependencies:
- dependency-name: pontos
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: certifi
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: pygments
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: rich
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: tomlkit
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner November 20, 2023 04:11
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 20, 2023
@greenbonebot greenbonebot enabled auto-merge (rebase) November 20, 2023 04:11
Copy link

Conventional Commits Report

Type Number
Dependencies 1

🚀 Conventional commits found.

@greenbonebot greenbonebot merged commit 26ed07e into main Nov 20, 2023
18 of 19 checks passed
@greenbonebot greenbonebot deleted the dependabot/pip/dependencies-df4b3392e0 branch November 20, 2023 07:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants