build(deps): bump the python group across 1 directory with 5 updates

[dependabot]

Bumps the python group with 5 updates in the / directory:

Package	From	To
pydantic	1.10.19	1.10.21
vcrpy	6.0.2	7.0.0
twine	5.1.1	6.1.0
tomli	2.1.0	2.2.1
ruff	0.8.0	0.9.7

Updates pydantic from 1.10.19 to 1.10.21

Release notes

Sourced from pydantic's releases.

v1.10.20 2025-01-07

What's Changed

This release provides proper support for Python 3.13, with (Cythonized) wheels published for this version. As a consequence, Cython was updated from 0.29.x to 3.0.x.

• General maintenance of CI and build ecosystem by @​Viicos in pydantic/pydantic#10847
  • Update Cython to 3.0.x.
  • Properly address Python 3.13 deprecation warnings.
  • Migrate packaging to pyproject.toml, make use of PEP 517 build options.
  • Use build instead of direct setup.py invocations.
  • Update various Github Actions versions.
• Replace outdated stpmex link in documentation by @​jaredenorris in pydantic/pydantic#10997

New Contributors

• @​jaredenorris made their first contribution in pydantic/pydantic#10997

Full Changelog: pydantic/pydantic@v1.10.19...v1.10.20

Changelog

Sourced from pydantic's changelog.

v1.10.21 (2025-01-10)

• Fix compatibility with ForwardRef._evaluate and Python < 3.12.4 by @​griels in pydantic/pydantic#11232

v1.10.20 (2025-01-07)

This release provides proper support for Python 3.13, with (Cythonized) wheels published for this version. As a consequence, Cython was updated from 0.29.x to 3.0.x.

• General maintenance of CI and build ecosystem by @​Viicos in pydantic/pydantic#10847
  • Update Cython to 3.0.x.
  • Properly address Python 3.13 deprecation warnings.
  • Migrate packaging to pyproject.toml, make use of PEP 517 build options.
  • Use build instead of direct setup.py invocations.
  • Update various Github Actions versions.
• Replace outdated stpmex link in documentation by @​jaredenorris in pydantic/pydantic#10997

Commits

• 0cbba0f Prepare release v1.10.21 (#11238)
• c55e231 Fix compatibility with ForwardRef._evaluate and Python < 3.12.4 (#11232)
• bfc2243 Prepare release v1.10.20 (#11226)
• 4a52e6a General maintenance of CI and build ecosystem (#10847)
• 7c70a4a Fix linting job for v1.10.X-fixes (#11028)
• 56321fd Replace outdated docs link (#10997)
• See full diff in compare view

Updates vcrpy from 6.0.2 to 7.0.0

Release notes

Sourced from vcrpy's releases.

v7.0.0

What's Changed

- Drop support for python 3.8 (major version bump) - thanks @jairhenrique
- Various linting and test fixes - thanks @jairhenrique
- Bugfix for urllib2>=2.3.0 - missing version_string ([#888](https://github.com/kevin1024/vcrpy/issues/888))
- Bugfix for asyncio.run - thanks @alekeik1

New Contributors

• @​exslim made their first contribution in kevin1024/vcrpy#889
• @​alekseik1 made their first contribution in kevin1024/vcrpy#886

Changelog

Sourced from vcrpy's changelog.

Changelog

For a full list of triaged issues, bugs and PRs and what release they are targeted for please see the following link.

ROADMAP MILESTONES <https://github.com/kevin1024/vcrpy/milestones>_

All help in providing PRs to close out bug issues is appreciated. Even if that is providing a repo that fully replicates issues. We have very generous contributors that have added these to bug issues which meant another contributor picked up the bug and closed it out.

• 7.0.0

  • Drop support for python 3.8 (major version bump) - thanks @​jairhenrique
  • Various linting and test fixes - thanks @​jairhenrique
  • Bugfix for urllib2>=2.3.0 - missing version_string (#888)
  • Bugfix for asyncio.run - thanks @​alekeik1

• 6.0.2

  • Ensure body is consumed only once (#846) - thanks @​sathieu
  • Permit urllib3 2.x for non-PyPy Python >=3.10
  • Fix typos in test commands - thanks @​chuckwondo
  • Several test and workflow improvements - thanks @​hartwork and @​graingert

• 6.0.1

  • Bugfix with to Tornado cassette generator (thanks @​graingert)

• 6.0.0

  • BREAKING: Fix issue with httpx support (thanks @​parkerhancock) in #784. NOTE: You may have to recreate some of your cassettes produced in previous releases due to the binary format being saved incorrectly in previous releases
  • BREAKING: Drop support for boto (vcrpy still supports boto3, but is dropping the deprecated boto support in this release. (thanks @​jairhenrique)
  • Fix compatibility issue with Python 3.12 (thanks @​hartwork)
  • Drop simplejson (fixes some compatibility issues) (thanks @​jairhenrique)
  • Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @​mgorny)
  • Various linting and docs improvements (thanks @​jairhenrique)
  • Tornado fixes (thanks @​graingert)

• 5.1.0

  • Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks @​jairhenrique
  • Enable rule B (flake8-bugbear) on ruff - thanks @​jairhenrique
  • Configure read the docs V2 - thanks @​jairhenrique
  • Fix typo in docs - thanks @​quasimik
  • Make json.loads of Python >=3.6 decode bytes by itself - thanks @​hartwork
  • Fix body matcher for chunked requests (fixes #734) - thanks @​hartwork
  • Fix query param filter for aiohttp (fixes #517) - thanks @​hartwork and @​salomvary
  • Remove unnecessary dependency on six. - thanks @​charettes
  • build(deps): update sphinx requirement from <7 to <8 - thanks @​jairhenrique
  • Add action to validate docs - thanks @​jairhenrique
  • Add editorconfig file - thanks @​jairhenrique
  • Drop iscoroutinefunction fallback function for unsupported python thanks @​jairhenrique

• 5.0.0

  • BREAKING CHANGE: Drop support for Python 3.7. 3.7 is EOL as of 6/27/23 Thanks @​jairhenrique
  • BREAKING CHANGE: Custom Cassette persisters no longer catch ValueError. If you have implemented a custom persister (has anyone implemented a custom persister? Let us know!) then you will need to throw a CassetteNotFoundError when unable to find a cassette. See #681 for discussion and reason for this change. Thanks @​amosjyng for the PR and the review from @​hartwork

• 4.4.0

  • HUGE thanks to @​hartwork for all the work done on this release!
  • Bring vcr/unittest in to vcrpy as a full feature of vcr instead of a separate library. Big thanks to @​hartwork for doing this and to @​agriffis for originally creating the library
  • Make decompression robust towards already decompressed input (thanks @​hartwork)

... (truncated)

Commits

• 3278619 Release v7.0.0
• 3fb62e0 fix: correctly handle asyncio.run when loop exists
• 8197865 build(deps): update sphinx requirement from <8 to <9
• be651bd pre-commit: Autoupdate
• a6698ed Fix aiohttp tests
• 48d0a2e Fixed missing version_string attribute when used with urllib3>=2.3.0
• 5b858b1 Fix lint
• c8d99a9 Fix ruff configuration
• ce27c63 Merge pull request #736 from kevin1024/drop-python38
• ab8944d Drop python 3.8 support
• Additional commits viewable in compare view

Updates twine from 5.1.1 to 6.1.0

Changelog

Sourced from twine's changelog.

Twine 6.1.0 (2025-01-17)

Features ^^^^^^^^

• Twine now has preliminary built-in support for Trusted Publishing <https://docs.pypi.org/trusted-publishers/>_ as an authentication mechanism. ([#1194](https://github.com/pypa/twine/issues/1194) <https://github.com/pypa/twine/pull/1194>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

• Remove support for egg and wininst distribution types. These are not accepted by PyPI and not produced by any modern build-backends. ([#1195](https://github.com/pypa/twine/issues/1195) <https://github.com/pypa/twine/issues/1195>_)

• Twine no longer supports .tar.bz2 source distributions. ([#1200](https://github.com/pypa/twine/issues/1200) <https://github.com/pypa/twine/pull/1200>_)

Misc ^^^^

• packaging is used instead of pkginfo for parsing and validating metadata. This aligns metadata validation to the one performed by PyPI. packaging version 24.0 or later is required. Support for metadata version 2.4 requires packaging 24.2 or later. pkginfo is not a dependency anymore. ([#1180](https://github.com/pypa/twine/issues/1180) <https://github.com/pypa/twine/issues/1180>_)

• Use "source" instead of None as pyversion for sdist uploads. This is what PyPI (and most likely other package indexes) expects. ([#1191](https://github.com/pypa/twine/issues/1191) <https://github.com/pypa/twine/issues/1191>_)

Twine 6.0.1 (2024-11-30)

Bugfixes ^^^^^^^^

• Fixed a regression where twine check would fail to expand wildcards, e.g. twine check 'dist/*'. ([#1188](https://github.com/pypa/twine/issues/1188) <https://github.com/pypa/twine/issues/1188>_)

Misc ^^^^

• [#1184](https://github.com/pypa/twine/issues/1184) <https://github.com/pypa/twine/issues/1184>_

... (truncated)

Commits

• aa3a910 Update changelog for 6.1.0 (#1214)
• 4406034 Merge pull request #1208 from dnicolodi/rm-setuptools
• 2ca55db Simplify generation of test packages used in test_check
• bffd296 Move build_archive() from test_sdist to common helpers module
• fd0646e Merge pull request #1206 from dnicolodi/rm-binary-blobs-part1
• ab4ec8c Merge pull request #1211 from pypa/dependabot/github_actions/actions/upload-a...
• b562f74 build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0
• b2832de Remove tests/fixtures/twine-1.5.0.zip
• 970851d Remove tests/alt-fixtures/twine-1.5.0-py2.py3-none-any.whl
• 2386ca5 build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 (#1205)
• Additional commits viewable in compare view

Updates tomli from 2.1.0 to 2.2.1

Changelog

Sourced from tomli's changelog.

2.2.1

• Fixed
  • Don't attempt to compile binary wheels for Python 3.8, 3.9 and 3.10 where cibuildwheel depends on a conflicting Tomli version

2.2.0

• Added
  • mypyc generated binary wheels for common platforms

Commits

• 73c3d10 Bump version: 2.2.0 → 2.2.1
• 7c2368d Don't build wheels for Python versions requiring tomli
• c48e4e1 Bump version: 2.1.0 → 2.2.0
• 7604741 Update README
• 0724e2a Annotate global constants as Final to speed up compiled code
• 149547d Create binary wheels with mypyc (#242)
• 443a0c1 pre-commit autoupdate and autofix
• 48461cf Merge pull request #240 from hukkin/version-2.1.0
• See full diff in compare view

Updates ruff from 0.8.0 to 0.9.7

Release notes

Sourced from ruff's releases.

0.9.7

Release Notes

Preview features

• Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
• [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
• [refurb] Manual timezone monkeypatching (FURB162) (#16113)
• [ruff] Implicit class variable in dataclass (RUF045) (#14349)
• [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
• [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

• [flake8-comprehensions]: Handle trailing comma in C403 fix (#16110)
• [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
• [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
• [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
• [pylint] Do not offer fix for raw strings (PLE251) (#16132)
• [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
• [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
• [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
• [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)
• [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
• [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

• Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

• Fix handling of requests received after shutdown message (#16262)
• Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
• Include document specific debug info for ruff.printDebugInformation (#16215)
• Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

• Warn on invalid noqa even when there are no diagnostics (#16178)
• Better error messages while loading configuration extends (#15658)

Bug fixes

• [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)

Documentation

• Add FAQ entry for source.* code actions in Notebook (#16212)
• Add SECURITY.md (#16224)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.7

Preview features

• Consider __new__ methods as special function type for enforcing class method or static method rules (#13305)
• [airflow] Improve the internal logic to differentiate deprecated symbols (AIR303) (#16013)
• [refurb] Manual timezone monkeypatching (FURB162) (#16113)
• [ruff] Implicit class variable in dataclass (RUF045) (#14349)
• [ruff] Skip singleton starred expressions for incorrectly-parenthesized-tuple-in-subscript (RUF031) (#16083)
• [refurb] Check for subclasses includes subscript expressions (FURB189) (#16155)

Rule changes

• [flake8-comprehensions]: Handle trailing comma in C403 fix (#16110)
• [flake8-debugger] Also flag sys.breakpointhook and sys.__breakpointhook__ (T100) (#16191)
• [pydocstyle] Handle arguments with the same names as sections (D417) (#16011)
• [pylint] Correct ordering of arguments in fix for if-stmt-min-max (PLR1730) (#16080)
• [pylint] Do not offer fix for raw strings (PLE251) (#16132)
• [pyupgrade] Do not upgrade functional TypedDicts with private field names to the class-based syntax (UP013) (#16219)
• [pyupgrade] Handle micro version numbers correctly (UP036) (#16091)
• [pyupgrade] Unwrap unary expressions correctly (UP018) (#15919)
• [ruff] Skip RUF001 diagnostics when visiting string type definitions (#16122)
• [flake8-pyi] Avoid flagging custom-typevar-for-self on metaclass methods (PYI019) (#16141)
• [pycodestyle] Exempt site.addsitedir(...) calls (E402) (#16251)

Formatter

• Fix unstable formatting of trailing end-of-line comments of parenthesized attribute values (#16187)

Server

• Fix handling of requests received after shutdown message (#16262)
• Ignore source.organizeImports.ruff and source.fixAll.ruff code actions for a notebook cell (#16154)
• Include document specific debug info for ruff.printDebugInformation (#16215)
• Update server to return the debug info as string with ruff.printDebugInformation (#16214)

CLI

• Warn on invalid noqa even when there are no diagnostics (#16178)
• Better error messages while loading configuration extends (#15658)

Bug fixes

• [refurb] Correctly handle lengths of literal strings in slice-to-remove-prefix-or-suffix (FURB188) (#16237)

Documentation

• Add FAQ entry for source.* code actions in Notebook (#16212)
• Add SECURITY.md (#16224)

... (truncated)

Commits

• 54fccb3 Bump version to 0.9.7 (#16271)
• 8198668 [red-knot] MDTest: Use custom class names instead of builtins (#16269)
• fc6b03c Handle requests received after shutdown message (#16262)
• fb09d63 [red-knot] Prefix Type::call and dunder_call with try (#16261)
• 16d0625 Improve internal docs for various string-node APIs (#16256)
• 25920fe Rename ExprStringLiteral::as_unconcatenated_string() to `ExprStringLiteral:...
• 97d0659 Pass ParserOptions to the parser (#16220)
• cfc6941 [red-knot] Resolve references in eager nested scopes eagerly (#16079)
• f50849a Add text_len() methods to more *Prefix enums in ruff_python_ast (#16254)
• 55ea094 [red-knot] Allow any Ranged argument for report_lint and `report_diagnost...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions