Skip to content

build(deps-dev): bump the python group with 2 updates#1

Merged
SebTardif merged 1 commit into
mainfrom
dependabot/pip/python-defb4f0c69
Jul 2, 2026
Merged

build(deps-dev): bump the python group with 2 updates#1
SebTardif merged 1 commit into
mainfrom
dependabot/pip/python-defb4f0c69

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on setuptools and setuptools-scm to permit the latest version.
Updates setuptools to 82.0.1

Changelog

Sourced from setuptools's changelog.

v82.0.1

Bugfixes

  • Fix the loading of launcher manifest.xml file. (#5047)
  • Replaced deprecated json.__version__ with fixture in tests. (#5186)

Improved Documentation

  • Add advice about how to improve predictability when installing sdists. (#5168)

Misc

v82.0.0

Deprecations and Removals

  • pkg_resources has been removed from Setuptools. Most common uses of pkg_resources have been superseded by the importlib.resources <https://docs.python.org/3/library/importlib.resources.html>_ and importlib.metadata <https://docs.python.org/3/library/importlib.metadata.html>_ projects. Projects and environments relying on pkg_resources for namespace packages or other behavior should depend on older versions of setuptools. (#3085)

v81.0.0

Deprecations and Removals

  • Removed support for the --dry-run parameter to setup.py. This one feature by its nature threads through lots of core and ancillary functionality, adding complexity and friction. Removal of this parameter will help decouple the compiler functionality from distutils and thus the eventual full integration of distutils. These changes do affect some class and function signatures, so any derivative functionality may require some compatibility shims to support their expected interface. Please report any issues to the Setuptools project for investigation. (#4872)

v80.10.2

Bugfixes

  • Update vendored dependencies. (#5159)

Misc

... (truncated)

Commits
  • 5a13876 Bump version: 82.0.0 → 82.0.1
  • 51ab8f1 Avoid using (deprecated) 'json.version' in tests (#5194)
  • f9c37b2 Docs/CI: Fix intersphinx references (#5195)
  • 8173db2 Docs: Fix intersphinx references
  • 09bafbc Fix past tense on newsfragment
  • 461ea56 Add news fragment
  • c4ffe53 Avoid using (deprecated) 'json.version' in tests
  • 749258b Cleanup pkg_resources dependencies and configuration (#5175)
  • 2019c16 Parse ext-module.define-macros from pyproject.toml as list of tuples (#5169)
  • b809c86 Sync setuptools schema with validate-pyproject (#5157)
  • Additional commits viewable in compare view

Updates setuptools-scm to 10.2.0

Release notes

Sourced from setuptools-scm's releases.

setuptools-scm v10.2.0

Added

  • Restore Python 3.8 and 3.9 support, re-enabling use as a build dependency for projects like scikit-build that still support these versions. (#1445)

Miscellaneous

  • Move PKG-INFO discovery tests from vcs-versioning to setuptools-scm where the entry points are registered. (#1446)
Commits
  • a705891 Merge pull request #1448 from pypa/release/main
  • 630448e Prepare release: setuptools-scm v10.2.0, vcs-versioning v2.2.0
  • aaf4950 Merge pull request #1445 from RonnyPfannschmidt/python-legacy
  • dd60bf9 Merge pull request #1447 from RonnyPfannschmidt/fix/1446-move-pkginfo-tests
  • 535f5ff fix: move PKG-INFO discovery tests to setuptools-scm (#1446)
  • 3546a0e feat: restore Python 3.8 and 3.9 support
  • 0cde123 Merge pull request #1443 from pypa/release/main
  • 51bc391 Prepare release: vcs-versioning v2.1.2
  • 310f3c3 Merge pull request #1442 from RonnyPfannschmidt/fix/1439-metadata-workdir-cus...
  • b7b70a8 fix: don't re-parse stored tags through tag_regex in MetadataWorkdir (#1439)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 2, 2026
Updates the requirements on [setuptools](https://github.com/pypa/setuptools) and [setuptools-scm](https://github.com/pypa/setuptools-scm) to permit the latest version.

Updates `setuptools` to 82.0.1
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v68.0.0...v82.0.1)

Updates `setuptools-scm` to 10.2.0
- [Release notes](https://github.com/pypa/setuptools-scm/releases)
- [Changelog](https://github.com/pypa/setuptools-scm/blob/main/RELEASE_SYSTEM.md)
- [Commits](pypa/setuptools-scm@setuptools-scm-v10.0.0...setuptools-scm-v10.2.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-version: 82.0.1
  dependency-type: direct:development
  dependency-group: python
- dependency-name: setuptools-scm
  dependency-version: 10.2.0
  dependency-type: direct:development
  dependency-group: python
...

Signed-off-by: dependabot[bot] <support@github.com>
@SebTardif SebTardif force-pushed the dependabot/pip/python-defb4f0c69 branch from f13d7c2 to b91b76e Compare July 2, 2026 16:17
@SebTardif SebTardif merged commit 0d52d09 into main Jul 2, 2026
8 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/python-defb4f0c69 branch July 2, 2026 16:19
SebTardif added a commit that referenced this pull request Jul 2, 2026
Move persistence imports (save_database, load_database) from
module-level in database.py into the save() and load() method bodies.
This breaks the import cycle that CodeQL flagged as py/unsafe-cyclic-import
(alerts #1, #2, #3).

Signed-off-by: Sebastien Tardif <sebtardif@ncf.ca>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant