Skip to content

Upgrade: [dependabot] - bump pip-licenses from 5.5.0 to 5.5.1 #2351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Upgrade: [dependabot] - bump pip-licenses from 5.5.0 to 5.5.1 #2351

dependabot wants to merge 1 commit into from
+5 −5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 30, 2026

Bumps pip-licenses from 5.5.0 to 5.5.1.

Release notes

Sourced from pip-licenses's releases.

v-5.5.1

Patch Notes for 5.5.1

Contains packaging and CI updates, dependency/dev-dependency security updates, small code/style fixes (typos, formatting), and preparation for PEP-compliant metadata and sdist behaviour.

Notable user-visible changes

  • Version bump: version set to 5.5.1 (piplicenses.py).
  • Typos fixed: README examples and internal docstrings (codespell fix).
  • Formatting: Applied black 26.1.0 changes across the codebase.
  • CI/CD:
    • Upgraded GitHub Actions runners/actions versions used in workflows:
      • actions/checkout → v6.0.1
      • actions/setup-python → v6.1.0
      • actions/upload-artifact → v6.0.0
      • actions/download-artifact → v7.0.0
      • codecov/codecov-action → v5.5.2
    • Workaround to bypass black lint step for Python 3.9 (black GHA failures with v3.9).
  • Packaging & metadata:
    • pyproject.toml: made PEP-compliant changes:
      • build-system requires reviewed
        • project URLs normalized to "homepage", "releasenotes", "issues" (PEP-753 well-known labels)
        • MANIFEST.in updated to use a prune/exclude strategy suitable for setuptools-scm (avoid duplicative explicit include lists).
      • project.license and license-files fields normalized (PEP-639)
      • requires-python remains >=3.9 (note: CI deprecates 3.9 for black)

Developer dependencies updated (security/maintenance):

  • urllib3 bumped 2.5.0 → 2.6.3
  • wheel bumped 0.45.1 → 0.46.2

Small code cleanups:

  • minor whitespace/annotation/style alignment and improved tuple assignment readability in piplicenses.py
  • some filename/text extraction behavior unchanged but formatting and docstrings clarified.

Files (high-level) changed in this PR

piplicenses.py — version bump, docstring typo fix, style/formatting adjustments CHANGELOG.md — added 5.5.1 notes pyproject.toml — PEP-639/753 packaging metadata and URL label normalisation MANIFEST.in — adapted for setuptools-scm (prune/exclude) dev-requirements.txt — urllib3, wheel updates .github/workflows/python-package.yml and .github/workflows/CD-PyPi.yml — updated action references, black job conditional, upload/download artifact and codecov action upgrades

Impacted GitHub Issues (GHI)

... (truncated)

Changelog

Sourced from pip-licenses's changelog.

5.5.1

  • Fixed typographical issue in README examples, closing GHI #209.
  • Fixed typographical issue in docstring found by codespell.
  • Aligned Project URLs in pyproject.toml with PEP 753
  • Brought pyproject.toml (e.g., packaging metadata) into alignment with PEP 639 and related packaging guidance.
    • Improved MANIFEST.in to setuptools-scm build logic with better filtering, closing GHI #266
  • Fixed a regression in linting via black by deprecating support for python 3.9, closing GHI #264
    • Applied black 26.1.0suggestions to codebase, closing GHI #269
Commits
  • 6b97581 [UPDATE] Version 5.5.1
  • 35b13b4 [MERGE] remote-tracking branch 'DimitriPapadopoulos/GitHub_jobs' into dev-5.5.1
  • 1288522 Work around MyPy limitation
  • 721334a Pin version of Python used to run Black/MyPy
  • c368dc8 Run Black and MyPy only once
  • d06d0d7 Merge branch 'dependabot/github_actions/dot-github/workflows/master/codecov/c...
  • 77378c3 [SECURITY] Security update of developer dependencies
  • 69d173a [SECURITY] Security update of developer dependencies
  • 6b9e05f Merge remote-tracking branch 'DimitriPapadopoulos/black' into dev-5.5.1
  • 35de465 [UPDATE] Release canididate for v5.5.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Upgrade: [dependabot] - bump pip-licenses from 5.5.0 to 5.5.1
54327c9 
Bumps [pip-licenses](https://github.com/raimon49/pip-licenses) from 5.5.0 to 5.5.1.
- [Release notes](https://github.com/raimon49/pip-licenses/releases)
- [Changelog](https://github.com/raimon49/pip-licenses/blob/master/CHANGELOG.md)
- [Commits](raimon49/pip-licenses@v-5.5.0...v-5.5.1)

---
updated-dependencies:
- dependency-name: pip-licenses
  dependency-version: 5.5.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 30, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 30, 2026

This PR is raised by Dependabot to update a dependency.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 30, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

eps-autoapprove-dependabot[bot]
eps-autoapprove-dependabot bot approved these changes Jan 30, 2026
View reviewed changes
Copy link

@eps-autoapprove-dependabot eps-autoapprove-dependabot bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

@eps-autoapprove-dependabot eps-autoapprove-dependabot bot enabled auto-merge (squash) January 30, 2026 18:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eps-autoapprove-dependabot eps-autoapprove-dependabot[bot] eps-autoapprove-dependabot[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants