[pull] master from aio-libs:master #285

pull · 2025-06-23T17:06:12Z

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.1)

Can you help keep this open source service alive? 💖 Please sponsor : )

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pygments&package-manager=pip&previous-version=2.19.1&new-version=2.19.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.0.0 to 3.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h3>Changed</h3> <ul> <li>The minimum Python version supported by this action is now 3.9 (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/155">#155</a>)</li> <li>The action's Python dependencies are now fully pinned to specific versions (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/165">#165</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>The <code>rfc3161-client</code> dependency has been upgraded to <code>1.0.3</code> to resolve a security vulnerability (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/182">#182</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h2>[3.0.1]</h2> <h3>Changed</h3> <ul> <li>The minimum Python version supported by this action is now 3.9 (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/155">#155</a>)</li> <li>The action's Python dependencies are now fully pinned to specific versions (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/165">#165</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>The <code>rfc3161-client</code> dependency has been upgrades to <code>1.0.3</code> to resolve a security vulnerability (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/182">#182</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/f7ad0af51a5648d09a20d00370f0a91c3bdf8f84"><code>f7ad0af</code></a> chore: prep 3.0.1 (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/183">#183</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/7dad330b7cc00877fda38e8ac56c7d69e20bd080"><code>7dad330</code></a> build(deps): bump rfc3161-client from 1.0.2 to 1.0.3 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/182">#182</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/deae7b09039836f94c5a183a266f8cd31bd769a6"><code>deae7b0</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/181">#181</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/f38fa95e2fe947a0827cf83585e9cd65f6107d5a"><code>f38fa95</code></a> build(deps): bump urllib3 from 2.4.0 to 2.5.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/180">#180</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/6409abb6b6aa159c173b7ccfc47078bec5735676"><code>6409abb</code></a> build(deps): bump the actions group with 2 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/178">#178</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/d7c8f99cb60c12cfbcea09cfb344ed5a108c84b6"><code>d7c8f99</code></a> build(deps): bump softprops/action-gh-release in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/177">#177</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/e346064a371a9668bb0943cbbfd9d285feabfd06"><code>e346064</code></a> build(deps): bump requests from 2.32.3 to 2.32.4 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/176">#176</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/cbd4d80b10f2b708b7be83cdf2318a15ae9cf632"><code>cbd4d80</code></a> Update Python dependencies (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/174">#174</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/250d1740e0d24c4565c8a5b94f10a952e06e9063"><code>250d174</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/172">#172</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/42bbcff08f93bc51a1e4b48a19b633ab975d10a6"><code>42bbcff</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/171">#171</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.0.0...v3.0.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=3.0.0&new-version=3.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

codecov-commenter · 2025-06-23T17:12:32Z

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.84%. Comparing base (7c3afd2) to head (a5aa198).
Report is 2 commits behind head on master.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #285   +/-   ##
=======================================
  Coverage   98.84%   98.84%           
=======================================
  Files         131      131           
  Lines       43280    43280           
  Branches     2328     2328           
=======================================
  Hits        42782    42782           
  Misses        343      343           
  Partials      155      155

Flag	Coverage Δ
CI-GHA	`98.74% <ø> (ø)`
OS-Linux	`98.47% <ø> (ø)`
OS-Windows	`96.79% <ø> (-0.01%)`	⬇️
OS-macOS	`97.69% <ø> (+<0.01%)`	⬆️
Py-3.10.11	`97.33% <ø> (+<0.01%)`	⬆️
Py-3.10.18	`97.81% <ø> (ø)`
Py-3.11.13	`98.00% <ø> (+0.01%)`	⬆️
Py-3.11.9	`97.53% <ø> (+<0.01%)`	⬆️
Py-3.12.10	`97.62% <ø> (-0.01%)`	⬇️
Py-3.12.11	`98.10% <ø> (ø)`
Py-3.13.3	`98.37% <ø> (ø)`
Py-3.9.13	`97.21% <ø> (+<0.01%)`	⬆️
Py-3.9.23	`97.69% <ø> (ø)`
Py-pypy7.3.16	`89.40% <ø> (+1.88%)`	⬆️
VM-macos	`97.69% <ø> (+<0.01%)`	⬆️
VM-ubuntu	`98.47% <ø> (ø)`
VM-windows	`96.79% <ø> (-0.01%)`	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

dependabot bot added 2 commits June 23, 2025 11:58

pull bot added the ⤵️ pull label Jun 23, 2025

pull bot merged commit a5aa198 into tj-python:master Jun 23, 2025
10 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from aio-libs:master #285

[pull] master from aio-libs:master #285

Uh oh!

pull bot commented Jun 23, 2025 •

edited

Loading

Uh oh!

Uh oh!

codecov-commenter commented Jun 23, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

[pull] master from aio-libs:master #285

[pull] master from aio-libs:master #285

Uh oh!

Conversation

pull bot commented Jun 23, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

codecov-commenter commented Jun 23, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

pull bot commented Jun 23, 2025 •

edited

Loading

codecov-commenter commented Jun 23, 2025 •

edited

Loading