Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Bump flit from 3.9.0 to 3.10.1 #38

Merged
merged 1 commit into from
Nov 4, 2024
Merged

Bump flit from 3.9.0 to 3.10.1 #38

merged 1 commit into from
Nov 4, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 4, 2024
edited
Loading

Bumps flit from 3.9.0 to 3.10.1.

Changelog

Sourced from flit's changelog.

Version 3.10.1

  • The sdist of flit_core now includes the corresponding tests (:ghpull:704). These were missing in 3.10.

Version 3.10

  • flit publish can now use PyPI tokens stored in keyring (:ghpull:649), either project tokens with a 'username' like :samp:pypi_token:project:{project_name} (use the normalised form of the name <https://packaging.python.org/en/latest/specifications/name-normalization/>_) or user tokens (:samp:pypi_token:user:{username}).
  • The --python option can now take the path of a virtualenv folder, as an alternative to a Python executable (:ghpull:667).
  • Flit will work with current development versions of Pythona again (:ghpull:684).
  • The flit command line package now requires Python 3.8 or above (:ghpulL:660). flit_core still works with Python 3.6 or above.
  • The metadata in packages now has the names of optional dependency groups ("extras") normalised, complying with version 2.3 of the metadata standard (:ghpull:676, :ghpull:697).
  • The flit command line package now depends on pip (:ghpull:647).
  • Fix potential substitution of environment variables into passwords read from .pypirc files (:ghpull:652).
  • A warning is now shown when building packages which specify the old flit.buildapi backend, which should be replaced by flit_core.buildapi (:ghpull:674). It's a good idea to always set a maximum version for the build requirement, to protect against changes in future major versions of Flit.
  • Avoid using the deprecated datetime.utcfromtimestamp() (:ghpull:682).
  • Flit now has a SECURITY.md file in the Github repository (:ghpull:665).
  • The tests for flit_core are no longer part of the installed package, reducing the size of the wheels (:ghpull:691).

Version 3.9

  • New options :option:flit build --use-vcs and :option:flit build --no-use-vcs to enable & disable including all committed files in the sdist. For now --use-vcs is the default, but this is likely to change in a future version, to bring flit build in line with standard build frontends like python -m build (:ghpull:625).
  • Sdist file names, and the name of the top-level folder in an sdist, are now normalised, in accordance with :pep:625 (:ghpull:628).
  • A statically defined version number can now be parsed from files called version.py, _version.py or __version__.py inside a package, as well as from __init__.py, so executing code is required in fewer cases (:ghpull:630).
  • Fix setting the flag for regular files in zip metadata (:ghpull:639).
  • The timestamp embedded in the gzip wrapper for sdists now defaults to a fixed

... (truncated)

Commits
  • 7cc7d33 Bump version: 3.10.0 → 3.10.1
  • 85d0003 Add release note for 3.10.1
  • ab4048a Merge pull request #704 from pypa/flit-core-sdist-tests
  • f6a0989 Include tests in flit_core sdist
  • 2ab70a3 Merge pull request #701 from pypa/codecov-token
  • 7d09966 Provide token to upload coverage data to codecov
  • 8066677 Merge pull request #700 from pypa/win-py3.13-tests
  • 34445e9 Better test for absolute Python exe path on Windows
  • d340f1c Fix checks for absolute paths in config on Python 3.13 & Windows
  • c57b101 Ensure CI also runs on tag pushes
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @Zeitsperre.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 4, 2024
@dependabot dependabot bot mentioned this pull request Nov 4, 2024
Closed
@github-actions github-actions bot added the CI label Nov 4, 2024
Zeitsperre
Zeitsperre approved these changes Nov 4, 2024
View reviewed changes
Copy link
Contributor

@Zeitsperre Zeitsperre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@coveralls
Copy link

coveralls commented Nov 4, 2024
edited
Loading

Coverage Status

coverage: 23.077%. remained the same
when pulling 5bde708 on dependabot/pip/flit-3.10.1
into 7b44c5c on main.

@dependabot dependabot bot force-pushed the dependabot/pip/flit-3.10.1 branch from f4688d9 to 3bd31fe Compare November 4, 2024 15:37
@dependabot
Bump flit from 3.9.0 to 3.10.1
5bde708 
Bumps [flit](https://github.com/pypa/flit) from 3.9.0 to 3.10.1.
- [Changelog](https://github.com/pypa/flit/blob/main/doc/history.rst)
- [Commits](pypa/flit@3.9.0...3.10.1)

---
updated-dependencies:
- dependency-name: flit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/flit-3.10.1 branch from 3bd31fe to 5bde708 Compare November 4, 2024 15:42
@dependabot dependabot bot merged commit a944a74 into main Nov 4, 2024
16 checks passed
@dependabot dependabot bot deleted the dependabot/pip/flit-3.10.1 branch November 4, 2024 15:44
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@Zeitsperre Zeitsperre Zeitsperre approved these changes

Assignees
No one assigned
Labels
CI dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@coveralls @Zeitsperre