build(deps): bump the pip group across 1 directory with 6 updates

[dependabot]

Bumps the pip group with 6 updates in the / directory:

Package	From	To
click	8.1.7	8.1.8
jinja2	3.1.4	3.1.5
pyinstaller	6.11.1	6.12.0
sh	2.1.0	2.2.1
black	24.10.0	25.1.0
pylint	3.3.2	3.3.4

Updates click from 8.1.7 to 8.1.8

Release notes

Sourced from click's releases.

8.1.8

This is the Click 8.1.8 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/click/8.1.8/ Changes: https://click.palletsprojects.com/en/stable/changes/#version-8-1-8 Milestone https://github.com/pallets/click/milestones/23?closed=1

• Fix an issue with type hints for click.open_file(). #2717
• Fix issue where error message for invalid click.Path displays on multiple lines. #2697
• Fixed issue that prevented a default value of "" from being displayed in the help for an option. #2500
• The test runner handles stripping color consistently on Windows. #2705
• Show correct value for flag default when using default_map. #2632
• Fix click.echo(color=...) passing color to coloroma so it can be forced on Windows. #2606.
• More robust bash version check, fixing problem on Windows with git-bash. #2638
• Cache the help option generated by the help_option_names setting to respect its eagerness. #2811
• Replace uses of os.system with subprocess.Popen. #1476
• Exceptions generated during a command will use the context's color setting when being displayed. #2193
• Error message when defining option with invalid name is more descriptive. #2452
• Refactor code generating default --help option to deduplicate code. #2563
• Test CLIRunner resets patched _compat.should_strip_ansi. #2732

Changelog

Sourced from click's changelog.

Version 8.1.8

Unreleased

• Fix an issue with type hints for click.open_file(). :issue:2717
• Fix issue where error message for invalid click.Path displays on multiple lines. :issue:2697
• Fixed issue that prevented a default value of "" from being displayed in the help for an option. :issue:2500
• The test runner handles stripping color consistently on Windows. :issue:2705
• Show correct value for flag default when using default_map. :issue:2632
• Fix click.echo(color=...) passing color to coloroma so it can be forced on Windows. :issue:2606.

Commits

• 934813e release version 8.1.8
• c23223b Add links to third-party projects enhancing Click (#2815)
• 822d4fd Add links to third-party projects
• 8e7bed0 Break up arguments section (#2586)
• 3241541 Remove some typing hints.
• bed0377 remove test pypi
• 6534590 update dev dependencies
• b1e392e fix typos
• fdc6b02 Fix missing reset in isolation function (#2733)
• ffd43e9 Fixed missing reset on _compat.should_strip_ansi.
• Additional commits viewable in compare view

Updates jinja2 from 3.1.4 to 3.1.5

Release notes

Sourced from jinja2's releases.

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. #2032
• Calling sync render for an async template uses asyncio.run. #1952
• Avoid unclosed auto_aiter warnings. #1960
• Return an aclose-able AsyncGenerator from Template.generate_async. #1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
• Avoid leaving async generators unclosed in blocks, includes and extends. #1960
• The runtime uses the correct concat function for the current environment when calling block references. #1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
• |int filter handles OverflowError from scientific notation. #1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
• Fix copy/pickle support for the internal missing object. #2027
• Environment.overlay(enable_async) is applied correctly. #2061
• The error message from FileSystemLoader includes the paths that were searched. #1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
• Improve annotations for methods returning copies. #1880
• urlize does not add mailto: to values like @a@b. #1870
• Tests decorated with @pass_context can be used with the |select filter. #1624
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

Changelog

Sourced from jinja2's changelog.

Version 3.1.5

Released 2024-12-21

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
• Calling sync render for an async template uses asyncio.run. :pr:1952
• Avoid unclosed auto_aiter warnings. :pr:1960
• Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
• Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
• The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
• |int filter handles OverflowError from scientific notation. :issue:1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
• Fix copy/pickle support for the internal missing object. :issue:2027
• Environment.overlay(enable_async) is applied correctly. :pr:2061
• The error message from FileSystemLoader includes the paths that were searched. :issue:1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
• Improve annotations for methods returning copies. :pr:1880
• urlize does not add mailto: to values like @a@b. :pr:1870
• Tests decorated with @pass_context`` can be used with the ``|select`` filter. :issue:1624`
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. :issue:1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. :issue:1253

Commits

• 877f6e5 release version 3.1.5
• 8d58859 remove test pypi
• eda8fe8 update dev dependencies
• c8fdce1 Fix bug involving calling set on a template parameter within all branches of ...
• 66587ce Fix bug where set would sometimes fail within if
• fbc3a69 Add support for namespaces in tuple parsing (#1664)
• b8f4831 more comments about nsref assignment
• ee83219 Add support for namespaces in tuple assignment
• 1d55cdd Triple quotes in docs (#2064)
• 8a8eafc edit block assignment section
• Additional commits viewable in compare view

Updates pyinstaller from 6.11.1 to 6.12.0

Release notes

Sourced from pyinstaller's releases.

v6.12.0

Please see the v6.12.0 section of the changelog for a list of the changes since v6.11.1.

Changelog

Sourced from pyinstaller's changelog.

6.12.0 (2025-02-08)

Features

* (Cygwin) Improve Cygwin support to the extent that we can run a
  Cygwin-based CI pipeline with basic part of PyInstaller's test suite.
  (:issue:`8972`)
* Extend the :ref:`module_collection_mode <package collection mode>` setting
  from :issue:`6945` to also apply to modules collected into
  ``base_library.zip`` archive. Implement discovery of source .py files for
  modules in ``base_library.zip`` at run-time. This allows collection and
  discovery of source .py files for modules in ``base_library.zip``, which might
  be required by frameworks that perform aggressive recursive introspection all
  way down to standard library modules (for example, ``torch`` JIT in
  combination with certain model implementations). (:issue:`8971`)
Bugfix

* (AIX) Fix spurious run-time error in bootloader when no Wflags and/or no
  Xflags are specified via bootloader's run-time options (i.e., most of the
  time). (:issue:`9006`)
* (macOS) Fix directory name sanitization when building macOS .app bundles
  to properly account for nested .framework bundles, and prevent mangling
  of .framework directory name of all but inner-most .framework bundles.
  For example, the ``sdl2dll/dll/SDL2_image.framework`` directory from
  ``pysdl2-dll`` PyPI wheels would become mangled into
  ``sdl2dll/dll/SDL2_image__dot__framework`` due to having nested
  .framework bundles in its ``Versions/A/Frameworks`` sub-directory.
  (:issue:`8936`)
* (macOS) Have binary dependency analysis obtain the actual lists of
  run paths set on the python executable (:data:`sys.executable`), instead of
  assuming that it is effectively set to ``@loader_path/../lib``. This
  enables discovery of shared libraries bundled with python builds that
  use different origin for their run paths and ``@rpath``-based references.
  (:issue:`8951`)
* (macOS) Prevent binary dependency analysis from spuriously resolving
  shared library instance in a standard library path (for example,
  Homebrew-installed library in ``/usr/local/lib``) when trying to
  resolve ``@rpath``-based reference with multiple candidate run paths
  that are anchored to ``@loader_path`` or ``@executable_path`` prefix
  that resolves to a completely different path prefix (for example, an
  Anaconda python environment). (:issue:`8962`)
* Add exclude for ``libwayland*.so`` to prevent mismatches with system drivers.
  (:issue:`8963`)
* Fix errors raised by ``setuptools`` hook utility class and various
  related hooks when building with completely de-vendored ``setuptools``
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/31dbe9ff477716e4790aa317bc9da68766d20659&quot;&gt;&lt;code&gt;31dbe9f&lt;/code&gt;&lt;/a> Release v6.12.0. [skip ci]</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/be77254be3e844b7e7d59b977bb25f6fdf0527b4&quot;&gt;&lt;code&gt;be77254&lt;/code&gt;&lt;/a> hookutils: have Tcl/Tk helper gracefully handle built-in _tkinter module</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/55485f2e1cf08b6eac259fc64381c64f7a624de8&quot;&gt;&lt;code&gt;55485f2&lt;/code&gt;&lt;/a> Document how to use shared code and configuration in spec files (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/9010&quot;&gt;#9010&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/f212a4edaee7e84408f4c3028baac2e6c1125759&quot;&gt;&lt;code&gt;f212a4e&lt;/code&gt;&lt;/a> Tests: Requirements: Scheduled weekly dependency update for week 05 (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/9011&quot;&gt;#9011&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/eb6af2546cefd272a79211dd988fbaaa37abba04&quot;&gt;&lt;code&gt;eb6af25&lt;/code&gt;&lt;/a> bootloader: fix calloc() result check to account for AIX behavior</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/773bc2d63d4415ae5e921a3f2b180fa4ba76ba95&quot;&gt;&lt;code&gt;773bc2d&lt;/code&gt;&lt;/a> loader: PyiFrozenFinder: robustify relative path computation</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/0d562b5b0e1b16e538422737ee10ccb180102664&quot;&gt;&lt;code&gt;0d562b5&lt;/code&gt;&lt;/a> Tests: Requirements: Scheduled weekly dependency update for week 03 (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/8992&quot;&gt;#8992&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/825a24b38057c8e770e6112146db7eb598251dd0&quot;&gt;&lt;code&gt;825a24b&lt;/code&gt;&lt;/a> building: main: display path to dist directory at end of the build</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/ee05de897aa82abad2efe7ce2e8d45555930d5a4&quot;&gt;&lt;code&gt;ee05de8&lt;/code&gt;&lt;/a> ci: fix issue with <code>psutil</code> not being available in msys2/mingw32 anymore</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/6795ddd9c9be671dc2b38f29bf640b5af2efd85c&quot;&gt;&lt;code&gt;6795ddd&lt;/code&gt;&lt;/a> ci: replace direct pip invocations with python -m pip</li>

<li>Additional commits viewable in <a href="https://github.com/pyinstaller/pyinstaller/compare/v6.11.1...v6.12.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates sh from 2.1.0 to 2.2.1

Release notes
Sourced from sh's releases.

Release 2.2.1

Bugfix where async and return_cmd does not raise exceptions #746

Release 2.2.0

return_cmd with await now works correctly #743
Formal support for Python 3.12




Changelog
Sourced from sh's changelog.

2.2.1 - 1/9/25

Bugfix where async and return_cmd does not raise exceptions #746

2.2.0 - 1/9/25

return_cmd with await now works correctly #743
Formal support for Python 3.12




Commits

b36a6c4 Merge pull request #747 from amoffat/develop
11f55d5 changelog and v2.2.1
55f3bf1 Merge pull request #746 from hartmans/async_return_cmd_exc
f4ffeed async return_cmd should raise on failure
be9f8ea Merge pull request #745 from amoffat/develop
ca44695 Release 2.2.0 metadata
ee1e0ba Merge branch 'develop' of github-amoffat:amoffat/sh into develop
bdb5f44 Merge pull request #744 from hartmans/await_return_cmd
3a9d8ce await command with _return_cmd True returns RunningCommand
b658ce2 Merge pull request #742 from carlwgeorge/no_implicit_event_loop
Additional commits viewable in compare view




Updates black from 24.10.0 to 25.1.0

Release notes
Sourced from black's releases.

25.1.0
Highlights
This release introduces the new 2025 stable style (#4558), stabilizing
the following changes:

Normalize casing of Unicode escape characters in strings to lowercase (#2916)
Fix inconsistencies in whether certain strings are detected as docstrings (#4095)
Consistently add trailing commas to typed function parameters (#4164)
Remove redundant parentheses in if guards for case blocks (#4214)
Add parentheses to if clauses in case blocks when the line is too long (#4269)
Whitespace before # fmt: skip comments is no longer normalized (#4146)
Fix line length computation for certain expressions that involve the power operator (#4154)
Check if there is a newline before the terminating quotes of a docstring (#4185)
Fix type annotation spacing between * and more complex type variable tuple (#4440)

The following changes were not in any previous release:

Remove parentheses around sole list items (#4312)
Generic function definitions are now formatted more elegantly: parameters are
split over multiple lines first instead of type parameter definitions (#4553)

Stable style

Fix formatting cells in IPython notebooks with magic methods and starting or trailing
empty lines (#4484)
Fix crash when formatting with statements containing tuple generators/unpacking
(#4538)

Preview style

Fix/remove string merging changing f-string quotes on f-strings with internal quotes
(#4498)
Collapse multiple empty lines after an import into one (#4489)
Prevent string_processing and wrap_long_dict_values_in_parens from removing
parentheses around long dictionary values (#4377)
Move wrap_long_dict_values_in_parens from the unstable to preview style (#4561)

Packaging

Store license identifier inside the License-Expression metadata field, see
PEP 639. (#4479)

Performance

Speed up the is_fstring_start function in Black's tokenizer (#4541)

Integrations

If using stdin with --stdin-filename set to a force excluded path, stdin won't be



... (truncated)


Changelog
Sourced from black's changelog.

25.1.0
Highlights
This release introduces the new 2025 stable style (#4558), stabilizing
the following changes:

Normalize casing of Unicode escape characters in strings to lowercase (#2916)
Fix inconsistencies in whether certain strings are detected as docstrings (#4095)
Consistently add trailing commas to typed function parameters (#4164)
Remove redundant parentheses in if guards for case blocks (#4214)
Add parentheses to if clauses in case blocks when the line is too long (#4269)
Whitespace before # fmt: skip comments is no longer normalized (#4146)
Fix line length computation for certain expressions that involve the power operator (#4154)
Check if there is a newline before the terminating quotes of a docstring (#4185)
Fix type annotation spacing between * and more complex type variable tuple (#4440)

The following changes were not in any previous release:

Remove parentheses around sole list items (#4312)
Generic function definitions are now formatted more elegantly: parameters are
split over multiple lines first instead of type parameter definitions (#4553)

Stable style

Fix formatting cells in IPython notebooks with magic methods and starting or trailing
empty lines (#4484)
Fix crash when formatting with statements containing tuple generators/unpacking
(#4538)

Preview style

Fix/remove string merging changing f-string quotes on f-strings with internal quotes
(#4498)
Collapse multiple empty lines after an import into one (#4489)
Prevent string_processing and wrap_long_dict_values_in_parens from removing
parentheses around long dictionary values (#4377)
Move wrap_long_dict_values_in_parens from the unstable to preview style (#4561)

Packaging

Store license identifier inside the License-Expression metadata field, see
PEP 639. (#4479)

Performance

Speed up the is_fstring_start function in Black's tokenizer (#4541)

Integrations


... (truncated)


Commits

8a737e7 Prepare release 25.1.0 (#4563)
d330dee docs: We're not going to use backslashes for the with statement (#4564)
3d81290 Move wrap_long_dict_values_in_parens to the preview style (#4561)
459562c Improve function declaration wrapping when it contains generic type definitio...
99dbf30 Cache executor to avoid hitting open file limits (#4560)
c0b92f3 Prepare the 2025 stable style (#4558)
e58baf1 Add test for #1187 (#4559)
1455ae4 Fix docs CI (#4555)
584d033 fix: Don't remove parenthesis around long dictionary values (#4377)
6e96540 Fix CI (#4551)
Additional commits viewable in compare view




Updates pylint from 3.3.2 to 3.3.4

Commits

c2b01c3 Bump pylint to 3.3.4, update changelog
023cd43 [isort] Permit to use isort 6 (#10204)
050acfe Calculate linter.config.jobs in cgroupsv2 environments (#10089) (#10169)
d6992b8 fix "skipped files" count calculation (#10141)
c28580b Bump pylint to 3.3.3, update changelog
1f9b947 Bump astroid from 3.3.5 to 3.3.8 (#10125) (#10155)
96d1303 Bump actions/cache from 4.1.2 to 4.2.0 (#10123) (#10154)
a7202b1 Fix  Python 3.12 generic type syntax (#10135) (#10146)
90cb29d [mypy] Use type-setuptools instead of types-pkg-resources (#10120)
9955701 Fix 'use-implicit-booleaness' wrongly emitted for generators. (#10107) (#10109)
See full diff in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions