Bump the poetry-dependencies group with 9 updates

[dependabot]

Bumps the poetry-dependencies group with 9 updates:

Package	From	To
ruff	0.8.0	0.8.1
aiohappyeyeballs	2.4.3	2.4.4
aiohttp	3.11.7	3.11.8
asttokens	2.4.1	3.0.0
cryptography	43.0.3	44.0.0
ipython	8.29.0	8.30.0
protobuf	5.28.3	5.29.0
pyjwt	2.10.0	2.10.1
tomli	2.1.0	2.2.1

Updates ruff from 0.8.0 to 0.8.1

Release notes

Sourced from ruff's releases.

0.8.1

Release Notes

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
• [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
• [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
• [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
• [pylint] Implement len-test (PLC1802) (#14309)
• [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
• [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
• [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
• [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

• Ignore more rules for stub files (#14541)
• [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
• [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
• [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
• [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

• Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
• [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
• [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
• [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
• [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
• [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
• [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Contributors

• @​AlexWaygood
• @​Daverball
• @​Glyphack
• @​InSyncWithFoo
• @​Lokejoke
• @​MichaReiser
• @​cake-monotone

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.1

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
• [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
• [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
• [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
• [pylint] Implement len-test (PLC1802) (#14309)
• [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
• [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
• [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
• [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

• Ignore more rules for stub files (#14541)
• [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
• [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
• [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
• [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

• Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
• [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
• [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
• [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
• [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
• [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
• [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Commits

• b3b2c98 Update CHANGELOG.md with the new commits for 0.8.1 (#14664)
• abb3c6e [flake8-pyi] Avoid rewriting invalid type expressions in `unnecessary-type-...
• 224fe75 [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)
• dc29f52 [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016,...
• d9cbf2f Avoids unnecessary overhead for TC004, when TC001-003 are disabled (#14657)
• 3f6c65e [red-knot] Fix merged type after if-else without explicit else branch (#14621)
• 976c37a Bump version to 0.8.1 (#14655)
• a378ff3 [red-knot] Fix Boolean flags in mdtests (#14654)
• d8bca0d Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• 6f1cf5b [red-knot] Minor fix in MRO tests (#14652)
• Additional commits viewable in compare view

Updates aiohappyeyeballs from 2.4.3 to 2.4.4

Release notes

Sourced from aiohappyeyeballs's releases.

v2.4.4 (2024-11-30)

Fix

• fix: handle OSError on failure to close socket instead of raising IndexError (#114)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@​users.noreply.github.com> Co-authored-by: J. Nick Koston <[email protected]> (c542f68)

Changelog

Sourced from aiohappyeyeballs's changelog.

v2.4.4 (2024-11-30)

Fix

• Handle oserror on failure to close socket instead of raising indexerror (#114) (c542f68)

Commits

• 3c4f2a6 2.4.4
• c542f68 fix: handle OSError on failure to close socket instead of raising IndexError ...
• fd90f56 chore(pre-commit.ci): pre-commit autoupdate (#116)
• 0653807 chore: bump codecov-action to 5.0.3 (#115)
• 90e01ed chore(pre-commit.ci): pre-commit autoupdate (#113)
• 31825f2 chore(pre-commit.ci): pre-commit autoupdate (#111)
• 4c23bca chore: add missing FUNDING.yml (#110)
• b5dfff5 chore(pre-commit.ci): pre-commit autoupdate (#108)
• 5a3b4cb chore: fix docs (#106)
• See full diff in compare view

Updates aiohttp from 3.11.7 to 3.11.8

Release notes

Sourced from aiohttp's releases.

3.11.8

Miscellaneous internal changes

• Improved performance of creating :class:aiohttp.ClientResponse objects when there are no cookies -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10029.

• Improved performance of creating :class:aiohttp.ClientResponse objects -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10030.

• Improved performances of creating objects during the HTTP request lifecycle -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10037.

• Improved performance of constructing :class:aiohttp.web.Response with headers -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10043.

• Improved performance of making requests when there are no auto headers to skip -- by :user:bdraco.

  Related issues and pull requests on GitHub: #10049.

• Downgraded logging of invalid HTTP method exceptions on the first request to debug level -- by :user:bdraco.

  HTTP requests starting with an invalid method are relatively common, especially when connected to the public internet, because browsers or other clients may try to speak SSL to a plain-text server or vice-versa. These exceptions can quickly fill the log with noise when nothing is wrong.

  Related issues and pull requests on GitHub:

... (truncated)

Changelog

Sourced from aiohttp's changelog.

3.11.8 (2024-11-27)

Miscellaneous internal changes

• Improved performance of creating :class:aiohttp.ClientResponse objects when there are no cookies -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10029.

• Improved performance of creating :class:aiohttp.ClientResponse objects -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10030.

• Improved performances of creating objects during the HTTP request lifecycle -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10037.

• Improved performance of constructing :class:aiohttp.web.Response with headers -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10043.

• Improved performance of making requests when there are no auto headers to skip -- by :user:bdraco.

  Related issues and pull requests on GitHub: :issue:10049.

• Downgraded logging of invalid HTTP method exceptions on the first request to debug level -- by :user:bdraco.

  HTTP requests starting with an invalid method are relatively common, especially when connected to the public internet, because browsers or other clients may try to speak SSL to a plain-text server or vice-versa. These exceptions can quickly fill the log with noise when nothing is wrong.

... (truncated)

Commits

• 5ddf720 Release 3.11.8 (#10066)
• 13152c3 [PR #10055/c11fe96 backport][3.11] Downgrade logging of invalid HTTP methods ...
• 1b78cae [PR #10059/aac6f741 backport][3.11] Combine executor jobs in FileResponse sen...
• a5a6981 [PR #10058/12372d7 backport][3.11] Remove unreachable content length check fo...
• 7e628f4 [PR #8699/11f0e7f backport][3.11] Reduce code indent in ResponseHandler.data_...
• 1a6fafe [PR #10037/2e369db backport][3.11] Refactor requests and responses to use cla...
• 653302e [PR #10049/006fbc37 backport][3.11] Improve client performance when there are...
• d411bc5 [PR #10043/5255cec backport][3.11] Avoid constructing headers mulitidict twic...
• 3dfd7ae Bump pypa/cibuildwheel from 2.21.3 to 2.22.0 (#10042)
• 65dab0e [PR #10038/6f4e9615 backport][3.11] Small speed up to StreamWriter.__init__...
• Additional commits viewable in compare view

Updates asttokens from 2.4.1 to 3.0.0

Commits

• 0ebecde Update setup.cfg to use newer licence_files key; update commands and notes in...
• 89f02d2 More cleanup of code for Python before 3.8, fix astroid import (#156)
• eb1e401 Bump requests from 2.31.0 to 2.32.2 in /docs (#154)
• 4eebd86 remove dependency on six (#155)
• ad41ab6 Bump urllib3 from 2.0.7 to 2.2.2 in /docs (#146)
• d8910b4 Bump certifi from 2023.7.22 to 2024.7.4 in /docs (#147)
• 7a8f3a8 trim Python2 <-> 3 hybridation (#153)
• d025140 Test Python 3.13 (#152)
• 0224610 Fix edge cases in test failures involving padding and TypeVar (#151)
• 71ea82b Stop testing on Python < 3.8 (#149)
• Additional commits viewable in compare view

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Updates ipython from 8.29.0 to 8.30.0

Commits

• a8541f5 release 8.30.0
• 0bbf70c misc headers fixes and whatsnew 8.30 (#14588)
• a8810c6 misc headers fixes
• d7eebae crashhandler: Cast rptdir to Path (#14578)
• 17f17d1 Update IPython/core/crashhandler.py
• 938e3ba Turn on type checking and update crahshandler
• a336a98 Some documentations about custom formatters (#14579)
• 969bfa6 Some documentations about custom formatters
• 546d856 crashhandler: Cast rptdir to Path
• 0615526 deprecated ast attribute (#14575)
• Additional commits viewable in compare view

Updates protobuf from 5.28.3 to 5.29.0

Commits

• 2d4414f Updating version.json and repo version numbers to: 29.0
• 870e599 Revert upgrade to rules_java 8.3.1. This is a partial roll-back of fb8ee79 (#...
• 02cffa4 Fix typo in BCR maintainer name config for acozzette@ (#19307)
• 7537b03 Remove Bazel 6 in BCR presubmits (#19309)
• 325aa80 Merge pull request #19305 from protocolbuffers/29.x-202411182222
• c13eb62 Updating version.json and repo version numbers to: 29.0-dev
• 71c2594 Updating version.json and repo version numbers to: 29.0-rc3
• b69ea96 Fixed non-conformance in JSON parsing for empty strings in numeric fields. (#...
• fb8ee79 Upgrade rules_cc 0.0.15 and rules_java 8.3.1 (#19215)
• 6f310d5 Add missing line to docstring after Args (#19213)
• Additional commits viewable in compare view

Updates pyjwt from 2.10.0 to 2.10.1

Release notes

Sourced from pyjwt's releases.

2.10.1

Fixed

• Prevent partial matching of iss claim. Thanks @​fabianbadoi! (See: GHSA-75c5-xw7c-p5pm)

Full Changelog: jpadilla/pyjwt@2.10.0...2.10.1

Changelog

Sourced from pyjwt's changelog.

v2.10.1 <https://github.com/jpadilla/pyjwt/compare/2.10.0...2.10.1>__

Fixed

- Prevent partial matching of `iss` claim by @fabianbadoi in `GHSA-75c5-xw7c-p5pm <https://github.com/jpadilla/pyjwt/security/advisories/GHSA-75c5-xw7c-p5pm>`__

Commits

• 3ebbb22 fix lint
• 37748dc update changelog
• 33022c2 Merge commit from fork
• See full diff in compare view

Updates tomli from 2.1.0 to 2.2.1

Changelog

Sourced from tomli's changelog.

2.2.1

• Fixed
  • Don't attempt to compile binary wheels for Python 3.8, 3.9 and 3.10 where cibuildwheel depends on a conflicting Tomli version

2.2.0

• Added
  • mypyc generated binary wheels for common platforms

Commits

• 73c3d10 Bump version: 2.2.0 → 2.2.1
• 7c2368d Don't build wheels for Python versions requiring tomli
• c48e4e1 Bump version: 2.1.0 → 2.2.0
• 7604741 Update README
• 0724e2a Annotate global constants as Final to speed up compiled code
• 149547d Create binary wheels with mypyc (#242)
• 443a0c1 pre-commit autoupdate and autofix
• 48461cf Merge pull request #240 from hukkin/version-2.1.0
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.