Bump requests from 2.32.3 to 2.32.4 in /tools #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [requests](https://github.com/psf/requests) from 2.32.3 to 2.32.4. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.3...v2.32.4) --- updated-dependencies: - dependency-name: requests dependency-version: 2.32.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
publish-to-bcr bot
pushed a commit
that referenced
this pull request
Jul 31, 2025
Using symlinks in module overlay dirs is problematic because GitHub doesn't follow them. For example https://raw.githubusercontent.com/bazelbuild/bazel-central-registry/refs/heads/main/modules/boost.asio/1.87.0/overlay/BUILD.bazel is a symlink and indeed this causes issues like `Java.io.IOException: Error downloading [https://raw.githubusercontent.com/bazelbuild/bazel-central-registry/main/modules/boost.asio/1.87.0/overlay/BUILD.bazel] to /home/laltenmueller/.cache/bazel/_bazel_laltenmueller/5f48ff965103b174f3c248651ebad24d/external/boost.asio~/BUILD.bazel: Checksum was sha256-vBvC/W9TQ9vRetDZWdnElvq8fuVlhV+T0Lkv9mw/lJk= but wanted sha256-7dsPuPevCutp/EdPRxhW0dlbB1wNJFseGx4b35TS2WA=` (see bazelbuild#3991, bazelbuild#4080, bazelbuild#3633, bazelbuild#3631) This PR adds a bcr_validation check against this. `modules/boost.asio/1.87.0/overlay/BUILD.bazel` would have been flagged. ```console ❯ bazel run //tools:bcr_validation -- --check [email protected] --skip_validation url_stability (...) BcrValidationResult.GOOD: The presubmit.yml file is valid. BcrValidationResult.FAILED: The overlay file path `BUILD.bazel` is a symlink to `../../1.83.0.bcr.1/overlay/BUILD.bazel`, which is not allowed because raw.githubusercontent.com will not follow it. BcrValidationResult.GOOD: Checked in MODULE.bazel matches the sources. (...) ``` `modules/boost.asio/1.87.0.bcr.1/overlay/BUILD.bazel` is not a symlink anymore and is green: ```console ❯ bazel run //tools:bcr_validation -- --check [email protected] --skip_validation url_stability (...) BcrValidationResult.GOOD: The presubmit.yml file is valid. BcrValidationResult.GOOD: Checked in MODULE.bazel matches the sources. (...) ``` I am actually curious how other people use the BCR as they don't seem to run into this (@Vertexwahn ?). Also disallows symlinked patch files: ```console ❯ bzr //tools:bcr_validation -- --check [email protected] --skip_validation url_stability (...) BcrValidationResult.GOOD: The presubmit.yml file is valid. BcrValidationResult.FAILED: The patch file `test_portability.patch` is a symlink to `../../2.82.2.bcr.1/patches/test_portability.patch`, which is not allowed because https://raw.githubusercontent.com/ will not follow it. patching file glib/tests/date.c patching file glib/tests/environment.c patching file glib/tests/gdatetime.c patching file glib/tests/gdatetime.c Hunk #1 succeeded at 2930 (offset -1 lines). Hunk #2 succeeded at 2954 (offset -1 lines). BcrValidationResult.FAILED: The overlay file `BUILD.bazel` is a symlink to `../../2.82.2.bcr.1/overlay/BUILD.bazel`, which is not allowed because https://raw.githubusercontent.com/ will not follow it. BcrValidationResult.FAILED: The overlay file `config.h-macos` is a symlink to `../../2.82.2.bcr.1/overlay/config.h-macos`, which is not allowed because https://raw.githubusercontent.com/ will not follow it. BcrValidationResult.FAILED: The overlay file `glib/glibconfig.h.in-posix` is a symlink to `../../../2.82.2.bcr.1/overlay/glib/glibconfig.h.in-posix`, which is not allowed because https://raw.githubusercontent.com/ will not follow it. BcrValidationResult.FAILED: The overlay file `glib/stub_libintl/libintl.h` is a symlink to `../../../../2.82.2.bcr.1/overlay/glib/stub_libintl/libintl.h`, which is not allowed because https://raw.githubusercontent.com/ will not follow it. BcrValidationResult.FAILED: The overlay file `glib/tests/BUILD.bazel` is a symlink to `../../../../2.82.2.bcr.1/overlay/glib/tests/BUILD.bazel`, which is not allowed because https://raw.githubusercontent.com/ will not follow it. BcrValidationResult.GOOD: Checked in MODULE.bazel matches the sources. (...) ```
publish-to-bcr bot
pushed a commit
that referenced
this pull request
Jul 31, 2025
Bumps [bazel-runfiles](https://github.com/bazel-contrib/rules_python) from 0.40.0 to 1.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bazel-contrib/rules_python/releases">bazel-runfiles's releases</a>.</em></p> <blockquote> <h2>1.4.1</h2> <p>For more detailed setup instructions, see <a href="https://rules-python.readthedocs.io/en/latest/getting-started.html">https://rules-python.readthedocs.io/en/latest/getting-started.html</a></p> <p>For the user-facing changelog see <a href="https://rules-python.readthedocs.io/en/latest/changelog.html#v1-4-1">here</a></p> <h2>Using Bzlmod</h2> <p>Add to your <code>MODULE.bazel</code> file:</p> <pre lang="starlark"><code>bazel_dep(name = "rules_python", version = "1.4.1") <p>python = use_extension("<a href="https://github.com/rules"><code>@rules</code></a>_python//python/extensions:python.bzl", "python") python.toolchain( python_version = "3.13", )</p> <p>pip = use_extension("<a href="https://github.com/rules"><code>@rules</code></a>_python//python/extensions:pip.bzl", "pip") pip.parse( hub_name = "pypi", python_version = "3.13", requirements_lock = "//:requirements_lock.txt", )</p> <p>use_repo(pip, "pypi") </code></pre></p> <h2>Using WORKSPACE</h2> <p>Paste this snippet into your <code>WORKSPACE</code> file:</p> <pre lang="starlark"><code>load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") <p>http_archive( name = "rules_python", sha256 = "9f9f3b300a9264e4c77999312ce663be5dee9a56e361a1f6fe7ec60e1beef9a3", strip_prefix = "rules_python-1.4.1", url = "<a href="https://github.com/bazel-contrib/rules_python/releases/download/1.4.1/rules_python-1.4.1.tar.gz">https://github.com/bazel-contrib/rules_python/releases/download/1.4.1/rules_python-1.4.1.tar.gz</a>", )</p> <p>load("<a href="https://github.com/rules"><code>@rules</code></a>_python//python:repositories.bzl", "py_repositories")</p> <p>py_repositories() </code></pre></p> <h3>Gazelle plugin</h3> <p>Paste this snippet into your <code>WORKSPACE</code> file:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bazel-contrib/rules_python/blob/main/CHANGELOG.md">bazel-runfiles's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/bazel-contrib/rules_python/releases/tag/1.4.1">1.4.1</a> - 2025-05-08</h2> <p>{#1-4-1-fixed}</p> <h3>Fixed</h3> <ul> <li>(pypi) Fix a typo not allowing users to benefit from using the downloader when the hashes in the requirements file are not present. Fixes <a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2863">#2863</a>.</li> </ul> <p>{#1-4-0}</p> <h2><a href="https://github.com/bazel-contrib/rules_python/releases/tag/1.4.0">1.4.0</a> - 2025-04-19</h2> <p>{#1-4-0-changed}</p> <h3>Changed</h3> <ul> <li>(toolchain) The <code>exec</code> configuration toolchain now has the forwarded <code>exec_interpreter</code> now also forwards the <code>ToolchainInfo</code> provider. This is for increased compatibility with the <code>RBE</code> setups where access to the <code>exec</code> configuration interpreter is needed.</li> <li>(toolchains) Use the latest astral-sh toolchain release <a href="https://github.com/astral-sh/python-build-standalone/releases/tag/20250317">20250317</a> for Python versions: <ul> <li>3.9.21</li> <li>3.10.16</li> <li>3.11.11</li> <li>3.12.9</li> <li>3.13.2</li> </ul> </li> <li>(pypi) Use <code>xcrun xcodebuild --showsdks</code> to find XCode root.</li> <li>(toolchains) Remove all but <code>3.8.20</code> versions of the Python <code>3.8</code> interpreter who has reached EOL. If users still need other versions of the <code>3.8</code> interpreter, please supply the URLs manually {bzl:obj}<code>python.toolchain</code> or {bzl:obj}<code>python_register_toolchains</code> calls.</li> <li>(toolchains) Previously <a href="https://redirect.github.com/bazel-contrib/rules_python/pull/2636">#2636</a> changed the semantics of <code>ignore_root_user_error</code> from "ignore" to "warning". This is now flipped back to ignoring the issue, and will only emit a warning when the attribute is set <code>False</code>.</li> <li>(pypi) The PyPI extension will no longer write the lock file entries as the extension has been marked reproducible. Fixes <a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2434">#2434</a>.</li> <li>(gazelle) Lazily load and parse manifest files when running Gazelle. This ensures no manifest files are loaded when Gazelle is run over a set of non-python directories [PR <a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2746">#2746</a>](<a href="https://redirect.github.com/bazel-contrib/rules_python/pull/2746">bazel-contrib/rules_python#2746</a>).</li> <li>(rules) {attr}<code>py_binary.srcs</code> and {attr}<code>py_test.srcs</code> is no longer mandatory when <code>main_module</code> is specified (for <code>--bootstrap_impl=script</code>)</li> </ul> <p>{#1-4-0-fixed}</p> <h3>Fixed</h3> <ul> <li>(pypi) Platform specific extras are now correctly handled when using universal lock files with environment markers. Fixes <a href="https://redirect.github.com/bazel-contrib/rules_python/pull/2690">#2690</a>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bazel-contrib/rules_python/commit/4f5a693bb324cce5f4a1a4c240b300ec8b10057b"><code>4f5a693</code></a> fix(pypi): fix a typo in parse_simpleapi_html (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2866">#2866</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/f2b67478a8f91d329a8310f0a8e888d3be7ed3c8"><code>f2b6747</code></a> fix(pypi): handle more URL patterns for requirement sources (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2843">#2843</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/4dc06655584f79fe87e2d8cc76fd84113bb6156d"><code>4dc0665</code></a> revert(pypi): use Python for marker eval and METADATA parsing (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2834">#2834</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/46ff357671b64c5711f0d6cb24aae2de1fc37dca"><code>46ff357</code></a> fix(pypi) backport python_full_version fix to Python (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2833">#2833</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/3209c66c6bc22b5a702bee9880bb413b0832eaad"><code>3209c66</code></a> revert(pypi): bring back Python PEP508 code with tests (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2831">#2831</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/6a7ef8b9e553e7e176ef92131510c1e0c8f59a03"><code>6a7ef8b</code></a> chore: remove a stray file (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2795">#2795</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/560521516bd8c1a8c9367d369e850caff4410b9d"><code>5605215</code></a> fix(pypi): call python --version before marker eval (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2819">#2819</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/be79b5efd7a70dd68494d34b16f6b9d6a52bb0ef"><code>be79b5e</code></a> fix: use the python micro version to parse whl metadata in bzlmod (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2793">#2793</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/f3fb481bb6fa2ea7d1c6546440f3437e66a30898"><code>f3fb481</code></a> fix: parsing metadata with inline licenses (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2806">#2806</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/7dd901c29e48abd8e119af8f5f1e696d9a2c715a"><code>7dd901c</code></a> fix: escape more invalid repo string characters (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2801">#2801</a>)</li> <li>Additional commits viewable in <a href="https://github.com/bazel-contrib/rules_python/compare/0.40.0...1.4.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
publish-to-bcr bot
pushed a commit
that referenced
this pull request
Jul 31, 2025
Bumps [bazel-runfiles](https://github.com/bazel-contrib/rules_python) from 1.4.1 to 1.5.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/bazel-contrib/rules_python/releases">bazel-runfiles's releases</a>.</em></p> <blockquote> <h2>1.5.1</h2> <p>For more detailed setup instructions, see <a href="https://rules-python.readthedocs.io/en/latest/getting-started.html">https://rules-python.readthedocs.io/en/latest/getting-started.html</a></p> <p>For the user-facing changelog see <a href="https://rules-python.readthedocs.io/en/latest/changelog.html#v1-5-1">here</a></p> <h2>Using Bzlmod</h2> <p>Add to your <code>MODULE.bazel</code> file:</p> <pre lang="starlark"><code>bazel_dep(name = "rules_python", version = "1.5.1") <p>python = use_extension("<a href="https://github.com/rules"><code>@rules</code></a>_python//python/extensions:python.bzl", "python")<br /> python.toolchain(<br /> python_version = "3.13",<br /> )</p> <p>pip = use_extension("<a href="https://github.com/rules"><code>@rules</code></a>_python//python/extensions:pip.bzl", "pip")<br /> pip.parse(<br /> hub_name = "pypi",<br /> python_version = "3.13",<br /> requirements_lock = "//:requirements_lock.txt",<br /> )</p> <p>use_repo(pip, "pypi")<br /> </code></pre></p> <h2>Using WORKSPACE</h2> <p>Paste this snippet into your <code>WORKSPACE</code> file:</p> <pre lang="starlark"><code>load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") <p>http_archive(<br /> name = "rules_python",<br /> sha256 = "fa532d635f29c038a64c8062724af700c30cf6b31174dd4fac120bc561a1a560",<br /> strip_prefix = "rules_python-1.5.1",<br /> url = "<a href="https://github.com/bazel-contrib/rules_python/releases/download/1.5.1/rules_python-1.5.1.tar.gz">https://github.com/bazel-contrib/rules_python/releases/download/1.5.1/rules_python-1.5.1.tar.gz</a>",<br /> )</p> <p>load("<a href="https://github.com/rules"><code>@rules</code></a>_python//python:repositories.bzl", "py_repositories")</p> <p>py_repositories()<br /> </code></pre></p> <h3>Gazelle plugin</h3> <p>Paste this snippet into your <code>WORKSPACE</code> file:</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/bazel-contrib/rules_python/blob/main/CHANGELOG.md">bazel-runfiles's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/bazel-contrib/rules_python/releases/tag/1.5.1">1.5.1</a> - 2025-07-06</h2> <p>{#v1-5-1-fixed}</p> <h3>Fixed</h3> <ul> <li>(pypi) Namespace packages work by default (pkgutil shims are generated by default again) (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/3038">#3038</a>).</li> </ul> <p>{#1-5-0}</p> <h2><a href="https://github.com/bazel-contrib/rules_python/releases/tag/1.5.0">1.5.0</a> - 2025-06-11</h2> <p>{#1-5-0-changed}</p> <h3>Changed</h3> <ul> <li>(toolchain) Bundled toolchain version updates: <ul> <li>3.9 now references 3.9.23</li> <li>3.10 now references 3.10.18</li> <li>3.11 now references 3.11.13</li> <li>3.12 now references 3.12.11</li> <li>3.13 now references 3.13.4</li> </ul> </li> <li>(rules) On Windows, {obj}<code>--bootstrap_impl=system_python</code> is forced. This allows setting <code>--bootstrap_impl=script</code> in bazelrc for mixed-platform environments.</li> <li>(rules) {obj}<code>compile_pip_requirements</code> now generates a <code>.test</code> target. The <code>_test</code> target is deprecated and will be removed in the next major release. (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2794">#2794</a></li> <li>(py_wheel) py_wheel always creates zip64-capable wheel zips</li> <li>(providers) (experimental) {obj}<code>PyInfo.venv_symlinks</code> replaces <code>PyInfo.site_packages_symlinks</code></li> <li>(deps) Updated setuptools to 78.1.1 to patch CVE-2025-47273. This effectively makes Python 3.9 the minimum supported version for using <code>pip_parse</code>.</li> </ul> <p>{#1-5-0-fixed}</p> <h3>Fixed</h3> <ul> <li>(rules) PyInfo provider is now advertised by py_test, py_binary, and py_library; this allows aspects using required_providers to function correctly. (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2506">#2506</a>).</li> <li>Fixes when using {obj}<code>--bootstrap_impl=script</code>: <ul> <li><code>compile_pip_requirements</code> now works with it</li> <li>The <code>sys._base_executable</code> value will reflect the underlying interpreter, not venv interpreter.</li> <li>The {obj}<code>//python/runtime_env_toolchains:all</code> toolchain now works with it.</li> </ul> </li> <li>(rules) Better handle flakey platform.win32_ver() calls by calling them multiple times.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/bazel-contrib/rules_python/commit/18d0d297aa6949f1eb61db963854d5d6918a5a48"><code>18d0d29</code></a> fix(pypi): only generate namespace package shims if implicit namespaces are d...</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/63841ec092c17eb53de1f47192685461fef6c3f5"><code>63841ec</code></a> fix: work around version parsing by only parsing if site-packages is enabled ...</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/a1ca1da63dc49ea6c56498e898d4c1fa1bd2e32a"><code>a1ca1da</code></a> fix(pypi): namespace_pkgs should pass correct arguments (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/3026">#3026</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/528181a6ae3d0655c194cf79ace568a622f0bda7"><code>528181a</code></a> fix(toolchains): use posix-compatible exec -a alternative (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/3010">#3010</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/a89ec64c70d25e3e4276c694d7901745ce1dd2ef"><code>a89ec64</code></a> fix: use platform_info.target_settings in toolchain aliases (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/3001">#3001</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/379bef5e35755ec51eaf615472ff6418d467903e"><code>379bef5</code></a> Fix argument name typo (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2984">#2984</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/9b8f6501e8b814b4120ff23d787f2cb7ba8422c6"><code>9b8f650</code></a> fix: support pre-release versions and add new toolchain versions (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2969">#2969</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/ef14ae2143a3707da1b1c865a7b451b154df5353"><code>ef14ae2</code></a> chore: prepare for 1.5 release (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2973">#2973</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/108a66cefe3206ba1a15eac4b9dcc586b649aa0b"><code>108a66c</code></a> docs: fix typo in toolchains.md example code (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2970">#2970</a>)</li> <li><a href="https://github.com/bazel-contrib/rules_python/commit/e03b63c725cbef77a5c9af254331086de4649e15"><code>e03b63c</code></a> refactor: Add missing uses of DefaultInfo (<a href="https://redirect.github.com/bazel-contrib/rules_python/issues/2972">#2972</a>)</li> <li>Additional commits viewable in <a href="https://github.com/bazel-contrib/rules_python/compare/1.4.1...1.5.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps requests from 2.32.3 to 2.32.4.
Release notes
Sourced from requests's releases.
Changelog
Sourced from requests's changelog.
Commits
021dc72Polish up release tooling for last manual release821770eBump version and add release notes for v2.32.459f8aa2Add netrc file search information to authentication documentation (#6876)5b4b64cAdd more tests to prevent regression of CVE 2024 470817bc4587Add new test to check netrc auth leak (#6962)96ba401Only use hostname to do netrc lookup instead of netloc7341690Merge pull request #6951 from tswast/patch-16716d7cremove linksa7e1c74Update docs/conf.pyc799b81docs: fix dead links to kenreitz.orgYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.