update dev dependencies

2024-08-23 16:33:27 -07:00 · 2024-08-23 16:33:27 -07:00 · 29a94bd102
parent 0f2ae2b933
commit 29a94bd102
9 changed files with 79 additions and 85 deletions
--- a/.github/workflows/lock.yaml
+++ b/.github/workflows/lock.yaml
@ -16,7 +16,7 @@ jobs:
  lock:
    runs-on: ubuntu-latest
    steps:
-      - uses: dessant/lock-threads@7de207be1d3ce97a9abe6ff1306222982d1ca9f9 # v5.0.1
+      - uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5.0.1
        with:
          issue-inactive-days: 14
          pr-inactive-days: 14
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@ -9,8 +9,8 @@ jobs:
    outputs:
      hash: ${{ steps.hash.outputs.hash }}
    steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
        with:
          python-version: '3.x'
          cache: pip
@ -23,7 +23,7 @@ jobs:
      - name: generate hash
        id: hash
        run: cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
        with:
          path: ./dist
  provenance:
@ -33,7 +33,7 @@ jobs:
      id-token: write
      contents: write
    # Can't pin with hash due to how this workflow works.
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
    with:
      base64-subjects: ${{ needs.build.outputs.hash }}
  create-release:
@ -44,7 +44,7 @@ jobs:
    permissions:
      contents: write
    steps:
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
      - name: create release
        run: >
          gh release create --draft --repo ${{ github.repository }}
@ -63,11 +63,11 @@ jobs:
    permissions:
      id-token: write
    steps:
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
-      - uses: pypa/gh-action-pypi-publish@68e62d4871ad9d14a9d55f114e6ac71f0b408ec0 # v1.8.14
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+      - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0
        with:
          repository-url: https://test.pypi.org/legacy/
          packages-dir: artifact/
-      - uses: pypa/gh-action-pypi-publish@68e62d4871ad9d14a9d55f114e6ac71f0b408ec0 # v1.8.14
+      - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0
        with:
          packages-dir: artifact/
--- a/.github/workflows/tests.yaml
+++ b/.github/workflows/tests.yaml
@ -33,8 +33,8 @@ jobs:
          - {name: Minimum Versions, python: '3.12', tox: py-min}
          - {name: Development Versions, python: '3.8', tox: py-dev}
    steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
        with:
          python-version: ${{ matrix.python }}
          allow-prereleases: true
@ -45,8 +45,8 @@ jobs:
  typing:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
        with:
          python-version: '3.x'
          cache: pip
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@ -2,7 +2,7 @@ ci:
  autoupdate_schedule: monthly
 repos:
  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.3.5
+    rev: v0.6.2
    hooks:
      - id: ruff
      - id: ruff-format
--- a/requirements/build.txt
+++ b/requirements/build.txt
@ -6,7 +6,7 @@
 #
 build==1.2.1
    # via -r build.in
-packaging==24.0
+packaging==24.1
    # via build
-pyproject-hooks==1.0.0
+pyproject-hooks==1.1.0
    # via build
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@ -4,7 +4,7 @@
 #
 #    pip-compile dev.in
 #
-alabaster==0.7.16
+alabaster==1.0.0
    # via
    #   -r docs.txt
    #   sphinx
@ -12,17 +12,17 @@ asgiref==3.8.1
    # via
    #   -r tests.txt
    #   -r typing.txt
-babel==2.14.0
+babel==2.16.0
    # via
    #   -r docs.txt
    #   sphinx
-cachetools==5.3.3
+cachetools==5.5.0
    # via tox
-certifi==2024.2.2
+certifi==2024.7.4
    # via
    #   -r docs.txt
    #   requests
-cffi==1.16.0
+cffi==1.17.0
    # via
    #   -r typing.txt
    #   cryptography
@ -36,22 +36,22 @@ charset-normalizer==3.3.2
    #   requests
 colorama==0.4.6
    # via tox
-cryptography==42.0.5
+cryptography==43.0.0
    # via -r typing.txt
 distlib==0.3.8
    # via virtualenv
-docutils==0.20.1
+docutils==0.21.2
    # via
    #   -r docs.txt
    #   sphinx
    #   sphinx-tabs
-filelock==3.13.3
+filelock==3.15.4
    # via
    #   tox
    #   virtualenv
-identify==2.5.35
+identify==2.6.0
    # via pre-commit
-idna==3.6
+idna==3.8
    # via
    #   -r docs.txt
    #   requests
@ -64,7 +64,7 @@ iniconfig==2.0.0
    #   -r tests.txt
    #   -r typing.txt
    #   pytest
-jinja2==3.1.3
+jinja2==3.1.4
    # via
    #   -r docs.txt
    #   sphinx
@ -72,18 +72,18 @@ markupsafe==2.1.5
    # via
    #   -r docs.txt
    #   jinja2
-mypy==1.9.0
+mypy==1.11.1
    # via -r typing.txt
 mypy-extensions==1.0.0
    # via
    #   -r typing.txt
    #   mypy
-nodeenv==1.8.0
+nodeenv==1.9.1
    # via
    #   -r typing.txt
    #   pre-commit
    #   pyright
-packaging==24.0
+packaging==24.1
    # via
    #   -r docs.txt
    #   -r tests.txt
@ -93,34 +93,34 @@ packaging==24.0
    #   pytest
    #   sphinx
    #   tox
-pallets-sphinx-themes==2.1.1
+pallets-sphinx-themes==2.1.3
    # via -r docs.txt
-platformdirs==4.2.0
+platformdirs==4.2.2
    # via
    #   tox
    #   virtualenv
-pluggy==1.4.0
+pluggy==1.5.0
    # via
    #   -r tests.txt
    #   -r typing.txt
    #   pytest
    #   tox
-pre-commit==3.7.0
+pre-commit==3.8.0
    # via -r dev.in
 pycparser==2.22
    # via
    #   -r typing.txt
    #   cffi
-pygments==2.17.2
+pygments==2.18.0
    # via
    #   -r docs.txt
    #   sphinx
    #   sphinx-tabs
-pyproject-api==1.6.1
+pyproject-api==1.7.1
    # via tox
-pyright==1.1.357
+pyright==1.1.377
    # via -r typing.txt
-pytest==8.1.1
+pytest==8.3.2
    # via
    #   -r tests.txt
    #   -r typing.txt
@ -128,9 +128,9 @@ python-dotenv==1.0.1
    # via
    #   -r tests.txt
    #   -r typing.txt
-pyyaml==6.0.1
+pyyaml==6.0.2
    # via pre-commit
-requests==2.31.0
+requests==2.32.3
    # via
    #   -r docs.txt
    #   sphinx
@ -138,7 +138,7 @@ snowballstemmer==2.2.0
    # via
    #   -r docs.txt
    #   sphinx
-sphinx==7.2.6
+sphinx==8.0.2
    # via
    #   -r docs.txt
    #   pallets-sphinx-themes
@ -146,15 +146,15 @@ sphinx==7.2.6
    #   sphinxcontrib-log-cabinet
 sphinx-tabs==3.4.5
    # via -r docs.txt
-sphinxcontrib-applehelp==1.0.8
+sphinxcontrib-applehelp==2.0.0
    # via
    #   -r docs.txt
    #   sphinx
-sphinxcontrib-devhelp==1.0.6
+sphinxcontrib-devhelp==2.0.0
    # via
    #   -r docs.txt
    #   sphinx
-sphinxcontrib-htmlhelp==2.0.5
+sphinxcontrib-htmlhelp==2.1.0
    # via
    #   -r docs.txt
    #   sphinx
@ -164,32 +164,29 @@ sphinxcontrib-jsmath==1.0.1
    #   sphinx
 sphinxcontrib-log-cabinet==1.0.1
    # via -r docs.txt
-sphinxcontrib-qthelp==1.0.7
+sphinxcontrib-qthelp==2.0.0
    # via
    #   -r docs.txt
    #   sphinx
-sphinxcontrib-serializinghtml==1.1.10
+sphinxcontrib-serializinghtml==2.0.0
    # via
    #   -r docs.txt
    #   sphinx
-tox==4.14.2
+tox==4.18.0
    # via -r dev.in
 types-contextvars==2.4.7.3
    # via -r typing.txt
 types-dataclasses==0.6.6
    # via -r typing.txt
-typing-extensions==4.11.0
+typing-extensions==4.12.2
    # via
    #   -r typing.txt
    #   mypy
-urllib3==2.2.1
+urllib3==2.2.2
    # via
    #   -r docs.txt
    #   requests
-virtualenv==20.25.1
+virtualenv==20.26.3
    # via
    #   pre-commit
    #   tox
-
-# The following packages are considered to be unsafe in a requirements file:
-# setuptools
--- a/requirements/docs.txt
+++ b/requirements/docs.txt
@ -4,41 +4,41 @@
 #
 #    pip-compile docs.in
 #
-alabaster==0.7.16
+alabaster==1.0.0
    # via sphinx
-babel==2.14.0
+babel==2.16.0
    # via sphinx
-certifi==2024.2.2
+certifi==2024.7.4
    # via requests
 charset-normalizer==3.3.2
    # via requests
-docutils==0.20.1
+docutils==0.21.2
    # via
    #   sphinx
    #   sphinx-tabs
-idna==3.6
+idna==3.8
    # via requests
 imagesize==1.4.1
    # via sphinx
-jinja2==3.1.3
+jinja2==3.1.4
    # via sphinx
 markupsafe==2.1.5
    # via jinja2
-packaging==24.0
+packaging==24.1
    # via
    #   pallets-sphinx-themes
    #   sphinx
-pallets-sphinx-themes==2.1.1
+pallets-sphinx-themes==2.1.3
    # via -r docs.in
-pygments==2.17.2
+pygments==2.18.0
    # via
    #   sphinx
    #   sphinx-tabs
-requests==2.31.0
+requests==2.32.3
    # via sphinx
 snowballstemmer==2.2.0
    # via sphinx
-sphinx==7.2.6
+sphinx==8.0.2
    # via
    #   -r docs.in
    #   pallets-sphinx-themes
@ -46,19 +46,19 @@ sphinx==7.2.6
    #   sphinxcontrib-log-cabinet
 sphinx-tabs==3.4.5
    # via -r docs.in
-sphinxcontrib-applehelp==1.0.8
+sphinxcontrib-applehelp==2.0.0
    # via sphinx
-sphinxcontrib-devhelp==1.0.6
+sphinxcontrib-devhelp==2.0.0
    # via sphinx
-sphinxcontrib-htmlhelp==2.0.5
+sphinxcontrib-htmlhelp==2.1.0
    # via sphinx
 sphinxcontrib-jsmath==1.0.1
    # via sphinx
 sphinxcontrib-log-cabinet==1.0.1
    # via -r docs.in
-sphinxcontrib-qthelp==1.0.7
+sphinxcontrib-qthelp==2.0.0
    # via sphinx
-sphinxcontrib-serializinghtml==1.1.10
+sphinxcontrib-serializinghtml==2.0.0
    # via sphinx
-urllib3==2.2.1
+urllib3==2.2.2
    # via requests
--- a/requirements/tests.txt
+++ b/requirements/tests.txt
@ -8,11 +8,11 @@ asgiref==3.8.1
    # via -r tests.in
 iniconfig==2.0.0
    # via pytest
-packaging==24.0
+packaging==24.1
    # via pytest
-pluggy==1.4.0
+pluggy==1.5.0
    # via pytest
-pytest==8.1.1
+pytest==8.3.2
    # via -r tests.in
 python-dotenv==1.0.1
    # via -r tests.in
--- a/requirements/typing.txt
+++ b/requirements/typing.txt
@ -6,27 +6,27 @@
 #
 asgiref==3.8.1
    # via -r typing.in
-cffi==1.16.0
+cffi==1.17.0
    # via cryptography
-cryptography==42.0.5
+cryptography==43.0.0
    # via -r typing.in
 iniconfig==2.0.0
    # via pytest
-mypy==1.9.0
+mypy==1.11.1
    # via -r typing.in
 mypy-extensions==1.0.0
    # via mypy
-nodeenv==1.8.0
+nodeenv==1.9.1
    # via pyright
-packaging==24.0
+packaging==24.1
    # via pytest
-pluggy==1.4.0
+pluggy==1.5.0
    # via pytest
 pycparser==2.22
    # via cffi
-pyright==1.1.357
+pyright==1.1.377
    # via -r typing.in
-pytest==8.1.1
+pytest==8.3.2
    # via -r typing.in
 python-dotenv==1.0.1
    # via -r typing.in
@ -34,8 +34,5 @@ types-contextvars==2.4.7.3
    # via -r typing.in
 types-dataclasses==0.6.6
    # via -r typing.in
-typing-extensions==4.11.0
+typing-extensions==4.12.2
    # via mypy
-
-# The following packages are considered to be unsafe in a requirements file:
-# setuptools