Bump the everything-else group across 1 directory with 9 updates

[dependabot]

Bumps the everything-else group with 9 updates in the /python directory:

Package	From	To
twine	6.0.1	6.1.0
tox	4.23.2	4.24.1
cachetools	5.5.0	5.5.1
filelock	3.16.1	3.17.0
importlib-metadata	8.5.0	8.6.1
more-itertools	10.5.0	10.6.0
pygments	2.19.0	2.19.1
pyproject-api	1.8.0	1.9.0
virtualenv	20.28.1	20.29.1

Updates twine from 6.0.1 to 6.1.0

Changelog

Sourced from twine's changelog.

Twine 6.1.0 (2025-01-17)

Features ^^^^^^^^

• Twine now has preliminary built-in support for Trusted Publishing <https://docs.pypi.org/trusted-publishers/>_ as an authentication mechanism. ([#1194](https://github.com/pypa/twine/issues/1194) <https://github.com/pypa/twine/pull/1194>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

• Remove support for egg and wininst distribution types. These are not accepted by PyPI and not produced by any modern build-backends. ([#1195](https://github.com/pypa/twine/issues/1195) <https://github.com/pypa/twine/issues/1195>_)

• Twine no longer supports .tar.bz2 source distributions. ([#1200](https://github.com/pypa/twine/issues/1200) <https://github.com/pypa/twine/pull/1200>_)

Misc ^^^^

• packaging is used instead of pkginfo for parsing and validating metadata. This aligns metadata validation to the one performed by PyPI. packaging version 24.0 or later is required. Support for metadata version 2.4 requires packaging 24.2 or later. pkginfo is not a dependency anymore. ([#1180](https://github.com/pypa/twine/issues/1180) <https://github.com/pypa/twine/issues/1180>_)

• Use "source" instead of None as pyversion for sdist uploads. This is what PyPI (and most likely other package indexes) expects. ([#1191](https://github.com/pypa/twine/issues/1191) <https://github.com/pypa/twine/issues/1191>_)

Commits

• aa3a910 Update changelog for 6.1.0 (#1214)
• 4406034 Merge pull request #1208 from dnicolodi/rm-setuptools
• 2ca55db Simplify generation of test packages used in test_check
• bffd296 Move build_archive() from test_sdist to common helpers module
• fd0646e Merge pull request #1206 from dnicolodi/rm-binary-blobs-part1
• ab4ec8c Merge pull request #1211 from pypa/dependabot/github_actions/actions/upload-a...
• b562f74 build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0
• b2832de Remove tests/fixtures/twine-1.5.0.zip
• 970851d Remove tests/alt-fixtures/twine-1.5.0-py2.py3-none-any.whl
• 2386ca5 build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 (#1205)
• Additional commits viewable in compare view

Updates tox from 4.23.2 to 4.24.1

Release notes

Sourced from tox's releases.

4.24.1

What's Changed

• Adds ability to configure stderr output color by @​ssbarnea in tox-dev/tox#3426

Full Changelog: tox-dev/tox@4.24.0...4.24.1

4.24.0

What's Changed

• fix docs config typo by @​wooshaun53 in tox-dev/tox#3424
• Allow users to disable use of pre-commit-uv by @​ssbarnea in tox-dev/tox#3430
• Pass nix-ld related variables by default in pass_env (fixes #3425) by @​albertodonato in tox-dev/tox#3434
• Improve testenv docs consistency by @​thatch in tox-dev/tox#3440
• Display exception name when subprocesses raise them by @​ssbarnea in tox-dev/tox#3450
• Fix the CI after setuptools 75.6 change by @​gaborbernat in tox-dev/tox#3452
• Update pre-commit hooks with mypy fix by @​ssbarnea in tox-dev/tox#3454
• Fix a typo in a code block in the User Guide by @​bryant1410 in tox-dev/tox#3462
• Update pre-commit hooks by @​ssbarnea in tox-dev/tox#3460
• 💅 Make SVG image compatible with Firefox by @​webknjaz in tox-dev/tox#3466
• feat: adding a json schema command by @​henryiii in tox-dev/tox#3446

New Contributors

• @​wooshaun53 made their first contribution in tox-dev/tox#3424
• @​albertodonato made their first contribution in tox-dev/tox#3434
• @​thatch made their first contribution in tox-dev/tox#3440
• @​bryant1410 made their first contribution in tox-dev/tox#3462
• @​henryiii made their first contribution in tox-dev/tox#3446

Full Changelog: tox-dev/tox@4.23.2...4.24.0

Changelog

Sourced from tox's changelog.

v4.24.1 (2025-01-21)

Misc - 4.24.1

- :issue:`3426`
v4.24.0 (2025-01-21)
Features - 4.24.0

• Add a schema command to produce a JSON Schema for tox and the current plugins.

  • by :user:henryiii (:issue:3446)

Bugfixes - 4.24.0

- Log exception name when subprocess execution produces one.

by :user:ssbarnea (:issue:3450)

Improved Documentation - 4.24.0

• Fix typo in docs/config.rst from {} to {:}.

  • by :user:wooshaun53 (:issue:3424)

• Pass NIX_LD and NIX_LD_LIBRARY_PATH variables by default in pass_env to make generic binaries work under Nix/NixOS.

  • by :user:albertodonato (:issue:3425)

Commits

• d4276dc release 4.24.1
• ee660b9 Adds ability to configure stderr output color (#3426)
• eca61ed release 4.24.0
• bbd9663 [pre-commit.ci] pre-commit autoupdate (#3464)
• 825c68b feat: adding a json schema command (#3446)
• fccbe2a 💅 Make SVG image compatible with Firefox (#3466)
• e3e77a6 Bump astral-sh/setup-uv from 4 to 5 (#3463)
• c0b490d Update pre-commit hooks (#3460)
• fbac078 Fix a typo in a code block in the User Guide (#3462)
• c7f2caf Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#3459)
• Additional commits viewable in compare view

Updates cachetools from 5.5.0 to 5.5.1

Changelog

Sourced from cachetools's changelog.

v5.5.1 (2025-01-21)

• Add documentation regarding caching of exceptions.

• Officially support Python 3.13.

• Update CI environment.

Commits

• b072920 Release v5.5.1.
• efc3633 Fix #138: Add documentation regarding caching of exceptions.
• d5c6892 Officially support Python 3.13.
• a34b9c5 Merge remote-tracking branch 'origin/dependabot/github_actions/actions/setup-...
• 9c122a2 Merge remote-tracking branch 'origin/dependabot/github_actions/actions/checko...
• d44c984 Create FUNDING.yml
• 49bff17 Bump actions/checkout from 4.1.7 to 4.2.0
• 85c6026 Bump actions/setup-python from 5.1.1 to 5.2.0
• See full diff in compare view

Updates filelock from 3.16.1 to 3.17.0

Release notes

Sourced from filelock's releases.

Drop 3.8

Full Changelog: tox-dev/filelock@3.16.1...3.17.0

Commits

• 5eb02b2 Drop 3.8 (#388)
• 23a9848 Bump astral-sh/setup-uv from 4 to 5 (#387)
• 79a9583 Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#386)
• 46dddc8 [pre-commit.ci] pre-commit autoupdate (#385)
• 57f488f [pre-commit.ci] pre-commit autoupdate (#383)
• d4feb5a [pre-commit.ci] pre-commit autoupdate (#382)
• fb2a4e2 Bump astral-sh/setup-uv from 3 to 4 (#381)
• 07c2840 [pre-commit.ci] pre-commit autoupdate (#379)
• ee4c7ba [pre-commit.ci] pre-commit autoupdate (#377)
• 2e1a1b2 [pre-commit.ci] pre-commit autoupdate (#374)
• Additional commits viewable in compare view

Updates importlib-metadata from 8.5.0 to 8.6.1

Changelog

Sourced from importlib-metadata's changelog.

v8.6.1

Bugfixes

• Fixed indentation logic to also honor blank lines.

v8.6.0

Features

• python/cpython#119650

Commits

• 45e8bde Finalize
• 506beb7 Fixed indentation logic to also honor blank lines.
• dad7380 Finalize
• dab1dd8 When transforming the payload to a Description key, clear the payload.
• 07aa607 Add support for rendering metadata where some fields have newlines (python/cp...
• b92ec18 Merge https://github.com/jaraco/skeleton
• 5c34e69 Use extend for proper workaround.
• 694e5b4 Merge https://github.com/jaraco/skeleton
• 750a189 Require Python 3.9 or later now that Python 3.8 is EOL.
• e61a9df Include pyproject.toml in ruff.toml.
• Additional commits viewable in compare view

Updates more-itertools from 10.5.0 to 10.6.0

Release notes

Sourced from more-itertools's releases.

Version 10.6.0

• New functions:

  • is_prime and nth_prime were added (thanks to JamesParrott and rhettinger)
  • loops was added (thanks to rhettinger)

• Changes to existing functions:

  • factor was optimized to handle larger inputs and use less memory (thanks to rhettinger)
  • spy was optimized to enable nested calls (thanks to rhettinger)
  • polynomial_from_roots was made non-recursive and able to handle larger numbers of roots (thanks to pochmann3 and rhettinger)
  • is_sorted now only relies on less than comparisons (thanks to rhettinger)
  • The docstring for outer_product was improved (thanks to rhettinger)
  • The type annotations for sample were improved (thanks to rhettinger)

• Other changes:

  • Python 3.13 is officially supported. Python 3.8 is no longer officially supported. (thanks to hugovk, JamesParrott, and stankudrow)
  • mypy checks were fixed (thanks to JamesParrott)

Commits

• 1681cea Bump version: 10.5.0 → 10.6.0
• ff31994 Merge pull request #943 from more-itertools/release-2025
• 1a4fba2 Drop extra whitespace
• 9b47c8b Drop mypy pin
• d11b54d Update version docs
• 71e4b1c Merge branch 'stankudrow-pyupgrade-py39' into release-2025
• d58fe3d Merge branch 'pyupgrade-py39' of https://github.com/stankudrow/more-itertools...
• 8acddb5 Merge pull request #945 from rhettinger/mo_cova
• 011403a Test corner cases
• 7b9889c Merge pull request #944 from rhettinger/strict_counts
• Additional commits viewable in compare view

Updates pygments from 2.19.0 to 2.19.1

Release notes

Sourced from pygments's releases.

2.19.1

• Updated lexers:

  • Ini: Fix quoted string regression introduced in 2.19.0
  • Lua: Fix a regression introduced in 2.19.0

Changelog

Sourced from pygments's changelog.

Version 2.19.1

(released January 6th, 2025)

• Updated lexers:

  • Ini: Fix quoted string regression introduced in 2.19.0
  • Lua: Fix a regression introduced in 2.19.0

Commits

• b583de4 Prepare 2.19.1 release.
• c13f3f1 Prepare 2.19.1 release.
• cdbcd43 Add regression test for .ini issue, update CHANGES.
• 5792a21 Update CHANGES.
• a985866 Merge pull request #2835 from kartben/fix_ini_double_quotes
• 5822fd1 Fix Lua regressions.
• 673d824 Fix quoted string handling
• 43bf86f Improve example regex in the docs.
• 452ac62 Move on past 2.19.0.
• See full diff in compare view

Updates pyproject-api from 1.8.0 to 1.9.0

Release notes

Sourced from pyproject-api's releases.

Drop 3.8

What's Changed

• Create FUNDING.yml by @​gaborbernat in tox-dev/pyproject-api#158

Full Changelog: tox-dev/pyproject-api@1.8.0...1.9.0

Commits

• aace737 Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#175)
• ce4087b Bump astral-sh/setup-uv from 4 to 5 (#176)
• 136e5de [pre-commit.ci] pre-commit autoupdate (#174)
• 81e9d22 [pre-commit.ci] pre-commit autoupdate (#172)
• 5814c0a Bump astral-sh/setup-uv from 3 to 4 (#173)
• eb9f7ba [pre-commit.ci] pre-commit autoupdate (#171)
• 249be0c [pre-commit.ci] pre-commit autoupdate (#170)
• f9c1b7f Bump pypa/gh-action-pypi-publish from 1.12.1 to 1.12.2 (#169)
• 298cafc [pre-commit.ci] pre-commit autoupdate (#166)
• 762410d Bump pypa/gh-action-pypi-publish from 1.11.0 to 1.12.1 (#168)
• Additional commits viewable in compare view

Updates virtualenv from 20.28.1 to 20.29.1

Release notes

Sourced from virtualenv's releases.

20.29.1

What's Changed

• release 20.29.0 by @​gaborbernat in pypa/virtualenv#2824
• Simplify Solution to --python command-line flag precedence by @​DK96-OS in pypa/virtualenv#2826
• Change PyInfo cache versioning mechanism by @​robsdedude in pypa/virtualenv#2827

New Contributors

• @​DK96-OS made their first contribution in pypa/virtualenv#2826

Full Changelog: pypa/virtualenv@20.29.0...20.29.1

20.29.0

What's Changed

• release 20.28.1 by @​gaborbernat in pypa/virtualenv#2818
• Makes --python command-line flag take precedence over env var by @​filiplajszczak in pypa/virtualenv#2821
• Add free-threaded Python support by @​robsdedude in pypa/virtualenv#2809
• Upgrade embeded setuptools by @​gaborbernat in pypa/virtualenv#2823

New Contributors

• @​filiplajszczak made their first contribution in pypa/virtualenv#2821
• @​robsdedude made their first contribution in pypa/virtualenv#2809

Full Changelog: pypa/virtualenv@20.28.1...20.29.0

Changelog

Sourced from virtualenv's changelog.

v20.29.1 (2025-01-17)

Bugfixes - 20.29.1

- Fix PyInfo cache incompatibility warnings - by :user:`robsdedude`. (:issue:`2827`)
v20.29.0 (2025-01-15)
Features - 20.29.0

• Add support for selecting free-threaded Python interpreters, e.g., python3.13t. (:issue:2809)

Bugfixes - 20.29.0

- Upgrade embedded wheels:

setuptools to 75.8.0 from 75.6.0 (:issue:2823)

Commits

• e07c0c3 release 20.29.1
• 61bee9f Add changelog for PyInfo fix
• fd0dc85 Change PyInfo cache versioning mechanism (#2827)
• 56ef466 Merge pull request #2826 from DK96-OS/cli-precedence-2285
• caf03a2 Merge pull request #2824 from pypa/release-20.29.0
• 0f6dc41 release 20.29.0
• ea5e5cb Upgrade embeded setuptools (#2823)
• b00d59c Add free-threaded Python support (#2809)
• bc7a91a Merge pull request #2821 from filiplajszczak/cli-precedence-2285
• 11995e7 Merge pull request #2819 from pypa/pre-commit-ci-update-config
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.