Update dependency click to v8.1.8

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
click (changelog)	==8.1.3 -> ==8.1.8

---

Release Notes

pallets/click (click)

v8.1.8

Compare Source

Unreleased

• Fix an issue with type hints for click.open_file(). :issue:2717
• Fix issue where error message for invalid click.Path displays on
  multiple lines. :issue:2697
• Fixed issue that prevented a default value of "" from being displayed in
  the help for an option. :issue:2500
• The test runner handles stripping color consistently on Windows.
  :issue:2705
• Show correct value for flag default when using default_map.
  :issue:2632
• Fix click.echo(color=...) passing color to coloroma so it can be
  forced on Windows. :issue:2606.

v8.1.7

Compare Source

Released 2023-08-17

• Fix issue with regex flags in shell completion. :issue:2581
• Bash version detection issues a warning instead of an error. :issue:2574
• Fix issue with completion script for Fish shell. :issue:2567

v8.1.6

Compare Source

Released 2023-07-18

• Fix an issue with type hints for @click.group(). :issue:2558

v8.1.5

Compare Source

Released 2023-07-13

• Fix an issue with type hints for @click.command(), @click.option(), and
  other decorators. Introduce typing tests. :issue:2558

v8.1.4

Compare Source

Released 2023-07-06

• Replace all typing.Dict occurrences to typing.MutableMapping for
  parameter hints. :issue:2255
• Improve type hinting for decorators and give all generic types parameters.
  :issue:2398
• Fix return value and type signature of shell_completion.add_completion_class
  function. :pr:2421
• Bash version detection doesn't fail on Windows. :issue:2461
• Completion works if there is a dot (.) in the program name. :issue:2166
• Improve type annotations for pyright type checker. :issue:2268
• Improve responsiveness of click.clear(). :issue:2284
• Improve command name detection when using Shiv or PEX. :issue:2332
• Avoid showing empty lines if command help text is empty. :issue:2368
• ZSH completion script works when loaded from fpath. :issue:2344.
• EOFError and KeyboardInterrupt tracebacks are not suppressed when
  standalone_mode is disabled. :issue:2380
• @group.command does not fail if the group was created with a custom
  command_class. :issue:2416
• multiple=True is allowed for flag options again and does not require
  setting default=(). :issue:2246, 2292, 2295
• Make the decorators returned by @argument() and @option() reusable when the
  cls parameter is used. :issue:2294
• Don't fail when writing filenames to streams with strict errors. Replace invalid
  bytes with the replacement character (�). :issue:2395
• Remove unnecessary attempt to detect MSYS2 environment. :issue:2355
• Remove outdated and unnecessary detection of App Engine environment. :pr:2554
• echo() does not fail when no streams are attached, such as with pythonw on
  Windows. :issue:2415
• Argument with expose_value=False do not cause completion to fail. :issue:2336

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[dryrunsecurity]

DryRun Security Summary

The pull request updates the click library from version 8.1.3 to 8.1.8 across multiple files, which is a routine dependency update that may include security fixes and improvements, but requires careful review and testing.

Expand for full summary

Summary:

The changes in this pull request primarily focus on updating the dependencies used in the application. Specifically, the click library is being updated from version 8.1.3 to 8.1.8 across multiple files (pyproject.toml, setup.py, and requirements.txt). This type of dependency update is a common practice and generally a positive change, as it can include security fixes, bug patches, and feature improvements.

From an application security perspective, these changes do not introduce any immediate security concerns. However, it's important to review the release notes or change logs for the new click library version to ensure that there are no known security vulnerabilities or breaking changes that could impact the application. Additionally, it's recommended to thoroughly test the application with the updated dependency to verify that it does not introduce any regressions or unexpected behavior.

Furthermore, it's crucial to monitor the security of all dependencies used in the application, including the other libraries listed in the requirements.txt file, such as clickhouse-driver, requests, questionary, tabulate, and kubernetes. Keeping all dependencies up-to-date and addressing any known security issues is a key aspect of maintaining the overall security posture of the application.

Files Changed:

1. pyproject.toml: The click library version is being updated from 8.1.3 to 8.1.8.
2. setup.py: The click library version is being updated from 8.1.3 to 8.1.8.
3. requirements.txt: The click library version is being updated from 8.1.3 to 8.1.8.

Code Analysis

We ran 9 analyzers against 3 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	1 finding

View PR in the DryRun Dashboard.