Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): Bump virtualenv from 20.26.4 to 20.26.6 (#2006)
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.26.4 to 20.26.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/releases">virtualenv's releases</a>.</em></p> <blockquote> <h2>20.26.5</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>release 20.26.4 by <a href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in <a href="https://redirect.github.com/pypa/virtualenv/pull/2761">pypa/virtualenv#2761</a></li> <li>Use uv over pip by <a href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in <a href="https://redirect.github.com/pypa/virtualenv/pull/2765">pypa/virtualenv#2765</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5">https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's changelog</a>.</em></p> <blockquote> <h2>v20.26.6 (2024-09-27)</h2> <p>Bugfixes - 20.26.6</p> <pre><code>- Properly quote string placeholders in activation script templates to mitigate potential command injection - by :user:`y5c4l3`. (:issue:`2768`) <h2>v20.26.5 (2024-09-17)</h2> <p>Bugfixes - 20.26.5 </code></pre></p> <ul> <li>Upgrade embedded wheels: setuptools to <code>75.1.0</code> from <code>74.1.2</code> - by :user:<code>gaborbernat</code>. (:issue:<code>2765</code>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d"><code>ec04726</code></a> release 20.26.6</li> <li><a href="https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972"><code>86ddded</code></a> Fix <a href="https://redirect.github.com/pypa/virtualenv/issues/2768">#2768</a>: Quote template strings in activation scripts (<a href="https://redirect.github.com/pypa/virtualenv/issues/2771">#2771</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530"><code>6bb3f62</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/pypa/virtualenv/issues/2769">#2769</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c"><code>220d49c</code></a> Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (<a href="https://redirect.github.com/pypa/virtualenv/issues/2767">#2767</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557"><code>cf340c8</code></a> Merge pull request <a href="https://redirect.github.com/pypa/virtualenv/issues/2766">#2766</a> from pypa/release-20.26.5</li> <li><a href="https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05"><code>f3172b4</code></a> release 20.26.5</li> <li><a href="https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad"><code>22b9795</code></a> Use uv over pip (<a href="https://redirect.github.com/pypa/virtualenv/issues/2765">#2765</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f"><code>35d8269</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/pypa/virtualenv/issues/2764">#2764</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521"><code>ee77feb</code></a> [pre-commit.ci] pre-commit autoupdate (<a href="https://redirect.github.com/pypa/virtualenv/issues/2763">#2763</a>)</li> <li><a href="https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3"><code>c516056</code></a> Update README.md</li> <li>Additional commits viewable in <a href="https://github.com/pypa/virtualenv/compare/20.26.4...20.26.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
5e55a12
commit cece2b9