From cece2b91350fc42ffa3b413ef47370a943816c33 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 30 Sep 2024 09:52:27 +0200
Subject: [PATCH] chore(deps): Bump virtualenv from 20.26.4 to 20.26.6 (#2006)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.26.4 to
20.26.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/releases">virtualenv's
releases</a>.</em></p>
<blockquote>
<h2>20.26.5</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>release 20.26.4 by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2761">pypa/virtualenv#2761</a></li>
<li>Use uv over pip by <a
href="https://github.com/gaborbernat"><code>@​gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/virtualenv/pull/2765">pypa/virtualenv#2765</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5">https://github.com/pypa/virtualenv/compare/20.26.4...20.26.5</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst">virtualenv's
changelog</a>.</em></p>
<blockquote>
<h2>v20.26.6 (2024-09-27)</h2>
<p>Bugfixes - 20.26.6</p>
<pre><code>- Properly quote string placeholders in activation script
templates to mitigate
  potential command injection - by :user:`y5c4l3`. (:issue:`2768`)
<h2>v20.26.5 (2024-09-17)</h2>
<p>Bugfixes - 20.26.5
</code></pre></p>
<ul>
<li>Upgrade embedded wheels: setuptools to <code>75.1.0</code> from
<code>74.1.2</code> - by :user:<code>gaborbernat</code>.
(:issue:<code>2765</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/virtualenv/commit/ec04726d065372ffad9920998aef1ce41252a61d"><code>ec04726</code></a>
release 20.26.6</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/86dddeda7c991f8529e1995bbff280fb7b761972"><code>86ddded</code></a>
Fix <a
href="https://redirect.github.com/pypa/virtualenv/issues/2768">#2768</a>:
Quote template strings in activation scripts (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2771">#2771</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/6bb3f6226c18d69bb6cfa3475b6d46dd463bb530"><code>6bb3f62</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2769">#2769</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/220d49c2e3ade2ed24f5712ab5a23895cde2e04c"><code>220d49c</code></a>
Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.2 (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2767">#2767</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/cf340c83c2828a92def78c77b3e037a2baa4d557"><code>cf340c8</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/virtualenv/issues/2766">#2766</a>
from pypa/release-20.26.5</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/f3172b4da576b88275a14d2e7bbeb98b8f958a05"><code>f3172b4</code></a>
release 20.26.5</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/22b9795eb6bed0c17d0415c5513eca099a0a11ad"><code>22b9795</code></a>
Use uv over pip (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2765">#2765</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/35d8269aba12a1e3c60183a2082b2c4d0cc1192f"><code>35d8269</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2764">#2764</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/ee77feb77ccb3c5deefa318630c59315bcfda521"><code>ee77feb</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pypa/virtualenv/issues/2763">#2763</a>)</li>
<li><a
href="https://github.com/pypa/virtualenv/commit/c5160566293ed098ca30e0856dbf44588dd5c3a3"><code>c516056</code></a>
Update README.md</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/virtualenv/compare/20.26.4...20.26.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=virtualenv&package-manager=pip&previous-version=20.26.4&new-version=20.26.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index c2cbf7c8..510820d8 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -47,6 +47,6 @@ tomlkit==0.13.2 ; python_version == "3.8"
 trove-classifiers==2024.9.12 ; python_version == "3.8"
 urllib3==2.2.3 ; python_version == "3.8"
 userpath==1.9.2 ; python_version == "3.8"
-virtualenv==20.26.4 ; python_version == "3.8"
+virtualenv==20.26.6 ; python_version == "3.8"
 xattr==1.1.0 ; sys_platform == "darwin" and python_version == "3.8"
 zipp==3.20.2 ; python_version == "3.8"