Bump the python-requirements group in /requirements with 9 updates

[dependabot]

Bumps the python-requirements group in /requirements with 9 updates:

Package	From	To
sphinx-issues	3.0.1	4.0.0
cryptography	41.0.7	42.0.5
pytest	7.4.4	8.0.2
watchdog	3.0.0	4.0.0
build	1.0.3	1.1.1
pip-tools	7.3.0	7.4.0
pre-commit	3.6.0	3.6.2
tox	4.11.4	4.13.0
types-setuptools	69.0.0.0	69.1.0.20240301

Updates sphinx-issues from 3.0.1 to 4.0.0

Commits

• 50128ce Bump version and update changelog
• 0239bda Default to linking to GH sponsors URL for the :user: role (#131)
• 9d176de Dev Chores (#130)
• 08c376f Run pre-commit autoupdate
• See full diff in compare view

Updates cryptography from 41.0.7 to 42.0.5

Changelog

Sourced from cryptography's changelog.

42.0.5 - 2024-02-23

* Limit the number of name constraint checks that will be performed in
  :mod:`X.509 path validation <cryptography.x509.verification>` to protect
  against denial of service attacks.
* Upgrade ``pyo3`` version, which fixes building on PowerPC.
.. _v42-0-4:
42.0.4 - 2024-02-20

• Fixed a null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle. Credit to Alexander-Programming for reporting the issue. CVE-2024-26130
• Fixed ASN.1 encoding for PKCS7/SMIME signed messages. The fields SMIMECapabilities and SignatureAlgorithmIdentifier should now be correctly encoded according to the definitions in :rfc:2633 :rfc:3370.

.. _v42-0-3:

42.0.3 - 2024-02-15

* Fixed an initialization issue that caused key loading failures for some
  users.
.. _v42-0-2:
42.0.2 - 2024-01-30

• Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.2.1.
• Fixed an issue that prevented the use of Python buffer protocol objects in sign and verify methods on asymmetric keys.
• Fixed an issue with incorrect keyword-argument naming with EllipticCurvePrivateKey :meth:~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey.exchange, X25519PrivateKey :meth:~cryptography.hazmat.primitives.asymmetric.x25519.X25519PrivateKey.exchange, X448PrivateKey :meth:~cryptography.hazmat.primitives.asymmetric.x448.X448PrivateKey.exchange, and DHPrivateKey :meth:~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey.exchange.

.. _v42-0-1:

42.0.1 - 2024-01-24

</tr></table> 

... (truncated)

Commits

• 33833f0 Release 42.0.5 (#10470)
• 4be53bf Added a budget for NC checks to protect against DoS (#10467) (#10468)
• 8e9de30 Bump pyo3 from 0.20.2 to 0.20.3 in /src/rust (#10462) (#10465)
• fe18470 Bump for 42.0.4 release (#10445)
• aaa2dd0 Fix ASN.1 issues in PKCS#7 and S/MIME signing (#10373) (#10442)
• 7a4d012 Fixes #10422 -- don't crash when a PKCS#12 key and cert don't match (#10423) ...
• df314bb backport actions m1 switch to 42.0.x (#10415)
• c49a7a5 changelog and version bump for 42.0.3 (#10396)
• 396bcf6 fix provider loading take two (#10390) (#10395)
• 0e0e46f backport: initialize openssl's legacy provider in rust (#10323) (#10333)
• Additional commits viewable in compare view

Updates pytest from 7.4.4 to 8.0.2

Release notes

Sourced from pytest's releases.

8.0.2

pytest 8.0.2 (2024-02-24)

Bug Fixes

• #11895: Fix collection on Windows where initial paths contain the short version of a path (for example c:\PROGRA~1\tests).
• #11953: Fix an IndexError crash raising from getstatementrange_ast.
• #12021: Reverted a fix to [--maxfail]{.title-ref} handling in pytest 8.0.0 because it caused a regression in pytest-xdist whereby session fixture teardowns may get executed multiple times when the max-fails is reached.

8.0.1

pytest 8.0.1 (2024-02-16)

Bug Fixes

• #11875: Correctly handle errors from getpass.getuser{.interpreted-text role="func"} in Python 3.13.
• #11879: Fix an edge case where ExceptionInfo._stringify_exception could crash pytest.raises{.interpreted-text role="func"}.
• #11906: Fix regression with pytest.warns{.interpreted-text role="func"} using custom warning subclasses which have more than one parameter in their [__init__]{.title-ref}.
• #11907: Fix a regression in pytest 8.0.0 whereby calling pytest.skip{.interpreted-text role="func"} and similar control-flow exceptions within a pytest.warns(){.interpreted-text role="func"} block would get suppressed instead of propagating.
• #11929: Fix a regression in pytest 8.0.0 whereby autouse fixtures defined in a module get ignored by the doctests in the module.
• #11937: Fix a regression in pytest 8.0.0 whereby items would be collected in reverse order in some circumstances.

pytest 8.0.0 (2024-01-27)

See 8.0.0rc1 and 8.0.0rc2 for the full changes since pytest 7.4!

Bug Fixes

• #11842: Properly escape the reason of a skip <pytest.mark.skip ref>{.interpreted-text role="ref"} mark when writing JUnit XML files.
• #11861: Avoid microsecond exceeds 1_000_000 when using log-date-format with %f specifier, which might cause the test suite to crash.

8.0.0rc2

pytest 8.0.0rc2 (2024-01-17)

Improvements

• #11233: Improvements to -r for xfailures and xpasses:
  • Report tracebacks for xfailures when -rx is set.
  • Report captured output for xpasses when -rX is set.
  • For xpasses, add - in summary between test name and reason, to match how xfail is displayed.
• #11825: The pytest_plugin_registered{.interpreted-text role="hook"} hook has a new plugin_name parameter containing the name by which plugin is registered.

Bug Fixes

• #11706: Fix reporting of teardown errors in higher-scoped fixtures when using [--maxfail]{.title-ref} or [--stepwise]{.title-ref}.

... (truncated)

Commits

• 31afeeb Prepare release version 8.0.2
• 1b00a2f Merge pull request #12025 from pytest-dev/backport-12022-to-8.0.x
• ff2f66d [8.0.x] Revert "Fix teardown error reporting when --maxfail=1 (#11721)"
• 8a8eed6 [8.0.x] Fix collection of short paths on Windows (#12024)
• 74346f0 [8.0.x] Allow Sphinx 7.x (#12005)
• b7657b4 [8.0.x] Disallow Sphinx 6 and 7 (#12001)
• feb7c5e Merge pull request #11999 from pytest-dev/backport-11996-to-8.0.x
• 0909655 [8.0.x] code: fix IndexError crash in getstatementrange_ast
• 68524d4 Merge pull request #11993 from pytest-dev/release-8.0.1
• d7d320a Prepare release version 8.0.1
• Additional commits viewable in compare view

Updates watchdog from 3.0.0 to 4.0.0

Release notes

Sourced from watchdog's releases.

4.0.0

• Drop support for Python 3.7.
• Add support for Python 3.12.
• [snapshot] Add typing to dirsnapshot (#1012)
• [snapshot] Added DirectorySnapshotDiff.ContextManager (#1011)
• [events] FileSystemEvent, and subclasses, are now dataclasses, and their repr() has changed
• [windows] WinAPINativeEvent is now a dataclass, and its repr() has changed
• [events] Log FileOpenedEvent, and FileClosedEvent, events in LoggingEventHandler
• [tests] Improve FileSystemEvent coverage
• [watchmedo] Log all events in LoggerTrick
• [windows] The observers.read_directory_changes.WATCHDOG_TRAVERSE_MOVED_DIR_DELAY hack was removed. The constant will be kept to prevent breaking other softwares.
• Thanks to our beloved contributors: @​BoboTiG, @​msabramo

Changelog

Sourced from watchdog's changelog.

4.0.0

2024-02-06 • `full history <https://github.com/gorakhargosh/watchdog/compare/v3.0.0...v4.0.0>`__

Drop support for Python 3.7.
Add support for Python 3.12.
[snapshot] Add typing to dirsnapshot ([#1012](https://github.com/gorakhargosh/watchdog/issues/1012) &lt;https://github.com/gorakhargosh/watchdog/pull/1012&gt;__)
[snapshot] Added DirectorySnapshotDiff.ContextManager ([#1011](https://github.com/gorakhargosh/watchdog/issues/1011) &lt;https://github.com/gorakhargosh/watchdog/pull/1011&gt;__)
[events] FileSystemEvent, and subclasses, are now dataclasses, and their repr() has changed
[windows] WinAPINativeEvent is now a dataclass, and its repr() has changed
[events] Log FileOpenedEvent, and FileClosedEvent, events in LoggingEventHandler
[tests] Improve FileSystemEvent coverage
[watchmedo] Log all events in LoggerTrick
[windows] The observers.read_directory_changes.WATCHDOG_TRAVERSE_MOVED_DIR_DELAY hack was removed. The constant will be kept to prevent breaking other softwares.
Thanks to our beloved contributors: @​BoboTiG, @​msabramo

Commits

• 7d651ac Version 4.0.0
• 6cdf07e chore: Update supported Python versions (drop 3.7, add 3.12) (#1017)
• 6cfe9cc fix: mypy "type: ignore" comment errors (#1016)
• e4e2f8e style: run black & isort on inotify (#1015)
• 52d8692 feat: Add DirectorySnapshotDiff.ContextManager (#1011)
• 2338837 fix: mypy errors introduced by #1012 (#1014)
• 5f9d93c feat: Add typing to dirsnapshot (#1012)
• 75a3289 doc: log the watched folder in the README (#995)
• 48c49a1 Added event filter for the emitter (#989)
• 363fe62 [windows] Remove the WATCHDOG_TRAVERSE_MOVED_DIR_DELAY hack (#986)
• Additional commits viewable in compare view

Updates build from 1.0.3 to 1.1.1

Release notes

Sourced from build's releases.

Version 1.1.1

What's Changed

• Fixed invoking outer pip from user site packages (PR #746, fixes issue #745)
• Corrected the minimum pip version required to use an outer pip (PR #746, fixes issue #745)

Full Changelog: pypa/build@v1.1.0...1.1.1

Version 1.1.0

What's Changed

• Use external pip if available instead of installing, speeds up environment setup with virtualenv slightly and venv significantly. (PR #736)
• Stopped injecting wheel as a build dependency automatically, in the case of missing pyproject.toml -- by @​webknjaz. (PR #716)
• Use importlib_metadata on Python <3.10.2 for bugfixes not present in those CPython standard libraries (not required when bootstrapping) -- by @​GianlucaFicarelli. (PR #693, fixes issue #692)

New Contributors

• @​MichaReiser made their first contribution in pypa/build#697
• @​GianlucaFicarelli made their first contribution in pypa/build#693

Full Changelog: pypa/build@1.0.3...v1.1.0

Changelog

Sourced from build's changelog.

1.1.1 (2024-02-29)

• Fixed invoking outer pip from user site packages (PR :pr:746, fixes issue :issue:745)
• Corrected the minimum pip version required to use an outer pip (PR :pr:746, fixes issue :issue:745)

1.1.0 (2024-02-29)

• Use external pip if available instead of installing, speeds up environment setup with virtualenv slightly and venv significantly. (PR :pr:736)
• Stopped injecting wheel as a build dependency automatically, in the case of missing pyproject.toml -- by :user:webknjaz. (PR :pr:716)
• Use importlib_metadata on Python <3.10.2 for bugfixes not present in those CPython standard libraries (not required when bootstrapping) -- by :user:GianlucaFicarelli. (PR :pr:693, fixes issue :issue:692)

Commits

• b36126a release 1.1.1
• 9588222 env: fix global pip (#746)
• da06973 chore: prepare for 1.1.0 (#744)
• 42231a7 compat: create separate importlib, tarfile and tomllib shims
• 894998a chore: address feedback
• aa0aa04 fix(types): make the passthrough general
• af5ff53 feat: use external pip if available
• 9ceb49d build(deps): bump the actions group with 1 update (#739)
• ac57b94 refactor: pull out pip checks (#735)
• e6969d1 pre-commit: bump repositories (#734)
• Additional commits viewable in compare view

Updates pip-tools from 7.3.0 to 7.4.0

Release notes

Sourced from pip-tools's releases.

7.4.0

Features:

• Allow force-enabling or force-disabling colorized output (#2041). Thanks @​aneeshusa
• Add support for command-specific configuration sections (#1966). Thanks @​chrysle
• Add options for including build dependencies in compiled output (#1681). Thanks @​apljungquist

Bug Fixes:

• Fix for src-files not being used when specified in a config file (#2015). Thanks @​csalerno-asml
• Fix ignorance of inverted CLI options in config for pip-sync (#1989). Thanks @​chrysle
• Filter out origin ireqs for extra requirements before writing output annotations (#2011). Thanks @​chrysle
• Make BacktrackingResolver ignore extras when dropping existing constraints (#1984). Thanks @​chludwig-haufe
• Display pyproject.toml's metatada parsing errors in verbose mode (#1979). Thanks @​szobov

Other Changes:

• Add mention of pip-compile-multi in Other useful tools README section (#1986). Thanks @​peterdemin

Changelog

Sourced from pip-tools's changelog.

v7.4.0

Features:

• Allow force-enabling or force-disabling colorized output (#2041). Thanks @​aneeshusa
• Add support for command-specific configuration sections (#1966). Thanks @​chrysle
• Add options for including build dependencies in compiled output (#1681). Thanks @​apljungquist

Bug Fixes:

• Fix for src-files not being used when specified in a config file (#2015). Thanks @​csalerno-asml
• Fix ignorance of inverted CLI options in config for pip-sync (#1989). Thanks @​chrysle
• Filter out origin ireqs for extra requirements before writing output annotations (#2011). Thanks @​chrysle
• Make BacktrackingResolver ignore extras when dropping existing constraints (#1984). Thanks @​chludwig-haufe
• Display pyproject.toml's metatada parsing errors in verbose mode (#1979). Thanks @​szobov

Other Changes:

• Add mention of pip-compile-multi in Other useful tools README section (#1986). Thanks @​peterdemin

Commits

• 1397bfa Merge pull request #2043 from jazzband/dependabot/pip/docs/jinja2-3.1.3
• 355a04e Bump jinja2 from 3.1.2 to 3.1.3 in /docs
• c8f2988 Merge pull request #2055 from atugushev/fix-failing-test-on-pip-24
• 598845a Fix failing test on pip-24.0
• a8688d7 Merge pull request #2029 from jazzband/pre-commit-ci-update-config
• 39cbff8 [pre-commit.ci] auto fixes from pre-commit.com hooks
• 644ac8a [pre-commit.ci] pre-commit autoupdate
• d673c8e Merge pull request #2015 from csalerno-asml/fix-2006
• e216ad5 rm submodule
• 64d1de3 comments addressed
• Additional commits viewable in compare view

Updates pre-commit from 3.6.0 to 3.6.2

Release notes

Sourced from pre-commit's releases.

pre-commit v3.6.2

Fixes

• Fix building golang hooks during git commit --all.
  • #3130 PR by @​asottile.
  • #2722 issue by @​pestanko and @​matthewhughes934.

pre-commit v3.6.1

Fixes

• Remove PYTHONEXECUTABLE from environment when running.
  • #3110 PR by @​untitaker.
• Handle staged-files-only with only a crlf diff.
  • #3126 PR by @​asottile.
  • issue by @​tyyrok.

Changelog

Sourced from pre-commit's changelog.

3.6.2 - 2024-02-18

Fixes

• Fix building golang hooks during git commit --all.
  • #3130 PR by @​asottile.
  • #2722 issue by @​pestanko and @​matthewhughes934.

3.6.1 - 2024-02-10

Fixes

• Remove PYTHONEXECUTABLE from environment when running.
  • #3110 PR by @​untitaker.
• Handle staged-files-only with only a crlf diff.
  • #3126 PR by @​asottile.
  • issue by @​tyyrok.

Commits

• e525726 v3.6.2
• 3187538 Merge pull request #3130 from pre-commit/golang-build-during-commit-a
• 61d9c95 fix building golang hooks during commit --all
• 15bd0c7 v3.6.1
• 92678c3 Merge pull request #3126 from pre-commit/crlf-only-diff
• 032d8e2 staged_files_only can handle a crlf-only diff
• 7384838 Merge pull request #3110 from untitaker/pythonexecutable
• 96e0712 [pre-commit.ci] auto fixes from pre-commit.com hooks
• 3388e2d Pop PYTHONEXECUTABLE
• 10f8853 Merge pull request #3107 from pre-commit/pre-commit-ci-update-config
• Additional commits viewable in compare view

Updates tox from 4.11.4 to 4.13.0

Release notes

Sourced from tox's releases.

4.13.0

What's Changed

• Document usage of Pytest with Tox as a FAQ entry by @​faph in tox-dev/tox#3192
• docs/config.rst: State in config directive sections their ini file sections by @​0cjs in tox-dev/tox#3194
• .gitignore: Add /tests/demo_pkg_inline/.tox/ by @​0cjs in tox-dev/tox#3198
• docs/development: Summarise important points experienced devs need to know by @​0cjs in tox-dev/tox#3197
• Add tests for CliEnv by @​0cjs in tox-dev/tox#3204
• Document how CliEnv works by @​0cjs in tox-dev/tox#3206
• docs/development "Key points": Two updates and general improvement by @​0cjs in tox-dev/tox#3205
• session.env_select.CliEnv: Document and test spaces behaviour by @​0cjs in tox-dev/tox#3208
• config.cli.test_cli_ini: Re-order for clarity (textual moves only) by @​0cjs in tox-dev/tox#3209
• Revert previous "precommit autoupdate (#3214)" commit; it's broken by @​0cjs in tox-dev/tox#3215
• Extract packaging virtualenv code to its own class by @​gaborbernat in tox-dev/tox#3221

New Contributors

• @​faph made their first contribution in tox-dev/tox#3192
• @​0cjs made their first contribution in tox-dev/tox#3194

Full Changelog: tox-dev/tox@4.12.1...4.13.0

4.12.1

What's Changed

• Fix tox version requirement in docs by @​Viicos in tox-dev/tox#3184
• #3165 fixed Tox failing with --installpkg and multi testenvs by @​Stefanhg in tox-dev/tox#3186

New Contributors

• @​Viicos made their first contribution in tox-dev/tox#3184

Full Changelog: tox-dev/tox@4.12.0...4.12.1

4.12.0

What's Changed

• Exclude bots from generated release notes by @​hugovk in tox-dev/tox#3163
• Imply --parallel when --parallel-no-spinner is passed by @​tusharsadhwani in tox-dev/tox#3159
• Fix 'open an issue' link in development.rst by @​TheRealFalcon in tox-dev/tox#3179
• Fix the CI by @​gaborbernat in tox-dev/tox#3183
• Always pass FORCE_COLOR & NO_COLOR to the environment by @​hashar in tox-dev/tox#3172

New Contributors

• @​tusharsadhwani made their first contribution in tox-dev/tox#3159
• @​TheRealFalcon made their first contribution in tox-dev/tox#3179

Full Changelog: tox-dev/tox@4.11.4...4.12.0

Changelog

Sourced from tox's changelog.

v4.13.0 (2024-02-16)

Features - 4.13.0

- Extract virtual environment packaging code to its own base class not tied to ``virtualenv`` - by :user:`gaborbernat`. (:issue:`3221`)
Improved Documentation - 4.13.0

• Documented usage of pytest with tox run-parallel - by :user:faph. (:issue:3187)
• Configuration: state in config directive sections their ini file sections - by :user:0cjs. (:issue:3194)
• Development: summarize important points experienced developers need to know - by :user:0cjs. (:issue:3197)

v4.12.1 (2024-01-16)

Bugfixes - 4.12.1

- Fixed bug where running with --installpkg and multiple envs could not clean up between tests (:issue:`3165`)
v4.12.0 (2024-01-11)
Features - 4.12.0

• Always pass FORCE_COLOR and NO_COLOR to the environment (:issue:3171)

Bugfixes - 4.12.0

- ``--parallel-no-spinner`` flag now implies ``--parallel`` (:issue:`3158`)
Improved Documentation - 4.12.0

• -Fix open an issue link in development.rst (:issue:3179)

Commits

• ae156e2 release 4.13.0
• fa923ec Extract packaging virtualenv code to its own class (#3221)
• 47bcea6 [pre-commit.ci] pre-commit autoupdate (#3217)
• fb83a3a Revert previous "precommit autoupdate (#3214)" commit; it's broken (#3215)
• 3347933 [pre-commit.ci] pre-commit autoupdate (#3214)
• 2bcc3ec config.cli.test_cli_ini: Re-order for clarity (textual moves only) (#3209)
• 387834a session.env_select.CliEnv: Document and test spaces behaviour (#3208)
• 47fa093 docs/development "Key points": Two updates and general improvement (#3205)
• 1b5b187 Document how CliEnv works (#3206)
• b3eb86a Add tests for CliEnv (#3204)
• Additional commits viewable in compare view

Updates types-setuptools from 69.0.0.0 to 69.1.0.20240301

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.