Bump zipp from 3.8.1 to 3.19.1 #96

dependabot · 2024-07-09T20:13:06Z

Bumps zipp from 3.8.1 to 3.19.1.

Changelog

v3.19.1

Bugfixes

Improved handling of malformed zip files. (#119)

v3.19.0

Features

Implement is_symlink. (#117)

v3.18.2

No significant changes.

v3.18.1

No significant changes.

v3.18.0

Features

Bypass ZipFile.namelist in glob for better performance. (#106)

Refactored glob functionality to support a more generalized solution with support for platform-specific path separators. (#108)

Bugfixes

Add special accounting for pypy when computing the stack level for text encoding warnings. (#114)

v3.17.0

Features

... (truncated)

Commits

6d1cb72 Finalize
fd604bd Merge pull request #120 from jaraco/bugfix/119-malformed-paths
c18417e Add news fragment.
58115d2 Employ SanitizedNames in CompleteDirs. Fixes broken test.
564fcc1 Add SanitizedNames mixin.
79a309f Add some assertions about malformed paths.
2d015c2 Merge https://github.com/jaraco/skeleton
a595a0f Rename extras to align with core metadata spec.
608f90a Finalize
3a22d72 Merge pull request #118 from jaraco/feature/is-symlink
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [zipp](https://github.com/jaraco/zipp) from 3.8.1 to 3.19.1. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.8.1...v3.19.1) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

CLAassistant · 2024-07-09T20:13:14Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ fredericsimard
❌ dependabot[bot]
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

fredericsimard

LGTM, minor bump.

* Bump zipp from 3.8.1 to 3.19.1 Bumps [zipp](https://github.com/jaraco/zipp) from 3.8.1 to 3.19.1. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.8.1...v3.19.1) --- updated-dependencies: - dependency-name: zipp dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Bumped version of zipp to 3.19.1 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frédéric Simard <frederic-contractor@mobilitydata.org>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jul 9, 2024

fredericsimard added 2 commits August 22, 2024 22:27

Merge branch 'main' into dependabot/pip/zipp-3.19.1

23e6fa9

Bumped version of zipp to 3.19.1

c860bc6

fredericsimard approved these changes Aug 23, 2024

View reviewed changes

fredericsimard merged commit 2d16253 into main Aug 23, 2024

fredericsimard deleted the dependabot/pip/zipp-3.19.1 branch August 23, 2024 02:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump zipp from 3.8.1 to 3.19.1 #96

Bump zipp from 3.8.1 to 3.19.1 #96

dependabot bot commented on behalf of github Jul 9, 2024 •

edited

Loading

CLAassistant commented Jul 9, 2024 •

edited

Loading

fredericsimard left a comment

Bump zipp from 3.8.1 to 3.19.1 #96

Bump zipp from 3.8.1 to 3.19.1 #96

Conversation

dependabot bot commented on behalf of github Jul 9, 2024 • edited Loading

v3.19.1

Bugfixes

v3.19.0

Features

v3.18.2

v3.18.1

v3.18.0

Features

Bugfixes

v3.17.0

CLAassistant commented Jul 9, 2024 • edited Loading

fredericsimard left a comment

Choose a reason for hiding this comment

dependabot bot commented on behalf of github Jul 9, 2024 •

edited

Loading

CLAassistant commented Jul 9, 2024 •

edited

Loading