Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

twine: use API tokens by default on PyPI #1040

Merged

Conversation

woodruffw
Copy link
Member

This is still a work in progress.

See #561.

These casts should be sound, since every RepositoryConfig should
have a `repository` key by this point.

Signed-off-by: William Woodruff <[email protected]>
Signed-off-by: William Woodruff <[email protected]>
@woodruffw woodruffw marked this pull request as ready for review January 4, 2024 18:29
@woodruffw
Copy link
Member Author

I think this is good for an initial look. Key behavioral changes:

  • When the index is PyPI, username is unconditionally set to __token__ regardless of any configuration, environment, or CLI settings. The user is never prompted, if the setting is interactive.
  • When the index is PyPI, the behavior remains essentially unchanged except that the password prompt now asks for an API token instead.
  • I moved repository URL normalization into get_repository_from_config, to ensure that the PyPI URL check is always performed against the normalized URL.

Some design questions:

  • Should we do the same for TestPyPI? I'm not sure if it's also 2FA mandated; CC @miketheman
  • Should we emit warnings about username being ignored?
  • Are configuration/CLI changes needed/warranted? At the moment everything is still username and password; having a token alias for password might make sense. On the other hand, that might be an unnecessary complication.

@miketheman
Copy link
Member

  • Should we do the same for TestPyPI? I'm not sure if it's also 2FA mandated

It is!

Copy link
Member

@sigmavirus24 sigmavirus24 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm on my phone so I may be wrong, but it looks like we don't have tests for repositories other than pypi which means we don't have a way of verifying things don't break for non-PyPI users. Is that right?

@woodruffw
Copy link
Member Author

I'm on my phone so I may be wrong, but it looks like we don't have tests for repositories other than pypi which means we don't have a way of verifying things don't break for non-PyPI users. Is that right?

Yep, that's right -- I'll add those complementing tests tonight!

@woodruffw
Copy link
Member Author

I've added mirror PyPI/non-PyPI tests for the testcases that diverged with these changes.

I've also manually confirmed that the prompt gets specialized as expected, e.g.:

$ twine upload -r testpypi dist/twine-0.1.dev1105+g6e94d20.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Enter your API token:

@sigmavirus24 sigmavirus24 merged commit 89ec78c into pypa:main Jan 5, 2024
22 of 23 checks passed
@woodruffw woodruffw deleted the ww/pypi-mandatory-api-tokens branch January 5, 2024 15:17
mergify bot pushed a commit to aws/jsii that referenced this pull request Feb 12, 2024
…/packages/jsii-pacmak/lib/targets/python (#4422)

Updates the requirements on [twine](https://github.com/pypa/twine) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as <code>cgi</code> has been deprecated (<code>[#969](pypa/twine#969) &lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[#931](pypa/twine#931) &lt;https://github.com/pypa/twine/issues/931&gt;</code><em>, <code>[#991](pypa/twine#991) &lt;https://github.com/pypa/twine/issues/991&gt;</code></em>, <code>[#1028](pypa/twine#1028) &lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>, <code>[#1040](pypa/twine#1040) &lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
<h2>Twine 4.0.2 (2022-11-30)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Remove deprecated function to fix <code>twine check</code> with pkginfo 1.9.0. (<code>[#941](pypa/twine#941) &lt;https://github.com/pypa/twine/issues/941&gt;</code>_)</li>
</ul>
<h2>Twine 4.0.1 (2022-06-01)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Improve logging when keyring fails. (<code>[#890](pypa/twine#890) &lt;https://github.com/pypa/twine/issues/890&gt;</code>_)</li>
<li>Reconfigure root logger to show all log messages. (<code>[#896](pypa/twine#896) &lt;https://github.com/pypa/twine/issues/896&gt;</code>_)</li>
</ul>
<h2>Twine 4.0.0 (2022-03-31)</h2>
<p>Features
^^^^^^^^</p>
<ul>
<li>Drop support for Python 3.6. (<code>[#869](pypa/twine#869) &lt;https://github.com/pypa/twine/issues/869&gt;</code>_)</li>
<li>Use Rich to add color to <code>upload</code> output. (<code>[#851](pypa/twine#851) &lt;https://github.com/pypa/twine/issues/851&gt;</code>_)</li>
<li>Use Rich to add color to <code>check</code> output. (<code>[#874](pypa/twine#874) &lt;https://github.com/pypa/twine/issues/874&gt;</code>_)</li>
<li>Use Rich instead of tqdm for upload progress bar. (<code>[#877](pypa/twine#877) &lt;https://github.com/pypa/twine/issues/877&gt;</code>_)</li>
</ul>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Remove Twine's dependencies from the <code>User-Agent</code> header when uploading. (<code>[#871](pypa/twine#871) &lt;https://github.com/pypa/twine/issues/871&gt;</code>_)</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/twine/commit/94f810c54c8bc9d418a9ed64890ca9fa4ec7b59f"><code>94f810c</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1047">#1047</a> from pypa/new-release</li>
<li><a href="https://github.com/pypa/twine/commit/09d993ad4de12f3d11ddf25ff4b4db54714f1969"><code>09d993a</code></a> Update linkcheck_ignore setting for docs</li>
<li><a href="https://github.com/pypa/twine/commit/ab0ed199154f8ab341d88c313cf4c2e785d770ee"><code>ab0ed19</code></a> Apply 2024 black format</li>
<li><a href="https://github.com/pypa/twine/commit/407e6cc0c42eb0dcbc679cb2ffbffcc5dcbc150b"><code>407e6cc</code></a> Build changelog for 5.0.0</li>
<li><a href="https://github.com/pypa/twine/commit/6644b862bb4555ddcb375c794ec5161de4a248df"><code>6644b86</code></a> Add missing changelog entries</li>
<li><a href="https://github.com/pypa/twine/commit/fe1885f2bf896c1852dedea7733a582c5718bbbc"><code>fe1885f</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1034">#1034</a> from DimitriPapadopoulos/codespell</li>
<li><a href="https://github.com/pypa/twine/commit/694bdcf84686c2821ca3168fbc75c2fa5c901188"><code>694bdcf</code></a> Fix typos found by codespell</li>
<li><a href="https://github.com/pypa/twine/commit/89ec78c6be4b4b1bb22514bcddef8f6014c1ba53"><code>89ec78c</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1040">#1040</a> from woodruffw-forks/ww/pypi-mandatory-api-tokens</li>
<li><a href="https://github.com/pypa/twine/commit/b3b363aae8cf83bfbdf9228f5e80d9bdb4765053"><code>b3b363a</code></a> tests: lintage</li>
<li><a href="https://github.com/pypa/twine/commit/6e94d200e20f700fa2e905dd32afeb367d321b67"><code>6e94d20</code></a> tests: more non-PyPI tests</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/twine/compare/4.0.2...5.0.0">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
cdnninja added a commit to Hyundai-Kia-Connect/hyundai_kia_connect_api that referenced this pull request Feb 13, 2024
Bumps [twine](https://github.com/pypa/twine) from 4.0.2 to 5.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's
changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as
<code>cgi</code> has been deprecated
(<code>[#969](pypa/twine#969)
&lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[#931](pypa/twine#931)
&lt;https://github.com/pypa/twine/issues/931&gt;</code><em>,
<code>[#991](pypa/twine#991)
&lt;https://github.com/pypa/twine/issues/991&gt;</code></em>,
<code>[#1028](pypa/twine#1028)
&lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>,
<code>[#1040](pypa/twine#1040)
&lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/twine/commit/94f810c54c8bc9d418a9ed64890ca9fa4ec7b59f"><code>94f810c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1047">#1047</a> from
pypa/new-release</li>
<li><a
href="https://github.com/pypa/twine/commit/09d993ad4de12f3d11ddf25ff4b4db54714f1969"><code>09d993a</code></a>
Update linkcheck_ignore setting for docs</li>
<li><a
href="https://github.com/pypa/twine/commit/ab0ed199154f8ab341d88c313cf4c2e785d770ee"><code>ab0ed19</code></a>
Apply 2024 black format</li>
<li><a
href="https://github.com/pypa/twine/commit/407e6cc0c42eb0dcbc679cb2ffbffcc5dcbc150b"><code>407e6cc</code></a>
Build changelog for 5.0.0</li>
<li><a
href="https://github.com/pypa/twine/commit/6644b862bb4555ddcb375c794ec5161de4a248df"><code>6644b86</code></a>
Add missing changelog entries</li>
<li><a
href="https://github.com/pypa/twine/commit/fe1885f2bf896c1852dedea7733a582c5718bbbc"><code>fe1885f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1034">#1034</a> from
DimitriPapadopoulos/codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/694bdcf84686c2821ca3168fbc75c2fa5c901188"><code>694bdcf</code></a>
Fix typos found by codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/89ec78c6be4b4b1bb22514bcddef8f6014c1ba53"><code>89ec78c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1040">#1040</a> from
woodruffw-forks/ww/pypi-mandatory-api-tokens</li>
<li><a
href="https://github.com/pypa/twine/commit/b3b363aae8cf83bfbdf9228f5e80d9bdb4765053"><code>b3b363a</code></a>
tests: lintage</li>
<li><a
href="https://github.com/pypa/twine/commit/6e94d200e20f700fa2e905dd32afeb367d321b67"><code>6e94d20</code></a>
tests: more non-PyPI tests</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/twine/compare/4.0.2...5.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twine&package-manager=pip&previous-version=4.0.2&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Co-authored-by: cdnninja <[email protected]>
tekumara added a commit to seek-oss/aec that referenced this pull request Mar 9, 2024
Updates the requirements on [boto3](https://github.com/boto/boto3),
[importlib-resources](https://github.com/python/importlib_resources),
[pytz](https://github.com/stub42/pytz),
[rich](https://github.com/Textualize/rich),
[typing-extensions](https://github.com/python/typing_extensions),
[moto[ec2]](https://github.com/getmoto/moto),
[pytest](https://github.com/pytest-dev/pytest) and
[twine](https://github.com/pypa/twine) to permit the latest version.
Updates `boto3` from 1.34.19 to 1.34.59
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/boto/boto3/blob/develop/CHANGELOG.rst">boto3's
changelog</a>.</em></p>
<blockquote>
<h1>1.34.59</h1>
<ul>
<li>api-change:<code>batch</code>: [<code>botocore</code>] This release
adds JobStateTimeLimitActions setting to the Job Queue API. It allows
you to configure an action Batch can take for a blocking job in front of
the queue after the defined period of time. The new parameter applies
for ECS, EKS, and FARGATE Job Queues.</li>
<li>api-change:<code>bedrock-agent-runtime</code>:
[<code>botocore</code>] Documentation update for Bedrock Runtime
Agent</li>
<li>api-change:<code>cloudtrail</code>: [<code>botocore</code>] Added
exceptions to CreateTrail, DescribeTrails, and ListImportFailures
APIs.</li>
<li>api-change:<code>codebuild</code>: [<code>botocore</code>] This
release adds support for a new webhook event: PULL_REQUEST_CLOSED.</li>
<li>api-change:<code>cognito-idp</code>: [<code>botocore</code>] Add
ConcurrentModificationException to SetUserPoolMfaConfig</li>
<li>api-change:<code>guardduty</code>: [<code>botocore</code>] Add RDS
Provisioned and Serverless Usage types</li>
<li>api-change:<code>transfer</code>: [<code>botocore</code>] Added
DES_EDE3_CBC to the list of supported encryption algorithms for messages
sent with an AS2 connector.</li>
</ul>
<h1>1.34.58</h1>
<ul>
<li>api-change:<code>appconfig</code>: [<code>botocore</code>] AWS
AppConfig now supports dynamic parameters, which enhance the
functionality of AppConfig Extensions by allowing you to provide
parameter values to your Extensions at the time you deploy your
configuration.</li>
<li>api-change:<code>ec2</code>: [<code>botocore</code>] This release
adds an optional parameter to RegisterImage and CopyImage APIs to
support tagging AMIs at the time of creation.</li>
<li>api-change:<code>grafana</code>: [<code>botocore</code>] Adds
support for the new GrafanaToken as part of the Amazon Managed Grafana
Enterprise plugins upgrade to associate your AWS account with a Grafana
Labs account.</li>
<li>api-change:<code>lambda</code>: [<code>botocore</code>]
Documentation updates for AWS Lambda</li>
<li>api-change:<code>payment-cryptography-data</code>:
[<code>botocore</code>] AWS Payment Cryptography EMV Decrypt Feature
Release</li>
<li>api-change:<code>rds</code>: [<code>botocore</code>] Updates Amazon
RDS documentation for io2 storage for Multi-AZ DB clusters</li>
<li>api-change:<code>snowball</code>: [<code>botocore</code>] Doc-only
update for change to EKS-Anywhere ordering.</li>
<li>api-change:<code>wafv2</code>: [<code>botocore</code>] You can
increase the max request body inspection size for some regional
resources. The size setting is in the web ACL association config. Also,
the AWSManagedRulesBotControlRuleSet EnableMachineLearning setting now
takes a Boolean instead of a primitive boolean type, for languages like
Java.</li>
<li>api-change:<code>workspaces</code>: [<code>botocore</code>] Added
note for user decoupling</li>
</ul>
<h1>1.34.57</h1>
<ul>
<li>api-change:<code>dynamodb</code>: [<code>botocore</code>] Doc only
updates for DynamoDB documentation</li>
<li>api-change:<code>imagebuilder</code>: [<code>botocore</code>] Add
PENDING status to Lifecycle Execution resource status. Add StartTime and
EndTime to ListLifecycleExecutionResource API response.</li>
<li>api-change:<code>mwaa</code>: [<code>botocore</code>] Amazon MWAA
adds support for Apache Airflow v2.8.1.</li>
<li>api-change:<code>rds</code>: [<code>botocore</code>] Updated the
input of CreateDBCluster and ModifyDBCluster to support setting CA
certificates. Updated the output of DescribeDBCluster to show current CA
certificate setting value.</li>
<li>api-change:<code>redshift</code>: [<code>botocore</code>] Update for
documentation only. Covers port ranges, definition updates for data
sharing, and definition updates to cluster-snapshot documentation.</li>
<li>api-change:<code>verifiedpermissions</code>: [<code>botocore</code>]
Deprecating details in favor of configuration for GetIdentitySource and
ListIdentitySources APIs.</li>
</ul>
<h1>1.34.56</h1>
<ul>
<li>api-change:<code>apigateway</code>: [<code>botocore</code>]
Documentation updates for Amazon API Gateway</li>
<li>api-change:<code>chatbot</code>: [<code>botocore</code>] Minor
update to documentation.</li>
<li>api-change:<code>organizations</code>: [<code>botocore</code>] This
release contains an endpoint addition</li>
<li>api-change:<code>sesv2</code>: [<code>botocore</code>] Adds support
for providing custom headers within SendEmail and SendBulkEmail for
SESv2.</li>
</ul>
<h1>1.34.55</h1>
<ul>
<li>api-change:<code>cloudformation</code>: [<code>botocore</code>] Add
DetailedStatus field to DescribeStackEvents and DescribeStacks APIs</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/boto/boto3/commit/6afb8be5d3f5b6d9bef2bfd5eed06dadd9e4d139"><code>6afb8be</code></a>
Merge branch 'release-1.34.59'</li>
<li><a
href="https://github.com/boto/boto3/commit/7d7b04eab89d3a048625fa344f98129005946810"><code>7d7b04e</code></a>
Bumping version to 1.34.59</li>
<li><a
href="https://github.com/boto/boto3/commit/4d2d2d263829d75429bc6df5a73192e8c5f15ead"><code>4d2d2d2</code></a>
Add changelog entries from botocore</li>
<li><a
href="https://github.com/boto/boto3/commit/d4d1f2e0b0f71f798525e8b4aa9b555f8b730e2e"><code>d4d1f2e</code></a>
Merge branch 'release-1.34.58'</li>
<li><a
href="https://github.com/boto/boto3/commit/3eb43356ceec2240495f391a8d6b3b6f0dd77c41"><code>3eb4335</code></a>
Merge branch 'release-1.34.58' into develop</li>
<li><a
href="https://github.com/boto/boto3/commit/e438496d7729482061773476d8568edddfac6a76"><code>e438496</code></a>
Bumping version to 1.34.58</li>
<li><a
href="https://github.com/boto/boto3/commit/ce57c75ef8773e8b87681c0640b9da6681e413df"><code>ce57c75</code></a>
Add changelog entries from botocore</li>
<li><a
href="https://github.com/boto/boto3/commit/cefe841cb7dabc3c4e67119091462435cedbcce9"><code>cefe841</code></a>
Merge branch 'release-1.34.57'</li>
<li><a
href="https://github.com/boto/boto3/commit/cd8e734ccf8482306119b8799246843b14f66982"><code>cd8e734</code></a>
Merge branch 'release-1.34.57' into develop</li>
<li><a
href="https://github.com/boto/boto3/commit/26d558280ef7c57f4481886670e8528411a76989"><code>26d5582</code></a>
Bumping version to 1.34.57</li>
<li>Additional commits viewable in <a
href="https://github.com/boto/boto3/compare/1.34.19...1.34.59">compare
view</a></li>
</ul>
</details>
<br />

Updates `importlib-resources` from 6.1.1 to 6.1.3
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/importlib_resources/blob/main/NEWS.rst">importlib-resources's
changelog</a>.</em></p>
<blockquote>
<h1>v6.1.3</h1>
<p>No significant changes.</p>
<h1>v6.1.2</h1>
<h2>Bugfixes</h2>
<ul>
<li>Fixed NotADirectoryError when calling files on a subdirectory of a
namespace package. (<a
href="https://redirect.github.com/python/importlib_resources/issues/293">#293</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/importlib_resources/commit/56bd2b9cb41f76db5b7ef057cadd6d056aadf21f"><code>56bd2b9</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_resources/commit/99a41c1fe19aa9f39ec88a69a66a6298837db4d2"><code>99a41c1</code></a>
Re-use isolated_modules in ZipSetupBase.</li>
<li><a
href="https://github.com/python/importlib_resources/commit/8918e27bc55dd0a71661b061d6371bd0fd3c49fe"><code>8918e27</code></a>
Remove unlink compatibility (unused).</li>
<li><a
href="https://github.com/python/importlib_resources/commit/a8892ae076dd24f129e51125f28b9a9abf846e8f"><code>a8892ae</code></a>
Extract 'from_test_support' helper.</li>
<li><a
href="https://github.com/python/importlib_resources/commit/414e4c0919b0b15d3546aee94d73835c7b24bdc3"><code>414e4c0</code></a>
Use a SimpleNamespace for setdefault compatibility.</li>
<li><a
href="https://github.com/python/importlib_resources/commit/f3f4b0ab8b50297e33343cc5e51b15dcf08c2412"><code>f3f4b0a</code></a>
<a
href="https://redirect.github.com/python/importlib_resources/issues/116307">gh-116307</a>:
Create a new import helper 'isolated modules' and use that
instead...</li>
<li><a
href="https://github.com/python/importlib_resources/commit/8eb207101d80b378abcbe4152a790505fcc8ac7c"><code>8eb2071</code></a>
Move test compatibility modules into a compat package.</li>
<li><a
href="https://github.com/python/importlib_resources/commit/131906a73870c0de86e6817dd54f61b26b33db02"><code>131906a</code></a>
Finalize</li>
<li><a
href="https://github.com/python/importlib_resources/commit/3f49de32549044d57fbd000bc53d8c4c5bee6c3e"><code>3f49de3</code></a>
Merge pull request <a
href="https://redirect.github.com/python/importlib_resources/issues/293">#293</a>
from sfc-gh-wzhao/wzhao-fix-files-not-a-directory-whe...</li>
<li><a
href="https://github.com/python/importlib_resources/commit/76145e2922b7ba2103ad41c80868409c5481c5a6"><code>76145e2</code></a>
Use bytes ranges instead of bytes literals.</li>
<li>Additional commits viewable in <a
href="https://github.com/python/importlib_resources/compare/v6.1.1...v6.1.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `pytz` from 2023.3.post1 to 2024.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stub42/pytz/commit/fb43f957c5149e750c3be3cfc72b22ad94db4886"><code>fb43f95</code></a>
Github releases</li>
<li><a
href="https://github.com/stub42/pytz/commit/368095322408e14898640a426db1e4658b8acd8c"><code>3680953</code></a>
Bump version numbers to 2024.1 / 2024a</li>
<li><a
href="https://github.com/stub42/pytz/commit/8cde1786a5b9c25e2945bbc6c37e80fe9292798c"><code>8cde178</code></a>
IANA 2024a</li>
<li><a
href="https://github.com/stub42/pytz/commit/e22640ed537602adb2638951d5a5e6bd5395c4ce"><code>e22640e</code></a>
Squashed 'tz/' changes from cc48c2dfa..beeb53a3d</li>
<li><a
href="https://github.com/stub42/pytz/commit/ebee1ae4ef35f6fe73603b7582b458a732ae9b8a"><code>ebee1ae</code></a>
Stop building unused distribution files</li>
<li><a
href="https://github.com/stub42/pytz/commit/77d9c8c39c17ff80eb82aff6bfe62d2b26b253bb"><code>77d9c8c</code></a>
Default to Python 3.12</li>
<li><a
href="https://github.com/stub42/pytz/commit/8f15f8061c59cb04050c1d524df9b34294d9d78b"><code>8f15f80</code></a>
PyPI publication from github</li>
<li><a
href="https://github.com/stub42/pytz/commit/ee2e37b6ae386299ad6a01fbcdc44af5f3739e9c"><code>ee2e37b</code></a>
Bump version to 2023.4 (2023d)</li>
<li><a
href="https://github.com/stub42/pytz/commit/4a37f7cbb98b170d29c7114c832451cb80476675"><code>4a37f7c</code></a>
Squashed 'tz/' changes from ddb8cf09d..2bb5bb955</li>
<li><a
href="https://github.com/stub42/pytz/commit/4a8ca236bd92e0b66c6d612fc256b71f6f47a109"><code>4a8ca23</code></a>
IANA 2023d</li>
<li>See full diff in <a
href="https://github.com/stub42/pytz/compare/release_2023.3.post1...release_2024.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `rich` from 13.7.0 to 13.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Textualize/rich/releases">rich's
releases</a>.</em></p>
<blockquote>
<h2>v13.7.1</h2>
<p>Fixes some character widths</p>
<h2>[13.7.1] - 2023-02-28</h2>
<h3>Fixed</h3>
<ul>
<li>Updated the widths of some characters <a
href="https://redirect.github.com/Textualize/rich/pull/3289">Textualize/rich#3289</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Textualize/rich/blob/master/CHANGELOG.md">rich's
changelog</a>.</em></p>
<blockquote>
<h2>[13.7.1] - 2023-02-28</h2>
<h3>Fixed</h3>
<ul>
<li>Updated the widths of some characters <a
href="https://redirect.github.com/Textualize/rich/pull/3289">Textualize/rich#3289</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Textualize/rich/commit/7f580bdcf07a3b269a0e786b6a3aa9c804f393cf"><code>7f580bd</code></a>
Merge pull request <a
href="https://redirect.github.com/Textualize/rich/issues/3293">#3293</a>
from Textualize/bump1371</li>
<li><a
href="https://github.com/Textualize/rich/commit/705bc464cb8a25ff550a6e6e8b0f16e338576db6"><code>705bc46</code></a>
bump</li>
<li><a
href="https://github.com/Textualize/rich/commit/f4a7ed38ebd6aecfe1077ad75f334b74beea4cc2"><code>f4a7ed3</code></a>
Merge pull request <a
href="https://redirect.github.com/Textualize/rich/issues/3289">#3289</a>
from Textualize/update-wcwidth</li>
<li><a
href="https://github.com/Textualize/rich/commit/18ebb427bcd36e0b0b200cc41bf165d5fb758e95"><code>18ebb42</code></a>
Update wcwidth and cell widths.</li>
<li><a
href="https://github.com/Textualize/rich/commit/26152e9cc95eef9c8f363d7bf1dfda426275348d"><code>26152e9</code></a>
Export TextType into the docs. (<a
href="https://redirect.github.com/Textualize/rich/issues/3257">#3257</a>)</li>
<li>See full diff in <a
href="https://github.com/Textualize/rich/compare/v13.7.0...v13.7.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `typing-extensions` from 4.9.0 to 4.10.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/releases">typing-extensions's
releases</a>.</em></p>
<blockquote>
<h2>4.10.0</h2>
<h1>Release 4.10.0 (February 25, 2024)</h1>
<p>This feature release adds support for PEP 728 (TypedDict with extra
items) and PEP 742 (<code>TypeIs</code>).</p>
<p>There are no changes since 4.10.0rc1.</p>
<h2>4.10.0rc1</h2>
<h1>Release 4.10.0rc1 (February 17, 2024)</h1>
<ul>
<li>Add support for PEP 728, supporting the <code>closed</code> keyword
argument and the
special <code>__extra_items__</code> key for TypedDict. Patch by Zixuan
James Li.</li>
<li>Add support for PEP 742, adding
<code>typing_extensions.TypeIs</code>. Patch
by Jelle Zijlstra.</li>
<li>Drop runtime error when a read-only <code>TypedDict</code> item
overrides a mutable
one. Type checkers should still flag this as an error. Patch by Jelle
Zijlstra.</li>
<li>Speedup <code>issubclass()</code> checks against simple
runtime-checkable protocols by
around 6% (backporting <a
href="https://redirect.github.com/python/cpython/pull/112717">python/cpython#112717</a>,
by Alex
Waygood).</li>
<li>Fix a regression in the implementation of protocols where
<code>typing.Protocol</code>
classes that were not marked as <code>@runtime_checkable</code> would be
unnecessarily
introspected, potentially causing exceptions to be raised if the
protocol had
problematic members. Patch by Alex Waygood, backporting
<a
href="https://redirect.github.com/python/cpython/pull/113401">python/cpython#113401</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's
changelog</a>.</em></p>
<blockquote>
<h1>Release 4.10.0 (February 24, 2024)</h1>
<p>This feature release adds support for PEP 728 (TypedDict with extra
items) and PEP 742 (<code>TypeIs</code>).</p>
<p>There are no changes since 4.10.0rc1.</p>
<h1>Release 4.10.0rc1 (February 17, 2024)</h1>
<ul>
<li>Add support for PEP 728, supporting the <code>closed</code> keyword
argument and the
special <code>__extra_items__</code> key for TypedDict. Patch by Zixuan
James Li.</li>
<li>Add support for PEP 742, adding
<code>typing_extensions.TypeIs</code>. Patch
by Jelle Zijlstra.</li>
<li>Drop runtime error when a read-only <code>TypedDict</code> item
overrides a mutable
one. Type checkers should still flag this as an error. Patch by Jelle
Zijlstra.</li>
<li>Speedup <code>issubclass()</code> checks against simple
runtime-checkable protocols by
around 6% (backporting <a
href="https://redirect.github.com/python/cpython/pull/112717">python/cpython#112717</a>,
by Alex
Waygood).</li>
<li>Fix a regression in the implementation of protocols where
<code>typing.Protocol</code>
classes that were not marked as <code>@runtime_checkable</code> would be
unnecessarily
introspected, potentially causing exceptions to be raised if the
protocol had
problematic members. Patch by Alex Waygood, backporting
<a
href="https://redirect.github.com/python/cpython/pull/113401">python/cpython#113401</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/python/typing_extensions/commit/ed81f2b2043f60b0c159914e264e127f5d0b4cda"><code>ed81f2b</code></a>
Prepare release 4.10.0 (<a
href="https://redirect.github.com/python/typing_extensions/issues/343">#343</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/06b23e3f05fd0f929dbaea17ae51621dcc8434ab"><code>06b23e3</code></a>
Release 4.10.0rc1 (<a
href="https://redirect.github.com/python/typing_extensions/issues/340">#340</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/b7bf949d669dbe19537f7608e00f7b8368fdfb39"><code>b7bf949</code></a>
Add support for PEP 728 (<a
href="https://redirect.github.com/python/typing_extensions/issues/329">#329</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/9f040ab8c6f859e8ce956331b496e6a98a33e6f6"><code>9f040ab</code></a>
Fix changelog entry and <strong>mutable_keys</strong> tracking for PEP
705 (<a
href="https://redirect.github.com/python/typing_extensions/issues/334">#334</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/566e01e7a798abfcf88849814918fd8413b8d18b"><code>566e01e</code></a>
Add support for TypeIs (PEP 742) (<a
href="https://redirect.github.com/python/typing_extensions/issues/330">#330</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/d6c50f585c386490d38ad6b8ce5543aed6e633a2"><code>d6c50f5</code></a>
Drop runtime error in PEP 705 implementation (<a
href="https://redirect.github.com/python/typing_extensions/issues/333">#333</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/ff530f50e2e1440e870dfecd2f59a5ae9d2a4244"><code>ff530f5</code></a>
Update GitHub Actions versions (<a
href="https://redirect.github.com/python/typing_extensions/issues/332">#332</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/05ffab5fda8510249ec10bc138c72678e3f6d2d9"><code>05ffab5</code></a>
Catch a deprecation warning on Python 3.13 (<a
href="https://redirect.github.com/python/typing_extensions/issues/331">#331</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/69b48c377a2a1286c57059e66c47d386374c46c2"><code>69b48c3</code></a>
Fix display of TypedDict.<strong>readonly_keys</strong> (<a
href="https://redirect.github.com/python/typing_extensions/issues/328">#328</a>)</li>
<li><a
href="https://github.com/python/typing_extensions/commit/004b893ddce2a5743d9a4de3a97ef5c48882d384"><code>004b893</code></a>
Backport recent improvements to the implementation of
<code>Protocol</code> (<a
href="https://redirect.github.com/python/typing_extensions/issues/324">#324</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/python/typing_extensions/compare/4.9.0...4.10.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `moto[ec2]` to 5.0.2
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getmoto/moto/blob/master/CHANGELOG.md">moto[ec2]'s
changelog</a>.</em></p>
<blockquote>
<h2>5.0.2</h2>
<p>Docker Digest for 5.0.2:
<em>sha256:89cc6c764d714bf76e592a61f0c06fd142f672085e1dd3a53eb734aaeb4e14e2</em></p>
<pre><code>General:
* Removed the `python-jose` and `sshpubkeys` dependencies in favor of
`joserfc`. This removes a transitive dependency on `ecdsa`, which
contains a open security vulnerability
<p>New Methods:
* Autoscaling:
* batch_put_scheduled_update_group_action()
* batch_delete_scheduled_action()</p>
<pre><code>* RDS:
    * create_db_proxy()
    * describe_db_proxies()
</code></pre>
<p>Miscellaneous:
* AWSLambda: The ImageConfig.EntryPoint of a function is now used when
invoking it in a Docker container
* CognitoIDP now allows public actions even if IAM auth is enabled
* DynamoDB: create_table() now validates the number of KeySchema-items
* EC2: modify_image_attributes() now supports all LaunchPermissions
* ECS: register_task_definition() now has improved validation around
<code>memory</code>-parameters
* Glue: create_database() now supports the <code>tags</code>-parameter
* IAM: assume_user()/create_user()/get_caller_identity() now return the
correct partition for China (aws-cn) when called from a Chinese region
* ResourceGroupsTagging: get_resources() now supports ELB resources
* Route53: list_hosted_zones() now supports pagination
* S3: put_bucket_notification_configuration() now supports
EventBridge-notifications
* SES now returns errors in the correct format
</code></pre></p>
<h2>5.0.1</h2>
<p>Docker Digest for 5.0.1:
<em>sha256:b6004b2e112c0ba870b2103049548abecec476edeac7a724ed9c71249358e821</em></p>
<pre><code>New Methods:
    * SecretsManager:
        * remove_regions_from_replication()
        * replicate_secret_to_regions()
<p>Miscellaneous:
* AWSLambda: create_event_source_mapping() now supports Kinesis streams
as targets
* CloudFront: Removed error handling for InvalidOriginServer, as our
validation was too strict
* DynamoDB: batch_execute_statement() now supports for
Update/Insert/Delete-statements
* DynamoDB: query() now correctly handles calls where both Limit and
ScanIndexForward are supplied
* EC2: Now supports availability zones for eu-central-2 (Zurich)
* S3: list_objects_v2() can now return more then 1000 results max
(again)
* S3: copy_object() now allows in-place copies when bucket versioning is
enabled
* SecretsManager: create_secrets() now supports the parameters
AddReplicaRegions and ForceOverwriteReplicaSecret
* SecretsManager: list_secrets() now supports the filters primary-region
and owning-service
</code></pre></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/getmoto/moto/commit/4a3b8ad76c2591d98365a7c6f8f1d1a0564f59c9"><code>4a3b8ad</code></a>
Prep release 5.0.2 (<a
href="https://redirect.github.com/getmoto/moto/issues/7359">#7359</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/79c9b7c77bc0a52c7b90ac6121476b760e288704"><code>79c9b7c</code></a>
Techdebt: Verify support for urllib3==2.2.1 (<a
href="https://redirect.github.com/getmoto/moto/issues/7358">#7358</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/8f6153e32137d8778070c0f4aee7a14e34b987c2"><code>8f6153e</code></a>
chore: update SSM default parameters (<a
href="https://redirect.github.com/getmoto/moto/issues/7355">#7355</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/3be1cf331e5d0847311c8c810ce5410e4d85035e"><code>3be1cf3</code></a>
chore: update EC2 Instance Offerings (<a
href="https://redirect.github.com/getmoto/moto/issues/7353">#7353</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/a54cb2937fbfa3d68883c5f5db46d6ba7906ad62"><code>a54cb29</code></a>
Techdebt: Remove ECDSA dependency (<a
href="https://redirect.github.com/getmoto/moto/issues/7356">#7356</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/3f65f946751f8d341a1cb2a9f767ebedd68985da"><code>3f65f94</code></a>
chore: update EC2 Instance Types (<a
href="https://redirect.github.com/getmoto/moto/issues/7354">#7354</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/85617404ef8a4145b7dded16761da960478a93b2"><code>8561740</code></a>
Techdebt: Remove ACM/pytest warnings (<a
href="https://redirect.github.com/getmoto/moto/issues/7350">#7350</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/4b898740e89d87a3fd36d0104d1705301f819cff"><code>4b89874</code></a>
SecretsManager: rotate_secret() now supports the
RotateImmediately-parameter ...</li>
<li><a
href="https://github.com/getmoto/moto/commit/b9d7c20d142f9e98fe33daeee9be9bafda16b576"><code>b9d7c20</code></a>
S3: Adding notification for eventbridge (<a
href="https://redirect.github.com/getmoto/moto/issues/7252">#7252</a>)</li>
<li><a
href="https://github.com/getmoto/moto/commit/59248f31f88a3a8ca2ba9396f8c04c4df03139c8"><code>59248f3</code></a>
Feature: RDS Proxy (<a
href="https://redirect.github.com/getmoto/moto/issues/7329">#7329</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getmoto/moto/compare/4.2.13...5.0.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `pytest` to 8.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pytest-dev/pytest/releases">pytest's
releases</a>.</em></p>
<blockquote>
<h2>8.0.2</h2>
<h1>pytest 8.0.2 (2024-02-24)</h1>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/11895">#11895</a>:
Fix collection on Windows where initial paths contain the short version
of a path (for example <code>c:\PROGRA~1\tests</code>).</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/11953">#11953</a>:
Fix an <code>IndexError</code> crash raising from
<code>getstatementrange_ast</code>.</li>
<li><a
href="https://redirect.github.com/pytest-dev/pytest/issues/12021">#12021</a>:
Reverted a fix to [--maxfail]{.title-ref} handling in pytest 8.0.0
because it caused a regression in pytest-xdist whereby session fixture
teardowns may get executed multiple times when the max-fails is
reached.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pytest-dev/pytest/commit/31afeeb0df0e8bdab1325b5992a2cc733e981e82"><code>31afeeb</code></a>
Prepare release version 8.0.2</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/1b00a2f4fba7859c31dab4f5afdd9e1f07cbdd1e"><code>1b00a2f</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/12025">#12025</a>
from pytest-dev/backport-12022-to-8.0.x</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/ff2f66d84affb0fbcbf841b1897c7599026730bc"><code>ff2f66d</code></a>
[8.0.x] Revert &quot;Fix teardown error reporting when
<code>--maxfail=1</code> (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/11721">#11721</a>)&quot;</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/8a8eed609c3c20da452446e1686df41ebda96d11"><code>8a8eed6</code></a>
[8.0.x] Fix collection of short paths on Windows (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/12024">#12024</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/74346f027c205e5daffe66801094293744e8d85f"><code>74346f0</code></a>
[8.0.x] Allow Sphinx 7.x (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/12005">#12005</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/b7657b4d6b69ee26e00d9a71c4d208506f644462"><code>b7657b4</code></a>
[8.0.x] Disallow Sphinx 6 and 7 (<a
href="https://redirect.github.com/pytest-dev/pytest/issues/12001">#12001</a>)</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/feb7c5e12ee3374b2c7c773614d76811ad21a4f4"><code>feb7c5e</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/11999">#11999</a>
from pytest-dev/backport-11996-to-8.0.x</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/090965574ece50c6be955719ced2a9cf8daaee17"><code>0909655</code></a>
[8.0.x] code: fix <code>IndexError</code> crash in
<code>getstatementrange_ast</code></li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/68524d48586e7f8d070fc1146e5ff90e770d0382"><code>68524d4</code></a>
Merge pull request <a
href="https://redirect.github.com/pytest-dev/pytest/issues/11993">#11993</a>
from pytest-dev/release-8.0.1</li>
<li><a
href="https://github.com/pytest-dev/pytest/commit/d7d320a15a1f8dae909e0aa71f20ab5daeaa42d3"><code>d7d320a</code></a>
Prepare release version 8.0.1</li>
<li>Additional commits viewable in <a
href="https://github.com/pytest-dev/pytest/compare/7.4.0...8.0.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `twine` to 5.0.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's
changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as
<code>cgi</code> has been deprecated
(<code>[#969](pypa/twine#969)
&lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[#931](pypa/twine#931)
&lt;https://github.com/pypa/twine/issues/931&gt;</code><em>,
<code>[#991](pypa/twine#991)
&lt;https://github.com/pypa/twine/issues/991&gt;</code></em>,
<code>[#1028](pypa/twine#1028)
&lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>,
<code>[#1040](pypa/twine#1040)
&lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
<h2>Twine 4.0.2 (2022-11-30)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Remove deprecated function to fix <code>twine check</code> with
pkginfo 1.9.0. (<code>[#941](pypa/twine#941)
&lt;https://github.com/pypa/twine/issues/941&gt;</code>_)</li>
</ul>
<h2>Twine 4.0.1 (2022-06-01)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Improve logging when keyring fails.
(<code>[#890](pypa/twine#890)
&lt;https://github.com/pypa/twine/issues/890&gt;</code>_)</li>
<li>Reconfigure root logger to show all log messages.
(<code>[#896](pypa/twine#896)
&lt;https://github.com/pypa/twine/issues/896&gt;</code>_)</li>
</ul>
<h2>Twine 4.0.0 (2022-03-31)</h2>
<p>Features
^^^^^^^^</p>
<ul>
<li>Drop support for Python 3.6.
(<code>[#869](pypa/twine#869)
&lt;https://github.com/pypa/twine/issues/869&gt;</code>_)</li>
<li>Use Rich to add color to <code>upload</code> output.
(<code>[#851](pypa/twine#851)
&lt;https://github.com/pypa/twine/issues/851&gt;</code>_)</li>
<li>Use Rich to add color to <code>check</code> output.
(<code>[#874](pypa/twine#874)
&lt;https://github.com/pypa/twine/issues/874&gt;</code>_)</li>
<li>Use Rich instead of tqdm for upload progress bar.
(<code>[#877](pypa/twine#877)
&lt;https://github.com/pypa/twine/issues/877&gt;</code>_)</li>
</ul>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Remove Twine's dependencies from the <code>User-Agent</code> header
when uploading. (<code>[#871](pypa/twine#871)
&lt;https://github.com/pypa/twine/issues/871&gt;</code>_)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/twine/commit/94f810c54c8bc9d418a9ed64890ca9fa4ec7b59f"><code>94f810c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1047">#1047</a> from
pypa/new-release</li>
<li><a
href="https://github.com/pypa/twine/commit/09d993ad4de12f3d11ddf25ff4b4db54714f1969"><code>09d993a</code></a>
Update linkcheck_ignore setting for docs</li>
<li><a
href="https://github.com/pypa/twine/commit/ab0ed199154f8ab341d88c313cf4c2e785d770ee"><code>ab0ed19</code></a>
Apply 2024 black format</li>
<li><a
href="https://github.com/pypa/twine/commit/407e6cc0c42eb0dcbc679cb2ffbffcc5dcbc150b"><code>407e6cc</code></a>
Build changelog for 5.0.0</li>
<li><a
href="https://github.com/pypa/twine/commit/6644b862bb4555ddcb375c794ec5161de4a248df"><code>6644b86</code></a>
Add missing changelog entries</li>
<li><a
href="https://github.com/pypa/twine/commit/fe1885f2bf896c1852dedea7733a582c5718bbbc"><code>fe1885f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1034">#1034</a> from
DimitriPapadopoulos/codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/694bdcf84686c2821ca3168fbc75c2fa5c901188"><code>694bdcf</code></a>
Fix typos found by codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/89ec78c6be4b4b1bb22514bcddef8f6014c1ba53"><code>89ec78c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1040">#1040</a> from
woodruffw-forks/ww/pypi-mandatory-api-tokens</li>
<li><a
href="https://github.com/pypa/twine/commit/b3b363aae8cf83bfbdf9228f5e80d9bdb4765053"><code>b3b363a</code></a>
tests: lintage</li>
<li><a
href="https://github.com/pypa/twine/commit/6e94d200e20f700fa2e905dd32afeb367d321b67"><code>6e94d20</code></a>
tests: more non-PyPI tests</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/twine/compare/4.0.0...5.0.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Oliver Mannion <[email protected]>
erikjohnston pushed a commit to element-hq/synapse that referenced this pull request Apr 19, 2024
Bumps [twine](https://github.com/pypa/twine) from 4.0.2 to 5.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's
changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as
<code>cgi</code> has been deprecated
(<code>[#969](pypa/twine#969)
&lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[#931](pypa/twine#931)
&lt;https://github.com/pypa/twine/issues/931&gt;</code><em>,
<code>[#991](pypa/twine#991)
&lt;https://github.com/pypa/twine/issues/991&gt;</code></em>,
<code>[#1028](pypa/twine#1028)
&lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>,
<code>[#1040](pypa/twine#1040)
&lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/twine/commit/94f810c54c8bc9d418a9ed64890ca9fa4ec7b59f"><code>94f810c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1047">#1047</a> from
pypa/new-release</li>
<li><a
href="https://github.com/pypa/twine/commit/09d993ad4de12f3d11ddf25ff4b4db54714f1969"><code>09d993a</code></a>
Update linkcheck_ignore setting for docs</li>
<li><a
href="https://github.com/pypa/twine/commit/ab0ed199154f8ab341d88c313cf4c2e785d770ee"><code>ab0ed19</code></a>
Apply 2024 black format</li>
<li><a
href="https://github.com/pypa/twine/commit/407e6cc0c42eb0dcbc679cb2ffbffcc5dcbc150b"><code>407e6cc</code></a>
Build changelog for 5.0.0</li>
<li><a
href="https://github.com/pypa/twine/commit/6644b862bb4555ddcb375c794ec5161de4a248df"><code>6644b86</code></a>
Add missing changelog entries</li>
<li><a
href="https://github.com/pypa/twine/commit/fe1885f2bf896c1852dedea7733a582c5718bbbc"><code>fe1885f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1034">#1034</a> from
DimitriPapadopoulos/codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/694bdcf84686c2821ca3168fbc75c2fa5c901188"><code>694bdcf</code></a>
Fix typos found by codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/89ec78c6be4b4b1bb22514bcddef8f6014c1ba53"><code>89ec78c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1040">#1040</a> from
woodruffw-forks/ww/pypi-mandatory-api-tokens</li>
<li><a
href="https://github.com/pypa/twine/commit/b3b363aae8cf83bfbdf9228f5e80d9bdb4765053"><code>b3b363a</code></a>
tests: lintage</li>
<li><a
href="https://github.com/pypa/twine/commit/6e94d200e20f700fa2e905dd32afeb367d321b67"><code>6e94d20</code></a>
tests: more non-PyPI tests</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/twine/compare/4.0.2...5.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twine&package-manager=pip&previous-version=4.0.2&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
hughns pushed a commit to hughns/synapse that referenced this pull request Apr 25, 2024
Bumps [twine](https://github.com/pypa/twine) from 4.0.2 to 5.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's
changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as
<code>cgi</code> has been deprecated
(<code>[element-hq#969](pypa/twine#969)
&lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[element-hq#931](pypa/twine#931)
&lt;https://github.com/pypa/twine/issues/931&gt;</code><em>,
<code>[element-hq#991](pypa/twine#991)
&lt;https://github.com/pypa/twine/issues/991&gt;</code></em>,
<code>[element-hq#1028](pypa/twine#1028)
&lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>,
<code>[element-hq#1040](pypa/twine#1040)
&lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/twine/commit/94f810c54c8bc9d418a9ed64890ca9fa4ec7b59f"><code>94f810c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1047">#1047</a> from
pypa/new-release</li>
<li><a
href="https://github.com/pypa/twine/commit/09d993ad4de12f3d11ddf25ff4b4db54714f1969"><code>09d993a</code></a>
Update linkcheck_ignore setting for docs</li>
<li><a
href="https://github.com/pypa/twine/commit/ab0ed199154f8ab341d88c313cf4c2e785d770ee"><code>ab0ed19</code></a>
Apply 2024 black format</li>
<li><a
href="https://github.com/pypa/twine/commit/407e6cc0c42eb0dcbc679cb2ffbffcc5dcbc150b"><code>407e6cc</code></a>
Build changelog for 5.0.0</li>
<li><a
href="https://github.com/pypa/twine/commit/6644b862bb4555ddcb375c794ec5161de4a248df"><code>6644b86</code></a>
Add missing changelog entries</li>
<li><a
href="https://github.com/pypa/twine/commit/fe1885f2bf896c1852dedea7733a582c5718bbbc"><code>fe1885f</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1034">#1034</a> from
DimitriPapadopoulos/codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/694bdcf84686c2821ca3168fbc75c2fa5c901188"><code>694bdcf</code></a>
Fix typos found by codespell</li>
<li><a
href="https://github.com/pypa/twine/commit/89ec78c6be4b4b1bb22514bcddef8f6014c1ba53"><code>89ec78c</code></a>
Merge pull request <a
href="https://redirect.github.com/pypa/twine/issues/1040">#1040</a> from
woodruffw-forks/ww/pypi-mandatory-api-tokens</li>
<li><a
href="https://github.com/pypa/twine/commit/b3b363aae8cf83bfbdf9228f5e80d9bdb4765053"><code>b3b363a</code></a>
tests: lintage</li>
<li><a
href="https://github.com/pypa/twine/commit/6e94d200e20f700fa2e905dd32afeb367d321b67"><code>6e94d20</code></a>
tests: more non-PyPI tests</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/twine/compare/4.0.2...5.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twine&package-manager=pip&previous-version=4.0.2&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mergify bot pushed a commit to aws/jsii that referenced this pull request May 17, 2024
…/packages/jsii-pacmak/lib/targets/python (#4516)

Updates the requirements on [twine](https://github.com/pypa/twine) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.1.0 (2024-05-15)</h2>
<p>Features
^^^^^^^^</p>
<ul>
<li>Add the experimental <code>--attestations</code> flag. (<code>[#1095](pypa/twine#1095) &lt;https://github.com/pypa/twine/issues/1095&gt;</code>_)</li>
</ul>
<h2>Twine 5.1.0 (2024-05-15)</h2>
<p>Misc
^^^^</p>
<ul>
<li><code>[#1104](pypa/twine#1104) &lt;https://github.com/pypa/twine/issues/1104&gt;</code>_</li>
</ul>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as <code>cgi</code> has been deprecated (<code>[#969](pypa/twine#969) &lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[#931](pypa/twine#931) &lt;https://github.com/pypa/twine/issues/931&gt;</code><em>, <code>[#991](pypa/twine#991) &lt;https://github.com/pypa/twine/issues/991&gt;</code></em>, <code>[#1028](pypa/twine#1028) &lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>, <code>[#1040](pypa/twine#1040) &lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
<h2>Twine 4.0.2 (2022-11-30)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Remove deprecated function to fix <code>twine check</code> with pkginfo 1.9.0. (<code>[#941](pypa/twine#941) &lt;https://github.com/pypa/twine/issues/941&gt;</code>_)</li>
</ul>
<h2>Twine 4.0.1 (2022-06-01)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Improve logging when keyring fails. (<code>[#890](pypa/twine#890) &lt;https://github.com/pypa/twine/issues/890&gt;</code>_)</li>
<li>Reconfigure root logger to show all log messages. (<code>[#896](pypa/twine#896) &lt;https://github.com/pypa/twine/issues/896&gt;</code>_)</li>
</ul>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/twine/commit/e9f70cff51d5b355305680b8501bdb17c2de015e"><code>e9f70cf</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1108">#1108</a> from pypa/fix-release-workflow</li>
<li><a href="https://github.com/pypa/twine/commit/1908be7034789d3fd97eaa4c904a89b214f49ded"><code>1908be7</code></a> Fix release workflow</li>
<li><a href="https://github.com/pypa/twine/commit/6d7ffea75bd8713c749041ea5415f0496c9dd9b6"><code>6d7ffea</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1107">#1107</a> from woodruffw-forks/release-5.1.0</li>
<li><a href="https://github.com/pypa/twine/commit/bc91e5719c136acaf5b2fe0c1679ce1ba8d40963"><code>bc91e57</code></a> Update changelog for 5.1.0</li>
<li><a href="https://github.com/pypa/twine/commit/de39ade426cc8b4b0b2261ca8dd1617fdf9764d2"><code>de39ade</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1085">#1085</a> from pypa/feature/pep-621</li>
<li><a href="https://github.com/pypa/twine/commit/75de094adbf6765429254cc73775288a971d8321"><code>75de094</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1104">#1104</a> from ascheel/main</li>
<li><a href="https://github.com/pypa/twine/commit/c512bbf166ac38239e58545a39155285f8747a7b"><code>c512bbf</code></a> Properly handle repository URLs with auth in them</li>
<li><a href="https://github.com/pypa/twine/commit/e0ed8088fc872f449376d6d8e4fbf1b71b1a504f"><code>e0ed808</code></a> Changelog entry</li>
<li><a href="https://github.com/pypa/twine/commit/72ee030a0783959419962b9c4ff5c9fe16e5c507"><code>72ee030</code></a> Change regex string to a raw string.</li>
<li><a href="https://github.com/pypa/twine/commit/04d7e2713466a06df6445fb0b01c3b9c79879ec7"><code>04d7e27</code></a> Sanitize URLs for logging/display purposes.</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/twine/compare/5.0.0...5.1.0">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
mergify bot pushed a commit to aws/jsii that referenced this pull request Jun 27, 2024
…/packages/jsii-pacmak/lib/targets/python (#4558)

Updates the requirements on [twine](https://github.com/pypa/twine) to permit the latest version.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's changelog</a>.</em></p>
<blockquote>
<h2>Twine 5.1.1 (2024-06-26)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>
<p>Resolve DeprecationWarnings when extracting <code>twine</code> metadata. (<code>[#1115](pypa/twine#1115) &lt;https://github.com/pypa/twine/issues/1115&gt;</code>_)</p>
</li>
<li>
<p>Fix bug for Repository URLs with auth where the port was lost. When attempting
to prevent printing authentication credentials in URLs provided with username
and password, we did not properly handle the case where the URL also contains
a port (when reconstructing the URL). This is now handled and tested to
ensure no regressions. (<code>#fix-repo-urls-with-auth-and-port &lt;https://github.com/pypa/twine/issues/fix-repo-urls-with-auth-and-port&gt;</code>_)</p>
</li>
</ul>
<h2>Twine 5.1.0 (2024-05-15)</h2>
<p>Features
^^^^^^^^</p>
<ul>
<li>Add the experimental <code>--attestations</code> flag. (<code>[#1095](pypa/twine#1095) &lt;https://github.com/pypa/twine/issues/1095&gt;</code>_)</li>
</ul>
<h2>Twine 5.1.0 (2024-05-15)</h2>
<p>Misc
^^^^</p>
<ul>
<li><code>[#1104](pypa/twine#1104) &lt;https://github.com/pypa/twine/issues/1104&gt;</code>_</li>
</ul>
<h2>Twine 5.0.0 (2024-02-10)</h2>
<p>Bugfixes
^^^^^^^^</p>
<ul>
<li>Use <code>email.message</code> instead of <code>cgi</code> as <code>cgi</code> has been deprecated (<code>[#969](pypa/twine#969) &lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li>
</ul>
<p>Misc
^^^^</p>
<ul>
<li><code>[#931](pypa/twine#931) &lt;https://github.com/pypa/twine/issues/931&gt;</code><em>, <code>[#991](pypa/twine#991) &lt;https://github.com/pypa/twine/issues/991&gt;</code></em>, <code>[#1028](pypa/twine#1028) &lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>, <code>[#1040](pypa/twine#1040) &lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li>
</ul>
<h2>Twine 4.0.2 (2022-11-30)</h2>

</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/twine/commit/e29791dcbcd4d39ffc5c4ce2e38e3884005bd368"><code>e29791d</code></a> Prepare for v5.1.1 (<a href="https://redirect.github.com/pypa/twine/issues/1114">#1114</a>)</li>
<li><a href="https://github.com/pypa/twine/commit/f213ede904ec8553c82e75d6125efd1972fe8b00"><code>f213ede</code></a> fix: Retrieve metadata correctly from importlib_metadata (<a href="https://redirect.github.com/pypa/twine/issues/1115">#1115</a>)</li>
<li><a href="https://github.com/pypa/twine/commit/6fbf880ee60915cf1666348c4bdd78a10415f2ac"><code>6fbf880</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1112">#1112</a> from pypa/bug/1111</li>
<li><a href="https://github.com/pypa/twine/commit/3eb9121c6d6cdb0b0d2c0e55c89319cbceda038a"><code>3eb9121</code></a> Remove extra line from changelog entry</li>
<li><a href="https://github.com/pypa/twine/commit/0191f0c9d9cae285df4c700dece7efc7c7de1551"><code>0191f0c</code></a> Preserve ports when munging repository URLs</li>
<li><a href="https://github.com/pypa/twine/commit/c5887932a552c859376a53fb4dbe39f2ab17ba20"><code>c588793</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1110">#1110</a> from DimitriPapadopoulos/principle</li>
<li><a href="https://github.com/pypa/twine/commit/1fdc197636fa1d354d5e4113121698e08824d3a0"><code>1fdc197</code></a> Fix a couple typos</li>
<li><a href="https://github.com/pypa/twine/commit/13b07b67fdc7b6de589640655045687953edab24"><code>13b07b6</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1109">#1109</a> from pypa/dependabot/github_actions/actions/checkout...</li>
<li><a href="https://github.com/pypa/twine/commit/a3e837326aa9691c89ebefecb1449977d33f89e4"><code>a3e8373</code></a> build(deps): bump actions/checkout from 4.1.5 to 4.1.6</li>
<li><a href="https://github.com/pypa/twine/commit/e9f70cff51d5b355305680b8501bdb17c2de015e"><code>e9f70cf</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1108">#1108</a> from pypa/fix-release-workflow</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/twine/compare/5.0.0...v5.1.1">compare view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
woodruffw added a commit to woodruffw-forks/twine that referenced this pull request Jul 9, 2024
sigmavirus24 added a commit that referenced this pull request Jul 10, 2024
@190488

This comment was marked as spam.

@190488

This comment was marked as spam.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants