chore(deps): update python packages

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
bandit (source, changelog)	1.9.3 → 1.9.4
mypy (changelog)	1.19.1 → 1.20.2
ni-python-styleguide (changelog)	0.4.8 → 0.5.0
pyright	1.1.408 → 1.1.409
pytest-cov (changelog)	7.0.0 → 7.1.0
sphinx-autoapi	3.6.1 → 3.8.0
tox (changelog)	4.34.1 → 4.55.0

---

Release Notes

PyCQA/bandit (bandit)

v1.9.4

Compare Source

What's Changed

• chore: fixed some typos in comments by @​jakob1379 in #​1351
• Bump docker/login-action from 3.6.0 to 3.7.0 by @​dependabot[bot] in #​1353
• Bump docker/build-push-action from 6.18.0 to 6.19.2 by @​dependabot[bot] in #​1357
• Fix B613 crash when reading from stdin by @​worksbyfriday in #​1361
• Include filename in nosec 'no failed test' warning by @​worksbyfriday in #​1363
• Fix B615 false positive when revision is set via variable by @​worksbyfriday in #​1358
• Lower version guard in check_ast_node to Python 3.12 by @​rcgray in #​1355
• Fix B106 reporting wrong line number on multiline function calls by @​worksbyfriday in #​1360

New Contributors

• @​jakob1379 made their first contribution in #​1351
• @​worksbyfriday made their first contribution in #​1361
• @​rcgray made their first contribution in #​1355

Full Changelog: PyCQA/bandit@1.9.3...1.9.4

python/mypy (mypy)

v1.20.2

Compare Source

v1.20.1

Compare Source

• Always disable sync in SQLite cache (Ivan Levkivskyi, PR 21184)
• Temporarily skip few base64 tests (Ivan Levkivskyi, PR 21193)
• Revert dict.__or__ typeshed change (Ivan Levkivskyi, PR 21186)
• Fix narrowing for match case with variadic tuples (Shantanu, PR 21192)
• Avoid narrowing type[T] in type calls (Shantanu, PR 21174)
• Fix regression for catching empty tuple in except (Shantanu, PR 21153)
• Fix reachability for frozenset and dict view narrowing (Shantanu, PR 21151)
• Fix narrowing with chained comparison (Shantanu, PR 21150)
• Avoid narrowing to unreachable at module level (Shantanu, PR 21144)
• Allow dangerous identity comparisons to Any typed variables (Shantanu, PR 21142)
• --warn-unused-config should not be a strict flag (Ivan Levkivskyi, PR 21139)

v1.20.0

Compare Source

ni/python-styleguide (ni-python-styleguide)

v0.5.0: - Adopt flake8-tidy-imports

Compare Source

Added

• Add vim/neovim integration instructions to README (#​205)
• Add VSCode integration instructions to README (#​222)
• Adopt flake8-tidy-imports to enforce O.1.5 (#​223)
• Add fallbacks to _get_application_import_names (#​234)
• Make format command (#​221)

Changed

• Drop Python 3.7 support (#​218)
• Drop Python 3.8 support (#​235)

Fixed

• Fix formatting files with unicode (#​242)
• Fix acknowledge when run on multiple files (#​244)

Details

What's Changed

• README: Add vim/neovim integration instructions by @​mbr0wn in #​205
• poetry-lock-update - skip PR if no changes by @​mshafer-NI in #​213
• Update poetry lock file and poetry and python versions in pipelines by @​mshafer-NI in #​216
• Drop Python 3.7 support by @​mshafer-NI in #​218
• make format command by @​mshafer-NI in #​221
• Dev/update_readme by @​mshafer-NI in #​222
• adopt flake8-tidy-imports to enforce O.1.5 by @​mshafer-NI in #​223
• pin to 0.18 because 0.19 is broken by @​mshafer-NI in #​225
• update publishing flow to use ni/python-actions by @​mshafer-NI in #​227
• Update _get_application_import_names to have fall-backs by @​mjohanse-emr in #​234
• github: Upgrade from ubuntu-20.04 to ubuntu-latest by @​bkeryan in #​238
• Configure Renovate by @​renovate[bot] in #​239
• Add self to code owners by @​mshafer-NI in #​243
• Fix formatting files with unicode by @​mshafer-NI in #​242
• Fix acknowledge when run on multiple files by @​mshafer-NI in #​244
• adopt ni/python-actions for PR builds by @​mshafer-NI in #​235
• pyproject.toml: Update dev-dependency syntax and build system by @​bkeryan in #​249
• add a pip install and lint to the PR build to validate install time deps without the lock by @​mshafer-NI in #​182
• add bkeryan as another alt by @​mshafer-NI in #​261
• disable upgrading flake8-import-order by @​mshafer-NI in #​260
• mark flake8-spellcheck as a rejected plugin by @​mshafer-NI in #​272
• fix: Work around "No module named 'pkg_resources'" by pinning setuptools to <82 by @​bkeryan in #​275
• Delete .github/workflows/Update-Poetry-Lock.yml by @​mshafer-NI in #​278
• Add changelog by @​mshafer-NI in #​287
• Also prevent setuptools from getting upgraded by @​mshafer-NI in #​289
• github: Fix outdated aspects of Comment-on-PR.yml and Notify-Convention-Change.yml by @​bkeryan in #​291
• Update CHANGELOG to reflect that support for Python 3.8 is also removed in the upcoming release by @​mshafer-NI in #​294
• Bring black pin forward from 0.4.x by @​mshafer-NI in #​295

New Contributors

• @​mjohanse-emr made their first contribution in #​234
• @​renovate[bot] made their first contribution in #​239

Full Changelog: ni/python-styleguide@v0.4.9...v0.5.0

v0.4.9

Compare Source

Fixed

• Work around "No module named 'pkg_resources'" by pinning setuptools to <82 (#​275)

RobertCraigie/pyright-python (pyright)

v1.1.409

Compare Source

pytest-dev/pytest-cov (pytest-cov)

v7.1.0

Compare Source

• Fixed total coverage computation to always be consistent, regardless of reporting settings.
  Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on
  reporting options.
  See #&#8203;641 <https://github.com/pytest-dev/pytest-cov/issues/641>_.

• Improve handling of ResourceWarning from sqlite3.

  The plugin adds warning filter for sqlite3 ResourceWarning unclosed database (since 6.2.0).
  It checks if there is already existing plugin for this message by comparing filter regular expression.
  When filter is specified on command line the message is escaped and does not match an expected message.
  A check for an escaped regular expression is added to handle this case.

  With this fix one can suppress ResourceWarning from sqlite3 from command line::

  pytest -W "ignore:unclosed database in <sqlite3.Connection object at:ResourceWarning" ...

• Various improvements to documentation.
  Contributed by Art Pelling in #&#8203;718 <https://github.com/pytest-dev/pytest-cov/pull/718>_ and
  "vivodi" in #&#8203;738 <https://github.com/pytest-dev/pytest-cov/pull/738>.
  Also closed #&#8203;736 <https://github.com/pytest-dev/pytest-cov/issues/736>.

• Fixed some assertions in tests.
  Contributed by in Markéta Machová in #&#8203;722 <https://github.com/pytest-dev/pytest-cov/pull/722>_.

• Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).

readthedocs/sphinx-autoapi (sphinx-autoapi)

v3.8.0

Compare Source

Features
^^^^^^^^

• Autodoc-style directives can access members excluded by autoapi_options

Misc
^^^^

• #​553

v3.7.0

Compare Source

Features
^^^^^^^^

• Added autoapi.import warning for when AutoAPI directives are given non-existent objects
• Adding autoapi_follow_symlinks, which allows api to traverse into symlinked directories when generating the API documentation.
• Drop support for Python 3.9 and officially support Python 3.14
• Support rendering PEP-695 type parameters

Bugfixes
^^^^^^^^

• Render typing_extensions.TypeAlias like other type aliases (#​520)
• Fix PythonFunction.overloads typing when source code overload(s) do not provide a return type (#​523)

Misc
^^^^

• Fix deprecation warnings raised by astroid and sphinx
• Handling case where match returns None to fix mypy unit test.

tox-dev/tox (tox)

v4.55.0

Compare Source

What's Changed

• 👷 ci(schemastore): sync fork before pushing branch by @​gaborbernat in #​3942
• feat: Also pass TERMINFO when in an interactive shell by @​edgarrmondragon in #​3946
• 🐛 fix(pip): skip constrain_package_deps when constraints is set by @​gaborbernat in #​3948

Full Changelog: tox-dev/tox@4.54.0...4.55.0

v4.54.0

Compare Source

What's Changed

• 🧪 test(conftest): strip broken nspkg.pth files under py3.15 by @​gaborbernat in #​3937
• ✨ feat(packaging): declare tox.pytest deps via a testing extra by @​gaborbernat in #​3940
• 🐛 fix(schema): cover every replace form in the TOML schema by @​gaborbernat in #​3941

Full Changelog: tox-dev/tox@4.53.1...4.54.0

v4.53.1

Compare Source

What's Changed

• 🐛 fix(security): harden user-facing logs and untrusted inputs by @​gaborbernat in #​3924
• 🐛 fix(type): correct argparse override signatures for ty 0.0.33 by @​gaborbernat in #​3932
• fix: allow deps arrays in TOML schema by @​cyphercodes in #​3931

New Contributors

• @​cyphercodes made their first contribution in #​3931

Full Changelog: tox-dev/tox@4.53.0...4.53.1

v4.53.0

Compare Source

What's Changed

• ✨ feat(toml): allow bare range/labeled dicts in env_list by @​gaborbernat in #​3923

Full Changelog: tox-dev/tox@4.52.1...4.53.0

v4.52.1

Compare Source

What's Changed

• use normalize_isa for architecture factor matching by @​rahuldevikar in #​3919
• 🐛 fix(pip): invalidate install cache on resolution env var changes by @​gaborbernat in #​3921

Full Changelog: tox-dev/tox@4.52.0...4.52.1

v4.52.0

Compare Source

What's Changed

• remove unsupported --remote flag from gh repo fork by @​rahuldevikar in #​3908
• ✨ feat(config): support escaped dots in -x override keys by @​gaborbernat in #​3910
• 🐛 fix(docs): auto-generate manpage from CLI parser by @​gaborbernat in #​3911
• ✨ feat(runner): add PEP 723 inline script metadata support by @​gaborbernat in #​3912

Full Changelog: tox-dev/tox@4.51.0...4.52.0

v4.51.0

Compare Source

What's Changed

• 🔒 ci(workflows): add zizmor security auditing by @​gaborbernat in #​3896
• Add base_python_file config option by @​rahuldevikar in #​3899
• prevent machine ISA from overriding explicit env factors by @​rahuldevikar in #​3904
• 🐛 fix(config): fix handling of env_list in nested contexts by @​Daverball in #​3905
• fix: enable persist-credentials for release workflow by @​rahuldevikar in #​3907

New Contributors

• @​Daverball made their first contribution in #​3905

Full Changelog: tox-dev/tox@4.50.3...4.51.0

v4.50.3

Compare Source

What's Changed

• 🐛 fix(pkg): distinguish free-threaded Python in wheel build env by @​gaborbernat in #​3891

Full Changelog: tox-dev/tox@4.50.2...4.50.3

v4.50.2

Compare Source

What's Changed

• fix(sdist): include docs/man/tox.1.rst by @​branchv in #​3890

New Contributors

• @​branchv made their first contribution in #​3890

Full Changelog: tox-dev/tox@4.50.1...4.50.2

v4.50.1

Compare Source

What's Changed

• 🐛 fix(env): suggest normalized env name for dotted Python versions by @​gaborbernat in #​3888

Full Changelog: tox-dev/tox@4.50.0...4.50.1

v4.50.0

Compare Source

What's Changed

• document {env:TOX_PACKAGE} for referencing built packages in commands by @​rahuldevikar in #​3873
• 🧪 test(docs): validate doc config examples to prevent regressions by @​gaborbernat in #​3875
• ✨ feat(run): add interrupt_post_commands for cleanup after Ctrl-C by @​gaborbernat in #​3882
• ✨ feat(config): support subscript syntax and env_name in conditionals by @​gaborbernat in #​3884

Full Changelog: tox-dev/tox@4.49.1...4.50.0

v4.49.1

Compare Source

What's Changed

• Update maintainers by @​rahuldevikar in #​3868
• 🐛 fix(run): break deadlock in execution interrupt chain by @​gaborbernat in #​3869

Full Changelog: tox-dev/tox@4.49.0...4.49.1

v4.49.0

Compare Source

What's Changed

• ✨ feat(config): add {factor:label} substitution for TOML by @​gaborbernat in #​3865
• 🐛 fix(legacy): initialize config_format and output_file for --showconfig by @​rares985 in #​3867

New Contributors

• @​rares985 made their first contribution in #​3867

Full Changelog: tox-dev/tox@4.48.1...4.49.0

v4.48.1

Compare Source

What's Changed

• Replace archived 31z4/tox Docker image with build-your-own guide by @​rahuldevikar in #​3864
• 🐛 fix(toml): extract args from Command in ref replacement by @​gaborbernat in #​3863

Full Changelog: tox-dev/tox@4.48.0...4.48.1

v4.48.0

Compare Source

What's Changed

• Add fail_fast to config reference docs by @​rahuldevikar in #​3853
• ✨ feat(config): add --format json/toml and -o to config command by @​gaborbernat in #​3857

Full Changelog: tox-dev/tox@4.47.3...4.48.0

v4.47.3

Compare Source

What's Changed

• Fix SchemaStore workflow creating empty PRs by @​gaborbernat in #​3848
• Add .mailmap to consolidate author identities by @​yarikoptic in #​3849
• 🐛 fix(config): honor ignore_base_python_conflict for factor conflicts by @​gaborbernat in #​3851

Full Changelog: tox-dev/tox@4.47.2...4.47.3

v4.47.2

Compare Source

What's Changed

• fix: handle OSError in pos_args path existence check by @​yarikoptic in #​3847

New Contributors

• @​yarikoptic made their first contribution in #​3847

Full Changelog: tox-dev/tox@4.47.1...4.47.2

v4.47.1

Compare Source

What's Changed

• 🐛 fix(config): resolve base_python from new-style version factors by @​gaborbernat in #​3846

Full Changelog: tox-dev/tox@4.47.0...4.47.1

v4.47.0

Compare Source

What's Changed

• Move SECURITY.md to .github/SECURITY.md by @​gaborbernat in #​3835
• Standardize .github files to .yaml suffix by @​gaborbernat in #​3836
• 🐛 fix(ci): resolve ty type-check failures by @​gaborbernat in #​3837
• ✨ feat(config): show clean errors for type mismatches by @​gaborbernat in #​3838
• 🧪 test(config): assert full error messages for all config fields by @​gaborbernat in #​3840
• 🐛 fix(exec): pass stdin through to executed command by @​gaborbernat in #​3842
• 🐛 fix(config): accept string for base_python in TOML by @​gaborbernat in #​3843

Full Changelog: tox-dev/tox@4.46.3...4.47.0

v4.46.3

Compare Source

What's Changed

• 👷 ci(schemastore): branch from upstream master by @​gaborbernat in #​3828
• Fix outdated min version of virtualenv by @​kajinamit in #​3829

New Contributors

• @​kajinamit made their first contribution in #​3829

Full Changelog: tox-dev/tox@4.46.2...4.46.3

v4.46.2

Compare Source

What's Changed

• 👷 ci(schemastore): fix PR creation for fork by @​gaborbernat in #​3827

Full Changelog: tox-dev/tox@4.46.1...4.46.2

v4.46.1

Compare Source

What's Changed

• 🐛 fix(config): allow glob patterns in ini depends by @​gaborbernat in #​3825
• 👷 ci(schemastore): fix git push auth in update workflow by @​gaborbernat in #​3826
• 🐛 fix(schema): add additionalProperties to partial-tox.json by @​gaborbernat in #​3824

Full Changelog: tox-dev/tox@4.46.0...4.46.1

v4.46.0

Compare Source

What's Changed

• Add architecture (ISA) awareness to Python discovery by @​rahuldevikar in #​3815
• ✨ feat(config): add env_base templates for TOML by @​gaborbernat in #​3817
• 🐛 fix(deps): drop chardet for req file decoding by @​gaborbernat in #​3820
• 🐛 fix(cli): allow --help with invalid config by @​gaborbernat in #​3821

Full Changelog: tox-dev/tox@4.45.0...4.46.0

v4.45.0

Compare Source

What's Changed

• Fix user guide link in README.md by @​cpburnz in #​3805
• 🐛 fix(type): resolve ty 0.0.17 compatibility by @​gaborbernat in #​3807
• 📝 docs: add redirects for old URLs (#​3806) by @​gaborbernat in #​3808
• Bump dependency requirements by @​gaborbernat in #​3812
• fix: cross-section substitution resolves to empty when no factors match by @​worksbyfriday in #​3810
• ✨ feat(schema): enhance schema command with IDE integration by @​gaborbernat in #​3813
• 🐛 fix(env): break circular dependency in environment_variables resolution by @​gaborbernat in #​3816

New Contributors

• @​cpburnz made their first contribution in #​3805

Full Changelog: tox-dev/tox@4.44.0...4.45.0

v4.44.0

Compare Source

What's Changed

• 🐛 fix(config): keep unfactored continuation lines after filtered factors (#​3802) by @​gaborbernat in #​3804
• ✨ feat(config): add PEP 751 pylock.toml support by @​gaborbernat in #​3803

Full Changelog: tox-dev/tox@4.43.0...4.44.0

v4.43.0

Compare Source

What's Changed

• 📝 docs(infra): integrate sphinxcontrib-towncrier by @​gaborbernat in #​3798
• ✨ feat(toml): add generative env_list via product dict by @​gaborbernat in #​3797
• 🐛 fix(config): restore factor conditional continuations by @​gaborbernat in #​3799
• 🐛 fix(pip): pass config_settings to pip for sdist install by @​gaborbernat in #​3800

Full Changelog: tox-dev/tox@4.42.0...4.43.0

v4.42.0

Compare Source

What's Changed

• 🐛 fix(interrupt): suppress BrokenPipeError during teardown by @​gaborbernat in #​3778
• ✨ feat(cli): add --no-capture flag for interactive programs by @​gaborbernat in #​3777
• ✨ feat(config): add platform-dependent factor support by @​gaborbernat in #​3779
• ✨ feat(env): gracefully skip environments with unavailable runners by @​gaborbernat in #​3781
• 🐛 fix(env): restore compound factor conditionals by @​gaborbernat in #​3782
• ✨ feat(config): add default_base_python config key by @​gaborbernat in #​3783
• ✨ feat(config): add env_site_packages_dir_plat substitution by @​gaborbernat in #​3784
• 🐛 fix(parallel): show --list-dependencies output by @​gaborbernat in #​3786
• ✨ feat(config): add open-ended generative ranges by @​gaborbernat in #​3788
• 🐛 fix(config): collapse continuation lines before factor filtering by @​gaborbernat in #​3787
• ✨ feat(pkg): cache external packaging env build across envs by @​gaborbernat in #​3790
• ✨ feat(changelog): add granular towncrier categories by @​gaborbernat in #​3785
• ✨ feat(cli): accept plugin CLI options during provisioning by @​gaborbernat in #​3791
• ✨ feat(env): add recreate_commands config key by @​gaborbernat in #​3793
• 📝 docs(faq): document Debian python3-venv limitation by @​gaborbernat in #​3789
• ✨ feat(config): warn on unused config keys with -v by @​gaborbernat in #​3795
• ✨ feat(cli): add --skip-env-install flag for offline env reuse by @​gaborbernat in #​3792
• ✨ feat(env): add virtualenv_spec for per-env version pinning by @​gaborbernat in #​3794

Full Changelog: tox-dev/tox@4.41.0...4.42.0

v4.41.0

Compare Source

What's Changed

• Prefer TOML-native config over legacy_tox_ini in pyproject.toml by @​rahuldevikar in #​3776
• ✨ feat(config): add package = "deps-only" mode by @​gaborbernat in #​3774

Full Changelog: tox-dev/tox@4.40.0...4.41.0

v4.40.0

Compare Source

What's Changed

• Use positive exit code for multi-env failures by @​rahuldevikar in #​3768
• ✨ feat(config): add {glob:PATTERN} substitution by @​gaborbernat in #​3769
• Add package=sdist-wheel package type by @​rahuldevikar in #​3741
• ✨ feat(config): add conditional replace for TOML by @​gaborbernat in #​3771
• Create .gitignore in work_dir and info file directories by @​rahuldevikar in #​3770
• ✨ feat(run): add commands_retry config option by @​gaborbernat in #​3772
• 🐛 fix(config): set_env override lost after load by @​gaborbernat in #​3775

Full Changelog: tox-dev/tox@4.39.0...4.40.0

v4.39.0

Compare Source

What's Changed

• 🐛 fix(ci): suppress Pygments DeprecationWarning on Python 3.15 by @​gaborbernat in #​3733
• 🐛 fix(deps): apply --force-dep to package metadata dependencies by @​gaborbernat in #​3734
• fix(ci): drop module scope from commonprefix warning filter by @​gaborbernat in #​3735
• 🐛 fix(config): resolve overrides with alias config keys by @​gaborbernat in #​3736
• 🐛 fix(config): set_env cross-section substitution loses values by @​gaborbernat in #​3737
• 🐛 fix(legacy): --parallel-no-spinner no longer suppresses output by @​gaborbernat in #​3738
• 🐛 fix(config): set_env cross-section substitution precedence by @​gaborbernat in #​3739
• 🐛 fix(config): set_env file| no longer overrides later values by @​gaborbernat in #​3740
• 🐛 fix(config): setup.cfg without [tox:tox] no longer blocks discovery by @​gaborbernat in #​3742
• 🐛 fix(env): posargs with colon no longer crash inactive envs by @​gaborbernat in #​3744
• 🐛 fix(provision): skip requires with false environment markers by @​gaborbernat in #​3745
• 🐛 fix(config): env variable substitution in package envs by @​gaborbernat in #​3746
• 🐛 fix(config): set_env substitution honors skip_missing_interpreters by @​gaborbernat in #​3747
• 🐛 fix(config): resolve cross-section refs in caller context by @​gaborbernat in #​3748
• 🐛 fix(config): break changedir/posargs circular dependency by @​gaborbernat in #​3749
• 🐛 fix(cli): support brace expansion in -e flag by @​gaborbernat in #​3750
• 🐛 fix(config): factor filter fallback to default value by @​gaborbernat in #​3751
• 🐛 fix(env): preserve shared pkg env on recreate by @​gaborbernat in #​3752
• 🐛 fix(env): reject partial testenv section matches by @​gaborbernat in #​3753
• 🐛 fix(config): support base inherit in TOML format by @​gaborbernat in #​3754
• 🐛 fix(cli): make multiple -e flags additive by @​gaborbernat in #​3755
• 🐛 fix(provision): serialize concurrent provisioning by @​gaborbernat in #​3756
• 📝 docs: document interactive terminal programs limitation by @​gaborbernat in #​3757
• 🐛 fix(config): defer TOML set_env string substitution by @​gaborbernat in #​3759
• 🐛 fix(config): handle cross-drive posargs on Windows by @​gaborbernat in #​3760
• 🐛 fix(plugin): skip toxfile.py with unknown hooks by @​gaborbernat in #​3762
• 🐛 fix(config): skip non-tox sections in env discovery by @​gaborbernat in #​3761
• 🐛 fix(config): treat backslash-space as path separator on Windows by @​gaborbernat in #​3764
• 🐛 fix(config): preserve colors in provisioned tox on Windows by @​gaborbernat in #​3765
• create a cachedir.tag file in the tox work directory by @​rahuldevikar in #​3763
• 🐛 fix(execute): render ANSI colors from subprocesses on Windows by @​gaborbernat in #​3766
• 🧪 test(config): verify unicode support in config files by @​gaborbernat in #​3767

Full Changelog: tox-dev/tox@4.38.0...4.39.0

v4.38.0

Compare Source

What's Changed

• 🐛 fix(test): resolve Windows CI flake in provision integration tests by @​gaborbernat in #​3732
• Scope deps rejection to pure PEP-517 build types by @​rahuldevikar in #​3730

Full Changelog: tox-dev/tox@4.37.0...4.38.0

v4.37.0

Compare Source

What's Changed

• ✨ feat(config): add extra_setup_commands for --notest phase by @​gaborbernat in #​3716
• 🐛 fix(release): format changelog with pre-commit before committing by @​gaborbernat in #​3717
• 📝 docs: restructure documentation using Diátaxis framework by @​gaborbernat in #​3718
• 🐛 fix(pip): set PIP_USER=0 to prevent --user installs in virtualenvs by @​gaborbernat in #​3719
• 🐛 fix(config): prevent env_run_base deps from being clobbered by @​gaborbernat in [#​3721](https://redir

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone US/Central)

• Branch creation
  • Only on Sunday (* * * * 0)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pyproject.toml

Artifact update for pyright resolved to version 1.1.410, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 1.1.409
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

File name: pyproject.toml

Artifact update for tox resolved to version 4.55.1, which is a pending version that has not yet passed the Minimum Release Age threshold.
Renovate was attempting to update to 4.55.0
This is (likely) not a bug in Renovate, but due to the way your project pins dependencies, _and_ how Renovate calls your package manager to update them.
Until Renovate supports specifying an exact update to your package manager (https://github.com/renovatebot/renovate/issues/41624), it is recommended to directly pin your dependencies (with `rangeStrategy=pin` for apps, or `rangeStrategy=widen` for libraries)
See also: https://docs.renovatebot.com/dependency-pinning/

[github-actions]

Test Results

0 files   -    24  0 suites   - 24   0s ⏱️ -52s
0 tests  -   408  0 ✅  -   407  0 💤  -  1  0 ❌ ±0 
0 runs   - 9 792  0 ✅  - 9 768  0 💤  - 24  0 ❌ ±0 

Results for commit 03848f5. ± Comparison against base commit 53a77d6.

♻️ This comment has been updated with latest results.