Bump the general group with 4 updates

[dependabot]

Bumps the general group with 4 updates: packaging, prompt-toolkit, pyinstaller and pyinstaller-hooks-contrib.

Updates packaging from 24.0 to 24.1

Release notes

Sourced from packaging's releases.

24.1

What's Changed

• pyupgrade/black/isort/flake8 → ruff by @​DimitriPapadopoulos in pypa/packaging#769
• Add support for Python 3.13 and drop EOL 3.7 by @​hugovk in pypa/packaging#783
• Bump the github-actions group with 4 updates by @​dependabot in pypa/packaging#782
• Fix typo in _parser docstring by @​pradyunsg in pypa/packaging#784
• Modernise type annotations using FA rules from ruff by @​pradyunsg in pypa/packaging#785
• Document markers.default_environment() by @​edgarrmondragon in pypa/packaging#753
• Bump the github-actions group with 3 updates by @​dependabot in pypa/packaging#789
• Work around platform.python_version() returning non PEP 440 compliant version for non-tagged CPython builds by @​sbidoul in pypa/packaging#802

New Contributors

• @​dependabot made their first contribution in pypa/packaging#782
• @​edgarrmondragon made their first contribution in pypa/packaging#753

Full Changelog: pypa/packaging@24.0...24.1

Changelog

Sourced from packaging's changelog.

24.1 - 2024-06-10

No unreleased changes.

Commits

• 85442b8 Bump for release
• 3e67fc7 Work around platform.python_version() returning non PEP 440 compliant versi...
• 32deafe Bump the github-actions group with 3 updates (#789)
• e0dda88 Document markers.default_environment() (#753)
• cc938f9 Modernise type annotations using FA rules from ruff (#785)
• 757f559 Fix typo in _parser docstring (#784)
• ec9f203 Bump the github-actions group with 4 updates (#782)
• 5cbe1e4 Add support for Python 3.13 and drop EOL 3.7 (#783)
• cb8fd38 pyupgrade/black/isort/flake8 → ruff (#769)
• e8002b1 Bump for development
• See full diff in compare view

Updates prompt-toolkit from 3.0.46 to 3.0.47

Release notes

Sourced from prompt-toolkit's releases.

3.0.47

New features:

• Allow passing exception classes for KeyboardInterrupt and EOFError in PromptSession.

Fixes:

• Compute padding parameters for Box widget lazily.

Changelog

Sourced from prompt-toolkit's changelog.

3.0.47: 2024-06-10

New features:

• Allow passing exception classes for KeyboardInterrupt and EOFError in PromptSession.

Fixes:

• Compute padding parameters for Box widget lazily.

Commits

• 6695411 Release 3.0.47
• 67e644b Small simplification in Screen code.
• 8889675 fix(Examples): address a typo in one of the examples
• 15f3aec Allow passing exception classes for KeyboardInterrupt and EOFError in PromptS...
• a04c37d Compute padding parameters for Box widget lazily.
• See full diff in compare view

Updates pyinstaller from 6.7.0 to 6.8.0

Release notes

Sourced from pyinstaller's releases.

v6.8.0

Please see the v6.8.0 section of the changelog for a list of the changes since v6.7.0.

Changelog

Sourced from pyinstaller's changelog.

6.8.0 (2024-06-08)

Bugfix

* (macOS) When running ``codesign`` utility on macOS, use hard-coded absolute
  path (``/usr/bin/codesign``) to avoid errors when user has the ``codesign``
  from `sigtool <https://github.com/thefloweringash/sigtool>`_ in their
  ``PATH``. (:issue:`8581`)
* (Windows) When setting up DLL search paths for binary dependency analysis,
  consider the directory where python executable is located (i.e.,
  ``os.path.dirname(sys._base_executable)``) in addition to directory pointed to
  by ``sys.base_prefix``, in case the two differ. This fixes discovery of
  ``python3.dll`` when using python that was locally built from source (i.e.,
  using ``PCbuild\build.bat`` script that comes with python's source code).
  (:issue:`8569`)
Incompatible Changes

• Attempting to do a build whilst inside C:\Windows is now blocked. (:issue:8570)
• Invalid hiddenimports (e.g. filenames instead of module names) are now a build error. (:issue:8570)

Deprecations

* Adding a Python environment's ``site-packages`` directory to
  ``pathex``/``--paths`` will be blocked in v7.0 (:issue:`8570`)
* Running PyInstaller with escalated privileges (e.g. using sudo or in a *run as
  admin* terminal) will be blocked in v7.0. True admin users will be unaffected.
  (:issue:`8570`)
Bootloader

* (POSIX) Bootloader now attempts to create the run-time temporary directory
  given via :option:`--runtime-tmpdir` option (instead of requiring the
  directory to already exist), in order to match the behavior on Windows. A
  relative run-time temporary directory is now resolved to an absolute full path
  before being used to construct the application's temporary directory path.
  (:issue:`8557`)
* (Windows) Bootloader now verifies the run-time temporary directory given via
  :option:`--runtime-tmpdir` option, and raises an error if either the drive is
  invalid or if the directory cannot be created (instead of creating the
</tr></table> 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/df1507f9c423eaf6794eee6723d6d09b86da1f3e&quot;&gt;&lt;code&gt;df1507f&lt;/code&gt;&lt;/a> Release v6.8.0. [skip ci]</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/83a1499b9588b8d530cc5b0d1d462e6fa6abb67f&quot;&gt;&lt;code&gt;83a1499&lt;/code&gt;&lt;/a> macOS: hard-code path to the codesign utility</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/3aa87b04648e5d9f957aec629fd2c0b283cb2bec&quot;&gt;&lt;code&gt;3aa87b0&lt;/code&gt;&lt;/a> tests: skip QtMultimedia test with PyQt6 6.7.0 and PyQt6-Qt6 6.7.1</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/1e2259806302030dfa638df7128c5009222bb6c7&quot;&gt;&lt;code&gt;1e22598&lt;/code&gt;&lt;/a> Tests: Requirements: Scheduled weekly dependency update for week 22 (<a href="https://redirect.github.com/pyinstaller/pyinstaller/issues/8577&quot;&gt;#8577&lt;/a&gt;)&lt;/li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/3fa81817d8bdd1e84f77139d8d878a85831b9173&quot;&gt;&lt;code&gt;3fa8181&lt;/code&gt;&lt;/a> test: Disable unwanted tracebacks on pytest xfails</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/8b5d76d2e5c368d58821c96eefc975f22a0902f7&quot;&gt;&lt;code&gt;8b5d76d&lt;/code&gt;&lt;/a> Deprecate mixing Python environments using --paths=.../site-packages</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/a34370fb395dc629cddc162c985953aa0a0435ba&quot;&gt;&lt;code&gt;a34370f&lt;/code&gt;&lt;/a> Make --hiddenimport=.../site-packages/foo/bar.py a build error</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/1d29b15e099739d4be2876d82940a646a2ff72d5&quot;&gt;&lt;code&gt;1d29b15&lt;/code&gt;&lt;/a> Block running PyInstaller from inside C:\Windows</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/94037335e431f2b6aa4c7da3ab8be95a39202db1&quot;&gt;&lt;code&gt;9403733&lt;/code&gt;&lt;/a> Dispel the myth that PyInstaller should be ran as an admin</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/16d3f973a0b3d44cf58d34085ccfae5427ccfc51&quot;&gt;&lt;code&gt;16d3f97&lt;/code&gt;&lt;/a> bootloader: splash: move mutex variables into SPLASH_CONTEXT</li>

<li>Additional commits viewable in <a href="https://github.com/pyinstaller/pyinstaller/compare/v6.7.0...v6.8.0&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates pyinstaller-hooks-contrib from 2024.6 to 2024.7

Release notes
Sourced from pyinstaller-hooks-contrib's releases.

2024.7
Please see the changelog for more details



Changelog
Sourced from pyinstaller-hooks-contrib's changelog.

2024.7 (2024-06-08)
New hooks

* Add hook for ``dbus_fast`` in order to collect submodules that are imported
  from cythonized extensions. (`[#600](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/600)
  <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/600>`_)
* Add hook for ``gribapi`` package from ``eccodes`` dist, in order to
  collect bundled headers and ensure that the eccodes shared library is
  collected from the build environment. (`[#744](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/744)
  <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/744>`_)
* Add hook for ``patoolib`` to collect dynamically-imported modules from
  the ``patoolib.programs`` sub-package. (`[#748](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/748)
  <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/748>`_)
Updated hooks


Extend the xarray hook to collect additional backend plugins that are
registered via the xarray.backends entry-point (e.g., cfgrib). ([#744](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/744) <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/744>_)




Commits

7c8ef47 Release v2024.7
60f867b Scheduled weekly dependency update for week 22 (#751)
53e719c Assorted licence cleanups
19cb5ed Scheduled weekly dependency update for week 21 (#750)
500bdf2 Add hook for patoolib (#748)
6fc0361 ci: use macos-12 and ubuntu-22.04 instead of -latest
1680e20 Scheduled weekly dependency update for week 20 (#747)
c9c2a32 hooks: add hook for dbus_fast
80908c7 ci: pr-test: fix compatibility with Apple/FreeBSD diff
a2a1af5 hook: add hook for gribapi package from eccodes dist
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

requirements.txt

Package	Version	License	Issue Type
pyinstaller	6.8.0	Null	Unknown License
pyinstaller-hooks-contrib	2024.7	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/packaging	24.1	🟢 7.5	Details Check Score Reason Code-Review 🟢 8 Found 24/28 approved changesets -- score normalized to 8 Maintained 🟢 10 10 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 4 binaries present in source code Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/prompt-toolkit	3.0.47	🟢 5.9	Details Check Score Reason Code-Review 🟢 4 Found 12/25 approved changesets -- score normalized to 4 Maintained 🟢 10 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pyinstaller	6.8.0	🟢 4.7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
pip/pyinstaller-hooks-contrib	2024.7	🟢 5.6	Details Check Score Reason Code-Review 🟢 8 Found 21/24 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/packaging	24.0	🟢 7.5	Details Check Score Reason Code-Review 🟢 8 Found 24/28 approved changesets -- score normalized to 8 Maintained 🟢 10 10 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 4 binaries present in source code Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/prompt-toolkit	3.0.46	🟢 5.9	Details Check Score Reason Code-Review 🟢 4 Found 12/25 approved changesets -- score normalized to 4 Maintained 🟢 10 12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pyinstaller	6.7.0	🟢 4.7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
pip/pyinstaller-hooks-contrib	2024.6	🟢 5.6	Details Check Score Reason Code-Review 🟢 8 Found 21/24 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

requirements.txt

• packaging@24.1
• prompt-toolkit@3.0.47
• pyinstaller@6.8.0
• pyinstaller-hooks-contrib@2024.7
• packaging@24.0
• prompt-toolkit@3.0.46
• pyinstaller@6.7.0
• pyinstaller-hooks-contrib@2024.6

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud