Bump regex from 2023.12.25 to 2024.4.16

[dependabot]

Bumps regex from 2023.12.25 to 2024.4.16.

Changelog

Sourced from regex's changelog.

Version: 2024.4.16

Git issue 525: segfault when fuzzy matching empty list

Version: 2023.12.25

Cannot get release notification action in main.yml to work. Commenting it out for now.

Version: 2023.12.24

Fixed invalid main.yml.

Version: 2023.12.23

The escape function no longer escapes \x00. It's not necessary.
Inline flags can now be turned off and apply to what follows.
Added \R to match line endings.

Version: 2023.10.3

Updated to Unicode 15.1.0.

Version: 2023.8.8

Git issue 508: Regex doesn't build using CPython main (3.13.0a0)
Removed usage of _PyBytes_Join and did a little tidying of the code that makes the result string.

Version: 2023.6.3

Git issue 498: Conditional negative lookahead inside positive lookahead fails to match
Conditional node needed an additional member that points to the true branch.

Version: 2023.5.5

Removed semicolon after 'else' in 'munge_name'.

Version: 2023.5.4

Fixed pyproject.toml and setup.py.

Version: 2023.5.3

pyproject.toml was missing.

Version: 2023.5.2

Added pyproject.toml.

... (truncated)

Commits

• 9c950f2 Updated changelog.
• 5d65c8a Git issue 525: segfault when fuzzy matching empty list
• 4f2ed52 Cannot get release notification action in main.yml to work. Commenting it out...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

requirements.txt

Package	Version	License	Issue Type
regex	2024.4.16	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/pyzmq	26.0.0	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 1 found 8 unreviewed changesets out of 9 -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 4 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/referencing	0.34.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 0 found 10 unreviewed changesets out of 11 -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 4 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/regex	2024.4.16	🟢 4.7	Details Check Score Reason Code-Review ⚠️ 0 found 30 unreviewed changesets out of 30 -- score normalized to 0 Maintained 🟢 4 0 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/pyzmq	25.1.2	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 1 found 8 unreviewed changesets out of 9 -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 4 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/referencing	0.33.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 0 found 10 unreviewed changesets out of 11 -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 4 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/regex	2023.12.25	🟢 4.7	Details Check Score Reason Code-Review ⚠️ 0 found 30 unreviewed changesets out of 30 -- score normalized to 0 Maintained 🟢 4 0 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

requirements.txt

• pyzmq@26.0.0
• referencing@0.34.0
• regex@2024.4.16
• pyzmq@25.1.2
• referencing@0.33.0
• regex@2023.12.25

[dependabot]

Dependabot attempted to update this pull request, but because the branch dependabot/pip/regex-2024.4.16 is protected it was unable to do so.

[Nick2bad4u]

@dependabot rebase

[dependabot]

Oh no! Something went wrong on our end. Please try again later.

If the problem persists, please contact GitHub support for assistance 🙇