From 5e5edf824c7007718c48e755f1077cc7e104c1b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 06:05:59 +0000 Subject: [PATCH 1/3] Bump the pip group with 5 updates Bumps the pip group with 5 updates: | Package | From | To | | --- | --- | --- | | [python-gnupg](https://github.com/vsajip/python-gnupg) | `0.5.5` | `0.5.6` | | [sigstore](https://github.com/sigstore/sigstore-python) | `3.6.5` | `4.1.0` | | [mypy](https://github.com/python/mypy) | `1.19.0` | `1.19.1` | | [pyfakefs](https://github.com/pytest-dev/pyfakefs) | `5.10.2` | `6.0.0` | | [pytest](https://github.com/pytest-dev/pytest) | `8.4.2` | `9.0.2` | Updates `python-gnupg` from 0.5.5 to 0.5.6 - [Release notes](https://github.com/vsajip/python-gnupg/releases) - [Changelog](https://github.com/vsajip/python-gnupg/blob/master/release) - [Commits](https://github.com/vsajip/python-gnupg/compare/0.5.5...0.5.6) Updates `sigstore` from 3.6.5 to 4.1.0 - [Release notes](https://github.com/sigstore/sigstore-python/releases) - [Changelog](https://github.com/sigstore/sigstore-python/blob/main/CHANGELOG.md) - [Commits](https://github.com/sigstore/sigstore-python/compare/v3.6.5...v4.1.0) Updates `mypy` from 1.19.0 to 1.19.1 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](https://github.com/python/mypy/compare/v1.19.0...v1.19.1) Updates `pyfakefs` from 5.10.2 to 6.0.0 - [Release notes](https://github.com/pytest-dev/pyfakefs/releases) - [Changelog](https://github.com/pytest-dev/pyfakefs/blob/main/CHANGES.md) - [Commits](https://github.com/pytest-dev/pyfakefs/compare/v5.10.2...v6.0.0) Updates `pytest` from 8.4.2 to 9.0.2 - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/8.4.2...9.0.2) --- updated-dependencies: - dependency-name: python-gnupg dependency-version: 0.5.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip - dependency-name: sigstore dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: pip - dependency-name: mypy dependency-version: 1.19.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip - dependency-name: pyfakefs dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: pip - dependency-name: pytest dependency-version: 9.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: pip ... Signed-off-by: dependabot[bot] --- dev-requirements.txt | 12 ++++++------ mypy-requirements.txt | 4 ++-- requirements.txt | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/dev-requirements.txt b/dev-requirements.txt index ce5f685c..0687a83d 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -540,17 +540,17 @@ propcache==0.2.1 \ # via # aiohttp # yarl -pyfakefs==5.10.2 \ - --hash=sha256:6ff0e84653a71efc6a73f9ee839c3141e3a7cdf4e1fb97666f82ac5b24308d64 \ - --hash=sha256:8ae0e5421e08de4e433853a4609a06a1835f4bc2a3ce13b54f36713a897474ba +pyfakefs==6.0.0 \ + --hash=sha256:059fd0b2174bfeed499ecb0a59bccff557f267cc6d885afc0e5b76e78b6d50da \ + --hash=sha256:44ef5ab0294e7e623b8e56b4f2d8c9468b737d6e8641053063c43033d2c8c180 # via -r dev-requirements.in pygments==2.19.2 \ --hash=sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887 \ --hash=sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b # via pytest -pytest==8.4.2 \ - --hash=sha256:86c0d0b93306b961d58d62a4db4879f27fe25513d4b969df351abdddb3c30e01 \ - --hash=sha256:872f880de3fc3a5bdc88a11b39c9710c3497a547cfa9320bc3c5e62fbf272e79 +pytest==9.0.2 \ + --hash=sha256:711ffd45bf766d5264d487b917733b453d917afd2b0ad65223959f59089f875b \ + --hash=sha256:75186651a92bd89611d1d9fc20f0b4345fd827c41ccd5c299a868a05d70edf11 # via # -r dev-requirements.in # pytest-aiohttp diff --git a/mypy-requirements.txt b/mypy-requirements.txt index 9a59793c..91caba1c 100644 --- a/mypy-requirements.txt +++ b/mypy-requirements.txt @@ -1,10 +1,10 @@ aiohttp==3.13.2 alive_progress>=3.3.0 -mypy==1.19.0 +mypy==1.19.1 pyfakefs pytest pytest-mock python-gnupg # untyped :( -sigstore==3.6.5 +sigstore==4.1.0 types-paramiko types-requests diff --git a/requirements.txt b/requirements.txt index b8f7e966..35078e91 100644 --- a/requirements.txt +++ b/requirements.txt @@ -873,8 +873,8 @@ pyopenssl==25.0.0 \ python-dateutil==2.9.0.post0 \ --hash=sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427 # via betterproto -python-gnupg==0.5.5 \ - --hash=sha256:51fa7b8831ff0914bc73d74c59b99c613de7247b91294323c39733bb85ac3fc1 +python-gnupg==0.5.6 \ + --hash=sha256:b5050a55663d8ab9fcc8d97556d229af337a87a3ebebd7054cbd8b7e2043394a # via -r requirements.in requests==2.32.4 \ --hash=sha256:27babd3cda2a6d50b30443204ee89830707d396671944c998b5975b031ac2b2c From 37fa8520c9c50d48fa98196d9436ee1fa4ddc8e4 Mon Sep 17 00:00:00 2001 From: Ezio Melotti Date: Thu, 1 Jan 2026 07:41:53 +0100 Subject: [PATCH 2/3] Revert sigstore version bump --- mypy-requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mypy-requirements.txt b/mypy-requirements.txt index 91caba1c..c6b89fdb 100644 --- a/mypy-requirements.txt +++ b/mypy-requirements.txt @@ -5,6 +5,6 @@ pyfakefs pytest pytest-mock python-gnupg # untyped :( -sigstore==4.1.0 +sigstore==3.6.5 types-paramiko types-requests From 736077ebf55102e9e0feffc0925946b9a06abd7c Mon Sep 17 00:00:00 2001 From: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Date: Thu, 1 Jan 2026 13:29:42 +0200 Subject: [PATCH 3/3] Sort the arbitrary order from os.listdir --- add_to_pydotorg.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/add_to_pydotorg.py b/add_to_pydotorg.py index 8e88c292..a4b039c2 100755 --- a/add_to_pydotorg.py +++ b/add_to_pydotorg.py @@ -300,7 +300,7 @@ def list_files( ) -> Generator[tuple[str, str, str, bool, str], None, None]: """List all of the release's download files.""" reldir = base_version(release) - for rfile in os.listdir(path.join(ftp_root, reldir)): + for rfile in sorted(os.listdir(path.join(ftp_root, reldir))): if not path.isfile(path.join(ftp_root, reldir, rfile)): continue