Bump the minor-patch group with 4 updates

[dependabot]

Bumps the minor-patch group with 4 updates: pyramid-tm, ruff, waitress and sphinx-rtd-theme.

Updates pyramid-tm from 2.5 to 2.6

Changelog

Sourced from pyramid-tm's changelog.

2.6 (2024-11-14) ^^^^^^^^^^^^^^^^

• Drop support for Python 3.7, and 3.8.

• Add support for Python 3.11, 3.12, and 3.13.

• rename "master" to "main"

• Fix retrying transactions with pyramid_retry when using veto and a datamanger marks the exception as retryable.

Commits

• dfe9d80 cleanup setuptools warnings
• d353430 prep 2.6
• 7826d5e Merge pull request #85 from zagy/main
• 1475400 add readthedocs.yaml
• 8780a93 Merge pull request #87 from Pylons/dependabot/github_actions/actions/checkout-4
• 253ec30 Bump actions/checkout from 2 to 4
• 499803e Merge branch 'main' into zagy/main
• 51ba53b Merge pull request #86 from Pylons/add-py313
• 57bc602 fix tox to use allowlist_externals for docs
• b395d80 fix coverage
• Additional commits viewable in compare view

Updates ruff from 0.7.3 to 0.7.4

Release notes

Sourced from ruff's releases.

0.7.4

Release Notes

Preview features

• [flake8-datetimez] Detect usages of datetime.max/datetime.min (DTZ901) (#14288)
• [flake8-logging] Implement root-logger-calls (LOG015) (#14302)
• [flake8-no-pep420] Detect empty implicit namespace packages (INP001) (#14236)
• [flake8-pyi] Add "replace with Self" fix (PYI019) (#14238)
• [perflint] Implement quick-fix for manual-list-comprehension (PERF401) (#13919)
• [pylint] Implement shallow-copy-environ (W1507) (#14241)
• [ruff] Implement none-not-at-end-of-union (RUF036) (#14314)
• [ruff] Implementation unsafe-markup-call from flake8-markupsafe plugin (RUF035) (#14224)
• [ruff] Report problems for attrs dataclasses (RUF008, RUF009) (#14327)

Rule changes

• [flake8-boolean-trap] Exclude dunder methods that define operators (FBT001) (#14203)
• [flake8-pyi] Add "replace with Self" fix (PYI034) (#14217)
• [flake8-pyi] Always autofix duplicate-union-members (PYI016) (#14270)
• [flake8-pyi] Improve autofix for nested and mixed type unions for unnecessary-type-union (PYI055) (#14272)
• [flake8-pyi] Mark fix as unsafe when type annotation contains comments for duplicate-literal-member (PYI062) (#14268)

Server

• Use the current working directory to resolve settings from ruff.configuration (#14352)

Bug fixes

• Avoid conflicts between PLC014 (useless-import-alias) and I002 (missing-required-import) by considering lint.isort.required-imports for PLC014 (#14287)
• [flake8-type-checking] Skip quoting annotation if it becomes invalid syntax (TCH001)
• [flake8-pyi] Avoid using typing.Self in stub files pre-Python 3.11 (PYI034) (#14230)
• [flake8-pytest-style] Flag pytest.raises call with keyword argument expected_exception (PT011) (#14298)
• [flake8-simplify] Infer "unknown" truthiness for literal iterables whose items are all unpacks (SIM222) (#14263)
• [flake8-type-checking] Fix false positives for typing.Annotated (TCH001) (#14311)
• [pylint] Allow await at the top-level scope of a notebook (PLE1142) (#14225)
• [pylint] Fix miscellaneous issues in await-outside-async detection (PLE1142) (#14218)
• [pyupgrade] Avoid applying PEP 646 rewrites in invalid contexts (UP044) (#14234)
• [pyupgrade] Detect permutations in redundant open modes (UP015) (#14255)
• [refurb] Avoid triggering hardcoded-string-charset for reordered sets (FURB156) (#14233)
• [refurb] Further special cases added to verbose-decimal-constructor (FURB157) (#14216)
• [refurb] Use UserString instead of non-existent UserStr (FURB189) (#14209)
• [ruff] Avoid treating lowercase letters as # noqa codes (RUF100) (#14229)
• [ruff] Do not report when Optional has no type arguments (RUF013) (#14181)

Documentation

• Add "Notebook behavior" section for F704, PLE1142 (#14266)
• Document comment policy around fix safety (#14300)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.7.4

Preview features

• [flake8-datetimez] Detect usages of datetime.max/datetime.min (DTZ901) (#14288)
• [flake8-logging] Implement root-logger-calls (LOG015) (#14302)
• [flake8-no-pep420] Detect empty implicit namespace packages (INP001) (#14236)
• [flake8-pyi] Add "replace with Self" fix (PYI019) (#14238)
• [perflint] Implement quick-fix for manual-list-comprehension (PERF401) (#13919)
• [pylint] Implement shallow-copy-environ (W1507) (#14241)
• [ruff] Implement none-not-at-end-of-union (RUF036) (#14314)
• [ruff] Implementation unsafe-markup-call from flake8-markupsafe plugin (RUF035) (#14224)
• [ruff] Report problems for attrs dataclasses (RUF008, RUF009) (#14327)

Rule changes

• [flake8-boolean-trap] Exclude dunder methods that define operators (FBT001) (#14203)
• [flake8-pyi] Add "replace with Self" fix (PYI034) (#14217)
• [flake8-pyi] Always autofix duplicate-union-members (PYI016) (#14270)
• [flake8-pyi] Improve autofix for nested and mixed type unions for unnecessary-type-union (PYI055) (#14272)
• [flake8-pyi] Mark fix as unsafe when type annotation contains comments for duplicate-literal-member (PYI062) (#14268)

Server

• Use the current working directory to resolve settings from ruff.configuration (#14352)

Bug fixes

• Avoid conflicts between PLC014 (useless-import-alias) and I002 (missing-required-import) by considering lint.isort.required-imports for PLC014 (#14287)
• [flake8-type-checking] Skip quoting annotation if it becomes invalid syntax (TCH001)
• [flake8-pyi] Avoid using typing.Self in stub files pre-Python 3.11 (PYI034) (#14230)
• [flake8-pytest-style] Flag pytest.raises call with keyword argument expected_exception (PT011) (#14298)
• [flake8-simplify] Infer "unknown" truthiness for literal iterables whose items are all unpacks (SIM222) (#14263)
• [flake8-type-checking] Fix false positives for typing.Annotated (TCH001) (#14311)
• [pylint] Allow await at the top-level scope of a notebook (PLE1142) (#14225)
• [pylint] Fix miscellaneous issues in await-outside-async detection (PLE1142) (#14218)
• [pyupgrade] Avoid applying PEP 646 rewrites in invalid contexts (UP044) (#14234)
• [pyupgrade] Detect permutations in redundant open modes (UP015) (#14255)
• [refurb] Avoid triggering hardcoded-string-charset for reordered sets (FURB156) (#14233)
• [refurb] Further special cases added to verbose-decimal-constructor (FURB157) (#14216)
• [refurb] Use UserString instead of non-existent UserStr (FURB189) (#14209)
• [ruff] Avoid treating lowercase letters as # noqa codes (RUF100) (#14229)
• [ruff] Do not report when Optional has no type arguments (RUF013) (#14181)

Documentation

• Add "Notebook behavior" section for F704, PLE1142 (#14266)
• Document comment policy around fix safety (#14300)

Commits

• ed7b98c Bump version to 0.7.4 (#14358)
• 6591775 [flake8-type-checking] Skip quoting annotation if it becomes invalid syntax...
• 1f82731 Use CWD to resolve settings from ruff.configuration (#14352)
• 874da9c [red-knot] Display raw characters for string literal (#14351)
• 375cead Sync vendored typeshed stubs (#14350)
• 9ec690b [red-knot] Add support for string annotations (#14151)
• a48d779 [red-knot] function signature representation (#14304)
• ba6c7f6 [pylint] Remove check for dot in alias name in `useless-import-alias (PLC04...
• 8095ff0 enforce required imports even with useless alias (#14287)
• 24cd592 Avoid module lookup for known classes when possible (#14343)
• Additional commits viewable in compare view

Updates waitress from 3.0.1 to 3.0.2

Release notes

Sourced from waitress's releases.

v3.0.2

3.0.2 (2024-11-16)

Security

• When using Waitress to process trusted proxy headers, Waitress will now update the headers to drop any untrusted values, thereby making sure that WSGI apps only get trusted and validated values that Waitress itself used to update the environ. See Pylons/waitress#452 and Pylons/waitress#451

Changelog

Sourced from waitress's changelog.

3.0.2 (2024-11-16)

Security

- When using Waitress to process trusted proxy headers, Waitress will now
  update the headers to drop any untrusted values, thereby making sure that
  WSGI apps only get trusted and validated values that Waitress itself used to
  update the environ. See https://github.com/Pylons/waitress/pull/452 and
  https://github.com/Pylons/waitress/issues/451

Commits

• b11ae72 Prep for 3.0.2
• 38ffad0 Merge pull request #450 from Pylons/445-amend-drop-py38
• 0e7bf65 Remove hack to register atexit handler
• 0e82766 Add concurrency grouping to cancel in progress runs upon push
• 135c4bf Split Python versions note into two under separate headings
• 23ac524 Merge pull request #446 from kgaughan/resolve-name
• a20fe86 Merge pull request #447 from kgaughan/modern-assertions
• d005ec2 Merge pull request #448 from kgaughan/trivial-cleanup
• 291d9cb Merge pull request #452 from simonk52/drop-untrusted-proxy-values
• da38a20 Sign CONTRIBUTORS.txt
• Additional commits viewable in compare view

Updates sphinx-rtd-theme from 3.0.1 to 3.0.2

Changelog

Sourced from sphinx-rtd-theme's changelog.

3.0.2

• Show current translation when the flyout is attached
• Fix JavaScript issue that didn't allow users to disable selectors

.. _release-3.0.1:

Commits

• 5f03347 Release 3.0.2
• 17c0685 Attached flyout: show the current translation (#1629)
• 5db7796 Allow disabling selectors (#1626)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.