Bump the python group in /python with 4 updates

[dependabot]

Bumps the python group in /python with 4 updates: cryptography, nh3, ruff and twine.

Updates cryptography from 43.0.3 to 44.0.0

Changelog

Sourced from cryptography's changelog.

44.0.0 - 2024-11-27

* **BACKWARDS INCOMPATIBLE:** Dropped support for LibreSSL < 3.9.
* Deprecated Python 3.7 support. Python 3.7 is no longer supported by the
  Python core team. Support for Python 3.7 will be removed in a future
  ``cryptography`` release.
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.4.0.
* macOS wheels are now built against the macOS 10.13 SDK. Users on older
  versions of macOS should upgrade, or they will need to build
  ``cryptography`` themselves.
* Enforce the :rfc:`5280` requirement that extended key usage extensions must
  not be empty.
* Added support for timestamp extraction to the
  :class:`~cryptography.fernet.MultiFernet` class.
* Relax the Authority Key Identifier requirements on root CA certificates
  during X.509 verification to allow fields permitted by :rfc:`5280` but
  forbidden by the CA/Browser BRs.
* Added support for :class:`~cryptography.hazmat.primitives.kdf.argon2.Argon2id`
  when using OpenSSL 3.2.0+.
* Added support for the :class:`~cryptography.x509.Admissions` certificate extension.
* Added basic support for PKCS7 decryption (including S/MIME 3.2) via
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_der`,
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_pem`, and
  :func:`~cryptography.hazmat.primitives.serialization.pkcs7.pkcs7_decrypt_smime`.
.. _v43-0-3:

Commits

• f299a48 remove deprecated call (#12052)
• 439eb05 Bump version for 44.0.0 (#12051)
• 2c5ad4d chore(deps): bump maturin from 1.7.4 to 1.7.5 in /.github/requirements (#12050)
• d23968a chore(deps): bump libc from 0.2.165 to 0.2.166 (#12049)
• 133c0e0 Bump x509-limbo and/or wycheproof in CI (#12047)
• f2259d7 Bump BoringSSL and/or OpenSSL in CI (#12046)
• e201c87 fixed metadata in changelog (#12044)
• c6104cc Prohibit Python 3.9.0, 3.9.1 -- they have a bug that causes errors (#12045)
• d6cac75 Add support for decrypting S/MIME messages (#11555)
• b8e5bfd chore(deps): bump libc from 0.2.164 to 0.2.165 (#12042)
• Additional commits viewable in compare view

Updates nh3 from 0.2.18 to 0.2.19

Release notes

Sourced from nh3's releases.

v0.2.19

What's Changed

• Add ALLOWED_URL_SCHEMES constant by @​timothymctim in messense/nh3#55
• Add docs for ALLOWED_URL_SCHEMES by @​timothymctim in messense/nh3#56
• Upgrade pyo3 to 0.23.2 by @​messense in messense/nh3#65
• Build free-threaded wheels for python3.13t by @​messense in messense/nh3#66

New Contributors

• @​timothymctim made their first contribution in messense/nh3#55

Full Changelog: messense/nh3@v0.2.18...v0.2.19

Commits

• c71460c Bump version to 0.2.19
• c1bb436 Use maturin v1.7.7-beta.1 for Windows build (#67)
• 89b8b1e Build free-threaded wheels for python3.13t (#66)
• 33b08f4 Upgrade pyo3 to 0.23.2 (#65)
• c608cdf Bump pyo3 from 0.22.5 to 0.22.6 (#63)
• 2bea303 Use ubuntu 22.04 in run-on-arch step
• 5d8b0a9 Bump pyo3 from 0.22.3 to 0.22.5 (#60)
• a80d68c Bump pyo3 from 0.22.2 to 0.22.3 (#53)
• 0f6780f Add docs for ALLOWED_URL_SCHEMES (#56)
• 98ca727 Add ALLOWED_URL_SCHEMES constant (#55)
• Additional commits viewable in compare view

Updates ruff from 0.8.0 to 0.8.1

Release notes

Sourced from ruff's releases.

0.8.1

Release Notes

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
• [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
• [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
• [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
• [pylint] Implement len-test (PLC1802) (#14309)
• [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
• [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
• [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
• [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

• Ignore more rules for stub files (#14541)
• [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
• [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
• [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
• [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

• Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
• [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
• [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
• [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
• [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
• [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
• [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Contributors

• @​AlexWaygood
• @​Daverball
• @​Glyphack
• @​InSyncWithFoo
• @​Lokejoke
• @​MichaReiser
• @​cake-monotone

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.1

Preview features

• Formatter: Avoid invalid syntax for format-spec with quotes for all Python versions (#14625)
• Formatter: Consider quotes inside format-specs when choosing the quotes for an f-string (#14493)
• Formatter: Do not consider f-strings with escaped newlines as multiline (#14624)
• Formatter: Fix f-string formatting in assignment statement (#14454)
• Formatter: Fix unnecessary space around power operator (**) in overlong f-string expressions (#14489)
• [airflow] Avoid implicit schedule argument to DAG and @dag (AIR301) (#14581)
• [flake8-builtins] Exempt private built-in modules (A005) (#14505)
• [flake8-pytest-style] Fix pytest.mark.parametrize rules to check calls instead of decorators (#14515)
• [flake8-type-checking] Implement runtime-cast-value (TC006) (#14511)
• [flake8-type-checking] Implement unquoted-type-alias (TC007) and quoted-type-alias (TC008) (#12927)
• [flake8-use-pathlib] Recommend Path.iterdir() over os.listdir() (PTH208) (#14509)
• [pylint] Extend invalid-envvar-default to detect os.environ.get (PLW1508) (#14512)
• [pylint] Implement len-test (PLC1802) (#14309)
• [refurb] Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• [ruff] Auto-add r prefix when string has no backslashes for unraw-re-pattern (RUF039) (#14536)
• [ruff] Implement invalid-assert-message-literal-argument (RUF040) (#14488)
• [ruff] Implement unnecessary-nested-literal (RUF041) (#14323)
• [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)

Rule changes

• Ignore more rules for stub files (#14541)
• [pep8-naming] Eliminate false positives for single-letter names (N811, N814) (#14584)
• [pyflakes] Avoid false positives in @no_type_check contexts (F821, F722) (#14615)
• [ruff] Detect redirected-noqa in file-level comments (RUF101) (#14635)
• [ruff] Mark fixes for unsorted-dunder-all and unsorted-dunder-slots as unsafe when there are complex comments in the sequence (RUF022, RUF023) (#14560)

Bug fixes

• Avoid fixing code to None | None for redundant-none-literal (PYI061) and never-union (RUF020) (#14583, #14589)
• [flake8-bugbear] Fix mutable-contextvar-default to resolve annotated function calls properly (B039) (#14532)
• [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016, PYI051, PYI055, PYI062, RUF041) (#14641)
• [flake8-pyi] Avoid rewriting invalid type expressions in unnecessary-type-union (PYI055) (#14660)
• [flake8-type-checking] Avoid syntax errors and type checking problem for quoted annotations autofix (TC003, TC006) (#14634)
• [pylint] Do not wrap function calls in parentheses in the fix for unnecessary-dunder-call (PLC2801) (#14601)
• [ruff] Handle attrs's auto_attribs correctly (RUF009) (#14520)

Commits

• b3b2c98 Update CHANGELOG.md with the new commits for 0.8.1 (#14664)
• abb3c6e [flake8-pyi] Avoid rewriting invalid type expressions in `unnecessary-type-...
• 224fe75 [ruff] Implement unnecessary-regular-expression (RUF055) (#14659)
• dc29f52 [flake8-pyi, ruff] Fix traversal of nested literals and unions (PYI016,...
• d9cbf2f Avoids unnecessary overhead for TC004, when TC001-003 are disabled (#14657)
• 3f6c65e [red-knot] Fix merged type after if-else without explicit else branch (#14621)
• 976c37a Bump version to 0.8.1 (#14655)
• a378ff3 [red-knot] Fix Boolean flags in mdtests (#14654)
• d8bca0d Fix bug where methods defined using lambdas were flagged by FURB118 (#14639)
• 6f1cf5b [red-knot] Minor fix in MRO tests (#14652)
• Additional commits viewable in compare view

Updates twine from 5.1.1 to 6.0.1

Changelog

Sourced from twine's changelog.

Twine 6.0.1 (2024-11-30)

Bugfixes ^^^^^^^^

• Fixed a regression where twine check would fail to expand wildcards, e.g. twine check 'dist/*'. ([#1188](https://github.com/pypa/twine/issues/1188) <https://github.com/pypa/twine/issues/1188>_)

Misc ^^^^

• [#1184](https://github.com/pypa/twine/issues/1184) <https://github.com/pypa/twine/issues/1184>_

Twine 6.0.0 (2024-11-29)

Bugfixes ^^^^^^^^

• Restore support for pkginfo 1.11 ([#1116](https://github.com/pypa/twine/issues/1116) <https://github.com/pypa/twine/issues/1116>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

• Username for PyPI and Test PyPI now defaults to token but no longer overrides a username configured in the environment or supplied on the command line. Workflows still supplying anything other than token for the username when uploading to PyPI or Test PyPI will now fail. Either supply token or do not supply a username at all. ([#1121](https://github.com/pypa/twine/issues/1121) <https://github.com/pypa/twine/issues/1121>_)

Misc ^^^^

• [#1024](https://github.com/pypa/twine/issues/1024) <https://github.com/pypa/twine/issues/1024>_

Commits

• a723876 Merge pull request #1189 from pypa/release-6.0.1
• 9a24828 Update changelog for 6.0.1
• a017005 Merge pull request #1188 from pypa/ww/fix-twine-check-glob
• e98f03b check: fix handling of non-shell-expanded globs
• 873f33e build(deps): bump pypa/gh-action-pypi-publish from 1.11.0 to 1.12.2 (#1175)
• 067412e Use brackets for the default value of option arguments (#1149)
• f32dc35 Apply ruff/Perflint rule (#1136)
• aa58273 Don't require importlib_metadata on Python 3.10+
• 675565f changelog: record #1184
• 80cc58c chore: mark 3.13 as explicitly supported
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions