Bump isort from 5.13.2 to 6.0.0

[dependabot]

Bumps isort from 5.13.2 to 6.0.0.

Release notes

Sourced from isort's releases.

6.0.0

Changes

💥 Breaking Changes

• Remove support for Python 3.8 (#2327) @​DanielNoord

🚀 Features

• Python 3.13 support (#2306) @​mayty
• Updates round 3 (#2334) @​matthewhughes934
• Speed up exists_case_sensitive calls (#2264) @​correctmost
• nit: Fix deprecation message link (#2220) @​syou6162
• Ensure that split_on_trailing_comma works with as imports (#2340) @​DanielNoord
• Black profile: enable magic comma (#2236) @​MrMino
• Fix google style test (#2336) @​DanielNoord
• Update line_length and single_line_exclusions in google profile (#2149) @​jagapiou
• Updates round 2 (#2329) @​matthewhughes934
• Dependency updates round 1 (#2325) @​matthewhughes934
• Run pre-commit autoupdate (#2321) @​kurtmckee

🪲 Fixes

• Allow --diff to be used with --jobs (#2302) @​mnakama
• wemake has 80 chars hard limit, not 79 (#2241) @​sobolevn
• Fix errors on main (#2320) @​DanielNoord
• Fixed syntax error (#2289) @​Sergio-prog
• fix: typo (#2298) @​Rotzbua
• Fix sort_reexports code mangling (#2283) @​Helveg
• fix: correct group by package tokenization (#2136) @​glasnt
• Fix isort-action usage documentation (#2297) @​jamescurtin
• Fix CDN for Ace (#2127) @​abitrolly
• Fix help text (#2229) @​stweil
• docs: fix spelling mistake (#2249) @​cachho

👷 Continuous Integration

• UV replacement of Poetry (#2349) @​staticdev
• Make actions happy (#2311) @​matthewhughes934
• Fix GitHub Actions badges (#2326) @​hugovk
• Eliminate actions/cache@v2 usage (#2322) @​kurtmckee
• feat: add dependabot for GH action update (#2300) @​Rotzbua
• Update stage names for pre-commit (#2296) @​matthewhughes934

📦 Dependencies

• Bump poetry to 2.0.1 (#2341) @​DanielNoord
• Fix misc unsafe dependencies (#2345) @​staticdev
• Bump the github-actions group across 1 directory with 5 updates (#2324) @dependabot[bot]
• Bump gitpython from 3.1.40 to 3.1.41 (#2223) @dependabot[bot]

... (truncated)

Changelog

Sourced from isort's changelog.

Changelog

NOTE: isort follows the semver versioning standard. Find out more about isort's release policy here.

Commits

• 0a0b7a8 6.0.0
• 2d00730 Merge pull request #2349 from PyCQA/revert-2347-revert-2346-ci/uv-replacement...
• 16bb0e2 Return user_options
• 73abbc8 Fix dev and optional dependencies
• 8b3828d Pin UV version
• 0225875 Remove pip and virtualenv usage
• 3d49bc0 Revert "Revert "UV replacement of Poetry""
• b3760ab Merge pull request #2347 from PyCQA/revert-2346-ci/uv-replacement-for-poetry
• cc12cce Revert "UV replacement of Poetry"
• f7ab073 Merge pull request #2346 from PyCQA/ci/uv-replacement-for-poetry
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	645	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	628	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	662	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	645	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	662	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	645	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	662	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	645	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	663	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	646	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	663	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	646	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	663	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	646	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

🛡️ Bandit Scan Results Summary

We found 2 High, 1 Medium, and 1 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID
🟡 LOW	Consider possible security implications associated with the subprocess module.	sz_tools/_tool_helpers.py	14	HIGH	More Info	B404
⚪ MEDIUM	Possible SQL injection vector through string-based query construction.	sz_tools/_sz_database.py	354	LOW	More Info	B608
🔴 HIGH	Starting a process with a shell, possible injection detected, security issue.	sz_tools/_tool_helpers.py	659	HIGH	More Info	B605
🔴 HIGH	subprocess call with shell=True identified, security issue.	sz_tools/_tool_helpers.py	642	HIGH	More Info	B602

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.