Skip to content

Bump virtualenv from 20.35.4 to 20.36.0 #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
docktermj merged 2 commits into from
Jan 9, 2026
Merged

Bump virtualenv from 20.35.4 to 20.36.0 #82

docktermj merged 2 commits into from
Jan 9, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 8, 2026
edited by github-actions bot
Loading

Bumps virtualenv from 20.35.4 to 20.36.0.

Release notes

Sourced from virtualenv's releases.

20.36.0

What's Changed

New Contributors

Full Changelog: pypa/virtualenv@20.35.3...20.36.0

Changelog

Sourced from virtualenv's changelog.

v20.36.0 (2026-01-07)

Features - 20.36.0

- Add support for PEP 440 version specifiers in the ``--python`` flag. Users can now specify Python versions using operators like ``>=``, ``<=``, ``~=``, etc. For example: ``virtualenv --python=">=3.12" myenv`` `. (:issue:`2994`)
Commits
  • 9719376 release 20.36.0
  • 0276db6 Add support for PEP 440 version specifiers in the --python flag. (#3008)
  • 4f900c2 Fix Interpreter discovery bug wrt. Microsoft Store shortcut using Latin-1 (#3...
  • 13afcc6 fix: resolve EncodingWarning in tox upgrade environment (#3007)
  • 31b5d31 [pre-commit.ci] pre-commit autoupdate (#2997)
  • 7c28422 fix: update filelock dependency version to 3.20.1 to fix CVE CVE-2025-68146 (...
  • 365628c test_too_many_open_files: assert on errno.EMFILE instead of strerror (#3001)
  • 5d09a90 fix: wrong path on migrated venv (#2996)
  • 23032cb [pre-commit.ci] pre-commit autoupdate (#2995)
  • 70afcd7 [pre-commit.ci] pre-commit autoupdate (#2993)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Resolves #3008
Resolves #3
Resolves #3007
Resolves #2997
Resolves #3001
Resolves #2996
Resolves #2995
Resolves #2993
Resolves pypa/virtualenv#2981
Resolves pypa/virtualenv#2982
Resolves pypa/virtualenv#2989
Resolves pypa/virtualenv#2990
Resolves pypa/virtualenv#2996
Resolves pypa/virtualenv#3001
Resolves pypa/virtualenv#3002
Resolves pypa/virtualenv#3007
Resolves pypa/virtualenv#3006
Resolves pypa/virtualenv#3008

@dependabot
Bump virtualenv from 20.35.4 to 20.36.0
a4aab89 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.35.4 to 20.36.0.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.35.4...20.36.0)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-version: 20.36.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jan 8, 2026
@dependabot dependabot bot requested a review from a team as a code owner January 8, 2026 17:03
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jan 8, 2026
@github-actions
Copy link

github-actions bot commented Jan 8, 2026

🤖 Claude Code Review

⚠️ CHANGELOG.md updated - For a dependency version bump, CHANGELOG updates are typically optional but recommended. The CHANGELOG exists but doesn't mention this virtualenv update. For automated dependency bumps, this is acceptable practice.

Markdown files follow CommonMark - The diff doesn't modify any markdown files.

Security

No hardcoded credentials - None present.

Input validation implemented - N/A for dependency updates.

Proper error handling - N/A for dependency updates.

No sensitive data in logs - N/A for dependency updates.

No license files checked in - No .lic files or AQAAAD strings in the diff.

Summary

Overall Assessment: ✅ APPROVED

This is a clean, straightforward dependency update PR that bumps virtualenv from version 20.35.4 to 20.36.0 in the development dependencies (pyproject.toml:47).

Key Points:

  • Minor version bump following semantic versioning
  • Development-only dependency (no production impact)
  • No code changes requiring tests or documentation updates
  • No security concerns

Minor Observation:

  • CHANGELOG.md could optionally include this update in the [Unreleased] section, though for automated dependency bumps this is often skipped

Recommendation: This PR is safe to merge. The dependency update maintains backward compatibility and represents routine maintenance.

Automated code review analyzing defects and coding standards

@docktermj docktermj self-assigned this Jan 9, 2026
@docktermj docktermj enabled auto-merge (squash) January 9, 2026 14:06
@github-actions
Copy link

github-actions bot commented Jan 9, 2026

🤖 Claude Code Review

Code Review Analysis

Analyzing the pull request diff against the review checklist:

Pull Request Summary

This PR updates the virtualenv dependency from version 20.35.4 to 20.36.0 in the development dependencies.

Code Quality

Code follows style guide

  • This is a dependency version update in pyproject.toml. No code style issues apply.

No commented-out code

  • No commented-out code present.

Meaningful variable names

  • Not applicable - this is a dependency version change.

DRY principle followed

  • Not applicable - this is a dependency version change.

Identify Defects

  • No defects identified. This is a minor version bump of a development dependency (20.35.4 → 20.36.0).
  • virtualenv is in the development extras group, so it won't affect production runtime.
  • No logic errors, security vulnerabilities, or edge cases introduced.

Project memory configuration

  • Not applicable for dependency updates.

Testing

⚠️ Unit tests for new functions

  • Not applicable - no new functions added.

⚠️ Integration tests for new endpoints

  • Not applicable - no new endpoints added.

⚠️ Edge cases covered

  • Not applicable - dependency update only.

⚠️ Test coverage > 80%

  • Cannot determine from diff. This change should not affect test coverage as it's a development dependency update.

Documentation

Readme updated if needed

  • No README update needed for a minor development dependency version bump.

API docs updated

  • Not applicable - no API changes.

Inline comments for complex logic

  • Not applicable - no code logic changes.

⚠️ CHANGELOG.md updated

  • Cannot verify from the provided diff if CHANGELOG.md was updated. For a minor development dependency update, this may not be necessary, but should be confirmed based on project conventions.

Markdown formatting

  • Not applicable - no markdown files changed.

Security

No hardcoded credentials

  • No credentials present.

Input validation implemented

  • Not applicable - no input handling code.

Proper error handling

  • Not applicable - no error handling code.

No sensitive data in logs

  • Not applicable - no logging code.

No license files checked in

  • No .lic files or AQAAAD strings present.

Overall Assessment

APPROVED - This is a clean, low-risk dependency update.

Summary

  • Risk Level: Very Low
  • Change Type: Development dependency version bump (minor version)
  • Impact: No production code affected
  • Recommendation: Safe to merge

This PR updates virtualenv from 20.35.4 to 20.36.0, a minor version increment in a development dependency. No code changes, no security concerns, and no functional impact on the application.

File: pyproject.toml:47

Automated code review analyzing defects and coding standards

@docktermj docktermj merged commit ac00141 into main Jan 9, 2026
15 checks passed
@docktermj docktermj deleted the dependabot/pip/virtualenv-20.36.0 branch January 9, 2026 14:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@docktermj docktermj docktermj approved these changes

Assignees

@docktermj docktermj

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Initial commit

2 participants

@docktermj