-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump colorama from 0.4.4 to 0.4.6 #8122
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## develop #8122 +/- ##
========================================
Coverage 0.08% 0.08%
========================================
Files 208 208
Lines 16809 16542 -267
========================================
Hits 14 14
+ Misses 16795 16528 -267 ☔ View full report in Codecov by Sentry. |
This is really blocking to not merge this PR. And such a simple thing to merge it. I don't know if you realize the energy spent trying to work around this upper version limit for Colorama. I have seen countless of GitHub issues open in tox/pylint/etc. 122 open PRs, some of them for several years, is the repo even maintained? Can we automatically merge dependabot PR when they are green? Or do you recommend users to migrate to another cli? |
I totally agree with @julienlavergne. |
@dependabot rebase |
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
@dependabot recreate |
Bumps [colorama](https://github.com/tartley/colorama) from 0.4.4 to 0.4.6. - [Changelog](https://github.com/tartley/colorama/blob/master/CHANGELOG.rst) - [Commits](tartley/colorama@0.4.4...0.4.6) --- updated-dependencies: - dependency-name: colorama dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
daba68e
to
26be1a1
Compare
febb99d
to
384e5ae
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A couple minor modernizations if we're touching things, but otherwise looks good!
Updating to colorama > 0.4.5 requires additional build dependencies (`hatchling`, `flit_core`, etc). This increases the complexity of the bundled installer. We cannot add this to `EXTRA_RUNTIME_DEPS` because the `pip download` in `download_cli_deps` will fetch the latest `colorama`, which will take precedence when running the `install` script. This change pins `colorama` to the last version without the additional dependencies.
384e5ae
to
b9ab36e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚢
Bumps colorama from 0.4.4 to 0.4.6.
Changelog
Sourced from colorama's changelog.
Commits
3de9f01
bump version 0.4.6a45949b
Format the CHANGELOG bullet list, no content changef55f72e
comment need for a fix after recent MP broke itcb83041
fix test-release after recent MPs broke it832f14c
README tweaks54b89c3
Bump version to 0.4.6rc17991d34
'make bootstrap' uses system python3, not pinned v3.80ae5ef2
CHANGELOG updates for upcoming 0.4.6 release52f4cfd
Tweak ordering of release checklistab64cfa
Merge pull request #353 from LqdBcnAtWork/patch-1You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)