Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump colorama from 0.4.4 to 0.4.6 #8122

Merged
merged 3 commits into from
Apr 26, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 21, 2023

Bumps colorama from 0.4.4 to 0.4.6.

Changelog

Sourced from colorama's changelog.

0.4.6 Current release

  • tartley/colorama#139 Add alternative to 'init()', called 'just_fix_windows_console'. This fixes many longstanding problems with 'init', such as working incorrectly on modern Windows terminals, and wonkiness when init gets called multiple times. The intention is that it just makes all Windows terminals treat ANSI the same way as other terminals do. Many thanks the njsmith for fixing our messes.
  • tartley/colorama#352 Support Windows 10's ANSI/VT console. This didn't exist when Colorama was created, and avoiding us causing havok there is long overdue. Thanks to segeviner for the initial approach, and to njsmith for getting it merged.
  • tartley/colorama#338 Internal overhaul of package metadata declaration, which abolishes our use of the now heavily discouraged setuptools (and hence setup.py, setup.cfg and MANIFEST.in), in favor of hatchling (and hence pyproject.toml), generously contributed by ofek (author of hatchling). This includes dropping support Python3.5 and 3.6, which are EOL, and were already dropped from setuptools, so this should not affect our users.
  • tartley/colorama#353 Attention to detail award to LqdBcnAtWork for a spelling fix in demo06 0.4.5
  • Catch a racy ValueError that could occur on exit.
  • Create README-hacking.md, for Colorama contributors.
  • Tweak some README unicode characters that don't render correctly on PyPI.
  • Fix some tests that were failing on some operating systems.
  • Add support for Python 3.9.
  • Add support for PyPy3.
  • Add support for pickling with the dill module.
Commits
  • 3de9f01 bump version 0.4.6
  • a45949b Format the CHANGELOG bullet list, no content change
  • f55f72e comment need for a fix after recent MP broke it
  • cb83041 fix test-release after recent MPs broke it
  • 832f14c README tweaks
  • 54b89c3 Bump version to 0.4.6rc1
  • 7991d34 'make bootstrap' uses system python3, not pinned v3.8
  • 0ae5ef2 CHANGELOG updates for upcoming 0.4.6 release
  • 52f4cfd Tweak ordering of release checklist
  • ab64cfa Merge pull request #353 from LqdBcnAtWork/patch-1
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies This issue is a problem in a dependency. v1 labels Aug 21, 2023
@codecov-commenter
Copy link

codecov-commenter commented Aug 22, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 0.08%. Comparing base (029054c) to head (0359bc2).
Report is 43 commits behind head on develop.

❗ Current head 0359bc2 differs from pull request most recent head b9ab36e. Consider uploading reports for the commit b9ab36e to get more accurate results

Additional details and impacted files
@@           Coverage Diff            @@
##           develop   #8122    +/-   ##
========================================
  Coverage     0.08%   0.08%            
========================================
  Files          208     208            
  Lines        16809   16542   -267     
========================================
  Hits            14      14            
+ Misses       16795   16528   -267     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@julienlavergne
Copy link

julienlavergne commented Nov 21, 2023

This is really blocking to not merge this PR. And such a simple thing to merge it.

I don't know if you realize the energy spent trying to work around this upper version limit for Colorama. I have seen countless of GitHub issues open in tox/pylint/etc.
It is fine to put an upper limit for dependencies, but this is an engagement to maintain it. If you do not want to spend the effort to regularly update it, I suggest removing the upper limit.

122 open PRs, some of them for several years, is the repo even maintained? Can we automatically merge dependabot PR when they are green? Or do you recommend users to migrate to another cli?

@kdaily @kyleknap @nateprewitt

@MVrachev
Copy link

MVrachev commented Dec 7, 2023

I totally agree with @julienlavergne.
We have a problem in our project as one of our contributors on Windows cannot install his dependencies
as awscli requires colorama < 0.4.5 and other dependencies already require colorama>=0.4.5...
Please work on this issue..
@kdaily @kyleknap @nateprewitt

@nateprewitt
Copy link
Member

@dependabot rebase

Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 23, 2024

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@nateprewitt
Copy link
Member

@dependabot recreate

Bumps [colorama](https://github.com/tartley/colorama) from 0.4.4 to 0.4.6.
- [Changelog](https://github.com/tartley/colorama/blob/master/CHANGELOG.rst)
- [Commits](tartley/colorama@0.4.4...0.4.6)

---
updated-dependencies:
- dependency-name: colorama
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/develop/colorama-0.4.6 branch from daba68e to 26be1a1 Compare April 23, 2024 21:23
@kdaily kdaily requested review from kyleknap and nateprewitt April 25, 2024 23:06
@kdaily kdaily linked an issue Apr 25, 2024 that may be closed by this pull request
@kdaily kdaily force-pushed the dependabot/pip/develop/colorama-0.4.6 branch from febb99d to 384e5ae Compare April 25, 2024 23:46
Copy link
Member

@nateprewitt nateprewitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A couple minor modernizations if we're touching things, but otherwise looks good!

scripts/make-bundle Outdated Show resolved Hide resolved
scripts/make-bundle Outdated Show resolved Hide resolved
Updating to colorama > 0.4.5 requires additional
build dependencies (`hatchling`, `flit_core`,
etc). This increases the complexity of the bundled
installer.

We cannot add this to `EXTRA_RUNTIME_DEPS`
because the `pip download` in `download_cli_deps`
will fetch the latest `colorama`, which will take
precedence when running the `install` script.

This change pins `colorama` to the last version
without the additional dependencies.
@kdaily kdaily force-pushed the dependabot/pip/develop/colorama-0.4.6 branch from 384e5ae to b9ab36e Compare April 26, 2024 00:10
@kdaily kdaily requested a review from nateprewitt April 26, 2024 00:11
Copy link
Member

@nateprewitt nateprewitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

Copy link
Contributor

@kyleknap kyleknap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢

@kdaily kdaily merged commit ca849a6 into develop Apr 26, 2024
60 checks passed
@dependabot dependabot bot deleted the dependabot/pip/develop/colorama-0.4.6 branch April 26, 2024 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies This issue is a problem in a dependency. v1
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Update colorama version for compatibility with pylint
6 participants