Skip to content

Bump virtualenv from 20.35.4 to 20.36.0 #317

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
docktermj merged 1 commit into from
Jan 7, 2026
Merged

Bump virtualenv from 20.35.4 to 20.36.0 #317

docktermj merged 1 commit into from
Jan 7, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 7, 2026
edited by github-actions bot
Loading

Bumps virtualenv from 20.35.4 to 20.36.0.

Release notes

Sourced from virtualenv's releases.

20.36.0

What's Changed

New Contributors

Full Changelog: pypa/virtualenv@20.35.3...20.36.0

Changelog

Sourced from virtualenv's changelog.

v20.36.0 (2026-01-07)

Features - 20.36.0

- Add support for PEP 440 version specifiers in the ``--python`` flag. Users can now specify Python versions using operators like ``>=``, ``<=``, ``~=``, etc. For example: ``virtualenv --python=">=3.12" myenv`` `. (:issue:`2994`)
Commits
  • 9719376 release 20.36.0
  • 0276db6 Add support for PEP 440 version specifiers in the --python flag. (#3008)
  • 4f900c2 Fix Interpreter discovery bug wrt. Microsoft Store shortcut using Latin-1 (#3...
  • 13afcc6 fix: resolve EncodingWarning in tox upgrade environment (#3007)
  • 31b5d31 [pre-commit.ci] pre-commit autoupdate (#2997)
  • 7c28422 fix: update filelock dependency version to 3.20.1 to fix CVE CVE-2025-68146 (...
  • 365628c test_too_many_open_files: assert on errno.EMFILE instead of strerror (#3001)
  • 5d09a90 fix: wrong path on migrated venv (#2996)
  • 23032cb [pre-commit.ci] pre-commit autoupdate (#2995)
  • 70afcd7 [pre-commit.ci] pre-commit autoupdate (#2993)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Resolves #3008
Resolves #3
Resolves #3007
Resolves #2997
Resolves #3001
Resolves #2996
Resolves #2995
Resolves #2993
Resolves pypa/virtualenv#2981
Resolves pypa/virtualenv#2982
Resolves pypa/virtualenv#2989
Resolves pypa/virtualenv#2990
Resolves pypa/virtualenv#2996
Resolves pypa/virtualenv#3001
Resolves pypa/virtualenv#3002
Resolves pypa/virtualenv#3007
Resolves pypa/virtualenv#3006
Resolves pypa/virtualenv#3008

@dependabot
Bump virtualenv from 20.35.4 to 20.36.0
9161513 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.35.4 to 20.36.0.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.35.4...20.36.0)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-version: 20.36.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python python programming languagae labels Jan 7, 2026
@dependabot dependabot bot requested a review from a team as a code owner January 7, 2026 19:02
@dependabot dependabot bot added python python programming languagae dependencies Pull requests that update a dependency file labels Jan 7, 2026
@github-actions
Copy link

github-actions bot commented Jan 7, 2026

🤖 Claude Code Review

⚠️ CHANGELOG.md status: The CHANGELOG.md exists and follows the Keep a Changelog format. However, development dependency updates like this are typically NOT documented in CHANGELOG as they don't affect end users or the production behavior of the package. This is acceptable practice.

Markdown files formatting

  • N/A - No markdown files modified in this PR.

Security

No hardcoded credentials

  • No credentials present.

Input validation implemented

  • N/A - No new input handling.

Proper error handling

  • N/A - No code changes.

No sensitive data in logs

  • N/A - No logging changes.

No license files or AQAAAD strings

  • No license files or sensitive strings in the diff.

Summary

APPROVED - This PR is safe to merge

Overall Assessment: This is a clean, low-risk dependency update.

Details:

  • Updates virtualenv from 20.35.4 to 20.36.0 in development dependencies (pyproject.toml:54)
  • Development dependencies only - no production runtime impact
  • Minor version bump suggests backward-compatible improvements/bug fixes
  • No code, documentation, or security concerns
  • CHANGELOG update not required for development dependency bumps

Recommendation: Approve and merge. This type of automated dependency update is standard practice for keeping development tooling current.

Automated code review analyzing defects and coding standards

@docktermj docktermj merged commit d31e08f into main Jan 7, 2026
36 checks passed
@docktermj docktermj deleted the dependabot/pip/virtualenv-20.36.0 branch January 7, 2026 23:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@docktermj docktermj docktermj approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python python programming languagae

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Migrate G2Audit.py to V4 SDK

2 participants

@docktermj