Bump the pip-minor-patch group with 4 updates

[dependabot]

Bumps the pip-minor-patch group with 4 updates: sentry-sdk, jinja2, coverage and ruff.

Updates sentry-sdk from 2.0.1 to 2.1.0

Release notes

Sourced from sentry-sdk's releases.

2.1.0

Various fixes & improvements

• fix(quart): Fix Quart integration (#3043) by @​szokeasaurusrex
• Reduce API cross-section for huggingface in test (#3042) by @​colin-sentry
• Huggingface Hub integration (#3033) by @​colin-sentry
• feat(integrations): Add Anthropic Integration (#2831) by @​czyber
• meta(license): Bump copyright year (#3029) by @​szokeasaurusrex
• feat(ai): Langchain integration (#2911) by @​colin-sentry
• fix(django): fix Django ASGI integration on Python 3.12 (#3027) by @​bellini666
• feat(tests): Parallelize tox (#3025) by @​sentrivana
• build(deps): bump checkouts/data-schemas from 4aa14a7 to 4381a97 (#3028) by @​dependabot
• feat(perf): Add ability to put measurements directly on spans. (#2967) by @​colin-sentry
• fix(tests): Fix trytond tests (#3031) by @​sentrivana
• fix(tests): Update pytest-asyncio to fix CI (#3030) by @​sentrivana
• fix(docs): Link to respective migration guides directly (#3020) by @​sentrivana
• docs(scope): Add docstring to Scope.set_tags (#2978) by @​szokeasaurusrex
• test(scope): Fix typos in assert error message (#2978) by @​szokeasaurusrex
• test: Add unit test for top-level API set_tags (#2978) by @​szokeasaurusrex
• test(scope): Add unit test for Scope.set_tags (#2978) by @​szokeasaurusrex
• feat: Add set_tags to top-level API (#2978) by @​szokeasaurusrex
• feat(scope): New set_tags function (#2978) by @​szokeasaurusrex

Changelog

Sourced from sentry-sdk's changelog.

2.1.0

Various fixes & improvements

• fix(quart): Fix Quart integration (#3043) by @​szokeasaurusrex
• Reduce API cross-section for huggingface in test (#3042) by @​colin-sentry
• Huggingface Hub integration (#3033) by @​colin-sentry
• feat(integrations): Add Anthropic Integration (#2831) by @​czyber
• meta(license): Bump copyright year (#3029) by @​szokeasaurusrex
• feat(ai): Langchain integration (#2911) by @​colin-sentry
• fix(django): fix Django ASGI integration on Python 3.12 (#3027) by @​bellini666
• feat(tests): Parallelize tox (#3025) by @​sentrivana
• build(deps): bump checkouts/data-schemas from 4aa14a7 to 4381a97 (#3028) by @​dependabot
• feat(perf): Add ability to put measurements directly on spans. (#2967) by @​colin-sentry
• fix(tests): Fix trytond tests (#3031) by @​sentrivana
• fix(tests): Update pytest-asyncio to fix CI (#3030) by @​sentrivana
• fix(docs): Link to respective migration guides directly (#3020) by @​sentrivana
• docs(scope): Add docstring to Scope.set_tags (#2978) by @​szokeasaurusrex
• test(scope): Fix typos in assert error message (#2978) by @​szokeasaurusrex
• test: Add unit test for top-level API set_tags (#2978) by @​szokeasaurusrex
• test(scope): Add unit test for Scope.set_tags (#2978) by @​szokeasaurusrex
• feat: Add set_tags to top-level API (#2978) by @​szokeasaurusrex
• feat(scope): New set_tags function (#2978) by @​szokeasaurusrex

Commits

• 385b77b release: 2.1.0
• c368a2f fix(quart): Fix Quart integration (#3043)
• aaa8f04 Reduce API cross-section for huggingface in test (#3042)
• 41aa99b Huggingface Hub integration (#3033)
• eac253a feat(integrations): Add Anthropic Integration (#2831)
• f98f77f meta(license): Bump copyright year (#3029)
• 9cf6377 feat(ai): Langchain integration (#2911)
• fb1b746 fix(django): fix Django ASGI integration on Python 3.12 (#3027)
• eaad88a feat(tests): Parallelize tox (#3025)
• 37cccee build(deps): bump checkouts/data-schemas from 4aa14a7 to 4381a97 (#3028)
• Additional commits viewable in compare view

Updates jinja2 from 3.1.3 to 3.1.4

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Commits

• dd4a8b5 release version 3.1.4
• 0668239 Merge pull request from GHSA-h75v-3vvj-5mfj
• d655030 disallow invalid characters in keys to xmlattr filter
• a7863ba add ghsa links
• b5c98e7 start version 3.1.4
• da3a9f0 update project files (#1968)
• 0ee5eb4 satisfy formatter, linter, and strict mypy
• 20477c6 update project files (#5457)
• e491223 update pyyaml dev dependency
• 36f9885 fix pr link
• Additional commits viewable in compare view

Updates coverage from 7.5.0 to 7.5.1

Changelog

Sourced from coverage's changelog.

Version 7.5.1 — 2024-05-04

• Fix: a pragma comment on the continuation lines of a multi-line statement now excludes the statement and its body, the same as if the pragma is on the first line. This closes issue 754. The fix was contributed by Daniel Diniz <pull 1773_>.

• Fix: very complex source files like this one <resolvent_lookup_>_ could cause a maximum recursion error when creating an HTML report. This is now fixed, closing issue 1774_.

• HTML report improvements:

  • Support files (JavaScript and CSS) referenced by the HTML report now have hashes added to their names to ensure updated files are used instead of stale cached copies.

  • Missing branch coverage explanations that said "the condition was never false" now read "the condition was always true" because it's easier to understand.

  • Column sort order is remembered better as you move between the index pages, fixing issue 1766. Thanks, Daniel Diniz <pull 1768_>.

.. _resolvent_lookup: https://github.com/sympy/sympy/blob/130950f3e6b3f97fcc17f4599ac08f70fdd2e9d4/sympy/polys/numberfields/resolvent_lookup.py .. _issue 754: nedbat/coveragepy#754 .. _issue 1766: nedbat/coveragepy#1766 .. _pull 1768: nedbat/coveragepy#1768 .. _pull 1773: nedbat/coveragepy#1773 .. _issue 1774: nedbat/coveragepy#1774

.. _changes_7-5-0:

Commits

• be938ea docs: sample HTML for 7.5.1
• 02c66d7 docs: prep for 7.5.1
• 5fa9f67 fix: avoid max recursion errors in ast code. #1774
• 34af01d build: easier to run metasmoke on desired python version
• 6b0cac5 perf: cache _human_key to speed html report by about 10%
• fdc0ee8 docs: oops, typo
• 60e6cb4 docs: changelog for #754 and #1773
• 277c8c4 fix: '# pragma: no branch' in multiline if statements. #754 (#1773)
• 34d3eb7 docs: update changelog for #1786. Thanks, Daniel Diniz
• 2bb5ef2 fix(html): make HTML column sorting consistent across index pages (fix #1766)...
• Additional commits viewable in compare view

Updates ruff from 0.4.2 to 0.4.3

Release notes

Sourced from ruff's releases.

v0.4.3

Changes

Enhancements

• Add support for PEP 696 syntax (#11120)

Preview features

• [refurb] Use function range for reimplemented-operator diagnostics (#11271)
• [refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
• [refurb] Implement fstring-number-format (FURB116) (#10921)
• [ruff] Implement redirected-noqa (RUF101) (#11052)
• [pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

• [flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)
• [flake8-logging] Include inline instantiations when detecting loggers (#11154)
• [pylint] Also emit PLR0206 for properties with variadic parameters (#11200)
• [ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

• Avoid multiline expression if format specifier is present (#11123)

LSP

• Write ruff server setup guide for Helix (#11183)
• ruff server no longer hangs after shutdown (#11222)
• ruff server reads from a configuration TOML file in the user configuration directory if no local configuration exists (#11225)
• ruff server respects per-file-ignores configuration (#11224)
• ruff server: Support a custom TOML configuration file (#11140)
• ruff server: Support setting to prioritize project configuration over editor configuration (#11086)

Bug fixes

• Avoid debug assertion around NFKC renames (#11249)
• [pyflakes] Prioritize redefined-while-unused over unused-import (#11173)
• [ruff] Respect async expressions in comprehension bodies (#11219)
• [pygrep_hooks] Fix blanket-noqa panic when last line has noqa with no newline (PGH004) (#11108)
• [perflint] Ignore list-copy recommendations for async for loops (#11250)
• [pyflakes] Improve invalid-print-syntax documentation (#11171)

Performance

• Avoid allocations for isort module names (#11251)
• Build a separate ARM wheel for macOS (#11149)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.3

Enhancements

• Add support for PEP 696 syntax (#11120)

Preview features

• [refurb] Use function range for reimplemented-operator diagnostics (#11271)
• [refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
• [refurb] Implement fstring-number-format (FURB116) (#10921)
• [ruff] Implement redirected-noqa (RUF101) (#11052)
• [pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

• [flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)
• [flake8-logging] Include inline instantiations when detecting loggers (#11154)
• [pylint] Also emit PLR0206 for properties with variadic parameters (#11200)
• [ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

• Avoid multiline expression if format specifier is present (#11123)

LSP

• Write ruff server setup guide for Helix (#11183)
• ruff server no longer hangs after shutdown (#11222)
• ruff server reads from a configuration TOML file in the user configuration directory if no local configuration exists (#11225)
• ruff server respects per-file-ignores configuration (#11224)
• ruff server: Support a custom TOML configuration file (#11140)
• ruff server: Support setting to prioritize project configuration over editor configuration (#11086)

Bug fixes

• Avoid debug assertion around NFKC renames (#11249)
• [pyflakes] Prioritize redefined-while-unused over unused-import (#11173)
• [ruff] Respect async expressions in comprehension bodies (#11219)
• [pygrep_hooks] Fix blanket-noqa panic when last line has noqa with no newline (PGH004) (#11108)
• [perflint] Ignore list-copy recommendations for async for loops (#11250)
• [pyflakes] Improve invalid-print-syntax documentation (#11171)

Performance

• Avoid allocations for isort module names (#11251)
• Build a separate ARM wheel for macOS (#11149)

Commits

• 1e91a09 Bump version to v0.4.3 (#11274)
• d0f51c6 Remove remaining ruff_shrinking references (#11272)
• 8dd3811 Use function range for reimplemented-operator diagnostics (#11271)
• 894cd13 [refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
• f3284fd Remove unnecessary check for RUF020 enabled (#11268)
• 82dd5e6 [red-knot] resolve class members (#11256)
• 6a1e555 Upgrade to Rust 1.78 (#11260)
• 349a4cf Remove trailing reference section (#11257)
• dfbeca5 ruff server no longer hangs after shutdown (#11222)
• 9e69cd6 Rephrase rationale for pytest-incorrect-pytest-import (#11255)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #172.