Bump the dependencies group with 7 updates

[dependabot]

Bumps the dependencies group with 7 updates:

Package	From	To
cryptography	45.0.4	45.0.5
coverage[toml]	7.9.1	7.10.1
typing-extensions	4.14.0	4.14.1
distlib	0.3.9	0.4.0
mypy	1.16.1	1.17.1
virtualenv	20.31.2	20.32.0
certifi	2025.6.15	2025.7.14

Updates cryptography from 45.0.4 to 45.0.5

Changelog

Sourced from cryptography's changelog.

45.0.5 - 2025-07-02

* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.1.
.. _v45-0-4:

Commits

• 3e53a23 Bump for 45.0.5 release (#13135)
• See full diff in compare view

Updates coverage[toml] from 7.9.1 to 7.10.1

Release notes

Sourced from coverage[toml]'s releases.

7.10.1

Version 7.10.1 — 2025-07-27

• Fix: the exclusion for if TYPE_CHECKING: was wrong: it marked the branch as partial, but it should have been a line exclusion so the entire clause would be excluded. Improves issue 831.
• Fix: changed where .pth files are written for patch = subprocess, closing issue 2006.

➡️  PyPI page: coverage 7.10.1. :arrow_right:  To install: python3 -m pip install coverage==7.10.1

7.10.0

Version 7.10.0 — 2025-07-24

• A new configuration option: “[run] patch” specifies named patches to work around some limitations in coverage measurement. These patches are available:
  • patch = _exit lets coverage save its data even when https://docs.python.org/3/library/os.html#os._exit is used to abruptly end the process. This closes long-standing issue 310 as well as its duplicates: issue 312, issue 1673, issue 1845, and issue 1941.
  • patch = subprocess measures coverage in Python subprocesses created with https://docs.python.org/3/library/subprocess.html#module-subprocess, https://docs.python.org/3/library/os.html#os.system, or one of the https://docs.python.org/3/library/os.html#os.execl or https://docs.python.org/3/library/os.html#os.spawnl family of functions. Closes old issue 367 and duplicate issue 378.
  • patch = execv adjusts the https://docs.python.org/3/library/os.html#os.execl family of functions to save coverage data before ending the current program and starting the next. Not available on Windows. Closes issue 43 after 15 years!
• The HTML report now dimly colors subsequent lines in multi-line statements. They used to have no color. This gives a better indication of the amount of code missing in the report. Closes issue 1308.
• Two new exclusion patterns are part of the defaults: ... is automatically excluded as a line and if TYPE_CHECKING: is excluded as a branch. Closes issue 831.
• A new command-line option: --save-signal=USR1 specifies a signal that coverage.py will listen for. When the signal is sent, the coverage data will be saved. This makes it possible to save data from within long-running processes. Thanks, Arkady Gilinsky.
• A new configuration option: “[report] partial_also” is a list of regexes to add as pragmas for partial branches. This parallels the “[report] exclude_also” setting for adding line exclusion patterns.
• A few file path configuration settings didn’t allow for tilde expansion: [json] output, [lcov] output and [run] debug_file. This is now fixed.
• Wheels are included for 3.14 now that 3.14 rc1 is available.
• We no longer ship a PyPy-specific wheel. PyPy will install the pure-Python wheel. Closes issue 2001.
• In the very unusual situation of not having a current frame, coverage no longer crashes when using the sysmon core, fixing issue 2005.

➡️  PyPI page: coverage 7.10.0. :arrow_right:  To install: python3 -m pip install coverage==7.10.0

7.9.2

Version 7.9.2 — 2025-07-03

• Fix: complex conditionals within a line might cause a KeyError when using sys.monitoring, as reported in issue 1991. This is now fixed.
• Fix: we can now measure coverage for code in Python archive (.par) files. Thanks, Itamer Oren.

➡️  PyPI page: coverage 7.9.2. :arrow_right:  To install: python3 -m pip install coverage==7.9.2

Changelog

Sourced from coverage[toml]'s changelog.

Version 7.10.1 — 2025-07-27

• Fix: the exclusion for if TYPE_CHECKING: was wrong: it marked the branch as partial, but it should have been a line exclusion so the entire clause would be excluded. Improves issue 831_.

• Fix: changed where .pth files are written for patch = subprocess, closing issue 2006_.

.. _issue 2006: nedbat/coveragepy#2006

.. _changes_7-10-0:

Version 7.10.0 — 2025-07-24

• A new configuration option: ":ref:config_run_patch" specifies named patches to work around some limitations in coverage measurement. These patches are available:

  • patch = _exit lets coverage save its data even when :func:os._exit() <python:os._exit> is used to abruptly end the process. This closes long-standing issue 310_ as well as its duplicates: issue 312, issue 1673, issue 1845, and issue 1941.

  • patch = subprocess measures coverage in Python subprocesses created with :mod:subprocess, :func:os.system, or one of the :func:execv <python:os.execl> or :func:spawnv <python:os.spawnl> family of functions. Closes old issue 367_ and duplicate issue 378_.

  • patch = execv adjusts the :func:execv <python:os.execl> family of functions to save coverage data before ending the current program and starting the next. Not available on Windows. Closes issue 43_ after 15 years!

• The HTML report now dimly colors subsequent lines in multi-line statements. They used to have no color. This gives a better indication of the amount of code missing in the report. Closes issue 1308_.

• Two new exclusion patterns are part of the defaults: ... is automatically excluded as a line and if TYPE_CHECKING: is excluded as a branch. Closes issue 831_.

• A new command-line option: --save-signal=USR1 specifies a signal that coverage.py will listen for. When the signal is sent, the coverage data will be saved. This makes it possible to save data from within long-running processes. Thanks, Arkady Gilinsky <pull 1998_>_.

... (truncated)

Commits

• 7fdcbeb docs: sample HTML for 7.10.1
• c9e9625 docs: prep for 7.10.1
• e8193ff chore: make upgrade
• 9aad22a test: improve the if TYPE_CHECKING: exclusion test
• 1e2f41a fix: excluding TYPE_CHECKING should have been the line not the branch
• 2134e57 fix: use getsitepackages for writing .pth files. #2006
• a4300a7 test: signal statuses are mysterious. #2008
• 2fd4961 docs: update the man page, for once
• a13607f build: comment_on_fixes should show html urls
• 0f00d49 build: bump version to 7.10.1
• Additional commits viewable in compare view

Updates typing-extensions from 4.14.0 to 4.14.1

Release notes

Sourced from typing-extensions's releases.

4.14.1

Release 4.14.1 (July 4, 2025)

• Fix usage of typing_extensions.TypedDict nested inside other types (e.g., typing.Type[typing_extensions.TypedDict]). This is not allowed by the type system but worked on older versions, so we maintain support.

Changelog

Sourced from typing-extensions's changelog.

Release 4.14.1 (July 4, 2025)

• Fix usage of typing_extensions.TypedDict nested inside other types (e.g., typing.Type[typing_extensions.TypedDict]). This is not allowed by the type system but worked on older versions, so we maintain support.

Commits

• 42027ab Prepare release 4.14.1 (#620)
• 59d2c20 Fix off by one in pickle protocol tests (#618)
• 40e22eb Do not use slots for _TypedDictSpecialForm (#616)
• d17c456 allow TypedDict as a type argument (#614)
• See full diff in compare view

Updates distlib from 0.3.9 to 0.4.0

Changelog

Sourced from distlib's changelog.

0.4.0

Released: 2025-07-17


markers

Add the interpret_parsed function.



wheel


Fix #238: Add build tag to wheel metadata if specified.


Fix #243: Update to support free-threading version of Python (3.13t).


Fix #246: Support subdirectories in the dist-info directory. Thanks to Pieter P for the patch.


Fix #248: Fix path normalisation issue caused by the fix for #246.


Move import in script wrapper to "if name == 'main'" clause.




tests

Fix #245: Skip test_package_data if a SKIP_EXT_PACKAGE_DATA environment variable is present.

Commits

• aff2cbb Finalise version.
• 3716c4b Update change log, widen exception catching in test.
• 660bd33 Changes for 0.4.0.
• 56b4ad9 Guard script wrapper entrypoint import with if main (#242)
• fe57366 docs: update coverage results link (#250)
• c3286e5 Temporarily exclude 3.13t on windows-latest.
• e6b83d3 Normalize archive paths in dist-info (#248)
• 93baffe Skip no-longer-relevant test.
• 83f6568 Support subdirectories in .dist-info (fixes #246) (#247)
• f918abd Update test_wheel.WheelTestCase.test_abi for freethreading (#244)
• Additional commits viewable in compare view

Updates mypy from 1.16.1 to 1.17.1

Changelog

Sourced from mypy's changelog.

Mypy 1.17.1

• Retain None as constraints bottom if no bottoms were provided (Stanislav Terliakov, PR 19485)
• Fix "ignored exception in hasattr" in dmypy (Stanislav Terliakov, PR 19428)
• Prevent a crash when InitVar is redefined with a method in a subclass (Stanislav Terliakov, PR 19453)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

• Alexey Makridenko
• Brian Schubert
• Chad Dombrova
• Chainfire
• Charlie Denton
• Charulata
• Christoph Tyralla
• CoolCat467
• Donal Burns
• Guy Wilson
• Ivan Levkivskyi
• johnthagen
• Jukka Lehtosalo
• Łukasz Kwieciński
• Marc Mueller
• Michael J. Sullivan
• Mikhail Golubev
• Sebastian Rittau
• Shantanu
• Stanislav Terliakov
• wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.16

We’ve just uploaded mypy 1.16 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Different Property Getter and Setter Types

Mypy now supports using different types for a property getter and setter:

class A:
    _value: int
</tr></table> 

... (truncated)

Commits

• acb2983 Bump version to 1.17.1
• 933c913 Retain None as constraints bottom if no bottoms were provided (#19485)
• 5f4428f Fix "ignored exception in hasattr" in dmypy (#19428)
• 88fdeaa Prevent a crash when InitVar is redefined with a method in a subclass (#19453)
• e44d14f Bump version to 1.17.1+dev
• 0260991 Update version string
• 3901aa2 Updates to 1.17 changelog (#19436)
• 7d13396 Initial changelog for 1.17 release (#19427)
• a182dec Combine the revealed types of multiple iteration steps in a more robust manne...
• ab4fd57 Improve the handling of "iteration dependent" errors and notes in finally cla...
• Additional commits viewable in compare view

Updates virtualenv from 20.31.2 to 20.32.0

Release notes

Sourced from virtualenv's releases.

20.32.0

What's Changed

• release 20.31.2 by @​gaborbernat in pypa/virtualenv#2886
• Fix the CI by @​gaborbernat in pypa/virtualenv#2904
• activate.fish: update fish major version check by @​r5d in pypa/virtualenv#2891
• Fix: Ignore missing absolute paths for python discovery by @​esafak in pypa/virtualenv#2907
• Discover uv-managed Python installations by @​edgarrmondragon in pypa/virtualenv#2902
• Add warning for incorrect usage of Nushell activation script by @​esafak in pypa/virtualenv#2906
• Update index.rst, compatibility section added, other subheadings created by @​velle in pypa/virtualenv#2897
• Bump setuptools version by @​gaborbernat in pypa/virtualenv#2900

New Contributors

• @​r5d made their first contribution in pypa/virtualenv#2891
• @​esafak made their first contribution in pypa/virtualenv#2907
• @​edgarrmondragon made their first contribution in pypa/virtualenv#2902
• @​velle made their first contribution in pypa/virtualenv#2897

Full Changelog: pypa/virtualenv@20.31.2...20.32.0

Changelog

Sourced from virtualenv's changelog.

v20.32.0 (2025-07-20)

Features - 20.32.0

- Warn on incorrect invocation of Nushell activation script - by :user:`esafak`. (:issue:`nushell_activation`)
- Discover uv-managed Python installations (:issue:`2901`)
Bugfixes - 20.32.0

• Ignore missing absolute paths for python discovery - by :user:esafak (:issue:2870)
• Upgrade embedded setuptools to 80.9.0 from 80.3.1 - by :user:gaborbernat. (:issue:2900)

Commits

• 74afc5a release 20.32.0
• 40c84e4 Bump setuptools version (#2900)
• f3961eb Update index.rst, compatibility section added, other subheadings created (#2897)
• 75518b1 Add warning for incorrect usage of Nushell activation script (#2906)
• 430eb4b Discover uv-managed Python installations (#2902)
• e7e0ae3 [pre-commit.ci] pre-commit autoupdate (#2905)
• 269599a Fix: Ignore missing absolute paths for python discovery (#2907)
• 29e9698 activate.fish: update fish major version check (#2891)
• 07e6110 Merge pull request #2904 from gaborbernat/fix-ci-07-10
• 30e58ff Fix the CI
• Additional commits viewable in compare view

Updates certifi from 2025.6.15 to 2025.7.14

Commits

• ddd90c6 2025.07.14 (#359)
• d905221 2025.07.09 (#358)
• See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
certifi	[< 2023, > 2022.6.15]
cryptography	[< 38.1, > 38.0.0]
typing-extensions	[< 4.7, > 4.6.0]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions