python-deps(deps): bump the python-dependencies group with 57 updates

[dependabot]

Updates the requirements on typing-extensions, pip, poetry-pre-commit-plugin, tm-devices, codespell, mkdocs-ezglossary-plugin, mkdocs-macros-plugin, mkdocs-mermaid2-plugin, packaging, pygments, pymdown-extensions, requests, psutil, pytest, beautifulsoup4, bracex, certifi, charset-normalizer, click, editdistpy, editorconfig, importlib-metadata, inflect, jinja2, jsbeautifier, markdown, markupsafe, mkdocs-autorefs, more-itertools, mypy-extensions, platformdirs, pyyaml-env-tag, setuptools, six, soupsieve, super-collections, termcolor, typeguard, urllib3, watchdog, wcmatch, zipp, coverage[toml], dataproperty, dnspython, exceptiongroup, iniconfig, mbstrdecoder, networkx, pathvalidate, pluggy, pytablewriter, pytz, tabledata, tcolorpy, typepy and typepy[datetime] to permit the latest version.
Updates typing-extensions from 4.12.2 to 4.13.2

Release notes

Sourced from typing-extensions's releases.

4.13.2

• Fix TypeError when taking the union of typing_extensions.TypeAliasType and a typing.TypeAliasType on Python 3.12 and 3.13. Patch by Joren Hammudoglu.
• Backport from CPython PR #132160 to avoid having user arguments shadowed in generated __new__ by @typing_extensions.deprecated. Patch by Victorien Plot.

4.13.1

This is a bugfix release fixing two edge cases that appear on old bugfix releases of CPython.

Bugfixes:

• Fix regression in 4.13.0 on Python 3.10.2 causing a TypeError when using Concatenate. Patch by Daraan.
• Fix TypeError when using evaluate_forward_ref on Python 3.10.1-2 and 3.9.8-10. Patch by Daraan.

4.13.0

New features:

• Add typing_extensions.TypeForm from PEP 747. Patch by Jelle Zijlstra.
• Add typing_extensions.get_annotations, a backport of inspect.get_annotations that adds features specified by PEP 649. Patches by Jelle Zijlstra and Alex Waygood.
• Backport evaluate_forward_ref from CPython PR #119891 to evaluate ForwardRefs. Patch by Daraan, backporting a CPython PR by Jelle Zijlstra.

Bugfixes and changed features:

• Update PEP 728 implementation to a newer version of the PEP. Patch by Jelle Zijlstra.
• Copy the coroutine status of functions and methods wrapped with @typing_extensions.deprecated. Patch by Sebastian Rittau.
• Fix bug where TypeAliasType instances could be subscripted even where they were not generic. Patch by Daraan.
• Fix bug where a subscripted TypeAliasType instance did not have all attributes of the original TypeAliasType instance on older Python versions. Patch by Daraan and Alex Waygood.
• Fix bug where subscripted TypeAliasType instances (and some other subscripted objects) had wrong parameters if they were directly subscripted with an Unpack object. Patch by Daraan.
• Backport to Python 3.10 the ability to substitute ... in generic Callable aliases that have a Concatenate special form as their argument. Patch by Daraan.
• Extended the Concatenate backport for Python 3.8-3.10 to now accept Ellipsis as an argument. Patch by Daraan.
• Fix backport of get_type_hints to reflect Python 3.11+ behavior which does not add

... (truncated)

Changelog

Sourced from typing-extensions's changelog.

Release 4.13.2 (April 10, 2025)

• Fix TypeError when taking the union of typing_extensions.TypeAliasType and a typing.TypeAliasType on Python 3.12 and 3.13. Patch by Joren Hammudoglu.
• Backport from CPython PR #132160 to avoid having user arguments shadowed in generated __new__ by @typing_extensions.deprecated. Patch by Victorien Plot.

Release 4.13.1 (April 3, 2025)

Bugfixes:

• Fix regression in 4.13.0 on Python 3.10.2 causing a TypeError when using Concatenate. Patch by Daraan.
• Fix TypeError when using evaluate_forward_ref on Python 3.10.1-2 and 3.9.8-10. Patch by Daraan.

Release 4.13.0 (March 25, 2025)

No user-facing changes since 4.13.0rc1.

Release 4.13.0rc1 (March 18, 2025)

New features:

• Add typing_extensions.TypeForm from PEP 747. Patch by Jelle Zijlstra.
• Add typing_extensions.get_annotations, a backport of inspect.get_annotations that adds features specified by PEP 649. Patches by Jelle Zijlstra and Alex Waygood.
• Backport evaluate_forward_ref from CPython PR #119891 to evaluate ForwardRefs. Patch by Daraan, backporting a CPython PR by Jelle Zijlstra.

Bugfixes and changed features:

• Update PEP 728 implementation to a newer version of the PEP. Patch by Jelle Zijlstra.
• Copy the coroutine status of functions and methods wrapped with @typing_extensions.deprecated. Patch by Sebastian Rittau.
• Fix bug where TypeAliasType instances could be subscripted even where they were not generic. Patch by Daraan.
• Fix bug where a subscripted TypeAliasType instance did not have all attributes of the original TypeAliasType instance on older Python versions. Patch by Daraan and Alex Waygood.
• Fix bug where subscripted TypeAliasType instances (and some other subscripted objects) had wrong parameters if they were directly subscripted with an Unpack object. Patch by Daraan.

... (truncated)

Commits

• 4525e9d Prepare release 4.13.2 (#583)
• 88a0c20 Do not shadow user arguments in generated __new__ by @deprecated (#581)
• 281d7b0 Add 3rd party tests for litestar (#578)
• 8092c39 fix TypeAliasType union with typing.TypeAliasType (#575)
• 45a8847 Prepare release 4.13.1 (#573)
• f264e58 Move CI to "ubuntu-latest" (round 2) (#570)
• 5ce0e69 Fix TypeError with evaluate_forward_ref on some 3.10 and 3.9 versions (#558)
• 304f5cb Add SQLAlchemy to third-party daily tests (#561)
• ebe2b94 Fix duplicated keywords for typing._ConcatenateGenericAlias in 3.10.2 (#557)
• 9f93d6f Add intersphinx links for 3.13 typing features (#550)
• Additional commits viewable in compare view

Updates pip to 25.0.1

Changelog

Sourced from pip's changelog.

25.0.1 (2025-02-09)

Bug Fixes

• Fix an unsupported type annotation on Python 3.10 and earlier. ([#13181](https://github.com/pypa/pip/issues/13181) <https://github.com/pypa/pip/issues/13181>_)
• Fix a regression where truststore would never be used while installing build dependencies. ([#13186](https://github.com/pypa/pip/issues/13186) <https://github.com/pypa/pip/issues/13186>_)

25.0 (2025-01-26)

Deprecations and Removals

• Deprecate the no-python-version-warning flag as it has long done nothing since Python 2 support was removed in pip 21.0. ([#13154](https://github.com/pypa/pip/issues/13154) <https://github.com/pypa/pip/issues/13154>_)

Features

• Prefer to display :pep:639 License-Expression in pip show if metadata version is at least 2.4. ([#13112](https://github.com/pypa/pip/issues/13112) <https://github.com/pypa/pip/issues/13112>_)
• Support :pep:639 License-Expression and License-File metadata fields in JSON output. pip inspect and pip install --report now emit license_expression and license_file fields in the metadata object, if the corresponding fields are present in the installed METADATA file. ([#13134](https://github.com/pypa/pip/issues/13134) <https://github.com/pypa/pip/issues/13134>_)
• Files in the network cache will inherit the read/write permissions of pip's cache directory (in addition to the current user retaining read/write access). This enables a single cache to be shared among multiple users. ([#11012](https://github.com/pypa/pip/issues/11012) <https://github.com/pypa/pip/issues/11012>_)
• Return the size, along with the number, of files cleared on pip cache purge and pip cache remove ([#12176](https://github.com/pypa/pip/issues/12176) <https://github.com/pypa/pip/issues/12176>_)
• Cache python-requires checks while filtering potential installation candidates. ([#13128](https://github.com/pypa/pip/issues/13128) <https://github.com/pypa/pip/issues/13128>_)
• Optimize package collection by avoiding unnecessary URL parsing and other processing. ([#13132](https://github.com/pypa/pip/issues/13132) <https://github.com/pypa/pip/issues/13132>_)

Bug Fixes

• Reorder the encoding detection when decoding a requirements file, relying on UTF-8 over the locale encoding by default, matching the documented behaviour. ([#12771](https://github.com/pypa/pip/issues/12771) <https://github.com/pypa/pip/issues/12771>_)
• The pip version self check is disabled on EXTERNALLY-MANAGED environments. ([#11820](https://github.com/pypa/pip/issues/11820) <https://github.com/pypa/pip/issues/11820>_)
• Fix a security bug allowing a specially crafted wheel to execute code during installation. ([#13079](https://github.com/pypa/pip/issues/13079) <https://github.com/pypa/pip/issues/13079>_)
• The inclusion of packaging 24.2 changes how pre-release specifiers with < and > behave. Including a pre-release version with these specifiers now implies accepting pre-releases (e.g., <2.0dev can include 1.0rc1). To avoid implying pre-releases, avoid specifying them (e.g., use <2.0). The exception is !=, which never implies pre-releases. ([#13163](https://github.com/pypa/pip/issues/13163) <https://github.com/pypa/pip/issues/13163>_)
• The --cert and --client-cert command-line options are now respected while installing build dependencies. Consequently, the private _PIP_STANDALONE_CERT environment variable is no longer used. ([#5502](https://github.com/pypa/pip/issues/5502) <https://github.com/pypa/pip/issues/5502>_)

... (truncated)

Commits

• bc7c88c Bump for release
• ebd0a52 Don't pass --cert to build subprocesses unless also given on CLI
• aea8629 Fix locate_file() type hints for older Pythons
• e612988 Add build-project.py compatibility note
• 202344e Update the release process docs
• dc696c2 Patch out EXTERNALLY-MANAGED for self-check tests (#13179)
• f47b587 Bump for release
• 74a7f33 Update AUTHORS.txt
• a008888 Merge pull request #13171 from pypa/dependabot/github_actions/github-actions-...
• d265fb7 Merge pull request #13174 from ichard26/changelog
• Additional commits viewable in compare view

Updates poetry-pre-commit-plugin to 0.2.2

Release notes

Sourced from poetry-pre-commit-plugin's releases.

0.2.2

What's Changed

• Fix pre-commit not found by @​kohlerj in vstrimaitis/poetry-pre-commit-plugin#10

Full Changelog: vstrimaitis/poetry-pre-commit-plugin@0.2.1...0.2.2

Commits

• b7834a2 Bump version
• 5800969 Fix pre-commit not found (#10)
• 96d3dff Bump version
• 3b0e860 Bump version
• e3029cf Revert back to standard dependency version requirements (#9)
• 4726425 Compatibility with poetry 2.0.0 (#8)
• 23d47af Fix badge
• See full diff in compare view

Updates tm-devices to 3.2.0

Release notes

Sourced from tm-devices's releases.

v3.2.0 (2025-05-07)

Merged Pull Requests

• feat: Add disable_command_verification config file and environment variable option to enable speeding up automation scripts (#428)
• python-deps(deps-dev): update ruff requirement from 0.11.7 to 0.11.8 in the python-dependencies group (#422)
• fix: Ensure VISA timeout is reset after reboot in pi_control (#425)
• python-deps(deps-dev): bump the python-dependencies group with 2 updates (#416)
• Add tip in contribution guide pointing users to online docs for better viewing (#419)
• fix: Fixed the limit[Y] commands on certain models which were being generated incorrectly (#415)
• gh-actions(deps): bump tektronix/python-package-ci-cd (#412)
• python-deps(deps-dev): update ruff requirement from 0.11.2 to 0.11.4 in the python-dependencies group (#413)

Added

• Added a new config option (settable via config file or environment variable) to allow users to disable command verification (primarily affecting the .set_and_check() method) in order to speed up automation scripts that have verified, known good command sequences.

Fixed

• Fixed a bug in the auto-generated commands for certain models where the limit[Y] commands were incorrectly generated.
• Ensure the VISA timeout is reset after a VISA device is rebooted.

Changelog

Sourced from tm-devices's changelog.

v3.2.0 (2025-05-07)

Merged Pull Requests

• feat: Add disable_command_verification config file and environment variable option to enable speeding up automation scripts (#428)
• python-deps(deps-dev): update ruff requirement from 0.11.7 to 0.11.8 in the python-dependencies group (#422)
• fix: Ensure VISA timeout is reset after reboot in pi_control (#425)
• python-deps(deps-dev): bump the python-dependencies group with 2 updates (#416)
• Add tip in contribution guide pointing users to online docs for better viewing (#419)
• fix: Fixed the limit[Y] commands on certain models which were being generated incorrectly (#415)
• gh-actions(deps): bump tektronix/python-package-ci-cd (#412)
• python-deps(deps-dev): update ruff requirement from 0.11.2 to 0.11.4 in the python-dependencies group (#413)

Added

• Added a new config option (settable via config file or environment variable) to allow users to disable command verification (primarily affecting the .set_and_check() method) in order to speed up automation scripts that have verified, known good command sequences.

Fixed

• Fixed a bug in the auto-generated commands for certain models where the limit[Y] commands were incorrectly generated.
• Ensure the VISA timeout is reset after a VISA device is rebooted.

---

v3.1.10 (2025-04-04)

Merged Pull Requests

• Set offset after impedance so that it is properly adjusted (#411)

Fixed

• Fixed a bug in set_function_properties in the drivers for the internal AFG of the TekScope that could cause the offset value to change after setting impedance.

---

v3.1.9 (2025-04-03)

Merged Pull Requests

• fix: Fixed the method of determining the total number of physical channel connectors on the 70kSX scope series (#408)
• python-deps(deps-dev): update pyright requirement from 1.1.397 to 1.1.398 in the python-dependencies group (#405)
• python-deps(deps-dev): bump the python-dependencies group with 2 updates (#404)
• gh-actions(deps): bump tektronix/python-package-ci-cd (#403)

Fixed

• Fixed the method of determining the total number of physical channel connectors on the 70kSX scope series to properly list all physical channels, even if not all channels can be used simultaneously, as is the case on SX scopes with the Asynchronous Time Interleaving (ATI) feature.

... (truncated)

Commits

• ca6245e 3.2.0
• 047ee00 feat: Add disable_command_verification config file and environment variable o...
• d67db32 python-deps(deps-dev): update ruff requirement from 0.11.7 to 0.11.8 in the p...
• b5c6349 fix: Ensure VISA timeout is reset after reboot in pi_control (#425)
• 8b2575c python-deps(deps-dev): bump the python-dependencies group with 2 updates (#421)
• f63dd48 Add tip in contribution guide pointing users to online docs for better viewin...
• 8f9e4e1 python-deps(deps-dev): bump the python-dependencies group with 2 updates (#416)
• 8f3b1a9 fix: Fixed the limit[Y] commands on certain models which were being generat...
• 2ec887d gh-actions(deps): bump tektronix/python-package-ci-cd (#412)
• 648f21c python-deps(deps-dev): update ruff requirement from 0.11.2 to 0.11.4 in the p...
• Additional commits viewable in compare view

Updates codespell from 2.3.0 to 2.4.1

Release notes

Sourced from codespell's releases.

v2.4.1

What's Changed

• Revert hep->heap, help, in dictionary_rare.txt from #3461 by @​jpivarski in codespell-project/codespell#3624

New Contributors

• @​jpivarski made their first contribution in codespell-project/codespell#3624

Full Changelog: codespell-project/codespell@v2.4.0...v2.4.1

v2.4.0

What's Changed

• Exclude bots from generated release notes by @​hugovk in codespell-project/codespell#3432
• Refactor: Move some code to new files for reuse by @​nthykier in codespell-project/codespell#3434
• Add equipmnet->equipment by @​korverdev in codespell-project/codespell#3438
• Set better project description by @​mtelka in codespell-project/codespell#3435
• Additional en-GB → en-US entries by @​DimitriPapadopoulos in codespell-project/codespell#3058
• Consistent error messages by @​DimitriPapadopoulos in codespell-project/codespell#3440
• Add 'driven' as 'drivin' variant by @​korverdev in codespell-project/codespell#3441
• More typos by @​DimitriPapadopoulos in codespell-project/codespell#3439
• Add reusing misspelling and variants by @​korverdev in codespell-project/codespell#3445
• Add typos found in Emacs and elsewhere by @​skangas in codespell-project/codespell#3447
• MAINT: Fix codecov by @​larsoner in codespell-project/codespell#3451
• Add typos found in GNU Guile by @​skangas in codespell-project/codespell#3448
• Add corrections from Aspell (fix #3356) by @​skangas in codespell-project/codespell#3453
• Add entries to dictionary_informal.txt by @​skangas in codespell-project/codespell#3456
• Add rare typo lien->line by @​skangas in codespell-project/codespell#3460
• Add rare typo firs->first by @​skangas in codespell-project/codespell#3459
• Add rare typo hep->heap, help, by @​skangas in codespell-project/codespell#3461
• Add rare typo brunch->branch by @​skangas in codespell-project/codespell#3458
• Add corrections from typos dictionary (A1) by @​skangas in codespell-project/codespell#3450
• Add timestmp->timestamp and its variations by @​fkmy in codespell-project/codespell#3464
• Add .venv to .gitignore by @​skangas in codespell-project/codespell#3466
• Only accept documented choices after -i and -q by @​DimitriPapadopoulos in codespell-project/codespell#3344
• Move assertIn to the code dictionary as it's a Python test function by @​peternewman in codespell-project/codespell#3469
• Add some more typos by @​skangas in codespell-project/codespell#3468
• Add some typos from Emacs by @​skangas in codespell-project/codespell#3471
• Add corrections from typos dictionary (A2) by @​skangas in codespell-project/codespell#3454
• Add variations for words starting with non- by @​skangas in codespell-project/codespell#3467
• Update "Using a config file" README entry by @​oddhack in codespell-project/codespell#3478
• Add two choices for verision typo fix by @​yarikoptic in codespell-project/codespell#3252
• fix typo by @​spaette in codespell-project/codespell#3479
• [pre-commit.ci] pre-commit manual update (ruff 0.5.0) by @​DimitriPapadopoulos in codespell-project/codespell#3481
• Add trusthworth(y|iness)->trustworth(y|iness) correction. by @​cfi-gb in codespell-project/codespell#3482
• Add thrustworth(y|iness)->trustworth(y|iness). by @​cfi-gb in codespell-project/codespell#3483
• New typos by @​gforcada in codespell-project/codespell#3484
• add enrol->enroll to en-GB to en-US dictionary by @​slitvackwinkler in codespell-project/codespell#3485

... (truncated)

Commits

• 63c8f83 Revert hep->heap, help, in dictionary_rare.txt from #3461 (#3624)
• db0100e Run pytest GitHub Action on an ARM processor (#3619)
• c6bdc1f [pre-commit.ci] autoupdate less frequently
• 654b3ed Run ruff format
• 913871e Apply ruff/flake8-pytest-style rule PT006
• b782f25 Changes for ruff 0.9.1
• 9c3a652 [pre-commit.ci] pre-commit autoupdate
• 2626491 Remove socioeconomic entries
• ec57cff Add spelling correction for denila and variant.
• 2acfc37 [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates mkdocs-ezglossary-plugin from 1.7.1 to 2.0.0

Changelog

Sourced from mkdocs-ezglossary-plugin's changelog.

v2.0.0

| 2025-02-10

• Fix #24: Show all references in glossary (summary) when ignore_case=true.
• Fix #25: Fix #25: make template file path relative to mkdocs.yml

!!! Note

This version required major refactorying of the `Glossary` class.
The interface to it changed. You may need to update your custom templates
in order to work.

Commits

• a013a9f Merge branch 'branches/2.0'
• 4d767cc release v2.0.0.
• d86790a Fix typo in README.md.
• 7083c5a Merge branch 'branches/2.0'
• f25df30 Improve/fix README.md.
• a69be4d Merge branch 'branches/2.0'
• 825c354 AI improved README.md.
• 55deabf Merge branch 'branches/2.0'
• c3dce5f AI improved documentation.
• 33ba1c2 Merge branch 'branches/2.0'
• Additional commits viewable in compare view

Updates mkdocs-macros-plugin from 1.3.7 to 1.3.9

Changelog

Sourced from mkdocs-macros-plugin's changelog.

Changelog: Mkdocs-Macros

All notable changes to this project are documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

1.4.0, 2025-09-21

• Removed: auto-install of missing pluglet (meaningful error message #262)
• Fixed: error with yaml dumps (#258)
• Fixed: detection of Jinja2, to allow title rendering (#266)
• Small improvements to documentation

Commits

• 86e31f7 Define explicitely python in update_pypi.sh
• 6b396ec Add info in doc that a module can have relative path (#263)
• 62daea9 Fix: Fix detection of Jinja2, to allow title rendering (#266)
• e0ba1ba Test built-in filters (#253)
• 0bc57e3 Fix imprecision in description of parameters for jinja2 syntax (#252)
• 4fb7bf6 Change tests: MkDocsPage.find() -> find_text()
• See full diff in compare view

Updates mkdocs-mermaid2-plugin from 1.2.1 to 1.2.2

Changelog

Sourced from mkdocs-mermaid2-plugin's changelog.

1.2.2, 2025-08-27

• Fixed: deprecation warning by BeautifulSoup (#119, #120)

Commits

• 4959ee4 Bump version for fix of #119 (Deprecation warning)
• 0c12a8b Merge pull request #119 from omarirfa/master
• fbfcc32 bug: fixing replacewith depreciation
• 0511d01 Minor updates to the Debug section, for extra_javascript(#111)
• b6f04e8 Update documentation to clarify extra_javascript as failsafe (#111)
• See full diff in compare view

Updates packaging from 24.2 to 25.0

Release notes

Sourced from packaging's releases.

25.0

What's Changed

• Re-add a test for Unicode file name parsing by @​Siddhesh-Agarwal in pypa/packaging#863
• Upgrade to ruff 0.9.1 by @​DimitriPapadopoulos in pypa/packaging#865
• Add support for PEP 738 Android tags by @​mhsmith in pypa/packaging#880
• feat(markers): support 'extras' and 'dependency_groups' markers by @​frostming in pypa/packaging#888

New Contributors

• @​Siddhesh-Agarwal made their first contribution in pypa/packaging#863
• @​mhsmith made their first contribution in pypa/packaging#880
• @​frostming made their first contribution in pypa/packaging#888

Full Changelog: pypa/packaging@24.2...25.0

Changelog

Sourced from packaging's changelog.

25.0 - 2025-04-19

* PEP 751: Add support for ``extras`` and ``dependency_groups`` markers. (:issue:`885`)
* PEP 738: Add support for Android platform tags. (:issue:`880`)

Commits

• f585376 Bump for release
• 600ecea Add changelog entries
• 3910129 support 'extras' and 'dependency_groups' markers (#888)
• 8e49b43 Add support for PEP 738 Android tags (#880)
• e624d8e Bump the github-actions group with 3 updates (#886)
• 71f38d8 Bump the github-actions group with 2 updates (#878)
• 9b4922d Bump the github-actions group with 3 updates (#870)
• 8510bd9 Upgrade to ruff 0.9.1 (#865)
• 9375ec2 Re-add tests for Unicode file name parsing (#863)
• 2256ed4 Bump the github-actions group across 1 directory with 2 updates (#864)
• Additional commits viewable in compare view

Updates pygments from 2.18.0 to 2.19.2

Release notes

Sourced from pygments's releases.

2.19.2

• Lua: Fix regression introduced in 2.19.0 (#2882, #2839)

2.19.1

• Updated lexers:

  • Ini: Fix quoted string regression introduced in 2.19.0
  • Lua: Fix a regression introduced in 2.19.0

2.19.0

• New lexers:

  • CodeQL (#2819)
  • Debian Sources (#2788, #2747)
  • Gleam (#2662)
  • GoogleSQL (#2820, #2814)
  • JSON5 (#2734, #1880)
  • Maple (#2763, #2548)
  • NumbaIR (#2433)
  • PDDL (#2799, #2616)
  • Rego (#2794)
  • TableGen (#2751)
  • Vue.js (#2832)

• Updated lexers:

  • BQN: Various improvements (#2789)
  • C#: Fix number highlighting (#986, #2727), add file keyword (#2726, #2805, #2806), add various other keywords (#2745, #2770)
  • CSS: Add revert (#2766, #2775)
  • Debian control: Add Change-By field (#2757)
  • Elip: Improve punctuation handling (#2651)
  • Igor: Add int (#2801)
  • Ini: Fix quoted strings with embedded comment characters (#2767, #2720)
  • Java: Support functions returning types containing a question mark (#2737)
  • JavaScript: Support private identiiers (#2729, #2671)
  • LLVM: Add splat, improve floating-point number parsing (#2755)
  • Lua: Improve variable detection, add built-in functions (#2829)
  • Macaulay2: Update to 1.24.11 (#2800)
  • PostgreSQL: Add more EXPLAIN keywords (#2785), handle / (#2774)
  • S-Lexer: Fix keywords (#2082, #2750)
  • TransactSQL: Fix single-line comments (#2717)
  • Turtle: Fix triple quoted strings (#2744, #2758)
  • Typst: Various improvements (#2724)
  • Various: Add ^ as an operator to Matlab, Octave and Scilab (#2798)
  • Vyper: Add staticcall and extcall (#2719)

• Mark file extensions for HTML/XML+Evoque as aliases (#2743)
• Add a color for Operator.Word to the rrt style (#2709)
• Fix broken link in the documentation (#2803, #2804)
• Drop executable bit where not needed (#2781)

... (truncated)

Changelog

Sourced from pygments's changelog.

Version 2.19.2

(released June 21st, 2025)

• Lua: Fix regression introduced in 2.19.0 (#2882, #2839)

Version 2.19.1

(released January 6th, 2025)

• Updated lexers:

  • Ini: Fix quoted string regression introduced in 2.19.0
  • Lua: Fix a regression introduced in 2.19.0

Version 2.19.0

(released January 5th, 2025)

• New lexers:

  • CodeQL (#2819)
  • Debian Sources (#2788, #2747)
  • Gleam (#2662)
  • GoogleSQL (#2820, #2814)
  • JSON5 (#2734, #1880)
  • Maple (#2763, #2548)
  • NumbaIR (#2433)
  • PDDL (#2799, #2616)
  • Rego (#2794)
  • TableGen (#2751)
  • Vue.js (#2832)

• Updated lexers:

  • BQN: Various improvements (#2789)
  • C#: Fix number highlighting (#986, #2727), add file keyword (#2726, #2805, #2806), add various other keywords (#2745, #2770)
  • CSS: Add revert (#2766, #2775)
  • Debian control: Add Change-By field (#2757)
  • Elip: Improve punctuation handling (#2651)
  • Igor: Add int (#2801)
  • Ini: Fix quoted strings with embedded comment characters (#2767, #2720)
  • Java: Support functions returning types containing a question mark (#2737)
  • JavaScript: Support private identiiers (#2729, #2671)
  • LLVM: Add splat, improve floating-point number parsing (#2755)
  • Lua: Improve variable...

    Description has been truncated

[github-actions]

Dependency Review

The following issues were found:

• ❌ 2 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

Vulnerabilities

docs/requirements.txt

Name	Version	Vulnerability	Severity
setuptools	75.3.2	setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write	high

tests/requirements.txt

Name	Version	Vulnerability	Severity
setuptools	75.3.2	setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write	high
setuptools	75.3.2	setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write	high

License Issues

docs/requirements.txt

Package	Version	License	Issue Type
super-collections	0.5.7	Null	Unknown License
mkdocs-macros-plugin	1.3.9	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/setuptools	75.3.2	🟢 5.4	Details Check Score Reason Code-Review 🟢 6 Found 10/15 approved changesets -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 15 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts ⚠️ 2 binaries present in source code Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/beautifulsoup4	4.13.5	Unknown	Unknown
pip/certifi	2025.8.3	🟢 6.4	Details Check Score Reason Maintained 🟢 7 6 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 7 Code-Review 🟢 3 Found 1/3 approved changesets -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/charset-normalizer	3.4.3	🟢 8.6	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 0/4 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 CII-Best-Practices 🟢 5 badge detected: Passing License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases 🟢 8 4 out of the last 5 releases have a total of 4 signed artifacts. Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 7 out of 7 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 3 project has 1 contributing companies or organizations -- score normalized to 3
pip/click	8.1.8	🟢 7.2	Details Check Score Reason Code-Review 🟢 6 Found 4/6 approved changesets -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Packaging 🟢 10 packaging workflow detected Signed-Releases 🟢 8 4 out of the last 5 releases have a total of 4 signed artifacts. Security-Policy 🟢 9 security policy file detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/codespell	2.4.1	🟢 7.1	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/editorconfig	0.17.0	Unknown	Unknown
pip/jinja2	3.1.6	🟢 6.8	Details Check Score Reason Code-Review ⚠️ 0 Found 1/18 approved changesets -- score normalized to 0 Maintained 🟢 10 8 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Packaging 🟢 10 packaging workflow detected Signed-Releases 🟢 10 4 out of the last 4 releases have a total of 4 signed artifacts. Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/jsbeautifier	1.15.4	Unknown	Unknown
pip/mkdocs-ezglossary-plugin	2.0.0	Unknown	Unknown
pip/mkdocs-macros-plugin	1.3.9	Unknown	Unknown
pip/mkdocs-mermaid2-plugin	1.2.2	🟢 4	Details Check Score Reason Maintained 🟢 5 3 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 5 Packaging ⚠️ -1 packaging workflow not detected Code-Review ⚠️ 1 Found 3/26 approved changesets -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/mypy-extensions	1.1.0	🟢 6.1	Details Check Score Reason Code-Review 🟢 6 Found 17/27 approved changesets -- score normalized to 6 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/packaging	25.0	🟢 7.6	Details Check Score Reason Code-Review 🟢 8 Found 23/26 approved changesets -- score normalized to 8 Maintained 🟢 10 11 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 4 binaries present in source code Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
pip/pygments	2.19.2	🟢 6.5	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Code-Review 🟢 6 Found 12/18 approved changesets -- score normalized to 6 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
pip/pymdown-extensions	10.15	🟢 4.8	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Maintained 🟢 10 6 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 0 Found 2/30 approved changesets -- score normalized to 0 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 9 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 11 existing vulnerabilities detected
pip/requests	2.32.4	🟢 8.4	Details Check Score Reason Maintained 🟢 10 20 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 7 dependency not pinned by hash detected -- score normalized to 7 License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/six	1.17.0	🟢 4.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 3 Found 10/30 approved changesets -- score normalized to 3 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/soupsieve	2.7	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 1 Found 4/27 approved changesets -- score normalized to 1 Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/super-collections	0.5.7	Unknown	Unknown
pip/typing-extensions	4.13.2	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 Maintained 🟢 10 25 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Vulnerabilities 🟢 4 6 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/setuptools	75.3.2	🟢 5.4	Details Check Score Reason Code-Review 🟢 6 Found 10/15 approved changesets -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 15 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Binary-Artifacts ⚠️ 2 binaries present in source code Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/beautifulsoup4	4.13.5	Unknown	Unknown
pip/certifi	2025.8.3	🟢 6.4	Details Check Score Reason Maintained 🟢 7 6 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 7 Code-Review 🟢 3 Found 1/3 approved changesets -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/charset-normalizer	3.4.3	🟢 8.6	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 0/4 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Binary-Artifacts 🟢 10 no binaries found in the repo Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 CII-Best-Practices 🟢 5 badge detected: Passing License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases 🟢 8 4 out of the last 5 releases have a total of 4 signed artifacts. Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 7 out of 7 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 3 project has 1 contributing companies or organizations -- score normalized to 3
pip/exceptiongroup	1.3.0	Unknown	Unknown
pip/iniconfig	2.1.0	Unknown	Unknown
pip/jinja2	3.1.6	🟢 6.8	Details Check Score Reason Code-Review ⚠️ 0 Found 1/18 approved changesets -- score normalized to 0 Maintained 🟢 10 8 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Packaging 🟢 10 packaging workflow detected Signed-Releases 🟢 10 4 out of the last 4 releases have a total of 4 signed artifacts. Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/packaging	25.0	🟢 7.6	Details Check Score Reason Code-Review 🟢 8 Found 23/26 approved changesets -- score normalized to 8 Maintained 🟢 10 11 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 4 binaries present in source code Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
pip/psutil	7.1.0	🟢 5.7	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 1 Found 5/30 approved changesets -- score normalized to 1 Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pytest	8.3.5	🟢 6.3	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Packaging 🟢 10 packaging workflow detected Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
pip/pytz	2025.2	🟢 4.6	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review ⚠️ 1 Found 3/25 approved changesets -- score normalized to 1 Security-Policy 🟢 9 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Packaging 🟢 10 packaging workflow detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/requests	2.32.4	🟢 8.4	Details Check Score Reason Maintained 🟢 10 20 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 7 dependency not pinned by hash detected -- score normalized to 7 License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/six	1.17.0	🟢 4.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 3 Found 10/30 approved changesets -- score normalized to 3 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Security-Policy ⚠️ 0 security policy file not detected Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/soupsieve	2.7	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 1 Found 4/27 approved changesets -- score normalized to 1 Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/typing-extensions	4.13.2	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 Maintained 🟢 10 25 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Vulnerabilities 🟢 4 6 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• docs/requirements.txt
• tests/requirements.txt

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.72%. Comparing base (ad37893) to head (5342bda).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #101   +/-   ##
=======================================
  Coverage   80.72%   80.72%           
=======================================
  Files           3        3           
  Lines         524      524           
  Branches       94       94           
=======================================
  Hits          423      423           
  Misses         82       82           
  Partials       19       19           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Test Results (ubuntu)

path	passed	failed	subtotal
tests/test_client.py	61	1	62
tests/test_logging.py	3		3
TOTAL	64	1	65

tests/test_client.py

tekhsi_client = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x7ff3b912f710>
capsys = <_pytest.capture.CaptureFixture object at 0x7ff3b901c5c0>
instrument = True, sum_count = 5, sum_acq_time = 10.0, sum_data_rate = 50.0
expected_output = 'Average Update Rate:0.50, Data Rate:10.00Mbs'

    @pytest.mark.parametrize(
        ("instrument", "sum_count", "sum_acq_time", "sum_data_rate", "expected_output"),
        [
            (True, 5, 10.0, 50.0, "Average Update Rate:0.50, Data Rate:10.00Mbs"),
        ],
    )
    def test_server_connection(
        tekhsi_client: TekHSIConnect,
        capsys: pytest.CaptureFixture[str],
        instrument: bool,
        sum_count: int,
        sum_acq_time: float,
        sum_data_rate: float,
        expected_output: str,
    ) -> None:
        """Test the server connection using the TekHSI client.
    
        Args:
            tekhsi_client: An instance of the TekHSI client to be tested.
            capsys (CaptureFixture): Pytest fixture to capture system output.
            instrument: Whether the instrument is connected.
            sum_count: The sum count.
            sum_acq_time: The sum acquisition time.
            sum_data_rate: The sum data rate.
            expected_output: The expected output message.
        """
        # Set the required attributes
        tekhsi_client._instrument = instrument
        tekhsi_client._sum_count = sum_count
        tekhsi_client._sum_acq_time = sum_acq_time
        tekhsi_client._sum_data_rate = sum_data_rate
    
        # Set the verbose attribute to True
        tekhsi_client.verbose = True
        # Use the context manager to handle connection
>       with tekhsi_client as connection:

capsys     = <_pytest.capture.CaptureFixture object at 0x7ff3b901c5c0>
captured   = CaptureResult(out='2025-09-22 12:50:40.000665 - enter()\n', err='')
connection = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x7ff3b912f710>
expected_output = 'Average Update Rate:0.50, Data Rate:10.00Mbs'
instrument = True
request    = name: "test_client"

response   = status: CONNECTSTATUS_SUCCESS

sum_acq_time = 10.0
sum_count  = 5
sum_data_rate = 50.0
tekhsi_client = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x7ff3b912f710>

tests/test_client.py:58: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
.tox/tests/lib/python3.12/site-packages/tekhsi/tek_hsi_connect.py:211: in __exit__
    self.close()
        exc_tb     = None
        exc_type   = None
        exc_val    = None
        self       = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x7ff3b912f710>
.tox/tests/lib/python3.12/site-packages/tekhsi/tek_hsi_connect.py:443: in close
    self.force_sequence()
        self       = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x7ff3b912f710>
.tox/tests/lib/python3.12/site-packages/tekhsi/tek_hsi_connect.py:500: in force_sequence
    self.connection.RequestNewSequence(request)
        request    = name: "53095b1c-cde5-41f2-af9c-5589743e42a7"

        self       = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x7ff3b912f710>
.tox/tests/lib/python3.12/site-packages/grpc/_channel.py:1181: in __call__
    return _end_unary_response_blocking(state, call, False, None)
        call       = <grpc._cython.cygrpc.SegregatedCall object at 0x7ff3b90d0240>
        compression = None
        credentials = None
        metadata   = None
        request    = name: "53095b1c-cde5-41f2-af9c-5589743e42a7"

        self       = <grpc._channel._UnaryUnaryMultiCallable object at 0x7ff3b9084fa0>
        state      = <grpc._channel._RPCState object at 0x7ff3b901ca70>
        timeout    = None
        wait_for_ready = None
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

state = <grpc._channel._RPCState object at 0x7ff3b901ca70>
call = <grpc._cython.cygrpc.SegregatedCall object at 0x7ff3b90d0240>
with_call = False, deadline = None

    def _end_unary_response_blocking(
        state: _RPCState,
        call: cygrpc.SegregatedCall,
        with_call: bool,
        deadline: Optional[float],
    ) -> Union[ResponseType, Tuple[ResponseType, grpc.Call]]:
        if state.code is grpc.StatusCode.OK:
            if with_call:
                rendezvous = _MultiThreadedRendezvous(state, call, None, deadline)
                return state.response, rendezvous
            else:
                return state.response
        else:
>           raise _InactiveRpcError(state)  # pytype: disable=not-instantiable
E           grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
E           	status = StatusCode.FAILED_PRECONDITION
E           	details = ""
E           	debug_error_string = "UNKNOWN:Error received from peer ipv6:%5B::1%5D:50312 {grpc_status:9, grpc_message:""}"
E           >

call       = <grpc._cython.cygrpc.SegregatedCall object at 0x7ff3b90d0240>
deadline   = None
state      = <grpc._channel._RPCState object at 0x7ff3b901ca70>
with_call  = False

.tox/tests/lib/python3.12/site-packages/grpc/_channel.py:1009: _InactiveRpcError

Link to workflow run

[github-actions]

Test Results (windows)

path	passed	subtotal
tests\test_client.py	62	62
tests\test_logging.py	3	3
TOTAL	65	65

Link to workflow run

[github-actions]

Test Results (macos)

path	passed	failed	subtotal
tests/test_client.py	61	1	62
tests/test_logging.py	3		3
TOTAL	64	1	65

tests/test_client.py

tekhsi_client = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x1104d3890>
capsys = <_pytest.capture.CaptureFixture object at 0x1105e3aa0>
instrument = True, sum_count = 5, sum_acq_time = 10.0, sum_data_rate = 50.0
expected_output = 'Average Update Rate:0.50, Data Rate:10.00Mbs'

    @pytest.mark.parametrize(
        ("instrument", "sum_count", "sum_acq_time", "sum_data_rate", "expected_output"),
        [
            (True, 5, 10.0, 50.0, "Average Update Rate:0.50, Data Rate:10.00Mbs"),
        ],
    )
    def test_server_connection(
        tekhsi_client: TekHSIConnect,
        capsys: pytest.CaptureFixture[str],
        instrument: bool,
        sum_count: int,
        sum_acq_time: float,
        sum_data_rate: float,
        expected_output: str,
    ) -> None:
        """Test the server connection using the TekHSI client.
    
        Args:
            tekhsi_client: An instance of the TekHSI client to be tested.
            capsys (CaptureFixture): Pytest fixture to capture system output.
            instrument: Whether the instrument is connected.
            sum_count: The sum count.
            sum_acq_time: The sum acquisition time.
            sum_data_rate: The sum data rate.
            expected_output: The expected output message.
        """
        # Set the required attributes
        tekhsi_client._instrument = instrument
        tekhsi_client._sum_count = sum_count
        tekhsi_client._sum_acq_time = sum_acq_time
        tekhsi_client._sum_data_rate = sum_data_rate
    
        # Set the verbose attribute to True
        tekhsi_client.verbose = True
        # Use the context manager to handle connection
>       with tekhsi_client as connection:

capsys     = <_pytest.capture.CaptureFixture object at 0x1105e3aa0>
captured   = CaptureResult(out='2025-09-22 12:50:35.000333 - enter()\n', err='')
connection = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x1104d3890>
expected_output = 'Average Update Rate:0.50, Data Rate:10.00Mbs'
instrument = True
request    = name: "test_client"

response   = status: CONNECTSTATUS_SUCCESS

sum_acq_time = 10.0
sum_count  = 5
sum_data_rate = 50.0
tekhsi_client = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x1104d3890>

tests/test_client.py:58: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
.tox/tests/lib/python3.12/site-packages/tekhsi/tek_hsi_connect.py:211: in __exit__
    self.close()
        exc_tb     = None
        exc_type   = None
        exc_val    = None
        self       = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x1104d3890>
.tox/tests/lib/python3.12/site-packages/tekhsi/tek_hsi_connect.py:443: in close
    self.force_sequence()
        self       = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x1104d3890>
.tox/tests/lib/python3.12/site-packages/tekhsi/tek_hsi_connect.py:500: in force_sequence
    self.connection.RequestNewSequence(request)
        request    = name: "3c8e2d8a-7858-425f-b400-2b03f6d7bdbb"

        self       = <tekhsi.tek_hsi_connect.TekHSIConnect object at 0x1104d3890>
.tox/tests/lib/python3.12/site-packages/grpc/_channel.py:1181: in __call__
    return _end_unary_response_blocking(state, call, False, None)
        call       = <grpc._cython.cygrpc.SegregatedCall object at 0x1105c6d40>
        compression = None
        credentials = None
        metadata   = None
        request    = name: "3c8e2d8a-7858-425f-b400-2b03f6d7bdbb"

        self       = <grpc._channel._UnaryUnaryMultiCallable object at 0x1105fcd70>
        state      = <grpc._channel._RPCState object at 0x1105e3fb0>
        timeout    = None
        wait_for_ready = None
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

state = <grpc._channel._RPCState object at 0x1105e3fb0>
call = <grpc._cython.cygrpc.SegregatedCall object at 0x1105c6d40>
with_call = False, deadline = None

    def _end_unary_response_blocking(
        state: _RPCState,
        call: cygrpc.SegregatedCall,
        with_call: bool,
        deadline: Optional[float],
    ) -> Union[ResponseType, Tuple[ResponseType, grpc.Call]]:
        if state.code is grpc.StatusCode.OK:
            if with_call:
                rendezvous = _MultiThreadedRendezvous(state, call, None, deadline)
                return state.response, rendezvous
            else:
                return state.response
        else:
>           raise _InactiveRpcError(state)  # pytype: disable=not-instantiable
E           grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
E           	status = StatusCode.FAILED_PRECONDITION
E           	details = ""
E           	debug_error_string = "UNKNOWN:Error received from peer ipv6:%5B::1%5D:50312 {grpc_message:"", grpc_status:9}"
E           >

call       = <grpc._cython.cygrpc.SegregatedCall object at 0x1105c6d40>
deadline   = None
state      = <grpc._channel._RPCState object at 0x1105e3fb0>
with_call  = False

.tox/tests/lib/python3.12/site-packages/grpc/_channel.py:1009: _InactiveRpcError

Link to workflow run

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml