Bump the packages group across 1 directory with 11 updates

[dependabot]

Bumps the packages group with 11 updates in the / directory:

Package	From	To
pytest	8.3.4	9.0.2
pytest-aiohttp	1.0.5	1.1.0
pytest-asyncio	0.24.0	1.3.0
isort	5.13.2	7.0.0
flake8	7.1.1	7.3.0
pyright	1.1.389	1.1.408
black	24.10.0	26.1.0
asyncpg	0.30.0	0.31.0
setuptools	75.6.0	80.10.2
wheel	0.45.1	0.46.3
twine	6.0.1	6.2.0

Updates pytest from 8.3.4 to 9.0.2

Release notes

Sourced from pytest's releases.

9.0.2

pytest 9.0.2 (2025-12-06)

Bug fixes

• #13896: The terminal progress feature added in pytest 9.0.0 has been disabled by default, except on Windows, due to compatibility issues with some terminal emulators.

  You may enable it again by passing -p terminalprogress. We may enable it by default again once compatibility improves in the future.

  Additionally, when the environment variable TERM is dumb, the escape codes are no longer emitted, even if the plugin is enabled.

• #13904: Fixed the TOML type of the tmp_path_retention_count settings in the API reference from number to string.

• #13946: The private config.inicfg attribute was changed in a breaking manner in pytest 9.0.0. Due to its usage in the ecosystem, it is now restored to working order using a compatibility shim. It will be deprecated in pytest 9.1 and removed in pytest 10.

• #13965: Fixed quadratic-time behavior when handling unittest subtests in Python 3.10.

Improved documentation

• #4492: The API Reference now contains cross-reference-able documentation of pytest's command-line flags <command-line-flags>.

9.0.1

pytest 9.0.1 (2025-11-12)

Bug fixes

• #13895: Restore support for skipping tests via raise unittest.SkipTest.
• #13896: The terminal progress plugin added in pytest 9.0 is now automatically disabled when iTerm2 is detected, it generated desktop notifications instead of the desired functionality.
• #13904: Fixed the TOML type of the verbosity settings in the API reference from number to string.
• #13910: Fixed UserWarning: Do not expect file_or_dir on some earlier Python 3.12 and 3.13 point versions.

Packaging updates and notes for downstreams

• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

Contributor-facing changes

• #13891, #13942: The CI/CD part of the release automation is now capable of creating GitHub Releases without having a Git checkout on disk -- by bluetech and webknjaz.
• #13933: The tox configuration has been adjusted to make sure the desired version string can be passed into its package_env through the SETUPTOOLS_SCM_PRETEND_VERSION_FOR_PYTEST environment variable as a part of the release process -- by webknjaz.

... (truncated)

Commits

• 3d10b51 Prepare release version 9.0.2
• 188750b Merge pull request #14030 from pytest-dev/patchback/backports/9.0.x/1e4b01d1f...
• b7d7bef Merge pull request #14014 from bluetech/compat-note
• bd08e85 Merge pull request #14013 from pytest-dev/patchback/backports/9.0.x/922b60377...
• bc78386 Add CLI options reference documentation (#13930)
• 5a4e398 Fix docs typo (#14005) (#14008)
• d7ae6df Merge pull request #14006 from pytest-dev/maintenance/update-plugin-list-tmpl...
• 556f6a2 pre-commit: fix rst-lint after new release (#13999) (#14001)
• c60fbe6 Fix quadratic-time behavior when handling unittest subtests in Python 3.10 ...
• 73d9b01 Merge pull request #13995 from nicoddemus/patchback/backports/9.0.x/1b5200c0f...
• Additional commits viewable in compare view

Updates pytest-aiohttp from 1.0.5 to 1.1.0

Release notes

Sourced from pytest-aiohttp's releases.

pytest-aiohttp v1.1.0

pytest-aiohttp

pytest plugin for aiohttp support

The library provides useful fixtures for creation test aiohttp server and client.

Installation

.. code-block:: console

$ pip install pytest-aiohttp

Add asyncio_mode = auto line to pytest configuration <https://docs.pytest.org/en/latest/customize.html>_ (see pytest-asyncio modes <https://github.com/pytest-dev/pytest-asyncio#modes>_ for details). The plugin works with strict mode also.

Usage

Write tests in pytest-asyncio <https://github.com/pytest-dev/pytest-asyncio>_ style using provided fixtures for aiohttp test server and client creation. The plugin provides resources cleanup out-of-the-box.

The simple usage example:

.. code-block:: python

from aiohttp import web
async def hello(request):
return web.Response(body=b"Hello, world")
def create_app():
app = web.Application()
app.router.add_route("GET", "/", hello)
return app
async def test_hello(aiohttp_client):
client = await aiohttp_client(create_app())
resp = await client.get("/")

... (truncated)

Changelog

Sourced from pytest-aiohttp's changelog.

1.1.0 (2025-01-23)

• Drop Python 3.8 (#57)

• Export the plugin types at top-level (#60, #61)

• Add host parameter to aiohttp_server fixture (#63)

Commits

• 5821546 Release 1.1.0
• ca22197 [pre-commit.ci] pre-commit autoupdate (#64)
• 7aaad0b Add host parameter to aiohttp_server fixture (#63)
• 0866b16 [pre-commit.ci] pre-commit autoupdate (#62)
• d6208f9 Expose type annotations (#61)
• 61057f1 Export types at top-level (#60)
• 1206cc4 [pre-commit.ci] pre-commit autoupdate (#58)
• 8887bfa Sync from aiohttp (#56)
• 98444cb Drop Python 3.8 (#57)
• See full diff in compare view

Updates pytest-asyncio from 0.24.0 to 1.3.0

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 1.3.0

1.3.0 - 2025-11-10

Removed

• Support for Python 3.9 (#1278)

Added

• Support for pytest 9 (#1279)

Notes for Downstream Packagers

• Tested Python versions include free threaded Python 3.14t (#1274)
• Tests are run in the same pytest process, instead of spawning a subprocess with pytest.Pytester.runpytest_subprocess. This prevents the test suite from accidentally using a system installation of pytest-asyncio, which could result in test errors. (#1275)

pytest-asyncio 1.2.0

1.2.0 - 2025-09-12

Added

• --asyncio-debug CLI option and asyncio_debug configuration option to enable asyncio debug mode for the default event loop. (#980)
• A pytest.UsageError for invalid configuration values of asyncio_default_fixture_loop_scope and asyncio_default_test_loop_scope. (#1189)
• Compatibility with the Pyright type checker (#731)

Fixed

• RuntimeError: There is no current event loop in thread 'MainThread' when any test unsets the event loop (such as when using asyncio.run and asyncio.Runner). (#1177)
• Deprecation warning when decorating an asynchronous fixture with @pytest.fixture in [strict]{.title-ref} mode. The warning message now refers to the correct package. (#1198)

Notes for Downstream Packagers

• Bump the minimum required version of tox to v4.28. This change is only relevant if you use the tox.ini file provided by pytest-asyncio to run tests.
• Extend dependency on typing-extensions>=4.12 from Python<3.10 to Python<3.13.

pytest-asyncio 1.1.1

v1.1.1 - 2025-09-12

Notes for Downstream Packagers

- Addresses a build problem with setuptoos-scm >= 9 caused by invalid setuptools-scm configuration in pytest-asyncio. (#1192)

pytest-asyncio 1.1.0

Added

• Propagation of ContextVars from async fixtures to other fixtures and tests on Python 3.10 and older (#127)
• Cancellation of tasks when the loop_scope ends (#200)
• Warning when the current event loop is closed by a test

Fixed

... (truncated)

Commits

• 2e9695f docs: Compile changelog for v1.3.0
• dd0e9ba docs: Reference correct issue in news fragment.
• 4c31abe Build(deps): Bump nh3 from 0.3.1 to 0.3.2
• 13e9477 Link to migration guides from changelog
• 4d2cf3c tests: handle Python 3.14 DefaultEventLoopPolicy deprecation warnings
• ee3549b test: Remove obsolete test for the event_loop fixture.
• 7a67c82 tests: Fix failing test by preventing warning conversion to error.
• a17b689 test: add pytest config to isolated test directories
• 18afc9d fix(tests): replace runpytest_subprocess with runpytest
• cdc6bd1 Add support for pytest 9 and drop Python 3.9 support
• Additional commits viewable in compare view

Updates isort from 5.13.2 to 7.0.0

Release notes

Sourced from isort's releases.

7.0.0

Changes

💥 Breaking Changes

• Drop support for Python 3.9 (#2430) @​DanielNoord

🚀 Features

• Show absolute paths in skipped file messages (#2416) @​pranlawate

🪲 Fixes

• Some fixes for Python 3.14 (#2433) @​DanielNoord
• Test on 3.14 and fix any bugs (#2425) @​DanielNoord
• Update CHANGELOG.md + Fix Formatting and Grammar (#2419) @​lukbrew25
• Fix output of hanging indent for long lines with noqa (#2407) @​matan1008

👷 Continuous Integration

• Format with ruff instead of black (#2432) @​DanielNoord
• Target 3.10 for ruff (#2431) @​DanielNoord
• Update development dependencies to latest version (#2426) @​DanielNoord
• docs: update pre-commit examples to version 6.1.0 (#2413) @​pranlawate
• Small cleanup for developer environment (#2418) @​DanielNoord

📦 Dependencies

• Bump actions/setup-python from 5 to 6 in the github-actions group (#2411) @dependabot[bot]

6.1.0

Changes

• Update docs discussions channel (#2410) @​staticdev
• Add python 3.14 classifier and badge (#2409) @​staticdev
• Drop use of non-standard pkg_resources API (#2405) @​dvarrazzo
• Use working isort version in pre-commit example (#2402) @​iainelder
• fix typo in _get_files_from_dir_cached test (#2392) @​tiltingpenguin
• Resolve bandit warnings (#2379) @​kurtmckee
• Add tox for cross-platform, parallel test suite execution (#2378) @​kurtmckee
• Add Project URLs to PyPI Side Panel (#2387) @​guillermodotn
• Fix typos (#2376) @​co63oc

👷 Continuous Integration

• Add make bash scripts portable (#2377) @​staticdev

📦 Dependencies

• Bump actions/checkout from 4 to 5 in the github-actions group (#2406) @dependabot[bot]

... (truncated)

Changelog

Sourced from isort's changelog.

Changelog

NOTE: isort follows the semver versioning standard. Find out more about isort's release policy here.

Unreleased

• Removed --old-finders and --magic-placement flags and old_finders configuration option. The legacy finder logic that relied on environment introspection has been removed (#2445) @​joao-faria-dev

6.1.0 October 1 2025

• Add python 3.14 classifier and badge (#2409) @​staticdev
• Drop use of non-standard pkg_resources API (#2405) @​dvarrazzo

6.0.1 Febuary 26 2025

• Add OSError handling in find_imports_in_file (#2331) @​kobarity

6.0.0 January 27 2025

• Remove support for Python 3.8 (#2327) @​DanielNoord
• Python 3.13 support (#2306) @​mayty
• Speed up exists_case_sensitive calls (#2264) @​correctmost
• Ensure that split_on_trailing_comma works with as imports (#2340) @​DanielNoord
• Black profile: enable magic comma (#2236) @​MrMino
• Update line_length and single_line_exclusions in google profile (#2149) @​jagapiou
• Allow --diff to be used with --jobs (#2302) @​mnakama
• Fix wemake profile to have correct character limit (#2241) @​sobolevn
• Fix sort_reexports code mangling (#2283) @​Helveg
• Fix correct group by package tokenization (#2136) @​glasnt

Commits

• 0a09c78 Merge pull request #2433 from DanielNoord/python-314
• 0fee794 Add 3.14 to stdlibds
• 332a1ad Bump zstandard for 3.14 compat
• f756e56 Merge pull request #2432 from DanielNoord/ruff-it-up
• 52f5134 Format with ruff instead of black
• 012aa69 Merge pull request #2431 from DanielNoord/ruff-it-up
• 89773db Target 3.10 with ruff
• 933e382 Merge pull request #2430 from DanielNoord/drop-39
• 8b6e00c Remove support for Python 3.9
• b5f9f29 Bump profile plugin to 3.10+ and re-lock
• Additional commits viewable in compare view

Updates flake8 from 7.1.1 to 7.3.0

Commits

• c48217e Release 7.3.0
• f9e0f33 Merge pull request #1986 from PyCQA/document-f542
• 6bcdb62 document F542
• 70a15b8 Merge pull request #1985 from PyCQA/upgrade-deps
• 4941a3e upgrade pyflakes / pycodestyle
• 23e4005 Merge pull request #1983 from PyCQA/py314
• 019424b add support for t-strings
• 6b6f3d5 Merge pull request #1980 from PyCQA/asottile-patch-1
• 8dfa669 add rtd sphinx config
• ce34111 Merge pull request #1976 from PyCQA/document-f824
• Additional commits viewable in compare view

Updates pyright from 1.1.389 to 1.1.408

Commits

• 81b795a Pyright NPM Package update to 1.1.408 (#357)
• 53e8efb Pyright NPM Package update to 1.1.407 (#356)
• 1d515b7 Pyright NPM Package update to 1.1.406 (#355)
• e211ec8 Pyright NPM Package update to 1.1.405 (#353)
• d393df1 Pyright NPM Package update to 1.1.404 (#352)
• 047488f Pyright NPM Package update to 1.1.403 (#350)
• 708a9d4 Pyright NPM Package update to 1.1.402 (#349)
• 8df87d1 Pyright NPM Package update to 1.1.401 (#347)
• 7e1526d Pyright NPM Package update to 1.1.400 (#346)
• d04b516 [pyright updated to 1.1.399] Update Version (#344)
• Additional commits viewable in compare view

Updates black from 24.10.0 to 26.1.0

Release notes

Sourced from black's releases.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

• always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
• fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
• fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
• fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
• multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
• normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
• remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
• remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

• Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore matching subdirectories (like the previous behavior did), and not just matching root

... (truncated)

Changelog

Sourced from black's changelog.

26.1.0

Highlights

Introduces the 2026 stable style (#4892), stabilizing the following changes:

• always_one_newline_after_import: Always force one blank line after import statements, except when the line after the import is a comment or an import statement (#4489)
• fix_fmt_skip_in_one_liners: Fix # fmt: skip behavior on one-liner declarations, such as def foo(): return "mock" # fmt: skip, where previously the declaration would have been incorrectly collapsed (#4800)
• fix_module_docstring_detection: Fix module docstrings being treated as normal strings if preceded by comments (#4764)
• fix_type_expansion_split: Fix type expansions split in generic functions (#4777)
• multiline_string_handling: Make expressions involving multiline strings more compact (#1879)
• normalize_cr_newlines: Add \r style newlines to the potential newlines to normalize file newlines both from and to (#4710)
• remove_parens_around_except_types: Remove parentheses around multiple exception types in except and except* without as (#4720)
• remove_parens_from_assignment_lhs: Remove unnecessary parentheses from the left-hand side of assignments while preserving magic trailing commas and intentional multiline formatting (#4865)
• standardize_type_comments: Format type comments which have zero or more spaces between # and type: or between type: and value to # type: (value) (#4645)

The following change was not in any previous stable release:

• Regenerated the _width_table.py and added tests for the Khmer language (#4253)

This release alo bumps pathspec to v1 and fixes inconsistencies with Git's .gitignore logic (#4958). Now, files will be ignored if a pattern matches them, even if the parent directory is directly unignored. For example, Black would previously format exclude/not_this/foo.py with this .gitignore:

exclude/
!exclude/not_this/

Now, exclude/not_this/foo.py will remain ignored. To ensure exclude/not_this/ and all of it's children are included in formatting (and in Git), use this .gitignore:

*/exclude/*
!*/exclude/not_this/

This new behavior matches Git. The leading */ are only necessary if you wish to ignore

... (truncated)

Commits

• 6305bf1 Prepare 2026.1.0 release (#4892)
• e71305b Bump pypa/cibuildwheel from 3.3.0 to 3.3.1 (#4961)
• 21a2a8c Fix Shutdown multiprocessing Manager in schedule_formatting (#4952)
• e3146ce Bump docker/setup-buildx-action from 3.11.1 to 3.12.0 (#4919)
• fe1fbc4 Bump actions/upload-artifact from 5.0.0 to 6.0.0 (#4923)
• 2b4b7fc Bump actions/download-artifact from 6.0.0 to 7.0.0 (#4922)
• d745be6 docs: document --force-exclude for pre-commit workflows (#4957)
• b41acd6 Various CI and doc refactors (#4928)
• 6f43612 Handle pathspec v1 changes (#4958)
• 200c550 Bump furo from 2025.9.25 to 2025.12.19 in /docs (#4933)
• Additional commits viewable in compare view

Updates asyncpg from 0.30.0 to 0.31.0

Release notes

Sourced from asyncpg's releases.

v0.31.0

Enable Python 3.14 with experimental subinterpreter/freethreading support.

Improvements

• Add Python 3.14 support, experimental subinterpreter/freethreading support (#1279) (by @​elprans in 9e42642b)

• Avoid performing type introspection on known types (#1243) (by @​elprans in 5c9986c4)

• Make prepare() not use named statements by default when cache is disabled (#1245) (by @​elprans in 5b14653e)

• Implement connection service file functionality (#1223) (by @​AndrewJackson2020 in 1d63bb15)

Fixes

• Fix multi port connection string issue (#1222) (by @​AndrewJackson2020 in 01c0db7b)

• Avoid leaking connections if _can_use_connection fails (#1269) (by @​yuliy-openai in e94302d2)

Other

• Drop support for EOL Python 3.8 (#1281) (by @​elprans in 6c2c4904)

Commits

• 71775a6 asyncpg v0.31.0
• 508cae6 Test on PostgreSQL 18 (#1290)
• e534e5f Bump cibuildwheel
• 07fe512 Bump pgproto
• 648b35f Bump Cython to 3.2.1 (#1288)
• 9e42642 Add Python 3.14 support, experimental subinterpreter/freethreading support (#...
• 6fe1c49 Move development deps away from extras and into dependency groups (#1280)
• 7a54816 Fix a couple of missed Python version guards
• 6c2c490 Drop support for EOL Python 3.8 (#1281)
• 4c60ae8 Bump version to 0.31.0.dev0
• Additional commits viewable in compare view

Updates setuptools from 75.6.0 to 80.10.2

Changelog

Sourced from setuptools's changelog.

v80.10.2

Bugfixes

• Update vendored dependencies. (#5159)

Misc

• #5115, #5128

v80.10.1

Misc

• #5152

v80.10.0

Features

• Remove post-release tags on setuptools' own build. (#4530)
• Refreshed vendored dependencies. (#5139)

Misc

• #5033

v80.9.0

Features

• Set a deadline for the removal of pkg_resources later this year (December). (#3085)
• Removed reliance on pkg_resources in test_wheel. (#3085)

... (truncated)

Commits

• 5cf2d08 Bump version: 80.10.1 → 80.10.2
• 852cd5e Merge pull request #5166 from pypa/bugfix/5159-vendor-bin-free
• 11115ee Suppress deprecation warning.
• 5cf9185 Update vendored dependencies.
• cf59f41 Delete all binaries generated by vendored package install.
• 89a5981 Add missing newsfragments
• c0114af Postpone deprecation warnings related to PEP 639 to 2027-Feb-18 (#5115)
• de07603 Revert "[CI] Constraint transient test dependency on pyobjc" (#5128)
• 3afd5d6 Revert "[CI] Constraint transient test dependency on pyobjc"
• adfb0c9 Bump version: 80.10.0 → 80.10.1
• Additional commits viewable in compare view

Updates wheel from 0.45.1 to 0.46.3

Release notes

Sourced from wheel's releases.

0.46.3

• Fixed ImportError: cannot import name '_setuptools_logging' from 'wheel' when installed alongside an old version of setuptools and running the bdist_wheel command (#676)

0.46.2

• Restored the bdist_wheel command for compatibility with setuptools older than v70.1
• Importing wheel.bdist_wheel now emits a FutureWarning instead of a DeprecationWarning
• Fixed wheel unpack potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)

0.46.1

• Temporarily restored the wheel.macosx_libfile module (#659)

0.46.0

• Dropped support for Python 3.8
• Removed the bdist_wheel setuptools command implementation and entry point. The wheel.bdist_wheel module is now just an alias to setuptools.command.bdist_wheel, emitting a deprecation warning on import.
• Removed vendored packaging in favor of a run-time dependency on it
• Made the wheel.metadata module private (with a deprecation warning if it's imported
• Made the wheel.cli package private (no deprecation warning)
• Fixed an exception when calling the convert command with an empty description field

Changelog

Sourced from wheel's changelog.

Release Notes

0.46.3 (2026-01-22)

• Fixed ImportError: cannot import name '_setuptools_logging' from 'wheel' when installed alongside an old version of setuptools and running the bdist_wheel command ([#676](https://github.com/pypa/wheel/issues/676) <https://github.com/pypa/wheel/issues/676>_)

0.46.2 (2026-01-22)

• Restored the bdist_wheel command for compatibility with setuptools older than v70.1
• Importing wheel.bdist_wheel now emits a FutureWarning instead of a DeprecationWarning
• Fixed wheel unpack potentially altering the permissions of files outside of the destination tree with maliciously crafted wheels (CVE-2026-24049)

0.46.1 (2025-04-08)

• Temporarily restored the wheel.macosx_libfile module ([#659](https://github.com/pypa/wheel/issues/659) <https://github.com/pypa/wheel/issues/659>_)

0.46.0 (2025-04-03)

• Dropped support for Python 3.8
• Removed the bdist_wheel setuptools command implementation and entry point. The wheel.bdist_wheel module is now just an alias to setuptools.command.bdist_wheel, emitting a deprecation warning on import.
• Removed vendored packaging in favor of a run-time dependency on it
• Made the wheel.metadata module private (with a deprecation warning if it's imported
• Made the wheel.cli package private (no deprecation warning)
• Fixed an exception when calling the convert command with an empty description field

0.45.1 (2024-11-23)

• Fixed pure Python wheels converted from eggs and wininst files having the ABI tag in the file name

0.45.0 (2024-11-08)

• Refactored the convert command to not need setuptools to be installed

• Don't configure setuptools logging unless running bdist_wheel

• Added a redirection from wheel.bdist_wheel.bdist_wheel to setuptools.command.bdist_wheel.bdist_wheel to improve compatibility with setuptools' latest fixes.

  Projects are still advised to migrate away from the deprecated module and import

... (truncated)

Commits

• 8b6fa74 Created a new release
• 7445fb5 Fixed an import of a removed module
• eba4036 Updated the version number for v0.46.2
• 557fb54 Created a new release
• 7a7d2de Fixed security issue around wheel unpack (#675)
• 41418fa Fixed test failures due to metadata normalization changes
• c1d442b [pre-commit.ci] pre-commit autoupdate (#674)
• 0bac882 Update github actions environments (#673)
• be9f45b [pre-commit.ci] pre-commit autoupdate (#667)
• 6244f08 Update pre-commit ruff legacy alias (#668)
• Additional commits viewable in compare view

Updates twine from 6.0.1 to 6.2.0

Changelog

Sourced from twine's changelog.

twine 6.2.0 (2025-09-04)

Features ^^^^^^^^

• Automatically refresh short-lived PyPI token in long running Trusted Publishing uploads.

  In the event that a trusted publishing upload job is taking longer than the validity period of a trusted publishing token (15 minutes at the time of this writing), and we are already 10 minutes into that validity period, we will begin to attempt to replace the token on each subsequent request. ([#1246](https://github.com/pypa/twine/issues/1246) <https://github.com/pypa/twine/issues/1246>_)

Bugfixes ^^^^^^^^

• Fix compatibility kludge for invalid License-File metadata entries emitted by build backends to work also with packaging version 24.0. ([#1217](https://github.com/pypa/twine/issues/1217) <https://github.com/pypa/twine/issues/1217>_)
• Fix a couple of incorrectly rendered error messages. ([#1224](https://github.com/pypa/twine/issues/1224) <https://github.com/pypa/twine/issues/1224>_)
• twine now enforces keyring >= 21.2.0, which was previously implicitly required by API usage. ([#1229](https://github.com/pypa/twine/issues/1229) <https://github.com/pypa/twine/issues/1229>_)
• twine now catches configparser.Error to prevent accidental leaks of secret tokens or passwords to the user's console. ([#1240](https://github.com/pypa/twine/issues/1240) <https://github.com/pypa/twine/issues/1240>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

• Remove hacks that support --skip-existing for indexes other than PyPI and TestPyPI.

  To date, these hacks continue to accrue and there have been numerous issues with them, not the least of which being that every time we update them, the paid index providers change things to break the compatibility we implement for them. Beyond that, these hacks do not work when text is internationalized in the response from the index provider.

  For a sample of past issues, see:

  • pypa/twine#1251

  • pypa/twine#918

  • pypa/twine#856

  • pypa/twine#693

  • pypa/twine#332 ([#1251](https://github.com/pypa/twine/issues/1251) <https://github.com/pypa/twine/issues/1251>_)

... (truncated)

Commits

• 14ceb29 Update changelog for 6.2.0 (#1264)
• 60e377b build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#1263)
• 88821f2 feat(package): remove MD5 hashing entirely (#1262)
• ce5fe53 build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0
• 6a696ed PEP 639 compliance
• 9175334 rename 1247.misc.rst to changelog/1247.misc.rst
• d94a475 fix(tests): update expected error message
• c1c02d1 Remove --skip-existing support for non-PyPI indices
• a24d308 Set trusted publishing logging to INFO/WARN (#1247)
• becf1a8 Fix py3.9 mypy error in __init__ around PackageMetadata
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Depen...

Description has been truncated