Update CI dependencies (master) (minor)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
poetry-plugin-export (source)	==1.6.0 -> ==1.7.1						minor
pre-commit	3.6.2 -> 3.7.0						minor
pre-commit	==3.6.2 -> ==3.7.0						minor
prospector-profile-duplicated	1.1.0 -> 1.2.0						minor
psf/black	24.2.0 -> 24.3.0					repository	minor
shellcheck-py/shellcheck-py	v0.9.0.6 -> v0.10.0.1					repository	minor

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

---

Release Notes

python-poetry/poetry-plugin-export (poetry-plugin-export)

v1.7.1

Compare Source

Changed

• Export --index-url before --extra-index-url to work around a pip bug (#​270).

Fixed

• Fix an issue where the source with the highest priority was exported with --index-url despite PyPI being among the sources (#​270).

v1.7.0

Compare Source

Changed

• Bump minimum required poetry version to 1.8.0 (#​263).

Fixed

• Fix an issue where all sources were exported with --extra-index-url even though PyPI was deactivated (#​263).

pre-commit/pre-commit (pre-commit)

v3.7.0

Compare Source

==================

Features

• Use a tty for docker and docker_image hooks when --color is specified.
  • #​3122 PR by @​glehmann.

Fixes

• Fix fail_fast for individual hooks stopping when previous hooks had failed.
  • #​3167 issue by @​tp832944.
  • #​3168 PR by @​asottile.

Updating

• The per-hook behaviour of fail_fast was fixed. If you want the pre-3.7.0
  behaviour, add fail_fast: true to all hooks before the last fail_fast
  hook.

sbrunner/prospector-profile-duplicated (prospector-profile-duplicated)

v1.2.0

Compare Source

psf/black (psf/black)

v24.3.0

Compare Source

Highlights

This release is a milestone: it fixes Black's first CVE security vulnerability. If you
run Black on untrusted input, or if you habitually put thousands of leading tab
characters in your docstrings, you are strongly encouraged to upgrade immediately to fix
CVE-2024-21503.

This release also fixes a bug in Black's AST safety check that allowed Black to make
incorrect changes to certain f-strings that are valid in Python 3.12 and higher.

Stable style

• Don't move comments along with delimiters, which could cause crashes (#​4248)
• Strengthen AST safety check to catch more unsafe changes to strings. Previous versions
  of Black would incorrectly format the contents of certain unusual f-strings containing
  nested strings with the same quote type. Now, Black will crash on such strings until
  support for the new f-string syntax is implemented. (#​4270)
• Fix a bug where line-ranges exceeding the last code line would not work as expected
  (#​4273)

Performance

• Fix catastrophic performance on docstrings that contain large numbers of leading tab
  characters. This fixes
  CVE-2024-21503.
  (#​4278)

Documentation

• Note what happens when --check is used with --quiet (#​4236)

shellcheck-py/shellcheck-py (shellcheck-py/shellcheck-py)

v0.10.0.1

Compare Source

---

Configuration

📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.