Bump virtualenv from 20.28.1 to 20.29.0

[dependabot]

Bumps virtualenv from 20.28.1 to 20.29.0.

Release notes

Sourced from virtualenv's releases.

20.29.0

What's Changed

• release 20.28.1 by @​gaborbernat in pypa/virtualenv#2818
• Makes --python command-line flag take precedence over env var by @​filiplajszczak in pypa/virtualenv#2821
• Add free-threaded Python support by @​robsdedude in pypa/virtualenv#2809
• Upgrade embeded setuptools by @​gaborbernat in pypa/virtualenv#2823

New Contributors

• @​filiplajszczak made their first contribution in pypa/virtualenv#2821
• @​robsdedude made their first contribution in pypa/virtualenv#2809

Full Changelog: pypa/virtualenv@20.28.1...20.29.0

Changelog

Sourced from virtualenv's changelog.

v20.29.0 (2025-01-15)

Features - 20.29.0

- Add support for selecting free-threaded Python interpreters, e.g., `python3.13t`. (:issue:`2809`)
Bugfixes - 20.29.0

• Upgrade embedded wheels:

  • setuptools to 75.8.0 from 75.6.0 (:issue:2823)

Commits

• 0f6dc41 release 20.29.0
• ea5e5cb Upgrade embeded setuptools (#2823)
• b00d59c Add free-threaded Python support (#2809)
• bc7a91a Merge pull request #2821 from filiplajszczak/cli-precedence-2285
• 11995e7 Merge pull request #2819 from pypa/pre-commit-ci-update-config
• dc01686 [pre-commit.ci] pre-commit autoupdate
• 7f450c3 Merge pull request #2818 from pypa/release-20.28.1
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🛡️ Bandit Scan Results Summary

We found 0 High, 0 Medium, and 0 Low severity issues.

Detailed Findings

---

Severity	Issue	File	Line	Confidence	More Info	Test ID

---

✨ About this Report

This report was generated by the official Bandit GitHub Action to ensure our codebase stays secure.

📕 What is Bandit?

Bandit is a tool designed to find common security issues in Python code. To learn more about how Bandit helps to keep Python code safe, visit the Bandit documentation.

👥 Community Support

Got questions or need help with Bandit Action?

• Join our community on the Discord server.
• Share tips, get advice, and collaborate on security best practices.

[github-actions]

Coverage report

This PR does not seem to contain any modification to coverable code.