Bump the python-packages group with 4 updates

[dependabot]

Bumps the python-packages group with 4 updates: marshmallow, pillow, psutil and pytest-cov.

Updates marshmallow from 3.22.0 to 3.23.0

Changelog

Sourced from marshmallow's changelog.

3.23.0 (2024-10-17)

---

Features:

• Typing: replace "type" with specific metaclass for Schema and Field.

Other changes:

• Officially support Python 3.13 (:pr:2319).
• Drop support for Python 3.8 (:pr:2318).

Commits

• 5e71a04 Bump version and update changelog
• 3cbcc5b Bump sphinx-issues from 4.1.0 to 5.0.0 (#2321)
• 7e902ff Bump sphinx from 8.1.0 to 8.1.3 (#2322)
• 660a34e Bump sphinx from 8.0.2 to 8.1.0 (#2320)
• 7998b4f Update CHANGELOG
• 70f7bbb Merge pull request #2319 from marshmallow-code/py313
• 0eb03c9 Support Python 3.13
• b1418d2 Merge pull request #2318 from marshmallow-code/py38
• 0a7d543 Replace typing.Dict/List/Tuple/Type with dict/list/tuple/type
• 230aa27 Use ZoneInfo instead of pytz
• Additional commits viewable in compare view

Updates pillow from 10.4.0 to 11.0.0

Release notes

Sourced from pillow's releases.

11.0.0

https://pillow.readthedocs.io/en/stable/releasenotes/11.0.0.html

Changes

• Do not create core image in TIFF seek() #8392 [@​radarhere]
• Removed custom build_openjpeg #8365 [@​radarhere]
• Support writing LONG8 offsets in AppendingTiffWriter #8417 [@​radarhere]
• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [@​radarhere]
• Always raise warnings for deprecated feature checks #8459 [@​radarhere]
• Do not close provided file handles with libtiff when saving #8458 [@​radarhere]
• Revert "Skip QEMU-emulated wheels on workflow dispatch event" #8455 [@​radarhere]
• Support ImageFilter.BuiltinFilter for I;16* images #8438 [@​radarhere]
• [pre-commit.ci] pre-commit autoupdate #8448 [@​pre-commit-ci]
• Use ImagingCore.ptr instead of ImagingCore.id #8341 [@​homm]
• Simplified code #8445 [@​radarhere]
• Removed unused code #8447 [@​radarhere]
• Updated EPS mode when opening images without transparency #8281 [@​Yay295]
• Use transparency when combining P frames from APNGs #8443 [@​radarhere]
• Generate and upload attestations to PyPI #8441 [@​hugovk]
• Do not convert images unnecessarily in ImageEnhance #8431 [@​radarhere]
• Raise an error if path is compacted during mapping #8416 [@​radarhere]
• Support all resampling filters when resizing I;16* images #8422 [@​radarhere]
• Free memory on early return #8413 [@​radarhere]
• Cast int before potentially exceeding INT_MAX #8402 [@​radarhere]
• Prevent division by zero #8408 [@​radarhere]
• Check image value before use #8400 [@​radarhere]
• Use ruff check #8423 [@​radarhere]
• Change harfbuzz versions in wheels #8421 [@​radarhere]
• Use Capsule for WebP saving #8386 [@​homm]
• Fixed writing multiple StripOffsets to TIFF #8317 [@​Yay295]
• Updated macOS deployment target for PyPy on Intel to 10.15 #8414 [@​radarhere]
• Fix dereference before checking for NULL in ImagingTransformAffine #8398 [@​PavlNekrasov]
• Use transposed size after opening for TIFF images #8390 [@​radarhere]
• Improve ImageFont error messages #8338 [@​yngvem]
• Mention MAX_TEXT_CHUNK limit in PNG error message #8391 [@​radarhere]
• Cast Dib handle to int #8385 [@​radarhere]
• Updated macOS deployment target for Python >= 3.12 on Intel to 10.13 #8379 [@​radarhere]
• Removed unused ImagePath variable #8377 [@​radarhere]
• Change macos-14 to macos-latest #8376 [@​radarhere]
• Accept float stroke widths #8369 [@​radarhere]
• Remove comments #8370 [@​radarhere]
• Removed libffi-dev #8368 [@​radarhere]
• Improved handling of RGBA palettes when saving GIF images #8366 [@​radarhere]
• Support converting more modes to LAB by converting to RGBA first #8358 [@​radarhere]
• Optimize getbbox() and getextrema() routines #8194 [@​homm]
• Removed unused TiffImagePlugin IFD_LEGACY_API #8355 [@​radarhere]
• Handle duplicate EXIF header #8350 [@​zakajd]
• Use (void) for empty function parameters #8002 [@​Yay295]
• Return early from BoxBlur if either width or height is zero #8347 [@​radarhere]

... (truncated)

Changelog

Sourced from pillow's changelog.

11.0.0 (2024-10-15)

• Update licence to MIT-CMU #8460 [hugovk]

• Conditionally define ImageCms type hint to avoid requiring core #8197 [radarhere]

• Support writing LONG8 offsets in AppendingTiffWriter #8417 [radarhere]

• Use ImageFile.MAXBLOCK when saving TIFF images #8461 [radarhere]

• Do not close provided file handles with libtiff when saving #8458 [radarhere]

• Support ImageFilter.BuiltinFilter for I;16* images #8438 [radarhere]

• Use ImagingCore.ptr instead of ImagingCore.id #8341 [homm, radarhere, hugovk]

• Updated EPS mode when opening images without transparency #8281 [Yay295, radarhere]

• Use transparency when combining P frames from APNGs #8443 [radarhere]

• Support all resampling filters when resizing I;16* images #8422 [radarhere]

• Free memory on early return #8413 [radarhere]

• Cast int before potentially exceeding INT_MAX #8402 [radarhere]

• Check image value before use #8400 [radarhere]

• Improved copying imagequant libraries #8420 [radarhere]

• Use Capsule for WebP saving #8386 [homm, radarhere]

• Fixed writing multiple StripOffsets to TIFF #8317 [Yay295, radarhere]

... (truncated)

Commits

• 204aae6 11.0.0 version bump
• f2cc87b Update CHANGES.rst [ci skip]
• c855e8e Merge pull request #8464 from radarhere/imagemath_type_hint
• dc37515 Merge pull request #8463 from hugovk/update-3.13-date
• c3d81d6 Update Python 3.13 release date
• a60610c Added type hints
• a5c58f2 Merge pull request #8460 from hugovk/mit-cmu
• e74994e Update licence to MIT-CMU
• b5e1115 Update CHANGES.rst [ci skip]
• 686b5e2 Merge pull request #8392 from radarhere/tiff_seek
• Additional commits viewable in compare view

Updates psutil from 6.0.0 to 6.1.0

Changelog

Sourced from psutil's changelog.

6.1.0

2024-10-17

Enhancements

• 2366_, [Windows]: drastically speedup process_iter(). We now determine process unique identity by using process "fast" create time method. This will considerably speedup those apps which use process_iter() only once, e.g. to look for a process with a certain name.
• 2446_: use pytest instead of unittest.
• 2448_: add make install-sysdeps target to install the necessary system dependencies (python-dev, gcc, etc.) on all supported UNIX flavors.
• 2449_: add make install-pydeps-test and make install-pydeps-dev targets. They can be used to install dependencies meant for running tests and for local development. They can also be installed via pip install .[test] and pip install .[dev].
• 2456_: allow to run tests via python3 -m psutil.tests even if pytest module is not installed. This is useful for production environments that don't have pytest installed, but still want to be able to test psutil installation.

Bug fixes

• 2427_: psutil (segfault) on import in the free-threaded (no GIL) version of Python 3.13. (patch by Sam Gross)
• 2455_, [Linux]: IndexError may occur when reading /proc/pid/stat and field 40 (blkio_ticks) is missing.
• 2457_, [AIX]: significantly improve the speed of Process.open_files()_ for some edge cases.
• 2460_, [OpenBSD]: Process.num_fds()_ and Process.open_files()_ may fail with NoSuchProcess_ for PID 0. Instead, we now return "null" values (0 and [] respectively).

Commits

• fb68f9f pre release
• 567438c [Windows] speed up process_iter() (#2444)
• b1a7593 Use pytest.skip instead of unittest.SkipTest (#2461)
• b19d5bd AIX: improve open_files() regexp speed (#2457)
• 223938f Use @pytest.mark.skipif decorator instead of @unittest.skipIf (#2459)
• f65fe44 [OpenBSD] Process num_fds() and open_files() may raise NSP for PID 0 (#2460)
• 0a71d0e enable ruff cache (faster)
• 4649a88 Run tests without pytests (#2456)
• 80af879 revert change which broke python 2 tests
• 4e85bee change call_until() signature so that it can be used with lambda
• Additional commits viewable in compare view

Updates pytest-cov from 5.0.0 to 6.0.0

Changelog

Sourced from pytest-cov's changelog.

6.0.0 (2024-10-29)

• Updated various documentation inaccuracies, especially on subprocess handling.
• Changed fail under checks to use the precision set in the coverage configuration. Now it will perform the check just like coverage report would.
• Added a --cov-precision cli option that can override the value set in your coverage configuration.
• Dropped support for now EOL Python 3.8.

Commits

• 9540437 Bump version: 5.0.0 → 6.0.0
• 9f81754 Further trim down envs and drop Python 3.8.
• b12b5ec Update conf.
• 23f4b27 Update changelog.
• 291a04f Bump test deps and trim config.
• 08f1101 Add --cov-precision option. Close #655.
• 76fe2a7 Move the warnings/errors in a place that doesn't import anything.
• a9ea7b7 Implement error/warning for the bad dynamic_context being set in config.
• c299e01 Add explicit suffixing to make it easier to see the identify the sources/usag...
• c87e546 Add reproducer for weird xdist dynamic_context interaction. Ref #604.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud