build(deps): bump the general group with 5 updates

[dependabot]

Bumps the general group with 5 updates:

Package	From	To
gevent	24.10.3	24.11.1
jedi	0.19.1	0.19.2
pyinstaller	6.11.0	6.11.1
pyinstaller-hooks-contrib	2024.9	2024.10
setuptools	75.3.0	75.4.0

Updates gevent from 24.10.3 to 24.11.1

Commits

• e755b5c Preparing release 24.11.1
• b5ee5dd greenlet.py: remove unneeded pylint directive. [skip ci]
• c80b9fe Merge pull request #2077 from gevent/issue2076
• 98999e8 stathelper.c: compatibility with Cython 3.1a1. Seems like there used to be a ...
• 02311dd Make the PeriodicMonitorThreadStartedEvent actually implement the interface; ...
• 71f046f Merge pull request #2074 from gevent/dependabot/github_actions/github-actions...
• a6f6eca Remove some legacy Python 2 support code for compatibility with the upcoming ...
• a454337 Bump pypa/gh-action-pypi-publish in the github-actions group
• 07d2b7e Back to development: 24.10.4
• See full diff in compare view

Updates jedi from 0.19.1 to 0.19.2

Changelog

Sourced from jedi's changelog.

0.19.2 (2024-11-10) +++++++++++++++++++

• Python 3.13 support

Commits

• 41e9e95 Increase Jedi version
• b225678 Add a release for Python 3.13
• 30adf43 Merge pull request #2027 from WutingjiaX/feat/filterImported
• be6df62 filter imported names during completion
• e53359a Fix a test that had issues with a minor upgrade of Python 3.12
• 6e5d5b7 Enable workflow_dispatch in CI
• 91ffdea Sort completions by input resemblance. (#2018)
• 2859e4f Support inferring not expr to bool (#2016)
• 8ee4c26 Merge pull request #2014 from WutingjiaX/feat/in_operator
• 4d09ac0 When inferring comparison operators, return a definite type instead of NO_VAL...
• Additional commits viewable in compare view

Updates pyinstaller from 6.11.0 to 6.11.1

Release notes

Sourced from pyinstaller's releases.

v6.11.1

Please see the v6.11.1 section of the changelog for a list of the changes since v6.11.0.

Changelog

Sourced from pyinstaller's changelog.

6.11.1 (2024-11-10)

Bugfix

* (GNU/Linux) Fix resolving binary dependencies linked using ``$ORIGIN``.
  (:issue:`8868`)
* (Linux) Fix discovery and collection of Python shared library when using
  ``uv``-installed or ``rye``-installed Python that happens to be of same
  version as the system-installed Python. (:issue:`8850`)
* (Linux/musl) Prevent ``ld-musl-x86_64.so.1`` from being collected.
  (:issue:`8868`)
* (Windows) Add a retry loop to ``onefile`` temporary directory cleanup
  as an attempt to mitigate situations when bundled DLLs and python
  extension modules remain locked by the OS and/or anti-virus program
  for a short while after the application process exits. (:issue:`8870`)
* (Windows) Fix Qt run-time hooks failing to add the top-level application
  directory to ``PATH`` when the latter already contains a sub-directory
  of the top-level application directory (for example, ``pywin32_system32``
  sub-directory added to ``PATH`` by ``pywin32`` run-time hook). This
  failure prevented QtNetwork from discovering bundled OpenSSL DLLs, and
  caused it to (attempt to) load them from other locations that happened
  to be in ``PATH``. (:issue:`8857`)
* Fix macOS's default icons being missing from wheels (regression introduced in
  v6.11.0) (:issue:`8855`)
* Prevent :mod:`tkinter` from being collected if it is unusable.
  (:issue:`8868`)
Hooks

* Prevent ``IPython`` from being packaged redundantly if ``matplotlib`` is
  imported. (:issue:`8868`)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/1318b8bc26d348147c4e99c0a7b60052a27eb1cc&quot;&gt;&lt;code&gt;1318b8b&lt;/code&gt;&lt;/a> Release v6.11.1. [skip ci]</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/9a113fed6bd245f602a9a636c9f9f86a86157bd3&quot;&gt;&lt;code&gt;9a113fe&lt;/code&gt;&lt;/a> tests: increase the waiting time in test_onefile_signal_handling</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/1ddbbe0dc8ffb1602edf798772a9d0aacbec257d&quot;&gt;&lt;code&gt;1ddbbe0&lt;/code&gt;&lt;/a> bootloader: add a retry loop for deleting onefile temp. dir. on Windows</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/160475ce4d6f715f43a44e89998091930f4074c5&quot;&gt;&lt;code&gt;160475c&lt;/code&gt;&lt;/a> bootloader: attempt to remove temp dir again only if some DLLs were unloaded</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/3e3a768a7152c7dd9ffcfa901fd5f4fad4960408&quot;&gt;&lt;code&gt;3e3a768&lt;/code&gt;&lt;/a> bootloader: move mitigation of locked temporary directory into helper function</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/235f6b97368d0ae58c4bf65953c391b0522fee36&quot;&gt;&lt;code&gt;235f6b9&lt;/code&gt;&lt;/a> bootloader: POSIX: install signal handlers before forking the child process</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/e073700b4c50e1954e93fa826f993bfb5c70a6e0&quot;&gt;&lt;code&gt;e073700&lt;/code&gt;&lt;/a> tests: nested multiprocessing: do not assume order of results</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/d0d767b4ca0df9ef39ccd11958b8fecea4df2356&quot;&gt;&lt;code&gt;d0d767b&lt;/code&gt;&lt;/a> ci: Increase pytest-xdist forks</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/eabd58f7b76ec58482279d8357b0ffefaefc659c&quot;&gt;&lt;code&gt;eabd58f&lt;/code&gt;&lt;/a> hooks: Exclude IPython as a dependency of matplotlib.{pyplot,backend_bases}</li>

<li><a href="https://github.com/pyinstaller/pyinstaller/commit/cc12d93359d7378344a4dc39f87c9386e64899e6&quot;&gt;&lt;code&gt;cc12d93&lt;/code&gt;&lt;/a> Prevent broken tkinter from being packaged</li>

<li>Additional commits viewable in <a href="https://github.com/pyinstaller/pyinstaller/compare/v6.11.0...v6.11.1&quot;&gt;compare view</a></li>

</ul>

</details>
<br />


Updates pyinstaller-hooks-contrib from 2024.9 to 2024.10

Release notes
Sourced from pyinstaller-hooks-contrib's releases.

v2024.10
Please see the changelog for more details



Changelog
Sourced from pyinstaller-hooks-contrib's changelog.

2024.10 (2024-11-10)
New hooks

* Add hook for ``h3`` to collect its metadata (required with ``h3`` v4.0.0
  and later). (`[#825](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/825)
  <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/825>`_)
* Add hook for ``numbers_parser`` to ensure that package's data file is
  collected. (`[#823](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/823)
  <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/823>`_)
* Add hook for ``sv_ttk`` to ensure that its resources (.tcl files and
  images) are collected. (`[#826](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/826)
  <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/826>`_)
Updated hooks


Update falcon hook for compatibility with falcon v4.0.0. ([#820](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/820) <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/820>_)
Update tensorflow hook to automatically raise recursion limit to
5000 (if not already set to a higher value) in order to avoid recursion
limit errors in certain import chains (dependent on build environment
and other packages installed in it). ([#825](https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/825) <https://github.com/pyinstaller/pyinstaller-hooks-contrib/issues/825>_)




Commits

7e7d08d Release v2024.10
9403e99 Scheduled weekly dependency update for week 44 (#829)
9c5eb90 cleanup: remove old (and now empty) license files
6e64bcd Add hook for sv_ttk (#826)
f6922d0 hooks: tensorflow: automatically raise recursion limit
5818893 hooks: add hook for h3
7b505ad ci: pr-test: query installed packages to determine extra dependencies
4626e15 Scheduled weekly dependency update for week 43 (#825)
a08c1e5 ci: add python 3.12 and 3.13, and use macos-13 and macos-14
d4f1599 hooks: add hook for numbers_parser
Additional commits viewable in compare view




Updates setuptools from 75.3.0 to 75.4.0

Changelog
Sourced from setuptools's changelog.

v75.4.0
Features

Added support for the environment variable
SETUPTOOLS_DANGEROUSLY_SKIP_PYPROJECT_VALIDATION=true, allowing users to bypass
the validation of pyproject.toml.
This option should be used only as a last resort when resolving dependency
issues, as it may lead to improper functioning.
Users who enable this setting are responsible for ensuring that pyproject.toml
complies with setuptools requirements. (#4611)
Require Python 3.9 or later. (#4718)
Remove dependency on importlib_resources
and the vendored copy of the library.
Instead, setuptools consistently rely on stdlib's importlib.resources
(available on Python 3.9+). (#4718)
Setuptools' bdist_wheel implementation no longer produces wheels with
the m SOABI flag (pymalloc-related).
This flag was removed on Python 3.8+ (see :obj:sys.abiflags). (#4718)
Updated vendored packaging version to 24.2. (#4740)

Bugfixes

Merge with pypa/distutils@251797602, including fix for dirutil.mkpath handling in pypa/distutils#304.




Commits

8f5559c Bump version: 75.3.0 → 75.4.0
6cc5f08 Update mypy requirement from ==1.12.* to >=1.12,<1.14 (#4700)
748c851 Update mypy requirement from ==1.12.* to >=1.12,<1.14
c9d980f Refactor/unify/extract shutil.rmtree callbacks (and avoid repetition) (#4682)
db2b206 Extract test for shutil.rmtree callback to its own file
bb93502 Add docstring
8272bc3 Refactor usage of shutil.rmtree in other parts of setuptools
6ddac39 Ignore some lines for coverage
b9be144 Attempt to solve typechecking problems
1678730 Extract common pattern to remove dir if exists to setuptools._shutil
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options


You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 4 package(s) with unknown licenses.

See the Details below.

License Issues

requirements.txt

Package	Version	License	Issue Type
gevent	24.11.1	Null	Unknown License
jedi	0.19.2	Null	Unknown License
pyinstaller	6.11.1	Null	Unknown License
pyinstaller-hooks-contrib	2024.10	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
pip/gevent	24.11.1	🟢 4.2	Details Check Score Reason Code-Review ⚠️ 0 Found 1/27 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Packaging 🟢 10 packaging workflow detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
pip/jedi	0.19.2	🟢 6.2	Details Check Score Reason Code-Review 🟢 7 Found 10/13 approved changesets -- score normalized to 7 Maintained 🟢 10 4 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pyinstaller	6.11.1	🟢 5.4	Details Check Score Reason Code-Review 🟢 9 Found 16/17 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 License 🟢 9 license file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts ⚠️ 0 binaries present in source code Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/pyinstaller-hooks-contrib	2024.10	🟢 5.6	Details Check Score Reason Code-Review 🟢 8 Found 22/25 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/setuptools	75.4.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 5 Found 7/13 approved changesets -- score normalized to 5 Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts ⚠️ 2 binaries present in source code Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• requirements.txt