Skip to content

chore(deps-dev): bump coverage from 7.13.4 to 7.14.2#89

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/coverage-7.14.2
Closed

chore(deps-dev): bump coverage from 7.13.4 to 7.14.2#89
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/coverage-7.14.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 21, 2026

Copy link
Copy Markdown
Contributor

Bumps coverage from 7.13.4 to 7.14.2.

Changelog

Sourced from coverage's changelog.

Version 7.14.2 — 2026-06-20

  • Fix: some messages were being written to stdout, making coverage json -o - useless for capturing JSON output. Now messages are written to stderr, fixing issue 2197_.

  • Fix: CoverageData kept one SQLite connection per thread that recorded coverage, but never closed them when those threads terminated. On long runs with many short-lived threads this leaked one file descriptor per dead thread, eventually failing with OSError: [Errno 24] Too many open files. Connections belonging to terminated threads are now closed and dropped. Fixes issue 2192. Thanks, Matthew Lloyd <pull 2193_>.

  • Fix: when using sys.monitoring, we were assuming we could use the COVERAGE_ID tool id. But other tools might also assume they could use that id. Pre-allocated ids don't really make sense, so now we search for a usable one instead. Fixes issue 2187_.

  • Following the advice of cibuildwheel <no-13t_>_, we no longer distribute wheels for Python 3.13 free-threaded.

.. _issue 2187: coveragepy/coveragepy#2187 .. _issue 2192: coveragepy/coveragepy#2192 .. _pull 2193: coveragepy/coveragepy#2193 .. _issue 2197: coveragepy/coveragepy#2197 .. _no-13t: https://py-free-threading.github.io/ci/#building-free-threaded-wheels-with-cibuildwheel

.. _changes_7-14-1:

Version 7.14.1 — 2026-05-26

  • Fix: the HTML report used typographic niceties to make file paths more readable by adding a small amount of space around slashes. Those spaces interfered with searching the page for file paths of interest. Now the report uses CSS to accomplish the same visual tweak so that searches with slashes work correctly. Closes issue 2170_.

  • Add a 3.16 PyPI classifier <hugo-316_>_ since we test on the 3.16 main branch.

.. _issue 2170: coveragepy/coveragepy#2170 .. _hugo-316: https://mastodon.social/@​hugovk/116588523571204490

.. _changes_7-14-0:

Version 7.14.0 — 2026-05-10

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps-dev): bump coverage from 7.13.4 to 7.14.2
fe17f43 
Bumps [coverage](https://github.com/coveragepy/coveragepy) from 7.13.4 to 7.14.2.
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.13.4...7.14.2)

---
updated-dependencies:
- dependency-name: coverage
  dependency-version: 7.14.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 21, 2026
@dependabot dependabot Bot requested a review from anchildress1 as a code owner June 21, 2026 14:11
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 21, 2026
anchildress1 added a commit that referenced this pull request Jun 24, 2026
@anchildress1 @claude
chore(deps): upgrade all Python dependencies to latest
9d43eb7 
uv lock --upgrade across the board (24 packages), incl. requests 2.32.5->2.34.2,
urllib3 2.6.3->2.7.0, black 26.1.0->26.5.1, coverage 7.13.4->7.14.3, bandit
1.9.3->1.9.4, pip-audit 2.10.0->2.10.1. Supersedes Dependabot PRs #88 and #89.

Validation: make ai-checks green (format, lint, bandit, pip-audit, detect-secrets,
complexity, tests 88.63%). No vulnerable dependencies.

Generated-by: Claude Opus 4.8

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@anchildress1

anchildress1 commented Jun 24, 2026

Copy link
Copy Markdown
Owner

Superseded by #90 — all package upgrades (incl. this one, to an equal-or-newer version) are folded into the Firebase deploy PR with a single lockfile update + green ai-checks.

@dependabot @github

dependabot Bot commented on behalf of github Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/uv/coverage-7.14.2 branch June 24, 2026 03:30
anchildress1 added a commit that referenced this pull request Jun 24, 2026
@anchildress1 @claude
feat(ci): Firebase Hosting deploy + gh-pages as callable fork workflow (
482471f 
#90)

* feat(ci): deploy to Firebase Hosting; keep gh-pages as callable fork workflow

Move the primary published site to Firebase Hosting via Workload Identity
Federation (no long-lived key). Extract site generation into a shared composite
action so the Firebase and gh-pages paths produce identical output. Preserve the
original gh-pages deploy as a separate callable/fork-friendly workflow, skipping
its scheduled run on the upstream repo. The gh-pages branch remains the
incremental state store (last_run.txt, posts_data.json).

Generated-by: Claude Opus 4.8

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* chore(deps): bump GitHub Actions to latest

- actions/checkout v6 -> v7
- astral-sh/setup-uv v7 -> v8.2.0
- github/codeql-action v4.32.4 -> v4.36.2
- googleapis/release-please-action v4.4.0 -> v5.0.0 (node24 runtime)

Generated-by: Claude Opus 4.8

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* refactor(ci): move upstream incremental state to a dedicated mirror-state branch

The gh-pages branch held only a save file on the upstream repo (Firebase does
the hosting now), which was confusing. Park upstream state on a clearly-named
mirror-state branch instead; forks keep state on gh-pages alongside their site.
The generate-site composite gains a state_branch input so both paths share one
restore/persist mechanism.

Generated-by: Claude Opus 4.8

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* chore(deps): upgrade all Python dependencies to latest

uv lock --upgrade across the board (24 packages), incl. requests 2.32.5->2.34.2,
urllib3 2.6.3->2.7.0, black 26.1.0->26.5.1, coverage 7.13.4->7.14.3, bandit
1.9.3->1.9.4, pip-audit 2.10.0->2.10.1. Supersedes Dependabot PRs #88 and #89.

Validation: make ai-checks green (format, lint, bandit, pip-audit, detect-secrets,
complexity, tests 88.63%). No vulnerable dependencies.

Generated-by: Claude Opus 4.8

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(ci): address PR review — fork guard, site-URL fallback, schedule docs

- publish.yaml: guard the Firebase job to the upstream owner so forks (no WIF
  config) skip it instead of failing every scheduled run.
- generate-site: add fallback_site_url so the Firebase path resolves robots.txt
  and sitemap to the deployed URL when SITE_DOMAIN is unset; fail fast when no
  site URL can be resolved instead of emitting a broken github.io URL. Resolve
  SITE_HOME once and reuse it across steps.
- Correct schedule comments/docs to UTC + DST-accurate ET (14:40 UTC).

Generated-by: Claude Opus 4.8

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anchildress1 anchildress1 Awaiting requested review from anchildress1 anchildress1 is a code owner

Assignees

@anchildress1 anchildress1

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@anchildress1