Commit 128df74
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
Bump build from 1.4.2 to 1.4.3 (#12377)
Bumps [build](https://github.com/pypa/build) from 1.4.2 to 1.4.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/build/releases">build's
releases</a>.</em></p>
<blockquote>
<h2>1.4.3</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>🐛 fix(api): resolve thread-safety races in build API by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1015">pypa/build#1015</a></li>
<li>🐛 fix(builder): validate backend-path entries exist on disk by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1016">pypa/build#1016</a></li>
<li>test: cover config settings build paths by <a
href="https://github.com/terminalchai"><code>@terminalchai</code></a>
in <a
href="https://redirect.github.com/pypa/build/pull/992">pypa/build#992</a></li>
<li>Add kind=(step, ) for root messages with * by <a
href="https://github.com/abitrolly"><code>@abitrolly</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/973">pypa/build#973</a></li>
<li>fix: correct changelog category ordering by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1017">pypa/build#1017</a></li>
<li>🐛 fix(cli): show full dependency chain in missing deps error by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1019">pypa/build#1019</a></li>
<li>tests: fully annotate by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1020">pypa/build#1020</a></li>
<li>chore: lazy imports by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1021">pypa/build#1021</a></li>
<li>chore: adding more ruff codes by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1022">pypa/build#1022</a></li>
<li>tests: improve annotations by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1023">pypa/build#1023</a></li>
<li>🧪 test(coverage): achieve 100% test coverage by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1018">pypa/build#1018</a></li>
<li>chore: add ruff PT by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1025">pypa/build#1025</a></li>
<li>chore: add ruff PYI by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1026">pypa/build#1026</a></li>
<li>chore: add ruff SIM/RET by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1028">pypa/build#1028</a></li>
<li>🐛 fix(env): strip PYTHONPATH from isolated builds by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1024">pypa/build#1024</a></li>
<li>chore: use ruff ALL by <a
href="https://github.com/henryiii"><code>@henryiii</code></a> in <a
href="https://redirect.github.com/pypa/build/pull/1029">pypa/build#1029</a></li>
<li>🐛 fix(env): prevent pip credential hang with private indexes by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1030">pypa/build#1030</a></li>
<li>🐛 fix(check_dependency): verify URL reqs via PEP 610 by <a
href="https://github.com/gaborbernat"><code>@gaborbernat</code></a> in
<a
href="https://redirect.github.com/pypa/build/pull/1027">pypa/build#1027</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/terminalchai"><code>@terminalchai</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/build/pull/992">pypa/build#992</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pypa/build/compare/1.4.2...1.4.3">https://github.com/pypa/build/compare/1.4.2...1.4.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/build/blob/main/CHANGELOG.rst">build's
changelog</a>.</em></p>
<blockquote>
<p>####################
1.4.3 (2026-04-10)
####################</p>
<hr />
<p>Features</p>
<hr />
<ul>
<li>Add <code>kind</code> parameter to log messages to separate semantic
and representation - by :user:<code>abitrolly</code>
(:issue:<code>973</code>)</li>
</ul>
<hr />
<p>Bugfixes</p>
<hr />
<ul>
<li>Strip <code>PYTHONPATH</code> from the environment during isolated
builds to prevent host packages from leaking into the build
<ul>
<li>by :user:<code>gaborbernat</code> (:issue:<code>405</code>)</li>
</ul>
</li>
<li>Pass <code>--no-input</code> to pip to prevent hidden credential
prompts that cause hangs, and automatically set
<code>PIP_KEYRING_PROVIDER=subprocess</code> (or
<code>UV_KEYRING_PROVIDER=subprocess</code> for the uv installer) when
the <code>keyring</code>
CLI is on <code>PATH</code> -- by :user:<code>gaborbernat</code>
(:issue:<code>409</code>)</li>
<li><code>check_dependency</code> now reports URL requirements as unmet
instead of silently accepting them when a package with the
same name is installed - by :user:<code>gaborbernat</code>
(:issue:<code>860</code>)</li>
<li>Fix misleading missing dependency error display where transitive
dependency chains showed the top-level package on a
separate line, making it appear as if the top-level package itself was
missing - by :user:<code>gaborbernat</code>
(:issue:<code>875</code>)</li>
<li>Fix towncrier template to generate changelog categories in
definition order - by :user:<code>gaborbernat</code>
(:issue:<code>1007</code>)</li>
<li>Resolve thread-safety races in the build API - by
:user:<code>gaborbernat</code> (:issue:<code>1015</code>)</li>
<li>Validate <code>backend-path</code> entries exist on disk with a
clear error - by :user:<code>gaborbernat</code>
(:issue:<code>1016</code>)</li>
</ul>
<hr />
<p>Miscellaneous</p>
<hr />
<ul>
<li>:issue:<code>1020</code>, :issue:<code>1021</code></li>
</ul>
<p>####################
1.4.2 (2026-03-25)
####################</p>
<hr />
<p>Bugfixes</p>
<hr />
<ul>
<li>Ensure the <code>uv</code> installer uses the current version of
Python, avoiding an issue if <code>UV_PYTHON</code> is set, for
example. (:issue:<code>977</code>)</li>
<li>Fix <code>_has_valid_outer_pip</code> returning <code>True</code>
when pip is missing, causing build to try using a non-existent pip
instead of falling back to virtualenv. (:issue:<code>1003</code>)</li>
</ul>
<p>####################
1.4.1 (2026-03-24)
####################</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/build/commit/130b043d1a1c1a12a0558f2598430b769f074690"><code>130b043</code></a>
chore: prepare for 1.4.3</li>
<li><a
href="https://github.com/pypa/build/commit/7642efe3f3c5163aa5839d23dda606f3a07eaf21"><code>7642efe</code></a>
🐛 fix(check_dependency): verify URL reqs via PEP 610 (<a
href="https://redirect.github.com/pypa/build/issues/1027">#1027</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/d407530dffe9e7c6141ec533f3271ced2aef9220"><code>d407530</code></a>
🐛 fix(env): prevent pip credential hang with private indexes (<a
href="https://redirect.github.com/pypa/build/issues/1030">#1030</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/b3dc114be71c6823f6892d933b7ddee7c391ce45"><code>b3dc114</code></a>
chore: use ruff ALL (<a
href="https://redirect.github.com/pypa/build/issues/1029">#1029</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/27b67b2db1807f2547af670e4d14401a6605bf3b"><code>27b67b2</code></a>
🐛 fix(env): strip PYTHONPATH from isolated builds (<a
href="https://redirect.github.com/pypa/build/issues/1024">#1024</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/c1454fd30db0e733a65cdc1a927a99525e8e027e"><code>c1454fd</code></a>
chore: add ruff SIM/RET (<a
href="https://redirect.github.com/pypa/build/issues/1028">#1028</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/0b1ca1cf1a0ec451fec3a2836b622c91effefaf6"><code>0b1ca1c</code></a>
chore: add ruff PYI (<a
href="https://redirect.github.com/pypa/build/issues/1026">#1026</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/f1dfe82156c43b0808d283e818e4490b1362eae8"><code>f1dfe82</code></a>
chore: add ruff PT (<a
href="https://redirect.github.com/pypa/build/issues/1025">#1025</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/4348292f7a8d010be2f1b689696bf9608ddf7885"><code>4348292</code></a>
🧪 test(coverage): achieve 100% test coverage (<a
href="https://redirect.github.com/pypa/build/issues/1018">#1018</a>)</li>
<li><a
href="https://github.com/pypa/build/commit/5d3390b31abfedfb6f8698f9d68a88eb37396eba"><code>5d3390b</code></a>
tests: improve annotations (<a
href="https://redirect.github.com/pypa/build/issues/1023">#1023</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/build/compare/1.4.2...1.4.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 3172b3f commit 128df74
2 files changed
+2
-2
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
37 | | - | |
| 37 | + | |
38 | 38 | | |
39 | 39 | | |
40 | 40 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
37 | | - | |
| 37 | + | |
38 | 38 | | |
39 | 39 | | |
40 | 40 | | |
| |||
0 commit comments