Skip to content

chore(deps-dev): bump filelock from 3.20.3 to 3.29.0#10965

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/master/filelock-3.29.0
Open

chore(deps-dev): bump filelock from 3.20.3 to 3.29.0#10965
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/pip/master/filelock-3.29.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 2, 2026
edited
Loading

Bumps filelock from 3.20.3 to 3.29.0.

Release notes

Sourced from filelock's releases.

3.29.0

What's Changed

Full Changelog: tox-dev/filelock@3.28.0...3.29.0

3.28.0

What's Changed

Full Changelog: tox-dev/filelock@3.27.0...3.28.0

3.27.0

What's Changed

Full Changelog: tox-dev/filelock@3.26.1...3.27.0

3.26.1

What's Changed

New Contributors

Full Changelog: tox-dev/filelock@3.26.0...3.26.1

3.26.0

What's Changed

Full Changelog: tox-dev/filelock@3.25.2...3.26.0

... (truncated)

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

3.29.0 (2026-04-19)

  • ✨ feat(soft): enable stale lock detection on Windows :pr:534
  • 🐛 fix(async): use single-thread executor for lock consistency :pr:533
  • build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 :pr:530 - by :user:dependabot[bot]

3.28.0 (2026-04-14)

  • 🐛 fix(ci): unbreak release workflow, publish to PyPI again :pr:529

3.26.1 (2026-04-09)

  • 🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handling :pr:518 - by :user:naarob
  • build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 :pr:525 - by :user:dependabot[bot]

3.26.0 (2026-04-06)

  • ✨ feat(soft): add PID inspection and lock breaking :pr:524
  • [pre-commit.ci] pre-commit autoupdate :pr:523 - by :user:pre-commit-ci[bot]
  • build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0 :pr:522 - by :user:dependabot[bot]
  • Remove persist-credentials: false from release job :pr:520
  • [pre-commit.ci] pre-commit autoupdate :pr:519 - by :user:pre-commit-ci[bot]
  • 🔒 ci(workflows): add zizmor security auditing :pr:517
  • [pre-commit.ci] pre-commit autoupdate :pr:516 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:514 - by :user:pre-commit-ci[bot]

3.25.2 (2026-03-11)

  • 🐛 fix(unix): suppress EIO on close in Docker bind mounts :pr:513

3.25.1 (2026-03-09)

  • [pre-commit.ci] pre-commit autoupdate :pr:510 - by :user:pre-commit-ci[bot]
  • 🐛 fix(win): restore best-effort lock file cleanup on release :pr:511

... (truncated)

Commits
  • 469b47f Release 3.29.0
  • e85d072 ✨ feat(soft): enable stale lock detection on Windows (#534)
  • f5ee171 🐛 fix(async): use single-thread executor for lock consistency (#533)
  • 2a95458 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#530)
  • 55de20c Release 3.28.0
  • 476b0e4 🐛 fix(ci): unbreak release workflow, publish to PyPI again (#529)
  • 824713e ✨ feat(rw): add SoftReadWriteLock for NFS and HPC clusters (#528)
  • 9879de9 [pre-commit.ci] pre-commit autoupdate (#527)
  • 4cfab49 Release 3.26.1
  • 734c9f2 🐛 fix(asyncio): add exit to BaseAsyncFileLock and fix del loop handli...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Dependabot Updates pip Dependabot Updates Python labels May 2, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 2, 2026 01:49
@dependabot dependabot Bot added dependencies Dependabot Updates pip Dependabot Updates Python labels May 2, 2026
@dependabot dependabot Bot mentioned this pull request May 2, 2026
Closed
@dependabot
chore(deps-dev): bump filelock from 3.20.3 to 3.29.0
78d8521 
Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.20.3 to 3.29.0.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.20.3...3.29.0)

---
updated-dependencies:
- dependency-name: filelock
  dependency-version: 3.29.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/master/filelock-3.29.0 branch from 7491c9d to 78d8521 Compare May 5, 2026 14:08
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 5, 2026

⚠️ Changes detected in the following folders without a corresponding update to the CHANGELOG.md:

  • prowler (root dependency files changed)

Please add an entry to the corresponding CHANGELOG.md file to maintain a clear history of changes.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 5, 2026

Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 5, 2026
edited
Loading

🔒 Container Security Scan

Image: prowler:0344d4b
Last scan: 2026-05-05 14:17:57 UTC

📊 Vulnerability Summary

Severity Count
🔴 Critical 4
Total 4

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

  • Review the detailed scan results
  • Update affected packages to patched versions
  • Consider using a different base image if updates are unavailable

📋 Resources:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Dependabot Updates pip Dependabot Updates Python

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants