Skip to content

build(deps): Update tox requirement from <5,>=4.56.2 to >=4.56.4,<5#107

Merged
gabe-l-hart merged 1 commit into
mainfrom
dependabot/pip/tox-gte-4.56.4-and-lt-5
Jul 9, 2026
Merged

build(deps): Update tox requirement from <5,>=4.56.2 to >=4.56.4,<5#107
gabe-l-hart merged 1 commit into
mainfrom
dependabot/pip/tox-gte-4.56.4-and-lt-5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on tox to permit the latest version.

Release notes

Sourced from tox's releases.

v4.56.4

What's Changed

Full Changelog: tox-dev/tox@4.56.3...4.56.4

Changelog

Sourced from tox's changelog.

Bug fixes - 4.56.4

  • Discover debug (Py_DEBUG) interpreters set as base_python, such as Debian's python3.13-dbg - the spec was misread as a machine named dbg and no interpreter matched. Requires python-discovery>=1.4.4 - by :user:gaborbernat. (:issue:3977)

v4.56.3 (2026-07-08)


Bug fixes - 4.56.3

  • Stop double-closing the child pty file descriptor when running under a tty, which could race a parallel run that had reused the freed descriptor number and cause intermittent Bad file descriptor/Input/output error failures - by :user:apoorvdarshan. (:issue:3975)

v4.56.2 (2026-07-07)


Bug fixes - 4.56.2

  • Fix a batch of latent defects found in a codebase audit:

    • stop duplicating --extra-index-url when a merged requirements line repeats an already-seen index;
    • render --no-binary/--only-binary as comma-joined strings instead of leaking the internal set into the pip command line;
    • report a clear error instead of IndexError for a bare one-argument flag (-c, -r, -f, -e) in deps or constraints;
    • canonicalize optional-dependencies keys and self-referential (recursive) extra names so non-canonical spellings no longer silently drop dependencies;
    • raise a clear error instead of KeyError when dependency_groups is requested without a [dependency-groups] table;
    • stop a native TOML { replace = "env" } reference from leaking its resolution chain into sibling list entries and tripping a spurious circular chain error;
    • expand the range that actually matched in a factor expression rather than the first identical digit-range substring;
    • strip the backslash from an escaped \; in set_env values;
    • skip option values during command auto-detection so an environment named like a subcommand (e.g. tox -e list) is no longer misread;
    • treat an empty list-typed environment variable (e.g. TOX_DISCOVER=) as an empty list rather than [""];
    • report an environment whose name is an empty string as present in Config membership tests;
    • fail evaluation gracefully instead of crashing the driver thread when tox p -p all is run with an empty selection;
    • avoid rebuilding a throwaway PEP 517 frontend against the previous root when a package environment's root is reassigned before a frontend exists;
    • avoid crashing create_session_view when the package and its session copy share no common path (e.g. different Windows drives);

... (truncated)

Commits
  • a44a942 release 4.56.4
  • 7790501 🐛 fix(discovery): find debug interpreters like python3.13-dbg (#3978)
  • 4dac7fe release 4.56.3
  • 6f8dabc Don't double-close the child pty fd (fixes parallel Bad file descriptor) (#39...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Updates the requirements on [tox](https://github.com/tox-dev/tox) to permit the latest version.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.56.2...4.56.4)

---
updated-dependencies:
- dependency-name: tox
  dependency-version: 4.56.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 9, 2026
@dependabot dependabot Bot requested a review from gabe-l-hart as a code owner July 9, 2026 00:05
@dependabot dependabot Bot added the python Pull requests that update python code label Jul 9, 2026
@gabe-l-hart gabe-l-hart merged commit 4323d09 into main Jul 9, 2026
4 checks passed
@dependabot dependabot Bot deleted the dependabot/pip/tox-gte-4.56.4-and-lt-5 branch July 9, 2026 15:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant