Skip to content

Bump filelock from 3.29.1 to 3.29.3#1531

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/filelock-3.29.3
Closed

Bump filelock from 3.29.1 to 3.29.3#1531
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/filelock-3.29.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor

Bumps filelock from 3.29.1 to 3.29.3.

Release notes

Sourced from filelock's releases.

3.29.3

What's Changed

Full Changelog: tox-dev/filelock@3.29.2...3.29.3

3.29.2

What's Changed

Full Changelog: tox-dev/filelock@3.29.1...3.29.2

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

3.29.3 (2026-06-10)

  • 🐛 fix(ci): restore release environment on tag job :pr:559
  • validate pid range in _parse_lock_holder :pr:556 - by :user:dxbjavid
  • 🔧 ci(release): publish to PyPI on tag push :pr:557
  • build(deps): bump astral-sh/setup-uv from 8.1.0 to 8.2.0 :pr:558 - by :user:dependabot[bot]

3.29.2 (2026-06-10)

  • build(deps): bump actions/checkout from 6.0.2 to 6.0.3 :pr:555 - by :user:dependabot[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:554 - by :user:pre-commit-ci[bot]
  • check hostname in is_lock_held_by_us :pr:553 - by :user:dxbjavid
  • 🔒 fix(soft): harden stale-lock breaking and self-heal malformed locks :pr:551
  • open marker reads non-blocking to refuse attacker-placed fifo :pr:549 - by :user:dxbjavid

3.29.1 (2026-06-03)

  • 🐛 fix(soft): refuse to follow symlinks when reading the lock file :pr:548 - by :user:dxbjavid
  • [pre-commit.ci] pre-commit autoupdate :pr:547 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:546 - by :user:pre-commit-ci[bot]
  • chore: improve filelock maintenance path :pr:545 - by :user:lphuc2250gma
  • chore: improve filelock maintenance path :pr:544 - by :user:lphuc2250gma
  • chore: improve filelock maintenance path :pr:542 - by :user:lphuc2250gma
  • docs: clarify per-thread scope of FileLock configuration :pr:543 - by :user:Gares95
  • [pre-commit.ci] pre-commit autoupdate :pr:541 - by :user:pre-commit-ci[bot]
  • docs: fix API docs of release() :pr:540 - by :user:MrAnno
  • [pre-commit.ci] pre-commit autoupdate :pr:539 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:538 - by :user:pre-commit-ci[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:537 - by :user:pre-commit-ci[bot]
  • build(deps): bump astral-sh/setup-uv from 8.0.0 to 8.1.0 :pr:536 - by :user:dependabot[bot]
  • [pre-commit.ci] pre-commit autoupdate :pr:535 - by :user:pre-commit-ci[bot]

3.29.0 (2026-04-19)

  • ✨ feat(soft): enable stale lock detection on Windows :pr:534
  • 🐛 fix(async): use single-thread executor for lock consistency :pr:533
  • build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 :pr:530 - by :user:dependabot[bot]

... (truncated)

Commits
  • 85e73d7 🐛 fix(ci): publish from release.yaml on tag push (#560)
  • f86dcb1 Release 3.29.3
  • 643bdbe 🐛 fix(ci): restore release environment on tag job (#559)
  • 7a8f74a validate pid range in _parse_lock_holder (#556)
  • d1d49a0 🔧 ci(release): publish to PyPI on tag push (#557)
  • b37e162 build(deps): bump astral-sh/setup-uv from 8.1.0 to 8.2.0 (#558)
  • d9216de Release 3.29.2
  • ab6844d build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#555)
  • b862ead [pre-commit.ci] pre-commit autoupdate (#554)
  • 2ff7c3c check hostname in is_lock_held_by_us (#553)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump filelock from 3.29.1 to 3.29.3
ebeabbf 
Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.29.1 to 3.29.3.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.29.1...3.29.3)

---
updated-dependencies:
- dependency-name: filelock
  dependency-version: 3.29.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 11, 2026
@github-actions

github-actions Bot commented Jun 11, 2026

Copy link
Copy Markdown
Contributor

MegaLinter analysis: Success

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ COPYPASTE jscpd yes no no 58.36s
✅ JSON prettier 7 0 0 0 0.71s
✅ JSON v8r 7 0 0 5.07s
✅ MARKDOWN markdownlint 68 0 0 0 1.93s
✅ MARKDOWN markdown-table-formatter 68 0 0 0 1.0s
✅ PYTHON black 859 13 0 0 56.69s
✅ PYTHON isort 859 14 0 0 3.42s
✅ REPOSITORY checkov yes no no 47.59s
✅ REPOSITORY gitleaks yes no no 8.17s
✅ REPOSITORY git_diff yes no no 0.07s
✅ REPOSITORY secretlint yes no no 25.4s
✅ REPOSITORY syft yes no no 4.51s
✅ REPOSITORY trivy-sbom yes no no 6.33s
✅ REPOSITORY trufflehog yes no no 26.61s
✅ YAML prettier 11 0 0 0 0.77s
✅ YAML v8r 11 0 0 11.46s
✅ YAML yamllint 11 0 0 0.69s

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.5.0 --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_ISORT,COPYPASTE_JSCPD,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

@ISAS-Admin ISAS-Admin closed this Jun 11, 2026
@ISAS-Admin ISAS-Admin deleted the dependabot/pip/filelock-3.29.3 branch June 11, 2026 22:15
@dependabot @github

dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ISAS-Admin