Bump the packaging group across 1 directory with 2 updates #191

dependabot · 2026-01-23T02:55:18Z

Bumps the packaging group with 2 updates in the / directory: packaging and build.

Updates packaging from 25.0 to 26.0

Release notes

26.0

Read about the performance improvements here: https://iscinumpy.dev/post/packaging-faster.

What's Changed

Features:

PEP 751: support pylock by @sbidoul in pypa/packaging#900

PEP 794: import name metadata by @brettcannon in pypa/packaging#948

Support writing metadata by @henryiii in pypa/packaging#846

Support __replace__ for Version by @henryiii in pypa/packaging#1003

Support positional pattern matching for Version and Specifier by @henryiii in pypa/packaging#1004

Behavior adaptations:

PEP 440 handling of prereleases for Specifier.contains, SpecifierSet.contains, and SpecifierSet.filter by @notatallshaw in pypa/packaging#897

Handle PEP 440 edge case in SpecifierSet.filter by @notatallshaw in pypa/packaging#942

Adjust arbitrary equality intersection preservation in SpecifierSet by @notatallshaw in pypa/packaging#951

Return False instead of raising for .contains with invalid version by @Liam-DeVoe in pypa/packaging#932

Support arbitrary equality on arbitrary strings for Specifier and SpecifierSet's filter and contains method. by @notatallshaw in pypa/packaging#954

Only try to parse as Version on certain marker keys, return False on unequal ordered comparsions by @JP-Ellis in pypa/packaging#939

Fixes:

Update _hash when unpickling Tag() by @dholth in pypa/packaging#860

Correct comment and simplify implicit prerelease handling in Specifier.prereleases by @notatallshaw in pypa/packaging#896

Use explicit _GLibCVersion NamedTuple in _manylinux by @cthoyt in pypa/packaging#868

Detect invalid license expressions containing () by @bwoodsend in pypa/packaging#879

Correct regex for metadata 'name' format by @di in pypa/packaging#925

Improve the message around expecting a semicolon by @pradyunsg in pypa/packaging#833

Support nested parens in license expressions by @Liam-DeVoe in pypa/packaging#931

Add space before at symbol in Requirements string by @henryiii in pypa/packaging#953

A root logger use found by ruff LOG, use packaging logger instead by @henryiii in pypa/packaging#965

Better support for subclassing Marker and Requirement by @henryiii in pypa/packaging#1022

Normalize all extras, not just if it comes first by @henryiii in pypa/packaging#1024

Don't produce a broken repr if Marker fails to construct by @henryiii in pypa/packaging#1033

Performance:

Avoid recompiling regexes in the tokenizer for a 3x speedup by @hauntsaninja in pypa/packaging#1019

Improve performance in _manylinux.py by @cthoyt in pypa/packaging#869

Minor cleanups to Version by @bearomorphism in pypa/packaging#913

Skip redundant creation of Versions in specifier comparison by @notatallshaw in pypa/packaging#986

Cache Specifier's Version by @notatallshaw in pypa/packaging#985

Make Version a little faster by @henryiii in pypa/packaging#987

Minor Version regex cleanup by @henryiii in pypa/packaging#990

Faster regex on Python 3.11.5+ by @henryiii in pypa/packaging#988 and pypa/packaging#1055

Lazily calculate _key in Version by @notatallshaw in pypa/packaging#989 and regression for packaging_legacy fixed by @henryiii in pypa/packaging#1048

Faster canonicalize_version by @henryiii in pypa/packaging#993

Use fullmatch in a couple more places by @henryiii in pypa/packaging#992

... (truncated)

Changelog

Sourced from packaging's changelog.

26.0 - 2026-01-20


Features:

PEP 751: support pylock (:pull:900)
PEP 794: import name metadata (:pull:948)
Support for writing metadata to a file (:pull:846)
Support __replace__ on Version (:pull:1003)
Support positional pattern matching for Version and SpecifierSet (:pull:1004)

Behavior adaptations:

PEP 440 handling of prereleases for Specifier.contains, SpecifierSet.contains, and SpecifierSet.filter (:pull:897)
Handle PEP 440 edge case in SpecifierSet.filter (:pull:942)
Adjust arbitrary equality intersection preservation in SpecifierSet (:pull:951)
Return False instead of raising for .contains with invalid version (:pull:932)
Support arbitrary equality on arbitrary strings for Specifier and SpecifierSet's filter and contains method. (:pull:954)
Only try to parse as Version on certain marker keys, return False on unequal ordered comparisons (:pull:939)

Fixes:

Update _hash when unpickling Tag() (:pull:860)
Correct comment and simplify implicit prerelease handling in Specifier.prereleases (:pull:896)
Use explicit _GLibCVersion NamedTuple in _manylinux (:pull:868)
Detect invalid license expressions containing () (:pull:879)
Correct regex for metadata 'name' format (:pull:925)
Improve the message around expecting a semicolon (:pull:833)
Support nested parens in license expressions (:pull:931)
Add space before at symbol in Requirements string (:pull:953)
A root logger use found, use a packaging logger instead (:pull:965)
Better support for subclassing Marker and Requirement (:pull:1022)
Normalize all extras, not just if it comes first (:pull:1024)
Don't produce a broken repr if Marker fails to construct (:pull:1033)

Performance:

Avoid recompiling regexes in the tokenizer for a 3x speedup (:pull:1019)
Improve performance in _manylinux.py (:pull:869)
Minor cleanups to Version (:pull:913)
Skip redundant creation of Version's in specifier comparison (:pull:986)
Cache the Specifier's Version (:pull:985)
Make Version a little faster (:pull:987)
Minor Version regex cleanup (:pull:990)
Faster regex on Python 3.11.5+ for Version (:pull:988, :pull:1055)
Lazily calculate _key in Version (:pull:989, :pull:1048)
Faster canonicalize_version (:pull:993)
Use re.fullmatch in a couple more places (:pull:992, :pull:1029)
Use map instead of generator (:pull:996)
Deprecate ._version (_Version, a NamedTuple) (:pull:995, :pull:1062)

</tr></table>

... (truncated)

Commits

3b77a26 Bump for release
31371cc docs: prepare for 26.0 final (#1063)
9627a88 perf: dual replace (#1064)
d5398b8 fix: restore ._version as a compat shim (#1062)
3a7b600 Bump for development
d4eefdc Bump for release
4618912 docs: prepare for 26.0rc3 (#1060)
0cf1b41 ci: test on first public release of CPythons (#1056)
716beb1 perf: 10% faster stripping zeros (#1058)
350a230 fix: support CPython 3.11.0-3.11.4 and older PyPy3.11 (#1055)
Additional commits viewable in compare view

Updates build from 1.3.0 to 1.4.0

Release notes

Sourced from build's releases.

1.4.0

Add --quiet flag (PR #947)

Add option to dump PEP 517 metadata with --metadata (PR #940, PR #943)

Support UV environment variable (PR #971)

Remove a workaround for 3.14b1 (PR #960)

In 3.14 final release, color defaults to True already (PR #962)

Pass sp-repo-review (PR #942)

In pytest configuration, log_level is better than log_cli_level (PR #950)

Split up typing and mypy (PR #944)

Use types-colorama (PR #945)

In docs, first argument for _has_dependency is a name (PR #970)

Fix test failure when flit-core is installed (PR #921)

Changelog

Sourced from build's changelog.

1.4.0 (2026-01-08)

Add --quiet flag (:pr:947)

Add option to dump PEP 517 metadata with --metadata (:pr:940, :pr:943)

Support UV environment variable (:pr:971)

Remove a workaround for 3.14b1 (:pr:960)

In 3.14 final release, color defaults to True already (:pr:962)

Pass sp-repo-review (:pr:942)

In pytest configuration, log_level is better than log_cli_level (:pr:950)

Split up typing and mypy (:pr:944)

Use types-colorama (:pr:945)

In docs, first argument for _has_dependency is a name (PR :pr:970)

Fix test failure when flit-core is installed (PR :pr:921)

Commits

54f238d chore: prepare for 1.4.0 (#972)
f219276 docs: first argument for _has_dependency is a name (#970)
7adb29e fix: support UV environment variable (#971)
a40623b build(deps): bump actions/attest-build-provenance in the actions group (#968)
c8fae34 pre-commit: bump repositories (#965)
ed9c379 build(deps): bump actions/download-artifact in the actions group
0e44fd2 Add quiet flag (#947)
60e15ed chore: color defaults to True in 3.14 (#962)
0486d9d pre-commit: bump repositories (#961)
393b775 MNT: remove workaround for 3.14b1 (#960)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the packaging group with 2 updates in the / directory: [packaging](https://github.com/pypa/packaging) and [build](https://github.com/pypa/build). Updates `packaging` from 25.0 to 26.0 - [Release notes](https://github.com/pypa/packaging/releases) - [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst) - [Commits](pypa/packaging@25.0...26.0) Updates `build` from 1.3.0 to 1.4.0 - [Release notes](https://github.com/pypa/build/releases) - [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst) - [Commits](pypa/build@1.3.0...1.4.0) --- updated-dependencies: - dependency-name: packaging dependency-version: '26.0' dependency-type: direct:production update-type: version-update:semver-major dependency-group: packaging - dependency-name: build dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: packaging ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 23, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the packaging group across 1 directory with 2 updates #191

Bump the packaging group across 1 directory with 2 updates #191

Uh oh!

dependabot bot commented on behalf of github Jan 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Bump the packaging group across 1 directory with 2 updates #191

Are you sure you want to change the base?

Bump the packaging group across 1 directory with 2 updates #191

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 23, 2026

26.0

What's Changed

1.4.0

1.4.0 (2026-01-08)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants