Skip to content

Bump bump-my-version from 1.2.5 to 1.3.0#97

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/bump-my-version-1.3.0
Open

Bump bump-my-version from 1.2.5 to 1.3.0#97
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/bump-my-version-1.3.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps bump-my-version from 1.2.5 to 1.3.0.

Release notes

Sourced from bump-my-version's releases.

1.3.0

Compare the full difference.

Fixes

  • Refactor hook script execution to handle platform-specific argument parsing; update typing imports. a46b63d

New

  • Add allow_shell_hooks option for safe hook execution; improve shell syntax handling. 036ee1a

    • Introduce allow_shell_hooks configuration to control shell metacharacters in hooks.
    • Change default behavior to disallow shell syntax (shell=False) unless explicitly enabled.
    • Add regex detection for shell syntax and migrate affected hooks.
    • Update tests and fixtures to cover new functionality.
    • Enhance documentation with migration guidance and best practices.

Other

  • Standardize formatting, spacing, and indentation across documentation and templates for consistency. 1b9eb42

  • Modularize CLI commands into individual files: bump, replace, show, show-bump, and sample-config; add corresponding tests and shared options file. c35c431

  • Make --regex option nullable; add tests for precedence between CLI flags and config. c78bbef

Updates

  • Update pre-commit, improve is_subpath logic, and enhance documentation. 919c66b

    • Update ruff-pre-commit to v0.15.1 in pre-commit config.
    • Refine is_subpath logic to handle edge cases and add path resolution.
    • Add security test cases for path traversal in test_is_subpath.
    • Extend AGENTS.md with pytest execution instructions.

1.2.7

Compare the full difference.

Fixes

  • Refactor movable tag logic to delete remote tags before pushing; update tests and documentation. a0d9580

Other

1.2.6

Compare the full difference.

Fixes

... (truncated)

Changelog

Sourced from bump-my-version's changelog.

1.3.0 (2026-03-22)

Compare the full difference.

Fixes

  • Refactor hook script execution to handle platform-specific argument parsing; update typing imports. a46b63d

New

  • Add allow_shell_hooks option for safe hook execution; improve shell syntax handling. 036ee1a

    • Introduce allow_shell_hooks configuration to control shell metacharacters in hooks.
    • Change default behavior to disallow shell syntax (shell=False) unless explicitly enabled.
    • Add regex detection for shell syntax and migrate affected hooks.
    • Update tests and fixtures to cover new functionality.
    • Enhance documentation with migration guidance and best practices.

Other

  • Standardize formatting, spacing, and indentation across documentation and templates for consistency. 1b9eb42

  • Modularize CLI commands into individual files: bump, replace, show, show-bump, and sample-config; add corresponding tests and shared options file. c35c431

  • Make --regex option nullable; add tests for precedence between CLI flags and config. c78bbef

Updates

  • Update pre-commit, improve is_subpath logic, and enhance documentation. 919c66b

    • Update ruff-pre-commit to v0.15.1 in pre-commit config.
    • Refine is_subpath logic to handle edge cases and add path resolution.
    • Add security test cases for path traversal in test_is_subpath.
    • Extend AGENTS.md with pytest execution instructions.

1.2.7 (2026-02-14)

Compare the full difference.

Fixes

  • Refactor movable tag logic to delete remote tags before pushing; update tests and documentation. a0d9580

Other

1.2.6 (2025-12-29)

... (truncated)

Commits
  • e6ecdc3 Version updated from 1.2.7 to 1.3.0
  • 28bc844 Merge pull request #400 from callowayproject/fix-is-subpath
  • 1b9eb42 Standardize formatting, spacing, and indentation across documentation and tem...
  • a46b63d Refactor hook script execution to handle platform-specific argument parsing; ...
  • c35c431 Modularize CLI commands into individual files: bump, replace, show, `sh...
  • c78bbef Make --regex option nullable; add tests for precedence between CLI flags an...
  • 036ee1a Add allow_shell_hooks option for safe hook execution; improve shell syntax ...
  • 919c66b Update pre-commit, improve is_subpath logic, and enhance documentation
  • 0bbbb5d Version updated from 1.2.6 to 1.2.7
  • d2cd3c8 Merge pull request #397 from callowayproject/396-change-moveable-tags
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 1, 2026
@Zeitsperre Zeitsperre enabled auto-merge April 2, 2026 17:45
@Zeitsperre
Copy link
Copy Markdown
Collaborator

Zeitsperre commented Apr 14, 2026

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/pip/bump-my-version-1.3.0 branch from 39e974a to d85f660 Compare April 14, 2026 20:16
@Zeitsperre
Copy link
Copy Markdown
Collaborator

Zeitsperre commented Apr 15, 2026

@dependabot rebase

@dependabot
Bump bump-my-version from 1.2.5 to 1.3.0
c6c774d 
Bumps [bump-my-version](https://github.com/callowayproject/bump-my-version) from 1.2.5 to 1.3.0.
- [Release notes](https://github.com/callowayproject/bump-my-version/releases)
- [Changelog](https://github.com/callowayproject/bump-my-version/blob/master/CHANGELOG.md)
- [Commits](callowayproject/bump-my-version@1.2.5...v1.3)

---
updated-dependencies:
- dependency-name: bump-my-version
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/bump-my-version-1.3.0 branch from d85f660 to c6c774d Compare April 15, 2026 14:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Zeitsperre