build(deps-dev): bump pip-licenses from 5.0.0 to 5.5.5

[dependabot]

Bumps pip-licenses from 5.0.0 to 5.5.5.

Release notes

Sourced from pip-licenses's releases.

5.5.5

Patch Notes for 5.5.5

Combines recent pre-releases (including 5.5.2-5.5.4) to deliver significant codebase cleanup and lays the groundwork for upcoming changes planned for version v6.0.

What's Changed

• (RC-3) Additional tweaks to CHANGELOG and various comments.
• (RC-2) Updated Copyright lines and made note of new maintainer
• (RC-1) Reverts experiments from PR #313 to prepare for a proper release.

Full Changelog: raimon49/pip-licenses@v-5.5.4...v-5.5.5

5.5.4

[!IMPORTANT] PRE-RELEASE UPDATE This is an early pre-release to bring the default branch closer to upcoming development changes.

Patch Notes for 5.5.4

Notable Changes

Fixes #288. See GHI #288 & PR #313 for more info and relevant discussion.

• Implements/Configures support for prek
  • Implemented initial pre-commit-config.yaml based on work by @​DimitriPapadopoulos
• Implements additional support for typing
  • Extended recent ruff configurations
    • Aligned ruff rules for style a more black compatible experience
    • Enabled rules for linting type annotations with ruff
  • Added new type annotations through-out the codebase, including for test-code
  • Added new experimental linter that aims to support the entire Python Typing spec.
• Updated and re-tooled development dependencies
  • Refactored tooling with more robust handling of pinning the known filelock dependency across python versions
  • Several version bumps (still targeting Python 3.9+)
  • re-factored/re-tooled the Makefile for developer workflows

Impacted GHI

• Closes #288 (Wontfix)
  • Closes #314 (fixed)
  • Closes #315 (fixed)

• Contributes to #319

Included and superseded PRs

• Includes & supersedes #298
• Includes & supersedes #304
• Includes & supersedes #305
• Includes & supersedes #306

... (truncated)

Changelog

Sourced from pip-licenses's changelog.

5.5.5

• Updated cc lines and officially made note of change in maintainers

5.5.4

• Expanded typing annotations through-out codebase
• Configured prek/pre-commit for CI linting and local developer workflows
• Additional configuration following v5.5.2's migration of linters
  • Fine tune ruff to enforce typing and black style opinions (Code style remains PEP-8 aligned)
  • Cleanup/gitignore for ruff
• Fixed a typo in previous changelog

5.5.3

• Aligned parsing logic with PEP 753
• Refactored to better leverage f-strings to improve performance slightly
• Fixed various warnings in tests
• Got rid of historical Python 3.5 left-overs

5.5.2

• Added support for multi-line allow-only and fail-on arguments
  • Relaxed parsing of most whitespace around semicolon delimiter
• Added simple SECURITY.md policy document
• Fixed a duplication behavior in output when a package was found at multiple paths (e.g., symlinks)
• Fixed issue where lowercase license filenames were ignored
• Improved project Makefile stability for developers
• Migrated from the linters black and isort to ruff
  • Code style remains PEP-8 aligned, but should be slightly more readable.
  • Linting configuration remains in pyproject.toml
• Updated CONTRIBUTORS.md guide with related changes

5.5.1

• Fixed typographical issue in README examples, closing GHI #209.
• Fixed typographical issue in docstring found by codespell.
• Aligned Project URLs in pyproject.toml with PEP 753
• Brought pyproject.toml (e.g., packaging metadata) into alignment with PEP 639 and related packaging guidance.
  • Improved MANIFEST.in to setuptools-scm build logic with better filtering, closing GHI #266
• Fixed a regression in linting via black by deprecating support for python 3.9, closing GHI #264
  • Applied black 26.1.0suggestions to codebase, closing GHI #269

5.5.0

• Replace dependency on tomli with builtin tomllib for Python 3.11
• Added support for License-Expression metadata field, see PEP 639
• Added --from=expression option
• Breaking change: The --from=all output now includes the License-Expression value
• Fixed KeyError with --partial and --allow-only if a license matches multiple allowed licenses.

... (truncated)

Commits

• a870ce4 Apply suggestions from self code review of v5.5.5-rc3
• 187bca9 Version bump to v5.5.5
• 55279ab Fix for deployment GHA
• cada4a6 Update changelog and bump version to 5.5.4
• aa4f1ef cherrypick commit 'd6c980189c4a845e2c6fcfe5607cf6677f1d156c' into no-feature-...
• 08e5a25 cherrypick commit '3ccf905e2ea97386fed87884e915e65945e36b63' into no-feature-...
• 1f3e51b Merge commit '32d1ef1dcfaa424476d31a3ddf1dbcc34a60f2c6' into no-feature-prek-...
• 40d48a6 Merge branch 'fix-type-annotation-warnings-from-ruff-315' into no-feature-pre...
• 708d00a Merge branch 'fix-warning-in-generated-dev-requirementstxt-file-314' into no-...
• 94dfd7e cherrypick commit '0ae66a5000a454a359c38dd70d69b79377fdba64' into no-feature-...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: poetry. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud