chore(deps): pin dependencies

[khepri-bot]

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
actions/checkout	action	pin	v4 → v4
codespell	tool.pdm.dev-dependencies	pin	~=2.2.6 → ==2.2.6
github/codeql-action	action	pin	v3 → v3
mypy (changelog)	tool.pdm.dev-dependencies	pin	~=1.9.0 → ==1.9.0
pdm-project/setup-pdm	action	pin	v4 → v4
pylint (changelog)	tool.pdm.dev-dependencies	pin	~=3.1.0 → ==3.1.0
pytest-mock (changelog)	tool.pdm.dev-dependencies	pin	~=3.14.0 → ==3.14.0
pytest-sugar	tool.pdm.dev-dependencies	pin	~=1.0.0 → ==1.0.0
ruff (source, changelog)	tool.pdm.dev-dependencies	pin	~=0.3.7 → ==0.3.7
safety (changelog)	tool.pdm.dev-dependencies	minor	==3.1.0 → ==3.7.0
tox (changelog)	tool.pdm.dev-dependencies	pin	~=4.14.2 → ==4.14.2
tox-pdm	tool.pdm.dev-dependencies	pin	~=0.7.2 → ==0.7.2
trufflesecurity/trufflehog	action	pinDigest	→ 2edd4d3

Add the preset :preserveSemverRanges to your config if you don't want to pin your dependencies.

---

Release Notes

pyupio/safety (safety)

v3.7.0

Compare Source

Fix

• npm ecosystem check on render package details (#​820)

v3.6.2

Compare Source

v3.6.1

Compare Source

Fix

• Import rich_utils as a module and don't access as an attribute. (#​780)

v3.6.0

Compare Source

v3.5.2

Compare Source

Fix

• resolve logger warnings (#​761)

v3.5.1

Compare Source

v3.5.0

Compare Source

Fix

• poetry error on source and parsing pyproject.toml (#​739)

v3.4.0

Compare Source

v3.3.1

Compare Source

v3.3.0

Compare Source

v3.2.14

Compare Source

• Add fun-mode (#​649)
• Package version upgrade for psutil and filelock (#​652)
• Package version upgrade for typer (#​654)
• Package version upgrade for pydantic (#​655)
• Add "--use-server-matching" arguement (#​640)
• Bugfix for safety "NoneType is not iterable" error (#​657)

v3.2.13

Compare Source

• Remove email verification for running scans (#​645)

v3.2.12

Compare Source

• Add CVE Details and Single-Key Filtering for JSON Output in safety scan (#​643)
• feature/add-branch-name (#​641)
• feat/add --headless to --help (#​636)

v3.2.11

Compare Source

• chore/upgrade-dparse (#​633)
• Migrate to PyPI Trusted Publisher for Automated Package Deployment (#​632)
• fix/fix-test-validate-func (#​631)
• feat: api keys now work without specifying the env (#​630)
• fix:jupyter notebook rich format removal (#​628)

v3.2.10

Compare Source

• Support for scanning pyproject.toml files (#​625)
• Update safety-schemas version used (#​624)
• Fix basic poloicy test (#​622)

v3.2.9

Compare Source

• chore: deprection-message-for-license-command (4149b70)
• feat: add-pull-request-template (#​604) (61b2fe2)
• fix: devcontainer fix (be42d8e)
• fix: safety error when scan is run without being authed (5ec80dd)
• feat: add-devcontainers-support (0591838)
• fix: internal-server-error (04d7efb)
• fix: clarify-vulnerabilities-found/ Fixed the issue where the vulnerabilities (07bc5b7)
• chore: added check arg depreciation warning (78109e5)
• feature: release-script: add release script (#​602) (cc49542)

v3.2.8

Compare Source

• feat: enhance version comparison logic for check-updates command (#​605)
• docs: add demo Jupyter Notebook (#​601)
• feat: add script to generate CONTRIBUTORS.md with Shields.io badges based on merged PRs (#​600)
• chore: fix CLI help text by removing rich formatting for cleaner output (#​599)
• chore: hide system scan from help text (#​598)
• chore: add LICENSES.md file to document dependency licenses (#​597)
• docs: add SECURITY.md file with security policy and bug bounty details (#​593)

v3.2.7

Compare Source

• fix/increase-auth-timeout: increase timeout to 5s (#​583)
• Update Issue Templates: Add Feature Request Template and Improve Issue Submission Process (#​580)

v3.2.6

Compare Source

• fix/update-schemas-0-0-4 (#​581)
• chore/update-coc-email (#​579)
• docs(contributing): add CONTRIBUTING.md with guidelines for contributors (#​571)
• chore: update-network-url (#​569)

v3.2.5

Compare Source

• fix: increment schemas version (#​567)
• Add SLA Document (#​565)
• Add Table of Contents to README.md (#​564)
• docs: code of conduct (#​559)
• Add More Badges (#​558)
• feat: fixed issue responder (#​561)
• feat(logger): config.ini, proxy, network stats (#​547)
• refactor: replace private typer functions with rich module equivalents (#​556)
• feat(safety_cli): docstrings, type hints, comments (#​549)
• feat: add GitHub Action to automatically respond to new issues (#​554)
• readme: add download badge to readme (#​557)
• fix(debug): fix --debug flag and associated tests (#​552)
• chore: release 3.2.4 (#​545)
• fix(cache): handle get_from_cache=None and ensure directory exists (#​544)
• REQUEST_TIMEOUT Env Var (#​541)
• Update URLs, Lint (#​540)

v3.2.4

Compare Source

• Handle get_from_cache=None and ensure directory exists (#​538)
• Switch filelock package to compatible release clause (#​538)
• Add filelock to install_requires (#​538)

v3.2.3

Compare Source

• Increase request timeout to 30 seconds (#​535)
• fix: fail on none severities (#​534)

v3.2.2

Compare Source

• fix: include scan template in build (#​531)

v3.2.1

Compare Source

• Add fun-mode (#​649)
• Package version upgrade for psutil and filelock (#​652)
• Package version upgrade for typer (#​654)
• Package version upgrade for pydantic (#​655)
• Add "--use-server-matching" arguement (#​640)
• Bugfix for safety "NoneType is not iterable" error (#​657)

v3.2.0

Compare Source

• feat: add SAFETY_DB_DIR env var to the scan command (#​523)
• fix: update pyinstaller target (#​522)
• docs: added note on hiring and added careers page link (#​510)

---

Configuration

📅 Schedule: (in timezone America/New_York)

• Branch creation
  • Between 12:00 AM and 08:59 AM, only on Monday (* 0-8 * * 1)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.