build(deps): bump the pip group across 1 directory with 5 updates

[dependabot]

Bumps the pip group with 5 updates in the / directory:

Package	From	To
mypy	1.11.2	1.14.0
ruff	0.6.9	0.8.4
bandit	1.7.10	1.8.0
semgrep	1.90.0	1.101.0
pre-commit	4.0.0	4.0.1

Updates mypy from 1.11.2 to 1.14.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

...

Mypy 1.14

We’ve just uploaded mypy 1.14 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Change to Enum Membership Semantics

As per the updated typing specification for enums, enum members must be left unannotated.

class Pet(Enum):
    CAT = 1  # Member attribute
    DOG = 2  # Member attribute
# New error: Enum members must be left unannotated
WOLF: int = 3
species: str  # Considered a non-member attribute

In particular, the specification change can result in issues in type stubs (.pyi files), since historically it was common to leave the value absent:

# In a type stub (.pyi file)
class Pet(Enum):
# Change in semantics: previously considered members,
# now non-member attributes
CAT: int
DOG: int
# Mypy will now issue a warning if it detects this
# situation in type stubs:
# > Detected enum "Pet" in a type stub with zero
# > members. There is a chance this is due to a recent
# > change in the semantics of enum membership. If so,
# > use `member = value` to mark an enum member,

</tr></table>

... (truncated)

Commits

• 6f37859 Remove +dev from version for release 1.14
• 5a6a754 Minor updates to 1.14 changelog (#18310)
• 9772d48 Update changelog for release 1.14 (#18301)
• 92473c8 Warn about --follow-untyped-imports (#18249)
• e6ce8be PEP 702 (@​deprecated): descriptors (#18090)
• 5082a22 [mypyc] Document optimized bytes ops and additional str ops (#18242)
• ee19ea7 [mypyc] Add primitives and specialization for ord() (#18240)
• cc45bec [mypyc] Make exception type check in assertRaises test helper precise (#18241)
• f51090d Make "deprecated" Note a standard Error, disabled by default (#18192)
• 242873a Implement flag to allow typechecking of untyped modules (#17712)
• Additional commits viewable in compare view

Updates ruff from 0.6.9 to 0.8.4

Release notes

Sourced from ruff's releases.

0.8.4

Release Notes

Preview features

• [airflow] Extend AIR302 with additional functions and classes (#15015)
• [airflow] Implement moved-to-provider-in-3 for modules that has been moved to Airflow providers (AIR303) (#14764)
• [flake8-use-pathlib] Extend check for invalid path suffix to include the case "." (PTH210) (#14902)
• [perflint] Fix panic in PERF401 when list variable is after the for loop (#14971)
• [perflint] Simplify finding the loop target in PERF401 (#15025)
• [pylint] Preserve original value format (PLR6104) (#14978)
• [ruff] Avoid false positives for RUF027 for typing context bindings (#15037)
• [ruff] Check for ambiguous pattern passed to pytest.raises() (RUF043) (#14966)

Rule changes

• [flake8-bandit] Check S105 for annotated assignment (#15059)
• [flake8-pyi] More autofixes for redundant-none-literal (PYI061) (#14872)
• [pydocstyle] Skip leading whitespace for D403 (#14963)
• [ruff] Skip SQLModel base classes for mutable-class-default (RUF012) (#14949)

Bug

• [perflint] Parenthesize walrus expressions in autofix for manual-list-comprehension (PERF401) (#15050)

Server

• Check diagnostic refresh support from client capability which enables dynamic configuration for various editors (#15014)

Contributors

• @​AlexWaygood
• @​Daverball
• @​DimitriPapadopoulos
• @​InSyncWithFoo
• @​Lee-W
• @​MichaReiser
• @​TheBits
• @​cake-monotone
• @​carljm
• @​dcreager
• @​dhruvmanila
• @​dylwil3
• @​github-actions
• @​kiran-4444
• @​krishnan-chandra
• @​rchen152
• @​renovate
• @​sharkdp
• @​tarasmatsyk
• @​w0nder1ng

... (truncated)

Changelog

Sourced from ruff's changelog.

0.8.4

Preview features

• [airflow] Extend AIR302 with additional functions and classes (#15015)
• [airflow] Implement moved-to-provider-in-3 for modules that has been moved to Airflow providers (AIR303) (#14764)
• [flake8-use-pathlib] Extend check for invalid path suffix to include the case "." (PTH210) (#14902)
• [perflint] Fix panic in PERF401 when list variable is after the for loop (#14971)
• [perflint] Simplify finding the loop target in PERF401 (#15025)
• [pylint] Preserve original value format (PLR6104) (#14978)
• [ruff] Avoid false positives for RUF027 for typing context bindings (#15037)
• [ruff] Check for ambiguous pattern passed to pytest.raises() (RUF043) (#14966)

Rule changes

• [flake8-bandit] Check S105 for annotated assignment (#15059)
• [flake8-pyi] More autofixes for redundant-none-literal (PYI061) (#14872)
• [pydocstyle] Skip leading whitespace for D403 (#14963)
• [ruff] Skip SQLModel base classes for mutable-class-default (RUF012) (#14949)

Bug

• [perflint] Parenthesize walrus expressions in autofix for manual-list-comprehension (PERF401) (#15050)

Server

• Check diagnostic refresh support from client capability which enables dynamic configuration for various editors (#15014)

0.8.3

Preview features

• Fix fstring formatting removing overlong implicit concatenated string in expression part (#14811)
• [airflow] Add fix to remove deprecated keyword arguments (AIR302) (#14887)
• [airflow]: Extend rule to include deprecated names for Airflow 3.0 (AIR302) (#14765 and #14804)
• [flake8-bugbear] Improve error messages for except* (B025, B029, B030, B904) (#14815)
• [flake8-bugbear] itertools.batched() without explicit strict (B911) (#14408)
• [flake8-use-pathlib] Dotless suffix passed to Path.with_suffix() (PTH210) (#14779)
• [pylint] Include parentheses and multiple comparators in check for boolean-chained-comparison (PLR1716) (#14781)
• [ruff] Do not simplify round() calls (RUF046) (#14832)
• [ruff] Don't emit used-dummy-variable on function parameters (RUF052) (#14818)
• [ruff] Implement if-key-in-dict-del (RUF051) (#14553)
• [ruff] Mark autofix for RUF052 as always unsafe (#14824)
• [ruff] Teach autofix for used-dummy-variable about TypeVars etc. (RUF052) (#14819)

Rule changes

• [flake8-bugbear] Offer unsafe autofix for no-explicit-stacklevel (B028) (#14829)
• [flake8-pyi] Skip all type definitions in string-or-bytes-too-long (PYI053) (#14797)
• [pyupgrade] Do not report when a UTF-8 comment is followed by a non-UTF-8 one (UP009) (#14728)

... (truncated)

Commits

• 3bb0dac Bump version to 0.8.4 (#15064)
• 40cba5d [red-knot] Cleanup various todo_type!() messages (#15063)
• 596d80c [perflint] Parenthesize walrus expressions in autofix for `manual-list-comp...
• d8b9a36 Disable actionlint hook by default when running pre-commit locally (#15061)
• 85e71ba [flake8-bandit] Check S105 for annotated assignment (#15059)
• 2802cbd Don't special-case class instances in unary expression inference (#15045)
• ed2bce6 [red-knot] Report invalid exceptions (#15042)
• f0012df Fix typos in RUF043.py (#15044)
• 0fc4e8f Introduce InferContext (#14956)
• ac81c72 [ruff] Ambiguous pattern passed to pytest.raises() (RUF043) (#14966)
• Additional commits viewable in compare view

Updates bandit from 1.7.10 to 1.8.0

Release notes

Sourced from bandit's releases.

1.8.0

What's Changed

• Bump docker/build-push-action from 6.7.0 to 6.9.0 by @​dependabot in PyCQA/bandit#1178
• Rename doc file to match proper bandit ID by @​ericwb in PyCQA/bandit#1183
• Removal of Python 3.8 support by @​ericwb in PyCQA/bandit#1174
• Add more insecure cryptography cipher algorithms by @​ericwb in PyCQA/bandit#1185
• Bump docker/setup-buildx-action from 3.6.1 to 3.7.1 by @​dependabot in PyCQA/bandit#1186
• Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 by @​dependabot in PyCQA/bandit#1187
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1162
• No need to check httpx client without timeout defined by @​ericwb in PyCQA/bandit#1177
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1191
• Mark Python 3.13 as officially supported by @​ericwb in PyCQA/bandit#1192
• Update project urls with added links by @​ericwb in PyCQA/bandit#1193
• [pre-commit.ci] pre-commit autoupdate by @​pre-commit-ci in PyCQA/bandit#1196
• Add a JSON to seek funding from the FLOSS/fund by @​ericwb in PyCQA/bandit#1194
• Remove Sentry as a sponsor by @​ericwb in PyCQA/bandit#1198
• Remove more leftover OpenStack references by @​ericwb in PyCQA/bandit#1195

Full Changelog: PyCQA/bandit@1.7.10...1.8.0

Commits

• 8fd258a Remove more leftover OpenStack references (#1195)
• a19b072 Remove Sentry as a sponsor (#1198)
• 48e0258 Add a JSON to seek funding from the FLOSS/fund (#1194)
• 5300a21 [pre-commit.ci] pre-commit autoupdate (#1196)
• 0b249d9 Update project urls with added links (#1193)
• 4be653d Mark Python 3.13 as officially supported (#1192)
• 8e6dc1b [pre-commit.ci] pre-commit autoupdate (#1191)
• 071386b No need to check httpx client without timeout defined (#1177)
• 9b4d480 [pre-commit.ci] pre-commit autoupdate (#1162)
• ddf9b48 Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 (#1187)
• Additional commits viewable in compare view

Updates semgrep from 1.90.0 to 1.101.0

Release notes

Sourced from semgrep's releases.

Release v1.101.0

1.101.0 - 2024-12-18

Added

• Improved pnpm-lock.yaml parsing. (gh-2663)

Changed

• Re-ordered some terminal output of semgrep ci to allow semgrep-app to block scans based on specific findings (SECW-2740)
• A few fields in the JSON output (e.g., "fingerprint", "metavars") require now the user to be logged in to see them. See https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#json for more information. (json)
• We're renaming semgrep OSS to Semgrep Community Edition. See https://semgrep.dev/blog/2024/important-updates-to-semgrep-oss/ for more information. (rename)
• A few fields in the SARIF output (e.g., "fingerprints") require now the user to be logged in to see them. See https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#sarif for more information. (sarif)

Fixed

• pro: Improved inter-file tracking of tainted global variables. (code-7054)

• Python (pro-only): Taint now correctly tracks through calls to class methods within a class, via the cls parameter.

  So for instance, we would be able to determine a source-to-sink vulnerability in the following code snippet:

  class A:
    def foo(self, x):
      sink(x)
  @​classmethod
  
  def bar(cls):
  
  cls.foo(source)
  </code></pre>
  </li>
  <li>
  <p>pro: Fixed bug when generating inter-procedural taint traces, that it could
  cause a call-step to be missing in the trace. (saf-1783)</p>
  </li>
  <li>
  <p>Restored the &quot;rules&quot; field in the SARIF output, even when logged out. (saf-1794)</p>
  </li>
  </ul>
  <h2>Release v1.100.0</h2>
  <!-- raw HTML omitted -->
  </blockquote>
  <p>... (truncated)</p>
  </details>
  <details>
  <summary>Changelog</summary>
  <p><em>Sourced from <a href="https://github.com/semgrep/semgrep/blob/develop/CHANGELOG.md&quot;&gt;semgrep's changelog</a>.</em></p>
  
  <blockquote>
  
  <h2><a href="https://github.com/semgrep/semgrep/releases/tag/v1.101.0&quot;&gt;1.101.0&lt;/a> - 2024-12-18</h2>
  
  <h3>Added</h3>
  
  <ul>
  
  <li>Improved pnpm-lock.yaml parsing. (<a href="https://redirect.github.com/returntocorp/semgrep/issues/2663&quot;&gt;gh-2663&lt;/a&gt;)&lt;/li>
  
  </ul>
  
  <h3>Changed</h3>
  
  <ul>
  
  <li>Re-ordered some terminal output of <code>semgrep ci</code> to allow semgrep-app to block scans based on specific findings (SECW-2740)</li>
  
  <li>A few fields in the JSON output (e.g., &quot;fingerprint&quot;, &quot;metavars&quot;) require now
  
  the user to be logged in to see them.
  
  See <a href="https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#json&quot;&gt;https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#json&lt;/a>
  
  for more information. (json)</li>
  
  <li>We're renaming semgrep OSS to Semgrep Community Edition.
  
  See <a href="https://semgrep.dev/blog/2024/important-updates-to-semgrep-oss/&quot;&gt;https://semgrep.dev/blog/2024/important-updates-to-semgrep-oss/&lt;/a>
  
  for more information. (rename)</li>
  
  <li>A few fields in the SARIF output (e.g., &quot;fingerprints&quot;) require now
  
  the user to be logged in to see them.
  
  See <a href="https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#sarif&quot;&gt;https://semgrep.dev/docs/semgrep-appsec-platform/json-and-sarif#sarif&lt;/a>
  
  for more information. (sarif)</li>
  
  </ul>
  
  <h3>Fixed</h3>
  
  <ul>
  
  <li>
  
  <p>pro: Improved inter-file tracking of tainted global variables. (code-7054)</p>
  
  </li>
  
  <li>
  
  <p>Python (pro-only): Taint now correctly tracks through calls to class methods
  
  within a class, via the <code>cls</code> parameter.</p>
  
  <p>So for instance, we would be able to determine a source-to-sink
  
  vulnerability in the following code snippet:</p>
  
  <pre><code>class A:
  
  def foo(self, x):
  
  sink(x)
  @classmethod
  
  def bar(cls):
  
  cls.foo(source)
  &lt;/code&gt;&lt;/pre&gt;
  &lt;/li&gt;
  &lt;li&gt;
  &lt;p&gt;pro: Fixed bug when generating inter-procedural taint traces, that it could
  cause a call-step to be missing in the trace. (saf-1783)&lt;/p&gt;
  &lt;/li&gt;
  &lt;li&gt;
  &lt;p&gt;Restored the &amp;quot;rules&amp;quot; field in the SARIF output, even when logged out. (saf-1794)&lt;/p&gt;
  &lt;/li&gt;
  &lt;/ul&gt;
  &lt;h2&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/releases/tag/v1.100.0&quot;&gt;1.100.0&lt;/a&gt; - 2024-12-12&lt;/h2&gt;
  &lt;!-- raw HTML omitted --&gt;
  &lt;/blockquote&gt;
  &lt;p&gt;... (truncated)&lt;/p&gt;
  &lt;/details&gt;
  &lt;details&gt;
  &lt;summary&gt;Commits&lt;/summary&gt;
  
  &lt;ul&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/da1124acb54b20c57ba454b49cb7ea65be7bac00&quot;&gt;&lt;code&gt;da1124a&lt;/code&gt;&lt;/a&gt; chore: release version 1.101.0&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/611bdbd15026dfdd38fa30b93889925fa50e444e&quot;&gt;&lt;code&gt;611bdbd&lt;/code&gt;&lt;/a&gt;&lt;code&gt;semgrep/semgrep-proprietary#2800&lt;/code&gt;&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/c04cd3859d74839950e7f4bce522b76871123533&quot;&gt;&lt;code&gt;c04cd38&lt;/code&gt;&lt;/a&gt; SARIF: restore the &amp;quot;rules&amp;quot; field even when logged out (semgrep/semgrep-propri...&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/ac656ed70771e53ac85ca89d8d02331427f4d0e3&quot;&gt;&lt;code&gt;ac656ed&lt;/code&gt;&lt;/a&gt; osemgrep: Remove use of Fmt for Xxx_report.ml and consolidate in Text_reports...&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/9dc60c18cdba6eb6925b240456f93363fc3bfe54&quot;&gt;&lt;code&gt;9dc60c1&lt;/code&gt;&lt;/a&gt;&lt;code&gt;semgrep/semgrep-proprietary#2&lt;/code&gt;&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/bfd1c717c66602912bc0c1d5dd4d6d8946531df8&quot;&gt;&lt;code&gt;bfd1c71&lt;/code&gt;&lt;/a&gt;&lt;code&gt;semgrep/semgrep-proprietary#2745&lt;/code&gt;&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/eeb85e609c7382f6b09230c048500d3fb2eba18d&quot;&gt;&lt;code&gt;eeb85e6&lt;/code&gt;&lt;/a&gt; feat: Reorder output of &lt;code&gt;semgrep ci&lt;/code&gt; to allow the app to mark specific findin...&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/f74a69d9b124baf7c7745747605d2199a8c8a9c1&quot;&gt;&lt;code&gt;f74a69d&lt;/code&gt;&lt;/a&gt; tainting: Fix missing call-steps in taint traces (semgrep/semgrep-proprietary...&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/81a65de263260978efd9c75dfeac13d333587666&quot;&gt;&lt;code&gt;81a65de&lt;/code&gt;&lt;/a&gt; Add changelog entries for the gated loggedin fields (semgrep/semgrep-propriet...&lt;/li&gt;
  &lt;li&gt;&lt;a href=&quot;https://github.com/semgrep/semgrep/commit/dc6f9b2971283110066b9703beabaed2f0936bc8&quot;&gt;&lt;code&gt;dc6f9b2&lt;/code&gt;&lt;/a&gt;&lt;code&gt;semgrep/semgrep-proprietary#2756&lt;/code&gt;&lt;/li&gt;
  &lt;li&gt;Additional commits viewable in &lt;a href=&quot;https://github.com/returntocorp/semgrep/compare/v1.90.0...v1.101.0&quot;&gt;compare view&lt;/a&gt;&lt;/li&gt;
  &lt;/ul&gt;
  &lt;/details&gt;
  
  &lt;br /&gt;
  </code></pre>
  
  Updates `pre-commit` from 4.0.0 to 4.0.1
  <details>
  <summary>Release notes</summary>
  <p><em>Sourced from <a href="https://github.com/pre-commit/pre-commit/releases">pre-commit's releases</a>.</em></p>
  <blockquote>
  <h2>pre-commit v4.0.1</h2>
  <h3>Fixes</h3>
  <ul>
  <li>Fix <code>pre-commit migrate-config</code> for unquoted deprecated stages names with
  purelib <code>pyyaml</code>.
  <ul>
  <li><a href="https://redirect.github.com/pre-commit/pre-commit/issues/3324">#3324</a> PR by <a href="https://github.com/asottile"><code>@​asottile</code></a>.</li>
  <li><a href="https://redirect.github.com/pre-commit-ci/issues/issues/234">pre-commit-ci/issues#234</a> issue by <a href="https://github.com/lorenzwalthert"><code>@​lorenzwalthert</code></a>.</li>
  </ul>
  </li>
  </ul>
  </blockquote>
  </details>
  <details>
  <summary>Changelog</summary>
  <p><em>Sourced from <a href="https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md">pre-commit's changelog</a>.</em></p>
  <blockquote>
  <h1>4.0.1 - 2024-10-08</h1>
  <h3>Fixes</h3>
  <ul>
  <li>Fix <code>pre-commit migrate-config</code> for unquoted deprecated stages names with
  purelib <code>pyyaml</code>.
  <ul>
  <li><a href="https://redirect.github.com/pre-commit/pre-commit/issues/3324">#3324</a> PR by <a href="https://github.com/asottile"><code>@​asottile</code></a>.</li>
  <li><a href="https://redirect.github.com/pre-commit-ci/issues/issues/234">pre-commit-ci/issues#234</a> issue by <a href="https://github.com/lorenzwalthert"><code>@​lorenzwalthert</code></a>.</li>
  </ul>
  </li>
  </ul>
  </blockquote>
  </details>
  <details>
  <summary>Commits</summary>
  <ul>
  <li><a href="https://github.com/pre-commit/pre-commit/commit/cc4a52241565440ce200666799eef70626457488"><code>cc4a522</code></a> v4.0.1</li>
  <li><a href="https://github.com/pre-commit/pre-commit/commit/772d7d45d38b45a52355d8da708c068a0f242b00"><code>772d7d4</code></a> Merge pull request <a href="https://redirect.github.com/pre-commit/pre-commit/issues/3324">#3324</a> from pre-commit/migrate-config-purelib</li>
  <li><a href="https://github.com/pre-commit/pre-commit/commit/222c62bc5d2907efbd6052c5fb89c4c027400044"><code>222c62b</code></a> fix migrate-config for purelib yaml</li>
  <li><a href="https://github.com/pre-commit/pre-commit/commit/3d5548b487c4133181998a0a99148682625af8d1"><code>3d5548b</code></a> Merge pull request <a href="https://redirect.github.com/pre-commit/pre-commit/issues/3323">#3323</a> from pre-commit/pre-commit-ci-update-config</li>
  <li><a href="https://github.com/pre-commit/pre-commit/commit/4235a877f3ac4998b41e9cce8a709ac13de159b5"><code>4235a87</code></a> [pre-commit.ci] pre-commit autoupdate</li>
  <li>See full diff in <a href="https://github.com/pre-commit/pre-commit/compare/v4.0.0...v4.0.1">compare view</a></li>
  </ul>
  </details>
  <br />
  
  
  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
  
  [//]: # (dependabot-automerge-start)
  [//]: # (dependabot-automerge-end)
  
  ---
  
  <details>
  <summary>Dependabot commands and options</summary>
  <br />
  
  You can trigger Dependabot actions by commenting on this PR:
  - `@dependabot rebase` will rebase this PR
  - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
  - `@dependabot merge` will merge this PR after your CI passes on it
  - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
  - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
  - `@dependabot reopen` will reopen this PR if it is closed
  - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
  - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency
  - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions
  
  
  </details>
  

[dependabot]

Superseded by #12.