Skip to content

Bump filelock from 3.29.7 to 3.30.2#4493

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/filelock-3.30.2
Jul 17, 2026
Merged

Bump filelock from 3.29.7 to 3.30.2#4493
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/filelock-3.30.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 17, 2026

Copy link
Copy Markdown
Contributor

Bumps filelock from 3.29.7 to 3.30.2.

Release notes

Sourced from filelock's releases.

3.30.2

What's Changed

Full Changelog: tox-dev/filelock@3.30.1...3.30.2

3.30.1

What's Changed

Full Changelog: tox-dev/filelock@3.30.0...3.30.1

3.30.0

What's Changed

... (truncated)

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

.. towncrier-draft-entries:: Unreleased

.. towncrier release notes start


3.30.2 (2026-07-16)


  • Stop :class:~filelock.SoftFileLease deleting a live marker whose mode it does not implement. An unrecognized mode now names its owner instead of reading as malformed, so a record written by a newer filelock survives the grace window rather than being evicted after two seconds. :pr:672
  • Stop :class:~filelock.StrictSoftFileLock and :class:~filelock.AsyncStrictSoftFileLock calling themselves a native OS lock when they warn that they ignore lifetime; they now say a strict claim is only ever cleared by force_break(). :pr:672
  • Cover every lock type in the tutorials and how-to guides, with examples drawn from projects that use filelock, and color the mermaid diagrams. Correct the claims that StrictSoftFileLock exposes owner, that :class:~filelock.SoftFileLock evicts a strict sentinel, that :class:~filelock.ReadWriteLock requires a .db extension, and that every log record is DEBUG. :pr:672

3.30.1 (2026-07-16)


  • StrictSoftFileLock and AsyncStrictSoftFileLock no longer abort acquisition when a peer's claim vanishes as an NFSv3 stale filehandle instead of a clean removal; the reader revalidates and skips it, so strict locks hold mutual exclusion across independent NFSv3 client caches. :pr:669
  • SoftFileLease reads a marker whose lease duration is nan or inf as malformed rather than as a valid lease, so such a marker ages out through the grace window instead of raising LeaseSettingsMismatch on every contender. :pr:670

3.30.0 (2026-07-16)


  • Add context_error_policy to surface body and release failures as a :exc:BaseExceptionGroup. :pr:618
  • Add close_error_policy to control an :func:os.close failure after the OS unlock. :pr:619
  • Add :func:~filelock.lock_descriptor and :func:~filelock.unlock_descriptor to lock a caller-owned file descriptor. :pr:620
  • Add fallback_to_soft to fail closed instead of downgrading to :class:~filelock.SoftFileLock on ENOSYS. :pr:622
  • Add preserve_lock_file so native locks keep the lock pathname on release. :pr:624
  • Add an on_acquired hook that runs a callback on the locked descriptor once the lock is held. :pr:625
  • Add StrictSoftFileLock, which treats every marker it did not publish as contention, and SoftFileLease, whose claim expires and whose holder learns through on_compromise when it is lost. SoftFileLock(lifetime=...) now warns and names them. Both publish a record SoftFileLock evicts, so do not mix contracts on one path. :pr:636
  • Add StrictSoftFileLock and AsyncStrictSoftFileLock with owner-specific hard-linked claims. Strict mode fails closed on claim damage, exposes each recovery token, and requires an exact claim name for a force break. :pr:637
  • Ignore lifetime on native locks with a warning; only :class:~filelock.SoftFileLock honors it. :pr:593
  • Stop mutating the Unix lock file before :func:fcntl.flock is held. :pr:594
  • Bind the Windows reparse-point check to the locked handle to close a symlink-swap race. :pr:596
  • Evict a non-regular soft lock file without reading it. :pr:597
  • Write a soft lock's holder record atomically so a short write cannot create overlapping holders. :pr:614
  • Make native lock release transactional so a failed unlock is retried, not dropped. :pr:615
  • Open the Windows lock file via NtCreateFile so a real access denial is raised, not reported as a timeout. :pr:617
  • Canonicalize singleton keys so equivalent path spellings share an instance, without following a final symlink. :pr:621

... (truncated)

Commits
  • 9a71d06 Release 3.30.2
  • 0dfa1b2 Document every lock type, and stop evicting a marker we cannot read (#672)
  • 47d435f Release 3.30.1
  • 9b7b3b1 reject non-finite lease duration in marker records (#670)
  • cfafd70 Match fork-reset protocol on the class object (#671)
  • e4c0eb3 🐛 fix: tolerate NFSv3 stale handle in strict claim read (#669)
  • d0450d5 📝 docs: separate changelog releases with a blank line (#668)
  • 1b09406 Release 3.30.0
  • 5f2d663 👷 ci(matrix): add SMB, capability, and matrix docs (#665)
  • 2345750 Replace prettier with mdformat and yamlfmt (#667)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.29.7 to 3.30.2.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.29.7...3.30.2)

---
updated-dependencies:
- dependency-name: filelock
  dependency-version: 3.30.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 17, 2026
@github-actions
github-actions Bot enabled auto-merge (squash) July 17, 2026 03:23
@github-actions

Copy link
Copy Markdown
Contributor

MegaLinter analysis: Success

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ COPYPASTE jscpd yes no no 25.97s
✅ JSON prettier 7 0 0 0 1.21s
✅ JSON v8r 7 0 0 5.69s
✅ MARKDOWN markdownlint 68 0 0 0 1.84s
✅ MARKDOWN markdown-table-formatter 68 0 0 0 1.01s
✅ PYTHON black 1557 203 0 0 99.54s
✅ PYTHON isort 1557 377 0 0 2.77s
✅ REPOSITORY betterleaks yes no no 2.47s
✅ REPOSITORY checkov yes no no 54.79s
✅ REPOSITORY gitleaks yes no no 14.72s
✅ REPOSITORY git_diff yes no no 0.25s
✅ REPOSITORY secretlint yes no no 63.77s
✅ REPOSITORY syft yes no no 6.58s
✅ REPOSITORY trivy-sbom yes no no 7.09s
✅ REPOSITORY trufflehog yes no no 32.07s
✅ YAML prettier 11 0 0 0 0.76s
✅ YAML v8r 11 0 0 12.04s
✅ YAML yamllint 11 0 0 0.83s

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.6.0 --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_ISORT,COPYPASTE_JSCPD,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_BETTERLEAKS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

@github-actions
github-actions Bot merged commit c5d443d into main Jul 17, 2026
25 checks passed
@dependabot
dependabot Bot deleted the dependabot/pip/filelock-3.30.2 branch July 17, 2026 04:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants