Skip to content

Build(deps-dev): bump tox from 4.36.1 to 4.38.0#360

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/tox-4.38.0
Feb 18, 2026
Merged

Build(deps-dev): bump tox from 4.36.1 to 4.38.0#360
github-actions[bot] merged 1 commit intomainfrom
dependabot/pip/tox-4.38.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 18, 2026

Bumps tox from 4.36.1 to 4.38.0.

Release notes

Sourced from tox's releases.

v4.38.0

What's Changed

Full Changelog: tox-dev/tox@4.37.0...4.38.0

v4.37.0

What's Changed

New Contributors

Full Changelog: tox-dev/tox@4.36.1...4.37.0

Changelog

Sourced from tox's changelog.

Features - 4.38.0

  • Scope dependency rejection in PEP-517 package environments to only pure PEP-517 build types (sdist, wheel, editable), allowing non-standard package types like editable-legacy to specify dependencies - by :user:rahuldevikar. (:issue:3731)

v4.37.0 (2026-02-17)

Features - 4.37.0

  • Add extra_setup_commands configuration option to run commands after dependency and package installation but before test commands, useful with --notest for separating setup from execution - by :user:gaborbernat. (:issue:1504)

Bugfixes - 4.37.0

  • Set PIP_USER=0 environment variable when running pip commands in virtualenvs to prevent pip from attempting --user installs when users have pip config --user configured globally — by :user:gaborbernat. (:issue:3010)
  • Fix TOML env_run_base and env_pkg_base deps being clobbered when referenced with additional deps in testenv configuration (:issue:3393)
  • Normalize extra names when resolving dependencies so that underscores and hyphens are treated equivalently (e.g. extras = snake_case now matches Provides-Extra: snake-case in wheel metadata) - by :user:Fridayai700. (:issue:3433)
  • Fix setenv modifications to PATH being overwritten when tox environment paths are set up - by :user:Fridayai700 (:issue:3445)
  • Fix deps entries with ~= version specifier being incorrectly treated as local paths instead of being passed through to pip - by :user:Fridayai700. (:issue:3447)
  • Fix factor selection via TOX_FACTORS environment variable producing wrong results because append + nargs="+" actions need nested list types for proper env var conversion - by :user:Fridayai700. (:issue:3557)
  • Fix custom install_command being ignored when specified in TOML configuration (tox.toml/pyproject.toml) - by :user:Fridayai700. (:issue:3574)
  • Fix env names containing dots (e.g. py3.11) losing their description in TOML configuration - by :user:Fridayai700. (:issue:3590)
  • Run pre-commit on changelog.rst after towncrier build to ensure proper formatting before committing the release (:issue:3717)
  • Fix type checker CI failure by adding completion extras to type and type-min environments so ty can resolve the argcomplete import - by :user:gaborbernat. (:issue:3728)

Documentation - 4.37.0

  • Restructured documentation using the Diátaxis framework to separate Tutorial, How-to guides, Reference, and Explanation content for better discoverability and user experience. (:issue:3718)

... (truncated)

Commits
  • 7c2180b release 4.38.0
  • 6b54516 Scope deps rejection to pure PEP-517 build types (#3730)
  • 559e89c 🐛 fix(test): resolve Windows CI flake in provision integration tests (#3732)
  • ab4fc8c release 4.37.0
  • f80405e Fix deps with ~= version specifier treated as local paths (#3726)
  • e84002a Fix install_command ignored from TOML config (#3724)
  • 00f79b9 Fix extras with underscores not matching hyphenated metadata (#3727)
  • d81aae7 Fix setenv PATH modifications being overwritten (#3723)
  • e7a0800 Fix factor selection via TOX_FACTORS environment variable (#3725)
  • 0d3f901 🐛 fix(ci): add completion extras to type checker environments (#3728)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Build(deps-dev): bump tox from 4.36.1 to 4.38.0
91b84ab 
Bumps [tox](https://github.com/tox-dev/tox) from 4.36.1 to 4.38.0.
- [Release notes](https://github.com/tox-dev/tox/releases)
- [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst)
- [Commits](tox-dev/tox@4.36.1...4.38.0)

---
updated-dependencies:
- dependency-name: tox
  dependency-version: 4.38.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 18, 2026
@dependabot dependabot bot requested a review from Diapolo10 as a code owner February 18, 2026 17:07
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 18, 2026
@github-actions github-actions bot enabled auto-merge February 18, 2026 17:07
github-actions[bot]
github-actions bot approved these changes Feb 18, 2026
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm approving this pull request because it includes a patch or minor update

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 18, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions github-actions bot merged commit 21257a5 into main Feb 18, 2026
19 checks passed
@dependabot dependabot bot deleted the dependabot/pip/tox-4.38.0 branch February 18, 2026 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@Diapolo10 Diapolo10 Awaiting requested review from Diapolo10 Diapolo10 is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants

Comments