Skip to content

Bump virtualenv from 20.39.0 to 21.0.0#79

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/virtualenv-21.0.0
Open

Bump virtualenv from 20.39.0 to 21.0.0#79
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/virtualenv-21.0.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 19, 2026
edited
Loading

Bumps virtualenv from 20.39.0 to 21.0.0.

Release notes

Sourced from virtualenv's releases.

21.0.0

What's Changed

Full Changelog: pypa/virtualenv@20.39.1...21.0.0

20.39.1

What's Changed

Full Changelog: pypa/virtualenv@20.39.0...20.39.1

Changelog

Sourced from virtualenv's changelog.

Deprecations and Removals - 21.0.0

  • The Python discovery logic has been extracted into a standalone python-discovery package on PyPI (documentation <https://python-discovery.readthedocs.io/>_) and is now consumed as a dependency. If you previously imported discovery internals directly (e.g. from virtualenv.discovery.py_info import PythonInfo), switch to from python_discovery import PythonInfo. Backward-compatibility re-export shims are provided at virtualenv.discovery.py_info, virtualenv.discovery.py_spec, and virtualenv.discovery.cached_py_info, however these are considered unsupported and may be removed in a future release - by :user:gaborbernat. (:issue:3070)

v20.39.1 (2026-02-25)

Features - 20.39.1

  • Add support for creating virtual environments with RustPython - by :user:elmjag. (:issue:3010)

v20.39.0 (2026-02-23)

Commits
  • 7687420 release 21.0.0
  • 8ec3142 📝 docs(changelog): add removal entry for python-discovery extraction (#3074)
  • f89d46c ♻️ refactor(discovery): extract py_discovery as self-contained package (#3070)
  • 0272c72 release 20.39.1
  • b1ca37f 🐛 fix(create): add pythonw3.exe to Windows venvs (#3073)
  • 1d4a338 ✨ feat(create): add RustPython support (#3071)
  • a10c5d4 Align dependency versions across projects (#3069)
  • 22a8860 [pre-commit.ci] pre-commit autoupdate (#3068)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 19, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 19, 2026 01:32
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 19, 2026
@github-actions
Copy link

github-actions bot commented Mar 19, 2026

🤖 Claude Code Review

Code Review

PR Summary: Bumps virtualenv from 20.39.0 to 21.0.0 in pyproject.toml.

Code Quality

  • ✅ Single-line change, no style issues
  • ✅ No commented-out code
  • ✅ No variable names involved
  • ✅ DRY principle not applicable
  • ✅ No logic changes; no defects introduced
  • ✅ CLAUDE.md is general and environment-agnostic

Testing

  • ✅ No new functions; no tests required
  • ⚠️ Note: virtualenv is a development dependency — the major version bump (20.x → 21.x) could introduce breaking changes in CI or dev workflows. Verify that existing tests still pass with the new version.

Documentation

  • ✅ README/API docs do not require updates for a dev dependency bump
  • CHANGELOG.md — if this project maintains a changelog, this dependency update should be noted there. (Unable to verify if CHANGELOG exists in this diff.)
  • ✅ No markdown changes to review

Security

  • ✅ No hardcoded credentials
  • ✅ No input validation concerns
  • ✅ No error handling changes
  • ✅ No sensitive data in logs
  • ✅ No .lic files or AQAAAD-prefixed content

Overall: Minor concern on the major version bump — virtualenv 21.x may have breaking changes vs 20.x. Recommend confirming CI passes and reviewing the virtualenv changelog for any breaking changes before merging.

Automated code review analyzing defects and coding standards

@dependabot
Bump virtualenv from 20.39.0 to 21.0.0
c2df841 
Bumps [virtualenv](https://github.com/pypa/virtualenv) from 20.39.0 to 21.0.0.
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.39.0...21.0.0)

---
updated-dependencies:
- dependency-name: virtualenv
  dependency-version: 21.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/virtualenv-21.0.0 branch from 406088c to c2df841 Compare March 19, 2026 01:35
@github-actions
Copy link

github-actions bot commented Mar 19, 2026

🤖 Claude Code Review

PR Code Review

Diff Summary: Bumps virtualenv from 20.39.0 to 21.0.0 in pyproject.toml (development dependency).

Code Quality

  • Style guide: Single-line change follows existing formatting conventions.
  • No commented-out code
  • Meaningful variable names: N/A
  • DRY principle: N/A
  • Defects: No logic errors. This is a straightforward dependency bump. Note that 21.0.0 is a major version bump — verify that no breaking changes in virtualenv affect the development/CI workflow.

Testing

  • Unit/integration tests: No tests included, but none are expected for a dependency version bump.
  • ⚠️ Test coverage: Cannot assess from this diff alone — CI should validate that existing tests still pass against the new virtualenv version.

Documentation

  • README: No update needed for a dev dependency bump.
  • CHANGELOG.md: Not updated — acceptable for automated dependency bumps (typically handled by Dependabot/Renovate without manual changelog entries).
  • Markdown formatting: N/A

Security

  • No hardcoded credentials
  • No sensitive data
  • No license files (.lic) or AQAAAD strings
  • Dependency update: Keeping virtualenv up to date is a security best practice.

Summary

Approve with note. This is a clean, automated dependency bump. The only item worth verifying manually: virtualenv 21.0.0 is a major version bump — confirm CI passes and that the new version has no breaking changes that affect your development tooling or build scripts.

Automated code review analyzing defects and coding standards

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@senzingdevops