build(deps): bump virtualenv from 21.2.3 to 21.3.3 by dependabot[bot] · Pull Request #41 · drogo-ai/lambda-agent

dependabot · 2026-05-18T04:04:32Z

Bumps virtualenv from 21.2.3 to 21.3.3.

Release notes

21.3.3

What's Changed

Accept GraalPy implementation name. by @timfel in pypa/virtualenv#3144

Full Changelog: pypa/virtualenv@21.3.2...21.3.3

21.3.2

What's Changed

add 3.16 to embedded wheel versions by @asottile in pypa/virtualenv#3140

🐛 fix(upgrade): regen embedded init with correct MAX and 3.16 by @gaborbernat in pypa/virtualenv#3143

Full Changelog: pypa/virtualenv@21.3.1...21.3.2

21.3.1

What's Changed

👷 ci: retry transient apt failures on Linux by @gaborbernat in pypa/virtualenv#3139

🐛 fix(seed): bump embedded pip to 26.1.1 by @gaborbernat in pypa/virtualenv#3138

Full Changelog: pypa/virtualenv@21.3.0...21.3.1

21.3.0

What's Changed

🐛 fix(type): stop ty flagging default_source on Action by @gaborbernat in pypa/virtualenv#3124

feat: Reintroduce xonsh shell support by @anki-code in pypa/virtualenv#3125

🐛 fix(test): prevent PowerShell activation test from crashing xdist workers on Windows by @gaborbernat in pypa/virtualenv#3128

docs: Add usage instruction for Xonsh activation by @anki-code in pypa/virtualenv#3130

Upgrade embedded pip/setuptools/wheel by @github-actions[bot] in pypa/virtualenv#3132

New Contributors

@anki-code made their first contribution in pypa/virtualenv#3125

Full Changelog: pypa/virtualenv@21.2.4...21.3.0

21.2.4

What's Changed

🐛 fix(periodic-update): refuse unverified HTTPS to PyPI by default by @gaborbernat in pypa/virtualenv#3122

🐛 fix(zipapp): enforce ROOT containment with Path.relative_to by @gaborbernat in pypa/virtualenv#3121

... (truncated)

Changelog

Sourced from virtualenv's changelog.

Bugfixes - 21.3.3

recognize GraalPy interpreters using the normalized GraalPy name - by :user:timfel. (:issue:3144)

v21.3.2 (2026-05-12)

No significant changes.

v21.3.1 (2026-05-05)

Bugfixes - 21.3.1

Upgrade embedded wheels:

pip to 26.1.1 from 26.1 (:issue:3138)

v21.3.0 (2026-04-27)

Features - 21.3.0

Re-introduce xonsh shell activator (activate.xsh) previously removed in 20.7.0, and make the plugin loader prefer virtualenv's built-in entry points so a third-party package cannot override them by registering a duplicate name. (:issue:3003)

Bugfixes - 21.3.0

Upgrade embedded wheels:

pip to 26.1 (:issue:3132)

v21.2.4 (2026-04-14)

Bugfixes - 21.2.4

Security hardening: validate each entry of a seed wheel archive before extracting it so a tampered wheel cannot escape the app-data image directory via an absolute path or .. traversal. (:issue:3118)

Security hardening: verify the SHA-256 of every bundled seed wheel when it is loaded so a corrupted or tampered file

... (truncated)

Commits

e6dba2a release 21.3.3
e7517c0 Accept GraalPy implementation name. (#3144)
8531d47 release 21.3.2
afefada 🐛 fix(upgrade): regen embedded init with correct MAX and 3.16 (#3143)
7e27041 [pre-commit.ci] pre-commit autoupdate (#3141)
214934c add 3.16 to embedded wheel versions (#3140)
12ab495 release 21.3.1
22eadc4 [pre-commit.ci] pre-commit autoupdate (#3137)
6651daf 🐛 fix(seed): bump embedded pip to 26.1.1 (#3138)
936a36a 👷 ci: retry transient apt failures on Linux (#3139)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [virtualenv](https://github.com/pypa/virtualenv) from 21.2.3 to 21.3.3. - [Release notes](https://github.com/pypa/virtualenv/releases) - [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst) - [Commits](pypa/virtualenv@21.2.3...21.3.3) --- updated-dependencies: - dependency-name: virtualenv dependency-version: 21.3.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels May 18, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump virtualenv from 21.2.3 to 21.3.3#41

build(deps): bump virtualenv from 21.2.3 to 21.3.3#41
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/virtualenv-21.3.3

dependabot Bot commented on behalf of github May 18, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 18, 2026

21.3.3

What's Changed

21.3.2

What's Changed

21.3.1

What's Changed

21.3.0

What's Changed

New Contributors

21.2.4

What's Changed

Bugfixes - 21.3.3

Bugfixes - 21.3.1

Features - 21.3.0

Bugfixes - 21.3.0

Bugfixes - 21.2.4

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants