Skip to content

Bump filelock from 3.25.2 to 3.30.0#2937

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/filelock-3.29.7
Open

Bump filelock from 3.25.2 to 3.30.0#2937
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/uv/filelock-3.29.7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps filelock from 3.25.2 to 3.30.0.

Release notes

Sourced from filelock's releases.

3.30.0

What's Changed

Full Changelog: tox-dev/filelock@3.29.7...3.30.0

3.29.7

What's Changed

... (truncated)

Changelog

Sourced from filelock's changelog.

########### Changelog ###########

.. towncrier-draft-entries:: Unreleased

.. towncrier release notes start


3.30.0 (2026-07-16)


  • Add context_error_policy to surface body and release failures as a :exc:BaseExceptionGroup. :pr:618
  • Add close_error_policy to control an :func:os.close failure after the OS unlock. :pr:619
  • Add :func:~filelock.lock_descriptor and :func:~filelock.unlock_descriptor to lock a caller-owned file descriptor. :pr:620
  • Add fallback_to_soft to fail closed instead of downgrading to :class:~filelock.SoftFileLock on ENOSYS. :pr:622
  • Add preserve_lock_file so native locks keep the lock pathname on release. :pr:624
  • Add an on_acquired hook that runs a callback on the locked descriptor once the lock is held. :pr:625
  • Add StrictSoftFileLock, which treats every marker it did not publish as contention, and SoftFileLease, whose claim expires and whose holder learns through on_compromise when it is lost. SoftFileLock(lifetime=...) now warns and names them. Both publish a record SoftFileLock evicts, so do not mix contracts on one path. :pr:636
  • Add StrictSoftFileLock and AsyncStrictSoftFileLock with owner-specific hard-linked claims. Strict mode fails closed on claim damage, exposes each recovery token, and requires an exact claim name for a force break. :pr:637
  • Ignore lifetime on native locks with a warning; only :class:~filelock.SoftFileLock honors it. :pr:593
  • Stop mutating the Unix lock file before :func:fcntl.flock is held. :pr:594
  • Bind the Windows reparse-point check to the locked handle to close a symlink-swap race. :pr:596
  • Evict a non-regular soft lock file without reading it. :pr:597
  • Write a soft lock's holder record atomically so a short write cannot create overlapping holders. :pr:614
  • Make native lock release transactional so a failed unlock is retried, not dropped. :pr:615
  • Open the Windows lock file via NtCreateFile so a real access denial is raised, not reported as a timeout. :pr:617
  • Canonicalize singleton keys so equivalent path spellings share an instance, without following a final symlink. :pr:621
  • Preserve parent lock ownership across fork(). A child closes an inherited descriptor only while its identity still matches, so it neither unlocks nor unlinks the parent's lock. It clears inherited ownership state and singleton caches, then requires a new lock instance before acquiring. Fork-time construction replaces inherited cache mutexes and omits an instance whose construction crossed into the child from the cache. If fstat() cannot establish the identity, child cleanup skips the descriptor number because an earlier fork callback may have reused it. Descriptor tracking also covers third-party backends that fail after assigning a descriptor. :pr:634
  • Open a SQLite connection per outer acquisition and close it on final release, so a forked child can no longer close its parent's handle. A child rejects inherited databases until exec(), and a PyPy child rejects read-write locks once the parent has used SQLite. :pr:635
  • Keep executor-backed lock operations alive until they finish when a caller cancels. Serialize acquisitions on the same async lock so cancellation rollback cannot release a later caller's hold. Roll back acquisitions that finish after cancellation and surface release failures. SQLite read-write locks keep their state until rollback ends the transaction; callers can retry cleanup with release(force=True) or another acquisition. :pr:640
  • Reject negative and non-finite lifetime values during lock construction and assignment. :pr:644
  • Read the saved Windows process-probe error before deciding that a soft-lock holder has exited. :pr:645
  • Reject non-default lock options that a narrow subclass constructor cannot honor, and forward all options through subclasses that accept arbitrary keyword arguments. :pr:646
  • Release now removes the path identity that acquisition recorded instead of resolving a symlinked parent again. When acquisition raises, its rollback no longer deletes the holder's deadlock record. :pr:647

... (truncated)

Commits
  • 1b09406 Release 3.30.0
  • 5f2d663 👷 ci(matrix): add SMB, capability, and matrix docs (#665)
  • 2345750 Replace prettier with mdformat and yamlfmt (#667)
  • 69d7cd3 👷 ci(perf): add the performance and NFS matrix (#664)
  • f734c8f 📝 docs: state the lock trust boundaries once (#663)
  • 4afb930 build(deps): bump astral-sh/setup-uv from 8.3.1 to 8.3.2 (#662)
  • 9cbcbcc 🔒 fix(soft): fail safe on transient heartbeat errors (#661)
  • 0f86a94 🐛 fix(soft): detect a reused PID via process start time (#660)
  • 650c17c ✨ feat(strict): replace shared markers with owner claims (#659)
  • 126cab7 ✨ feat(soft): add strict soft locks and leases (#658)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jul 13, 2026
Bumps [filelock](https://github.com/tox-dev/py-filelock) from 3.25.2 to 3.30.0.
- [Release notes](https://github.com/tox-dev/py-filelock/releases)
- [Changelog](https://github.com/tox-dev/filelock/blob/main/docs/changelog.rst)
- [Commits](tox-dev/filelock@3.25.2...3.30.0)

---
updated-dependencies:
- dependency-name: filelock
  dependency-version: 3.29.7
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump filelock from 3.25.2 to 3.29.7 Bump filelock from 3.25.2 to 3.30.0 Jul 16, 2026
@dependabot
dependabot Bot force-pushed the dependabot/uv/filelock-3.29.7 branch from 2b39e6e to 568b020 Compare July 16, 2026 08:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants