Bump isort from 7.0.0 to 8.0.0 by dependabot[bot] · Pull Request #346 · senzing-garage/sz-python-tools

dependabot · 2026-03-12T22:53:36Z

Bumps isort from 7.0.0 to 8.0.0.

Release notes

8.0.0

Changes

Update CHANGELOG for version 8.0.0 (#2460) @DanielNoord

Fix edge case of __future__ import. (#2458) @skv0zsneg

Fix the Plone profile to be compatible with black (#2457) @ale-rt

typo fix (#2450) @jsta

Remove the setuptools plugin (#2427) @DanielNoord

Turn some warnings into errors in test suite (#2449) @DanielNoord

chore: replace black with ruff in clean.sh (#2448) @joao-faria-dev

feat!: remove old finders flag and legacy finder logic (#2446) @joao-faria-dev

Fix whitespace insensitive check triggering on tabs (#2437) @robsdedude

Fix line separator detection not considering form feed as white space (#2436) @robsdedude

Fix #1964: lines_before_import sometimes ignored (#1965) @robsdedude

Remove reference to 3.9 in README (#2434) @DanielNoord

🚀 Features

Ensure multiprocessing.Pool is always closed and joined (#2442) @DanielNoord

👷 Continuous Integration

Simplify CI by putting similar steps into a single action file (#2444) @DanielNoord

📦 Dependencies

Bump actions/checkout from 5 to 6 in the github-actions group (#2451) @dependabot[bot]

Bump astral-sh/setup-uv from 6 to 7 in the github-actions group (#2441) @dependabot[bot]

Changelog

Sourced from isort's changelog.

8.0.0 February 19 2026

Removed --old-finders and --magic-placement flags and old_finders configuration option. The legacy finder logic that relied on environment introspection has been removed (#2445) @joao-faria-dev

Update the plone profile to not clash with black (#2456) @ale-rt

6.1.0 October 1 2025

Add python 3.14 classifier and badge (#2409) @staticdev

Drop use of non-standard pkg_resources API (#2405) @dvarrazzo

6.0.1 Febuary 26 2025

Add OSError handling in find_imports_in_file (#2331) @kobarity

6.0.0 January 27 2025

Remove support for Python 3.8 (#2327) @DanielNoord

Python 3.13 support (#2306) @mayty

Speed up exists_case_sensitive calls (#2264) @correctmost

Ensure that split_on_trailing_comma works with as imports (#2340) @DanielNoord

Black profile: enable magic comma (#2236) @MrMino

Update line_length and single_line_exclusions in google profile (#2149) @jagapiou

Allow --diff to be used with --jobs (#2302) @mnakama

Fix wemake profile to have correct character limit (#2241) @sobolevn

Fix sort_reexports code mangling (#2283) @Helveg

Fix correct group by package tokenization (#2136) @glasnt

5.13.2 December 13 2023

Apply the bracket fix from issue #471 only for use_parentheses=True (#2184) @bp72

Confine pre-commit to stages (#2213) @davidculley

Fixed colors extras (#2212) @staticdev

5.13.1 December 11 2023

Fixed integration tests (#2208) @bp72

Fixed normalizing imports from more than one level of parent modules (issue/2152) (#2191) @bp72

Remove optional dependencies without extras (#2207) @staticdev

5.13.0 December 9 2023

Cleanup deprecated extras (#2089) @staticdev

Fixed #1989: settings lookup when working in stream based mode

Fixed 80 line length for wemake linter (#2183) @skatromb

Add support for Python 3.12 (#2175) @hugovk

Fixed: add newest version to pre-commit docs (#2190) @AzulGarza

Fixed assertions in test_git_hook (#2196) @mgorny

Removed check for include_trailing_comma for the Hanging Indent wrap mode (#2192) @bp72

Use the standard library tomllib on sufficiently new python (#2202) @eli-schwartz

Update pre-commit.md version number (#2197) @nicobako

... (truncated)

Commits

3459bde Merge pull request #2460 from PyCQA/DanielNoord-patch-1
6e70bb6 Update CHANGELOG for version 8.0.0
b0f2dab Merge pull request #2458 from skv0zsneg/issue/1882
313797b Fix lint.
7d3a6f5 Add ignore for cyclomatic complexity check.
6b9f895 Remove debug prints.
45f2497 Add tests for edge case future imports handler.
fe57bfd Add edge case future imports handler.
e8c127b Merge pull request #2457 from ale-rt/ale/2456/fix-plone-profile
293c201 Fix the Plone profile to be compatible with black
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Resolves #2460
Resolves #2458
Resolves #2457
Resolves #2450
Resolves #2427
Resolves #2449
Resolves #2448
Resolves #2446
Resolves #2437
Resolves #2436
Resolves #1964
Resolves #1965
Resolves #2434
Resolves #2442
Resolves #2444
Resolves #2451
Resolves #2441
Resolves #2445
Resolves #2456
Resolves #2409
Resolves #2405
Resolves #2331
Resolves #2327
Resolves #2306
Resolves #2264
Resolves #2340
Resolves #2236
Resolves #2149
Resolves #2302
Resolves #2241
Resolves #2283
Resolves #2136
Resolves #471
Resolves #2184
Resolves #2213
Resolves #2212
Resolves #2208
Resolves #2191
Resolves #2207
Resolves #2089
Resolves #1989
Resolves #2183
Resolves #2175
Resolves #2190
Resolves #2196
Resolves #2192
Resolves #2202
Resolves #2197

github-actions · 2026-03-12T22:54:45Z

🤖 Claude Code Review

PR Code Review

Summary

This is a minimal dependency bump PR that upgrades isort from 7.0.0 to 8.0.0 for Python > 3.11.

Code Quality

✅ Style guide: Single-line change in pyproject.toml, no style concerns.
✅ No commented-out code: N/A
✅ Meaningful variable names: N/A
✅ DRY principle: N/A
⚠️ Potential defect: isort==8.0.0 is a major version bump. The isort 8.x release may introduce breaking changes to import sorting behavior, which could cause make isort to fail or reformat existing files unexpectedly. Verify that the codebase passes make isort with this version before merging. Also note that isort==6.1.0 is pinned for Python <= 3.11 while 8.0.0 is used for Python > 3.11 — this version disparity (6.x vs 8.x) may produce inconsistent import ordering behavior across Python versions.
✅ CLAUDE.md: No concerns with the project config file.

Testing

❌ No test changes: There are no test updates included, but this is a linting dependency bump. CI should confirm linting passes. Verify make lint runs successfully with isort==8.0.0.

Documentation

❌ CHANGELOG.md not updated: Dependency bumps should typically be noted in the changelog.
✅ All other documentation concerns are N/A for this change.

Security

✅ No hardcoded credentials
✅ No sensitive data
✅ No license files

Verdict

Low-risk change overall, but two items to address:

Confirm make isort passes with isort==8.0.0 — major version bumps can alter formatting rules and break existing code.
Consider updating CHANGELOG.md to log the dependency version change.

Automated code review analyzing defects and coding standards

Bumps [isort](https://github.com/PyCQA/isort) from 7.0.0 to 8.0.0. - [Release notes](https://github.com/PyCQA/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](PyCQA/isort@7.0.0...8.0.0) --- updated-dependencies: - dependency-name: isort dependency-version: 8.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-03-13T12:56:13Z

🤖 Claude Code Review

PR Code Review

This is a minimal dependency bump PR, changing isort from 7.0.0 to 8.0.0 for Python > 3.11.

Code Quality

✅ Style guide: Single-line change in pyproject.toml, no style concerns.
✅ No commented-out code: N/A
✅ Meaningful variable names: N/A
✅ DRY principle: N/A
✅ Defects/logic errors: No issues. The version constraint logic (python_version <= '3.11' / python_version > '3.11') is consistent and unchanged. The bump from 7.0.0 → 8.0.0 is a major version bump — worth noting that isort 8.x may introduce breaking changes to import ordering behavior, which could cause make isort to fail or reorder existing imports differently. This should be verified against the codebase.
✅ CLAUDE.md: No concerns with the project config file itself.

Testing

❌ No test changes included: For a major version bump of a linter, it's advisable to confirm that existing code still passes make isort with the new version. No evidence of this validation in the PR. Not a blocker, but worth confirming CI passes.

Documentation

✅ README: No update needed for a linter dependency bump.
✅ CHANGELOG.md: Not updated — acceptable for a routine dependency bump in many projects, but worth checking if this project maintains a changelog for dependency updates.
✅ Markdown formatting: N/A

Security

✅ No hardcoded credentials: N/A
✅ No license files: N/A
✅ No sensitive data: N/A

Summary

This is a straightforward dependency bump. The only notable concern is that isort 8.0.0 is a major version release, which may include breaking changes to import sorting behavior. Before merging, confirm that:

CI passes make isort (or make lint) without failures.
No existing source files in sz_tools/ require re-sorting due to changed rules in isort 8.x.

No blocking issues found.

Automated code review analyzing defects and coding standards

github-actions · 2026-03-13T13:33:57Z

🤖 Claude Code Review

PR Code Review

Code Quality

✅ Style guide: Dependency version bumps follow project conventions in pyproject.toml
✅ No commented-out code: N/A
✅ Meaningful variable names: N/A
✅ DRY principle: N/A
✅ Defects: No logic errors or bugs introduced. Simple version pin updates:
- isort bumped from 7.0.0 → 8.0.0 (Python > 3.11)
- pylint bumped from 4.0.4 → 4.0.5 (Python > 3.11)
✅ CLAUDE.md: No issues with project configuration

Testing

✅ Unit/integration tests: Not applicable for dependency version updates
✅ Coverage: Not applicable

Documentation

❌ CHANGELOG.md: No CHANGELOG update included. Dependency bumps are typically noted in changelogs.
✅ README/API docs: Not applicable for dev dependency updates
✅ Markdown formatting: Not applicable

Security

✅ No hardcoded credentials
✅ No sensitive data
✅ No license files (.lic)
⚠️ isort major version bump (7.0.0 → 8.0.0): Major version bumps can introduce breaking changes. Verify that isort 8.0.0 is compatible with the existing isort configuration and produces no formatting differences on current source files. The make isort target should be run to confirm no unexpected reformatting occurs.

Summary: This is a straightforward dependency update PR. The main concern is the `isort` major version bump — confirm CI passes and that no import ordering changes are introduced across the codebase. Consider adding a CHANGELOG entry.

Automated code review analyzing defects and coding standards

dependabot Bot added dependencies Pull requests that update a dependency file python python programming languagae labels Mar 12, 2026

dependabot Bot requested a review from a team as a code owner March 12, 2026 22:53

dependabot Bot added python python programming languagae dependencies Pull requests that update a dependency file labels Mar 12, 2026

dependabot Bot force-pushed the dependabot/pip/isort-8.0.0 branch from b857636 to 3d76919 Compare March 13, 2026 12:55

docktermj self-assigned this Mar 13, 2026

Update dependencies

7bb559f

docktermj approved these changes Mar 13, 2026

View reviewed changes

docktermj merged commit 25e5ee3 into main Mar 13, 2026
61 checks passed

docktermj deleted the dependabot/pip/isort-8.0.0 branch March 13, 2026 13:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump isort from 7.0.0 to 8.0.0#346

Bump isort from 7.0.0 to 8.0.0#346
docktermj merged 2 commits into
mainfrom
dependabot/pip/isort-8.0.0

dependabot Bot commented on behalf of github Mar 12, 2026 •

edited by github-actions Bot

Loading

Uh oh!

github-actions Bot commented Mar 12, 2026

Uh oh!

github-actions Bot commented Mar 13, 2026

Uh oh!

github-actions Bot commented Mar 13, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot Bot commented on behalf of github Mar 12, 2026 • edited by github-actions Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

8.0.0

Changes

🚀 Features

👷 Continuous Integration

📦 Dependencies

8.0.0 February 19 2026

6.1.0 October 1 2025

6.0.1 Febuary 26 2025

6.0.0 January 27 2025

5.13.2 December 13 2023

5.13.1 December 11 2023

5.13.0 December 9 2023

Uh oh!

github-actions Bot commented Mar 12, 2026

🤖 Claude Code Review

PR Code Review

Summary

Code Quality

Testing

Documentation

Security

Verdict

Uh oh!

github-actions Bot commented Mar 13, 2026

🤖 Claude Code Review

PR Code Review

Code Quality

Testing

Documentation

Security

Summary

No blocking issues found.

Uh oh!

github-actions Bot commented Mar 13, 2026

🤖 Claude Code Review

PR Code Review

Code Quality

Testing

Documentation

Security

Summary: This is a straightforward dependency update PR. The main concern is the isort major version bump — confirm CI passes and that no import ordering changes are introduced across the codebase. Consider adding a CHANGELOG entry.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot Bot commented on behalf of github Mar 12, 2026 •

edited by github-actions Bot

Loading

Summary: This is a straightforward dependency update PR. The main concern is the `isort` major version bump — confirm CI passes and that no import ordering changes are introduced across the codebase. Consider adding a CHANGELOG entry.