From 5d5367bf1741f30137b26a5c686fe967303a85f2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 2 Nov 2022 10:18:24 +0100
Subject: [PATCH] Bump build from 0.8.0 to 0.9.0 (PR #5061)

Bumps [build](https://github.com/pypa/build) from 0.8.0 to 0.9.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/pypa/build/blob/main/CHANGELOG.rst">build's changelog</a>.</em></p>
<blockquote>
<h1>0.9.0 (2022-10-27)</h1>
<ul>
<li>Hide a Python 3.11.0 unavoidable warning with venv (<code>PR [#527](https://github.com/pypa/build/issues/527)</code>_)</li>
<li>Fix infinite recursion error in <code>check_dependency</code> with circular
dependencies (<code>PR [#512](https://github.com/pypa/build/issues/512)</code><em>, Fixes <code>[#511](https://github.com/pypa/build/issues/511)</code></em>)</li>
<li>Only import colorama on Windows (<code>PR [#494](https://github.com/pypa/build/issues/494)</code><em>, Fixes <code>[#493](https://github.com/pypa/build/issues/493)</code></em>)</li>
<li>Flush output more often to reduce interleaved output (<code>PR [#494](https://github.com/pypa/build/issues/494)</code>_)</li>
<li>Small API cleanup, like better <code>__all__</code> and srcdir being read only. (<code>PR [#477](https://github.com/pypa/build/issues/477)</code>_)</li>
<li>Only use <code>importlib_metadata</code> when needed (<code>PR [#401](https://github.com/pypa/build/issues/401)</code>_)</li>
<li>Clarify in printout when build dependencies are being installed (<code>PR [#514](https://github.com/pypa/build/issues/514)</code>_)</li>
</ul>
<p>.. _PR <a href="https://github-redirect.dependabot.com/pypa/build/issues/401">#401</a>: <a href="https://github-redirect.dependabot.com/pypa/build/pull/401">pypa/build#401</a>
.. _PR <a href="https://github-redirect.dependabot.com/pypa/build/issues/477">#477</a>: <a href="https://github-redirect.dependabot.com/pypa/build/pull/477">pypa/build#477</a>
.. _PR <a href="https://github-redirect.dependabot.com/pypa/build/issues/494">#494</a>: <a href="https://github-redirect.dependabot.com/pypa/build/pull/494">pypa/build#494</a>
.. _PR <a href="https://github-redirect.dependabot.com/pypa/build/issues/512">#512</a>: <a href="https://github-redirect.dependabot.com/pypa/build/pull/512">pypa/build#512</a>
.. _PR <a href="https://github-redirect.dependabot.com/pypa/build/issues/514">#514</a>: <a href="https://github-redirect.dependabot.com/pypa/build/pull/514">pypa/build#514</a>
.. _PR <a href="https://github-redirect.dependabot.com/pypa/build/issues/527">#527</a>: <a href="https://github-redirect.dependabot.com/pypa/build/pull/527">pypa/build#527</a>
.. _<a href="https://github-redirect.dependabot.com/pypa/build/issues/493">#493</a>: <a href="https://github-redirect.dependabot.com/pypa/build/issues/493">pypa/build#493</a>
.. _<a href="https://github-redirect.dependabot.com/pypa/build/issues/511">#511</a>: <a href="https://github-redirect.dependabot.com/pypa/build/issues/511">pypa/build#511</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/pypa/build/commit/7b002bbc48e965fd677d51ea88b1adc276ba506d"><code>7b002bb</code></a> release 0.9.0</li>
<li><a href="https://github.com/pypa/build/commit/9c6069000448f24535f75eee71f77142555f7410"><code>9c60690</code></a> docs: update changelog</li>
<li><a href="https://github.com/pypa/build/commit/a3700d38aeeb1b4ca4a3ad56e9cf24823a2ff006"><code>a3700d3</code></a> env: avoid warning on Windows 3.11.0</li>
<li><a href="https://github.com/pypa/build/commit/3b36b6e9597e670bd29e935d7dba4b55e65b8bf1"><code>3b36b6e</code></a> tests: skip toml vs. tomli test on 3.11+</li>
<li><a href="https://github.com/pypa/build/commit/dd5ec7efc8d6523581cbeb7edd908aa79f755c1c"><code>dd5ec7e</code></a> tests: ignore warning from pytest-dist + pytest-cov</li>
<li><a href="https://github.com/pypa/build/commit/4e7e64c12572c4081a3ff719bb510685a7be764b"><code>4e7e64c</code></a> ci: move to final release of 3.11</li>
<li><a href="https://github.com/pypa/build/commit/b1acadc25702fe055cc7434d16ed2a0d766f094d"><code>b1acadc</code></a> main: disable <code>colorama</code> on Linux and flush output (<a href="https://github-redirect.dependabot.com/pypa/build/issues/494">#494</a>)</li>
<li><a href="https://github.com/pypa/build/commit/a1de450c2f6c00a522bae4deb4b438db25f6e88d"><code>a1de450</code></a> pre-commit: bump repositories (<a href="https://github-redirect.dependabot.com/pypa/build/issues/524">#524</a>)</li>
<li><a href="https://github.com/pypa/build/commit/aaaf4f88581e006fc6861aaa1098688ba118e324"><code>aaaf4f8</code></a> tests: better isolate test_venv_fail</li>
<li><a href="https://github.com/pypa/build/commit/03f93d5b93883582fcc92bd3d5f487b43118f2d4"><code>03f93d5</code></a> pre-commit: bump repositories</li>
<li>Additional commits viewable in <a href="https://github.com/pypa/build/compare/0.8.0...0.9.0">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=build&package-manager=pip&previous-version=0.8.0&new-version=0.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
---
 changelogs/unreleased/5061-dependabot.yml | 5 +++++
 requirements.txt                          | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/5061-dependabot.yml

diff --git a/changelogs/unreleased/5061-dependabot.yml b/changelogs/unreleased/5061-dependabot.yml
new file mode 100644
index 0000000000..71f3aad906
--- /dev/null
+++ b/changelogs/unreleased/5061-dependabot.yml
@@ -0,0 +1,5 @@
+change-type: patch
+description: Bump build from 0.8.0 to 0.9.0
+destination-branches:
+- master
+sections: {}
diff --git a/requirements.txt b/requirements.txt
index 333c7add96..1b8bbeec86 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -25,7 +25,7 @@ texttable==1.6.4
 tornado==6.2
 toml==0.10.2
 typing_inspect==0.8.0
-build==0.8.0
+build==0.9.0
 ruamel.yaml==0.17.21
 
 # Optional import in code