build(deps): bump keyring from 25.2.1 to 25.5.0

[dependabot]

Bumps keyring from 25.2.1 to 25.5.0.

Changelog

Sourced from keyring's changelog.

v25.5.0

Features

• When parsing keyring_path from the config, the home directory is now expanded from ~. (#696)

Bugfixes

• In get_credential, now returns None when the indicated username is not found. (#698)

v25.4.1

Bugfixes

• Fixed ValueError for AnonymousCredentials in CLI. (#694)

v25.4.0

Features

• Refined type spec and interfaces on credential objects. Introduced AnonymousCredential to model a secret without a username. (#689)

v25.3.0

Features

• Deprecated support for empty usernames. Now all backends will reject an empty string as input for the 'username' field when setting a password. Later this deprecation will become a more visible user warning and even later an error. If this warning is triggered in your environment, please consider using a static value (even 'username') or comment in the issue and describe the use-case that demands support for empty usernames. (#668)

Commits

• 999a2f9 Finalize
• 8279fd8 Merge https://github.com/jaraco/skeleton
• ccaee76 Merge pull request #699 from JamieBeverley/bugfix/wrong_username
• 103c535 🧎‍♀️ Genuflect to the types.
• 5e4b99e Unified the Windows.get_password and .get_credential logic through a new _res...
• f33fcfb Restore the indentation on the check, keeping the logic in the only place it'...
• 2f3f4ec Updated comment to match new behavior.
• 562c69f 👹 Feed the hobgoblins (delint).
• 916c039 Add news fragment.
• 8e2f8b2 Merge pull request #696 from torarvid/torarvid/expanduser
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

Removed dependencies detected. Learn more about Socket for GitHub ↗︎

🚮 Removed packages: pypi/[email protected]

View full report↗︎

[github-actions]

This pull request has conflicts, please resolve those before we can evaluate the pull request.

[emlowe]

@dependabot rebase

[github-actions]

Conflicts have been resolved. A maintainer will review the pull request shortly.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.