Update distlib to 0.4.2

[pyup-bot]

This PR updates distlib from 0.3.7 to 0.4.2.

Changelog

0.4.2

~~~~~

Released: 2026-06-08

- locators

 - Fix URL percent-encoding using space-padding instead of zero-padding. Thanks to
   Kadir Can Ozden for the patch.

 - Harden decompression against malicious input. Thanks to tonghuaroot for the patch,
   which was adapted slightly.

- manifest

 - Use os.lstat in findall to correctly detect symlinked directories. Thanks to
   Kadir Can Ozden for the patch.

- metadata

 - Improve logic to incorporate newer metadata versions.

- resources

 - Ensure that constructed resource paths don't escape the package. Thanks to
   tonghuaroot for the patch.

- util

 - Fix 255: Update cache_from_source() for Python 3.15. Thanks to Victor Stinner
   for the patch.

 - Check during unarchiving that the destination directory isn't escaped via symlinks.
   Thanks to tonghuaroot for the patch.

 - Improved performance of normalize_name using dual replace. Thanks to
   Hugo van Kemenade for the patch.


- wheel

 - Add checks that installed files don't escape the installation directory. Thanks to
   tonghuaroot for the patch.

 - Add checks when mounting extensions to ensure path containment. Thanks to
   tonghuaroot for the patch.

0.4.1

~~~~~

Released: 2026-06-02

- scripts

 - Fix path traversal bug in handling entry points which allowed escaping the scripts directory.
   Thanks to tonghuaroot for the comprehensive report.

- tests

 - Fix 251: Change test function following a reorganization which happened in the Python stdlib.

0.4.0

~~~~~

Released: 2025-07-17

- markers

 - Add the ``interpret_parsed`` function.

- wheel

 - Fix 238: Add build tag to wheel metadata if specified.

 - Fix 243: Update to support free-threading version of Python (3.13t).

 - Fix 246: Support subdirectories in the dist-info directory. Thanks to Pieter P for the patch.

 - Fix 248: Fix path normalisation issue caused by the fix for 246.

 - Move import in script wrapper to "if __name__ == 'main'" clause.

- tests

 - Fix 245: Skip test_package_data if a SKIP_EXT_PACKAGE_DATA environment variable is present.

0.3.9

~~~~~

Released: 2024-10-09

- scripts

 - Merge 215: preload script wrappers on Windows to assist with a pip issue (thanks,
   Paul Moore).

 - Fix 220: Remove duplicated newline in shebang of windows launcher (thanks. A2uria).

 - Fix 230: Add handling for cross-compilation environments (thanks, Russell Keith-Magee).

- util

 - Fix 224: Do not use the absolute path to cache wheel extensions (thanks, Stewart Miles).

- wheel

 - Fix 222: Support mounting wheels that use extensions without an EXTENSIONS file (thanks,
   Stewart Miles).

 - Fix 225: Add support for wheel compatibility with the limited API (thanks, Stewart Miles).

0.3.8

~~~~~

Released: 2023-12-12

- markers

 - Fix 209: use legacy version implementation for Python versions.

- tests

 - Fix 204: use symlinks in venv creation during test.

 - Fix 208: handle deprecation removals in Python 3.13.

Links

• PyPI: https://pypi.org/project/distlib
• Changelog: https://data.safetycli.com/changelogs/distlib/
• Repo: https://github.com/pypa/distlib
• Docs: https://pythonhosted.org/distlib/

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (5f02dc7) to head (f322376).

Additional details and impacted files

@@            Coverage Diff            @@
##            master      #650   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           12        12           
  Lines          126       126           
=========================================
  Hits           126       126           

Flag	Coverage Δ
	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.