From 0351f6c96b5499dcafda19c7e7017ad383f5a114 Mon Sep 17 00:00:00 2001 From: DAyloght <147890296+daylighttg@users.noreply.github.com> Date: Thu, 19 Feb 2026 19:44:44 +0800 Subject: [PATCH 1/7] Configure Dependabot for multiple ecosystems Added configurations for Python, GitHub Actions, and Docker updates. --- .github/dependabot.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..3537b30 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,24 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + # Python dependencies (pyproject.toml managed by Poetry) + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + + # GitHub Actions workflows + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + + # Docker base image (Dockerfile) + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "weekly" From 5e6802dd31cbb890840afb63022492d1416b9586 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Feb 2026 11:45:17 +0000 Subject: [PATCH 2/7] build(deps): bump actions/checkout from 4 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/win-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/win-build.yml b/.github/workflows/win-build.yml index 23cbaf7..ec8e991 100644 --- a/.github/workflows/win-build.yml +++ b/.github/workflows/win-build.yml @@ -9,7 +9,7 @@ jobs: name: Build Windows runs-on: windows-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Create venv run: | Invoke-WebRequest -Uri "https://github.com/winpython/winpython/releases/download/16.6.20250620/Winpython64-3.12.10.1dotrc.zip" -OutFile winpy.zip From 0577a578cdd56a79e62011d8961254ca81d173b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Feb 2026 11:45:20 +0000 Subject: [PATCH 3/7] build(deps): bump actions/upload-artifact from 4 to 6 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/win-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/win-build.yml b/.github/workflows/win-build.yml index 23cbaf7..a2ffe83 100644 --- a/.github/workflows/win-build.yml +++ b/.github/workflows/win-build.yml @@ -60,7 +60,7 @@ jobs: rm wrapper-manager-image.zip - name: Upload CLI artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: AppleMusicDecrypt-Windows path: . From 70b0af57d55f32f550df6f92b9f347020d59c5ac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Feb 2026 11:46:23 +0000 Subject: [PATCH 4/7] build(deps): update regex requirement from ^2025.9.18 to ^2026.1.15 Updates the requirements on [regex](https://github.com/mrabarnett/mrab-regex) to permit the latest version. - [Changelog](https://github.com/mrabarnett/mrab-regex/blob/hg/changelog.txt) - [Commits](https://github.com/mrabarnett/mrab-regex/compare/2025.9.18...2026.1.15) --- updated-dependencies: - dependency-name: regex dependency-version: 2026.1.15 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 9169de8..cf5390f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -9,7 +9,7 @@ package-mode = false [tool.poetry.dependencies] python = "^3.11" httpx = "^0.28.1" -regex = "^2025.9.18" +regex = "^2026.1.15" pydantic = "^2.12.3" loguru = "^0.7.2" six = "^1.16.0" From 11a720021916370b89bee00550bb5d96274dba52 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Feb 2026 11:46:31 +0000 Subject: [PATCH 5/7] build(deps): update hishel requirement from ^0.1.5 to ^1.1.9 Updates the requirements on [hishel](https://github.com/karpetrosyan/hishel) to permit the latest version. - [Release notes](https://github.com/karpetrosyan/hishel/releases) - [Changelog](https://github.com/karpetrosyan/hishel/blob/master/CHANGELOG.md) - [Commits](https://github.com/karpetrosyan/hishel/compare/0.1.5...1.1.9) --- updated-dependencies: - dependency-name: hishel dependency-version: 1.1.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 9169de8..1711822 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -25,7 +25,7 @@ grpcio-tools = "^1.75.1" pywidevine = {git = "https://github.com/WorldObservationLog/pywidevine"} creart = "^0.3.0" mutagen = "^1.47.0" -hishel = "^0.1.5" +hishel = "^1.1.9" async-lru = "^2.0.5" tabulate = "^0.9.0" From 7fdfb42fb6c784dd0dfa923350ee07f68c5d3106 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Feb 2026 11:47:01 +0000 Subject: [PATCH 6/7] build(deps-dev): update fastapi requirement from ^0.109.0 to ^0.129.0 Updates the requirements on [fastapi](https://github.com/fastapi/fastapi) to permit the latest version. - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](https://github.com/fastapi/fastapi/compare/0.109.0...0.129.0) --- updated-dependencies: - dependency-name: fastapi dependency-version: 0.129.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 9169de8..ab21782 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -31,7 +31,7 @@ tabulate = "^0.9.0" [tool.poetry.group.server.dependencies] -fastapi = "^0.109.0" +fastapi = "^0.129.0" uvicorn = "^0.27.0" From 9065ad9168846d8b0f39294fc646455bae8f82ef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Feb 2026 11:51:05 +0000 Subject: [PATCH 7/7] build(deps-dev): update uvicorn requirement from ^0.27.0 to ^0.41.0 Updates the requirements on [uvicorn](https://github.com/Kludex/uvicorn) to permit the latest version. - [Release notes](https://github.com/Kludex/uvicorn/releases) - [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md) - [Commits](https://github.com/Kludex/uvicorn/compare/0.27.0...0.41.0) --- updated-dependencies: - dependency-name: uvicorn dependency-version: 0.41.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 3aba4cc..d7ec749 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -32,7 +32,7 @@ tabulate = "^0.9.0" [tool.poetry.group.server.dependencies] fastapi = "^0.129.0" -uvicorn = "^0.27.0" +uvicorn = "^0.41.0" [tool.poetry.group.telegram_bot.dependencies]