Skip to content

chore(deps): bump the dependencies group across 1 directory with 8 updates#41

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/dependencies-e2cf6ef6c8
Closed

chore(deps): bump the dependencies group across 1 directory with 8 updates#41
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/uv/dependencies-e2cf6ef6c8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 24, 2026
edited
Loading

Bumps the dependencies group with 8 updates in the / directory:

Package From To
pydantic 2.12.5 2.13.3
typer 0.24.1 0.24.2
cryptography 46.0.6 46.0.7
platformdirs 4.9.4 4.9.6
pytest 9.0.2 9.0.3
respx 0.22.0 0.23.1
ruff 0.15.8 0.15.11
basedpyright 1.38.4 1.39.3

Updates pydantic from 2.12.5 to 2.13.3

Release notes

Sourced from pydantic's releases.

v2.13.3 2026-04-20

v2.13.3 (2026-04-20)

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.13.2...v2.13.3

v2.13.2 2026-04-17

v2.13.2 (2026-04-17)

What's Changed

Fixes

  • Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

Full Changelog: pydantic/pydantic@v2.13.1...v2.13.2

v2.13.1 2026-04-15

v2.13.1 (2026-04-15)

What's Changed

Fixes

Full Changelog: pydantic/pydantic@v2.13.0...v2.13.1

v2.13.0 2026-04-13

v2.13.0 (2026-04-13)

The highlights of the v2.13 release are available in the blog post. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

This release contains the updated pydantic.v1 namespace, matching version 1.10.26 which includes support for Python 3.14.

What's Changed

See the beta releases for all changes sinces 2.12.

Packaging

  • Add zizmor for GitHub Actions workflow linting by @​Viicos in #13039
  • Update jiter to v0.14.0 to fix a segmentation fault on musl Linux by @​Viicos in #13064

... (truncated)

Changelog

Sourced from pydantic's changelog.

v2.13.3 (2026-04-20)

GitHub release

What's Changed

Fixes

v2.13.2 (2026-04-17)

GitHub release

What's Changed

Fixes

  • Fix ValidationInfo.field_name missing with model_validate_json() by @​Viicos in #13084

v2.13.1 (2026-04-15)

GitHub release

What's Changed

Fixes

v2.13.0 (2026-04-13)

GitHub release

The highlights of the v2.13 release are available in the blog post. Several minor changes (considered non-breaking changes according to our versioning policy) are also included in this release. Make sure to look into them before upgrading.

This release contains the updated pydantic.v1 namespace, matching version 1.10.26 which includes support for Python 3.14.

What's Changed

See the beta releases for all changes sinces 2.12.

New Features

  • Allow default factories of private attributes to take validated model data by @​Viicos in #13013

Changes

... (truncated)

Commits
  • 9e9a111 Fix backported test
  • 1ec8c6a Prepare release v2.13.3
  • fb4f204 Handle AttributeError subclasses with from_attributes
  • ca3ddd1 Prepare release v2.13.2
  • 000e823 Fix ValidationInfo.field_name missing with model_validate_json()
  • d45d8be Prepare release 2.13.1
  • 54aca60 Fix ValidationInfo.data missing with model_validate_json()
  • 46bf4fa Fix Pydantic release workflow (#13067)
  • 1b359ed Prepare release v2.13.0 (#13065)
  • b1bf194 Fix model equality when using runtime extra configuration (#13062)
  • Additional commits viewable in compare view

Updates typer from 0.24.1 to 0.24.2

Release notes

Sourced from typer's releases.

0.24.2

Fixes

  • 🐛 Ensure that typer.launch forwards correctly when launching a file. PR #1708 by @​svlandeg.

Refactors

Docs

Internal

... (truncated)

Changelog

Sourced from typer's changelog.

0.24.2 (2026-04-22)

Fixes

  • 🐛 Ensure that typer.launch forwards correctly when launching a file. PR #1708 by @​svlandeg.

Refactors

Docs

Internal

... (truncated)

Commits

Updates cryptography from 46.0.6 to 46.0.7

Changelog

Sourced from cryptography's changelog.

46.0.7 - 2026-04-07


* **SECURITY ISSUE**: Fixed an issue where non-contiguous buffers could be
  passed to APIs that accept Python buffers, which could lead to buffer
  overflow. **CVE-2026-39892**
* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.6.

.. _v46-0-6:

Commits

Updates platformdirs from 4.9.4 to 4.9.6

Release notes

Sourced from platformdirs's releases.

4.9.6

What's Changed

Full Changelog: tox-dev/platformdirs@4.9.5...4.9.6

Changelog

Sourced from platformdirs's changelog.

########### Changelog ###########

4.9.6 (2026-04-09)

  • 🐛 fix(release): use double quotes for tag variable expansion :pr:477

4.9.5 (2026-04-06)

  • 📝 docs(appauthor): clarify None vs False on Windows :pr:476
  • Separates implementations of macOS dirs that share a default :pr:473 - by :user:Goddesen
  • Remove persist-credentials: false from release job :pr:472
  • fix: do not duplicate site dirs in Unix.iter_{config,site}_dirs() when use_site_for_root is active :pr:469 - by :user:viccie30
  • 🔧 fix(type): resolve ty 0.0.25 type errors :pr:468
  • 🔒 ci(workflows): add zizmor security auditing :pr:467
  • 🐛 fix(release): generate docstrfmt-compatible changelog entries :pr:463

4.9.4 (2026-03-05)

  • [pre-commit.ci] pre-commit autoupdate :pr:461 - by :user:pre-commit-ci[bot]
  • Update README.md
  • 📝 docs: add project logo to documentation :pr:459
  • Standardize .github files to .yaml suffix
  • build(deps): bump the all group with 2 updates :pr:457 - by :user:dependabot[bot]
  • Move SECURITY.md to .github/SECURITY.md
  • Add permissions to workflows :pr:455
  • Add security policy
  • [pre-commit.ci] pre-commit autoupdate :pr:454 - by :user:pre-commit-ci[bot]

4.9.2 (2026-02-16)

  • 📝 docs: restructure following Diataxis framework :pr:448
  • 📝 docs(platforms): fix RST formatting and TOC hierarchy :pr:447

4.9.1 (2026-02-14)

  • 📝 docs: enhance README, fix issues, and reorganize platforms.rst :pr:445

... (truncated)

Commits
  • 56efd77 Release 4.9.6
  • d5d812a 🐛 fix(release): use double quotes for tag variable expansion (#477)
  • c2b0cee build(deps): bump pypa/gh-action-pypi-publish from 1.13.0 to 1.14.0 in the al...
  • 7688069 Release 4.9.5
  • 104d28b 📝 docs(appauthor): clarify None vs False on Windows (#476)
  • 0955048 [pre-commit.ci] pre-commit autoupdate (#475)
  • bd3c766 build(deps): bump astral-sh/setup-uv from 7.6.0 to 8.0.0 in the all group (#474)
  • 749ac3f Separates implementations of macOS dirs that share a default (#473)
  • cb88156 Remove persist-credentials: false from release job (#472)
  • a501eab [pre-commit.ci] pre-commit autoupdate (#470)
  • Additional commits viewable in compare view

Updates pytest from 9.0.2 to 9.0.3

Release notes

Sourced from pytest's releases.

9.0.3

pytest 9.0.3 (2026-04-07)

Bug fixes

  • #12444: Fixed pytest.approx which now correctly takes into account ~collections.abc.Mapping keys order to compare them.

  • #13634: Blocking a conftest.py file using the -p no: option is now explicitly disallowed.

    Previously this resulted in an internal assertion failure during plugin loading.

    Pytest now raises a clear UsageError explaining that conftest files are not plugins and cannot be disabled via -p.

  • #13734: Fixed crash when a test raises an exceptiongroup with __tracebackhide__ = True.

  • #14195: Fixed an issue where non-string messages passed to unittest.TestCase.subTest() were not printed.

  • #14343: Fixed use of insecure temporary directory (CVE-2025-71176).

Improved documentation

  • #13388: Clarified documentation for -p vs PYTEST_PLUGINS plugin loading and fixed an incorrect -p example.
  • #13731: Clarified that capture fixtures (e.g. capsys and capfd) take precedence over the -s / --capture=no command-line options in Accessing captured output from a test function <accessing-captured-output>.
  • #14088: Clarified that the default pytest_collection hook sets session.items before it calls pytest_collection_finish, not after.
  • #14255: TOML integer log levels must be quoted: Updating reference documentation.

Contributor-facing changes

  • #12689: The test reports are now published to Codecov from GitHub Actions. The test statistics is visible on the web interface.

    -- by aleguy02

Commits

Updates respx from 0.22.0 to 0.23.1

Release notes

Sourced from respx's releases.

Version 0.23.1

0.23.1 (8th April 2026)

Fixed

  • Fix regression causing params pattern to stop working under some conditions, by doing a strict detection of ANY in multi items patterns (#313)

CI

  • Update workflows actions (#310)

Version 0.23.0

0.23.0 (7th April 2026)

Fixed

  • Fix data pattern with list value (#264)
  • Fix and enhance incorrect documentations about iterable side effects (#287)
  • Fix documentation typo, thanks @​markhobson (#298)
  • Fix support for multiple slashes // in URL path by not using urljoin when prepending path, thanks @​lewiscollard and @​Skeen (#302)
  • Type Route.respond json as Any to align with HTTPX, thanks @​JacobHayes (#284)
  • Properly handle ANY in MuitiItems patterns (#289)

CI

Changelog

Sourced from respx's changelog.

[0.23.1] - 2026-04-08

Fixed

  • Fix regression causing params pattern to stop working under some conditions, by doing a strict detection of ANY in multi items patterns (#313)

CI

  • Update workflows actions (#310)

[0.23.0] - 2026-04-07

Fixed

  • Fix data pattern with list value (#264)
  • Fix and enhance incorrect documentations about iterable side effects (#287)
  • Fix documentation typo, thanks @​markhobson (#298)
  • Fix support for multiple slashes // in URL path by not using urljoin when prepending path, thanks @​lewiscollard and @​Skeen (#302)
  • Type Route.respond json as Any to align with HTTPX, thanks @​JacobHayes (#284)
  • Properly handle ANY in MuitiItems patterns (#289)

CI

Commits

Updates ruff from 0.15.8 to 0.15.11

Release notes

Sourced from ruff's releases.

0.15.11

Release Notes

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

Bug fixes

  • [flake8-async] Omit overridden methods for ASYNC109 (#24648)

Documentation

  • [flake8-async] Add override mention to ASYNC109 docs (#24666)
  • Update Neovim config examples to use vim.lsp.config (#24577)

Contributors

Install ruff 0.15.11

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.11/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.11/ruff-installer.ps1 | iex"

Download ruff 0.15.11

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.11

Released on 2026-04-16.

Preview features

  • [ruff] Ignore RUF029 when function is decorated with asynccontextmanager (#24642)
  • [airflow] Implement airflow-xcom-pull-in-template-string (AIR201) (#23583)
  • [flake8-bandit] Fix S103 false positives and negatives in mask analysis (#24424)

Bug fixes

  • [flake8-async] Omit overridden methods for ASYNC109 (#24648)

Documentation

  • [flake8-async] Add override mention to ASYNC109 docs (#24666)
  • Update Neovim config examples to use vim.lsp.config (#24577)

Contributors

0.15.10

Released on 2026-04-09.

Preview features

  • [flake8-logging] Allow closures in except handlers (LOG004) (#24464)
  • [flake8-self] Make SLF diagnostics robust to non-self-named variables (#24281)
  • [flake8-simplify] Make the fix for collapsible-if safe in preview (SIM102) (#24371)

Bug fixes

  • Avoid emitting multi-line f-string elements before Python 3.12 (#24377)
  • Avoid syntax error from E502 fixes in f-strings and t-strings (#24410)
  • Strip form feeds from indent passed to dedent_to (#24381)
  • [pyupgrade] Fix panic caused by handling of octals (UP012) (#24390)
  • Reject multi-line f-string elements before Python 3.12 (#24355)

Rule changes

  • [ruff] Treat f-string interpolation as potential side effect (RUF019) (#24426)

Server

... (truncated)

Commits

Updates basedpyright from 1.38.4 to 1.39.3

Commits
  • 5f66727 1.39.3
  • d8741df hopefully fix docs deployment job
  • ceb200c 1.39.2
  • eb7a92c try to fix browser-basedpyright being published with nothing in it
  • dec5306 update package-lock.json
  • 6db43de 1.39.1
  • 335e486 fix failing tests from merge
  • bbe71b6 delete newly added github action from upstream that we don't use
  • 8f22618 update prettierignore
  • ff1f5a4 fix compile errors from merge
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the dependencies group across 1 directory with 8 up…
9eba493 
…dates

Bumps the dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [pydantic](https://github.com/pydantic/pydantic) | `2.12.5` | `2.13.3` |
| [typer](https://github.com/fastapi/typer) | `0.24.1` | `0.24.2` |
| [cryptography](https://github.com/pyca/cryptography) | `46.0.6` | `46.0.7` |
| [platformdirs](https://github.com/tox-dev/platformdirs) | `4.9.4` | `4.9.6` |
| [pytest](https://github.com/pytest-dev/pytest) | `9.0.2` | `9.0.3` |
| [respx](https://github.com/lundberg/respx) | `0.22.0` | `0.23.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.15.8` | `0.15.11` |
| [basedpyright](https://github.com/detachhead/basedpyright) | `1.38.4` | `1.39.3` |



Updates `pydantic` from 2.12.5 to 2.13.3
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](pydantic/pydantic@v2.12.5...v2.13.3)

Updates `typer` from 0.24.1 to 0.24.2
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.24.1...0.24.2)

Updates `cryptography` from 46.0.6 to 46.0.7
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.6...46.0.7)

Updates `platformdirs` from 4.9.4 to 4.9.6
- [Release notes](https://github.com/tox-dev/platformdirs/releases)
- [Changelog](https://github.com/tox-dev/platformdirs/blob/main/docs/changelog.rst)
- [Commits](tox-dev/platformdirs@4.9.4...4.9.6)

Updates `pytest` from 9.0.2 to 9.0.3
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](pytest-dev/pytest@9.0.2...9.0.3)

Updates `respx` from 0.22.0 to 0.23.1
- [Release notes](https://github.com/lundberg/respx/releases)
- [Changelog](https://github.com/lundberg/respx/blob/master/CHANGELOG.md)
- [Commits](lundberg/respx@0.22.0...0.23.1)

Updates `ruff` from 0.15.8 to 0.15.11
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.8...0.15.11)

Updates `basedpyright` from 1.38.4 to 1.39.3
- [Release notes](https://github.com/detachhead/basedpyright/releases)
- [Commits](DetachHead/basedpyright@v1.38.4...v1.39.3)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-version: 2.13.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: typer
  dependency-version: 0.24.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: cryptography
  dependency-version: 46.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: platformdirs
  dependency-version: 4.9.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: pytest
  dependency-version: 9.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: respx
  dependency-version: 0.23.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: ruff
  dependency-version: 0.15.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: basedpyright
  dependency-version: 1.39.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Apr 24, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 1, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 1, 2026
@dependabot dependabot Bot deleted the dependabot/uv/dependencies-e2cf6ef6c8 branch May 1, 2026 05:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants