kaslo/synapse
1
0
Fork 0
Code Wiki Activity
24,899 Commits 1,047 Branches 805 Tags
anoa/minimum_python_3_9_12
Commit Graph

691 Commits

Author SHA1 Message Date
Andrew Morgan
4f9c523cb5 Set minimum python version to 3.9.12 
This matches Twisted's minimum required version.

See twisted/twisted@27674f6
 2025-07-16 10:41:58 +01:00
dependabot[bot]
78ce4dc26f Bump mypy from 1.13.0 to 1.16.1 (#18653) 2025-07-15 14:42:54 +01:00
dependabot[bot]
945e22303c Bump phonenumbers from 9.0.8 to 9.0.9 (#18681) 2025-07-15 11:47:59 +01:00
Quentin Gliech
1e5e6a48be Use markdown-it-py instead of commonmark in the release script. (#18637) 
`commonmark` has been deprecated in favor of `markdown-it-py`, and its
type hints have been [removed from
typeshed](https://github.com/python/typeshed/issues/13725).

This switches the release script to use `markdown-it-py` instead of
`commonmark` for parsing the `CHANGES.md`
 2025-07-11 12:54:46 +00:00
dependabot[bot]
57220706b2 Bump typing-extensions from 4.14.0 to 4.14.1 (#18668) 
Bumps [typing-extensions](https://github.com/python/typing_extensions)
from 4.14.0 to 4.14.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/releases">typing-extensions's
releases</a>.</em></p>
<blockquote>
<h2>4.14.1</h2>
<h1>Release 4.14.1 (July 4, 2025)</h1>
<ul>
<li>Fix usage of <code>typing_extensions.TypedDict</code> nested inside
other types
(e.g., <code>typing.Type[typing_extensions.TypedDict]</code>). This is
not allowed by the
type system but worked on older versions, so we maintain support.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's
changelog</a>.</em></p>
<blockquote>
<h1>Release 4.14.1 (July 4, 2025)</h1>
<ul>
<li>Fix usage of <code>typing_extensions.TypedDict</code> nested inside
other types
(e.g., <code>typing.Type[typing_extensions.TypedDict]</code>). This is
not allowed by the
type system but worked on older versions, so we maintain support.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="42027aba35"><code>42027ab</code></a>
Prepare release 4.14.1 (<a
href="https://redirect.github.com/python/typing_extensions/issues/620">#620</a>)</li>
<li><a
href="59d2c20858"><code>59d2c20</code></a>
Fix off by one in pickle protocol tests (<a
href="https://redirect.github.com/python/typing_extensions/issues/618">#618</a>)</li>
<li><a
href="40e22ebb2c"><code>40e22eb</code></a>
Do not use slots for <code>_TypedDictSpecialForm</code> (<a
href="https://redirect.github.com/python/typing_extensions/issues/616">#616</a>)</li>
<li><a
href="d17c456d36"><code>d17c456</code></a>
allow TypedDict as a type argument (<a
href="https://redirect.github.com/python/typing_extensions/issues/614">#614</a>)</li>
<li>See full diff in <a
href="https://github.com/python/typing_extensions/compare/4.14.0...4.14.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typing-extensions&package-manager=pip&previous-version=4.14.0&new-version=4.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-07 13:24:30 +00:00
dependabot[bot]
49e46b84de Bump types-psycopg2 from 2.9.21.20250318 to 2.9.21.20250516 (#18658) 
Bumps
[types-psycopg2](https://github.com/typeshed-internal/stub_uploader)
from 2.9.21.20250318 to 2.9.21.20250516.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-psycopg2&package-manager=pip&previous-version=2.9.21.20250318&new-version=2.9.21.20250516)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-04 11:13:41 +00:00
dependabot[bot]
4a7b166d80 Bump ruff from 0.12.1 to 0.12.2 (#18657) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.12.1 to 0.12.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.12.2</h2>
<h2>Release Notes</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>flake8-pyi</code>] Expand <code>Optional[A]</code> to <code>A
| None</code> (<code>PYI016</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18572">#18572</a>)</li>
<li>[<code>pyupgrade</code>] Mark <code>UP008</code> fix safe if no
comments are in range (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18683">#18683</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[<code>flake8-comprehensions</code>] Fix <code>C420</code> to
prepend whitespace when needed (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18616">#18616</a>)</li>
<li>[<code>perflint</code>] Fix <code>PERF403</code> panic on attribute
or subscription loop variable (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19042">#19042</a>)</li>
<li>[<code>pydocstyle</code>] Fix <code>D413</code> infinite loop for
parenthesized docstring (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18930">#18930</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLW0108</code> autofix introducing a
syntax error when the lambda's body contains an assignment expression
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18678">#18678</a>)</li>
<li>[<code>refurb</code>] Fix false positive on empty tuples
(<code>FURB168</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19058">#19058</a>)</li>
<li>[<code>ruff</code>] Allow more <code>field</code> calls from
<code>attrs</code> (<code>RUF009</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19021">#19021</a>)</li>
<li>[<code>ruff</code>] Fix syntax error introduced for an empty string
followed by a u-prefixed string (<code>UP025</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18899">#18899</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>flake8-executable</code>] Allow <code>uvx</code> in shebang
line (<code>EXE003</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18967">#18967</a>)</li>
<li>[<code>pandas</code>] Avoid flagging <code>PD002</code> if
<code>pandas</code> is not imported (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18963">#18963</a>)</li>
<li>[<code>pyupgrade</code>] Avoid PEP-604 unions with
<code>typing.NamedTuple</code> (<code>UP007</code>, <code>UP045</code>)
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18682">#18682</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Document link between <code>import-outside-top-level
(PLC0415)</code> and
<code>lint.flake8-tidy-imports.banned-module-level-imports</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18733">#18733</a>)</li>
<li>Fix description of the <code>format.skip-magic-trailing-comma</code>
example (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19095">#19095</a>)</li>
<li>[<code>airflow</code>] Make <code>AIR302</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18988">#18988</a>)</li>
<li>[<code>airflow</code>] Make <code>AIR312</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18989">#18989</a>)</li>
<li>[<code>flake8-annotations</code>] Make <code>ANN401</code> example
error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18974">#18974</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC100</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18993">#18993</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC105</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19002">#19002</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC110</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18975">#18975</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC210</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18977">#18977</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC220</code>,
<code>ASYNC221</code>, and <code>ASYNC222</code> examples error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18978">#18978</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC251</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18990">#18990</a>)</li>
<li>[<code>flake8-bandit</code>] Make <code>S201</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19017">#19017</a>)</li>
<li>[<code>flake8-bandit</code>] Make <code>S604</code> and
<code>S609</code> examples error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19049">#19049</a>)</li>
<li>[<code>flake8-bugbear</code>] Make <code>B028</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19054">#19054</a>)</li>
<li>[<code>flake8-bugbear</code>] Make <code>B911</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19051">#19051</a>)</li>
<li>[<code>flake8-datetimez</code>] Make <code>DTZ011</code> example
error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19055">#19055</a>)</li>
<li>[<code>flake8-datetimez</code>] Make <code>DTZ901</code> example
error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19056">#19056</a>)</li>
<li>[<code>flake8-pyi</code>] Make <code>PYI032</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19061">#19061</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI014</code>, <code>PYI015</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19097">#19097</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI042</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19101">#19101</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI059</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19080">#19080</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI062</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19079">#19079</a>)</li>
<li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box
(<code>PT023</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19104">#19104</a>)</li>
<li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box
(<code>PT030</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19105">#19105</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.12.2</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>flake8-pyi</code>] Expand <code>Optional[A]</code> to <code>A
| None</code> (<code>PYI016</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18572">#18572</a>)</li>
<li>[<code>pyupgrade</code>] Mark <code>UP008</code> fix safe if no
comments are in range (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18683">#18683</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>[<code>flake8-comprehensions</code>] Fix <code>C420</code> to
prepend whitespace when needed (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18616">#18616</a>)</li>
<li>[<code>perflint</code>] Fix <code>PERF403</code> panic on attribute
or subscription loop variable (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19042">#19042</a>)</li>
<li>[<code>pydocstyle</code>] Fix <code>D413</code> infinite loop for
parenthesized docstring (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18930">#18930</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLW0108</code> autofix introducing a
syntax error when the lambda's body contains an assignment expression
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18678">#18678</a>)</li>
<li>[<code>refurb</code>] Fix false positive on empty tuples
(<code>FURB168</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19058">#19058</a>)</li>
<li>[<code>ruff</code>] Allow more <code>field</code> calls from
<code>attrs</code> (<code>RUF009</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19021">#19021</a>)</li>
<li>[<code>ruff</code>] Fix syntax error introduced for an empty string
followed by a u-prefixed string (<code>UP025</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18899">#18899</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>[<code>flake8-executable</code>] Allow <code>uvx</code> in shebang
line (<code>EXE003</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18967">#18967</a>)</li>
<li>[<code>pandas</code>] Avoid flagging <code>PD002</code> if
<code>pandas</code> is not imported (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18963">#18963</a>)</li>
<li>[<code>pyupgrade</code>] Avoid PEP-604 unions with
<code>typing.NamedTuple</code> (<code>UP007</code>, <code>UP045</code>)
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18682">#18682</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Document link between <code>import-outside-top-level
(PLC0415)</code> and
<code>lint.flake8-tidy-imports.banned-module-level-imports</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18733">#18733</a>)</li>
<li>Fix description of the <code>format.skip-magic-trailing-comma</code>
example (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19095">#19095</a>)</li>
<li>[<code>airflow</code>] Make <code>AIR302</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18988">#18988</a>)</li>
<li>[<code>airflow</code>] Make <code>AIR312</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18989">#18989</a>)</li>
<li>[<code>flake8-annotations</code>] Make <code>ANN401</code> example
error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18974">#18974</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC100</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18993">#18993</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC105</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19002">#19002</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC110</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18975">#18975</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC210</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18977">#18977</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC220</code>,
<code>ASYNC221</code>, and <code>ASYNC222</code> examples error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18978">#18978</a>)</li>
<li>[<code>flake8-async</code>] Make <code>ASYNC251</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18990">#18990</a>)</li>
<li>[<code>flake8-bandit</code>] Make <code>S201</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19017">#19017</a>)</li>
<li>[<code>flake8-bandit</code>] Make <code>S604</code> and
<code>S609</code> examples error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19049">#19049</a>)</li>
<li>[<code>flake8-bugbear</code>] Make <code>B028</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19054">#19054</a>)</li>
<li>[<code>flake8-bugbear</code>] Make <code>B911</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19051">#19051</a>)</li>
<li>[<code>flake8-datetimez</code>] Make <code>DTZ011</code> example
error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19055">#19055</a>)</li>
<li>[<code>flake8-datetimez</code>] Make <code>DTZ901</code> example
error out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19056">#19056</a>)</li>
<li>[<code>flake8-pyi</code>] Make <code>PYI032</code> example error
out-of-the-box (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19061">#19061</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI014</code>, <code>PYI015</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19097">#19097</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI042</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19101">#19101</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI059</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19080">#19080</a>)</li>
<li>[<code>flake8-pyi</code>] Make example error out-of-the-box
(<code>PYI062</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19079">#19079</a>)</li>
<li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box
(<code>PT023</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19104">#19104</a>)</li>
<li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box
(<code>PT030</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19105">#19105</a>)</li>
<li>[<code>flake8-quotes</code>] Make example error out-of-the-box
(<code>Q003</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/19106">#19106</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9bee8376a1"><code>9bee837</code></a>
Bump 0.12.2 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19126">#19126</a>)</li>
<li><a
href="1c6717b149"><code>1c6717b</code></a>
Filter private symbols from stubs if they are internal types (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19121">#19121</a>)</li>
<li><a
href="1b813cd5f1"><code>1b813cd</code></a>
Fix description of the <code>format.skip-magic-trailing-comma</code>
example (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19095">#19095</a>)</li>
<li><a
href="b00f68a23c"><code>b00f68a</code></a>
[<code>ruff</code>] Allow more <code>field</code> calls from
<code>attrs</code> (<code>RUF009</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19021">#19021</a>)</li>
<li><a
href="710c60f713"><code>710c60f</code></a>
[<code>flake8-pytest-style</code>] Make example error out-of-the-box
(<code>PT023</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19104">#19104</a>)</li>
<li><a
href="811e25d16e"><code>811e25d</code></a>
[<code>flake8-pytest-style</code>] Make example error out-of-the-box
(<code>PT030</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19105">#19105</a>)</li>
<li><a
href="b78af2db48"><code>b78af2d</code></a>
[<code>flake8-quotes</code>] Make example error out-of-the-box
(<code>Q003</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19106">#19106</a>)</li>
<li><a
href="4f36f0677f"><code>4f36f06</code></a>
Document link between <code>import-outside-top-level (PLC0415)</code>
and `lint.flake8-t...</li>
<li><a
href="2589a2938e"><code>2589a29</code></a>
[<code>flake8-simplify</code>] Make example error out-of-the-box
(<code>SIM113</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19109">#19109</a>)</li>
<li><a
href="26bb8f7b71"><code>26bb8f7</code></a>
[<code>flake8-simplify</code>] Make example error out-of-the-box
(<code>SIM401</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/19110">#19110</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.12.1...0.12.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.12.1&new-version=0.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-04 11:12:59 +00:00
dependabot[bot]
d61b919030 Bump setuptools-rust from 1.10.2 to 1.11.1 (#18655) 
Bumps [setuptools-rust](https://github.com/PyO3/setuptools-rust) from
1.10.2 to 1.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/PyO3/setuptools-rust/releases">setuptools-rust's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.1</h2>
<h3>Fixed</h3>
<ul>
<li>Fix finding cargo artifacts when filenames are empty. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/521">#521</a></li>
</ul>
<h2>v1.11.0</h2>
<h3>Packaging</h3>
<ul>
<li>Drop support for Python 3.8. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/479">#479</a></li>
<li>Support free-threaded Python. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/502">#502</a></li>
<li>Support adding custom env vars. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/504">#504</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/PyO3/setuptools-rust/blob/main/CHANGELOG.md">setuptools-rust's
changelog</a>.</em></p>
<blockquote>
<h2>1.11.1 (2025-04-04)</h2>
<h3>Fixed</h3>
<ul>
<li>Fix finding cargo artifacts when filenames are empty. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/521">#521</a></li>
</ul>
<h2>1.11.0 (2025-03-14)</h2>
<h3>Packaging</h3>
<ul>
<li>Drop support for Python 3.8. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/479">#479</a></li>
<li>Support free-threaded Python. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/502">#502</a></li>
<li>Support adding custom env vars. <a
href="https://redirect.github.com/PyO3/setuptools-rust/pull/504">#504</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cc5c233993"><code>cc5c233</code></a>
release: 1.11.1 (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/529">#529</a>)</li>
<li><a
href="faa610deef"><code>faa610d</code></a>
Fix finding cargo artifacts when <code>filenames</code> are empty (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/521">#521</a>)</li>
<li><a
href="a766bd503f"><code>a766bd5</code></a>
use <code>SETUPTOOLS_RUST_CARGO_PROFILE=dev</code> for main matrix,
document it (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/527">#527</a>)</li>
<li><a
href="229c492984"><code>229c492</code></a>
build(deps): bump the deps group across 5 directories with 1 update (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/522">#522</a>)</li>
<li><a
href="4141b0b4c8"><code>4141b0b</code></a>
build(deps): bump pypa/cibuildwheel from 2.22.0 to 2.23.2 (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/523">#523</a>)</li>
<li><a
href="fc4d72c6b9"><code>fc4d72c</code></a>
build(deps): bump pyo3 in /examples/hello-world-setuppy (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/524">#524</a>)</li>
<li><a
href="f20ba9c69c"><code>f20ba9c</code></a>
replace quansight-labs/setup-python with actions/setup-python (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/520">#520</a>)</li>
<li><a
href="1054e1c645"><code>1054e1c</code></a>
release: 1.11.0 (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/518">#518</a>)</li>
<li><a
href="d6817d765e"><code>d6817d7</code></a>
Support adding custom env vars (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/504">#504</a>)</li>
<li><a
href="17980efa98"><code>17980ef</code></a>
build(deps): bump the deps group across 3 directories with 1 update (<a
href="https://redirect.github.com/PyO3/setuptools-rust/issues/516">#516</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/PyO3/setuptools-rust/compare/v1.10.2...v1.11.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=setuptools-rust&package-manager=pip&previous-version=1.10.2&new-version=1.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-04 09:05:25 +00:00
dependabot[bot]
cb0d5a3012 Bump typing-extensions from 4.12.2 to 4.14.0 (#18654) 
Bumps [typing-extensions](https://github.com/python/typing_extensions)
from 4.12.2 to 4.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/releases">typing-extensions's
releases</a>.</em></p>
<blockquote>
<h2>4.14.0</h2>
<p>This release adds several new features, including experimental
support for inline typed dictionaries (<a
href="https://peps.python.org/pep-0764/">PEP 764</a>) and sentinels (<a
href="https://peps.python.org/pep-0661/">PEP 661</a>), and support for
changes in Python 3.14. In addition, Python 3.8 is no longer
supported.</p>
<p>Changes since 4.14.0rc1:</p>
<ul>
<li>Remove <code>__or__</code> and <code>__ror__</code> methods from
<code>typing_extensions.Sentinel</code>
on Python versions &lt;3.10. PEP 604 was introduced in Python 3.10, and
<code>typing_extensions</code> does not generally attempt to backport
PEP-604 methods
to prior versions.</li>
<li>Further update <code>typing_extensions.evaluate_forward_ref</code>
with changes in Python 3.14.</li>
</ul>
<p>Changes included in 4.14.0rc1:</p>
<ul>
<li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a
href="https://github.com/Viicos">Victorien Plot</a>.</li>
<li>Do not attempt to re-export names that have been removed from
<code>typing</code>,
anticipating the removal of <code>typing.no_type_check_decorator</code>
in Python 3.15.
Patch by Jelle Zijlstra.</li>
<li>Update <code>typing_extensions.Format</code>,
<code>typing_extensions.evaluate_forward_ref</code>, and
<code>typing_extensions.TypedDict</code> to align
with changes in Python 3.14. Patches by Jelle Zijlstra.</li>
<li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li>
</ul>
<p>New features:</p>
<ul>
<li>Add support for inline typed dictionaries (<a
href="https://peps.python.org/pep-0764/">PEP 764</a>).
Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li>
<li>Add <code>typing_extensions.Reader</code> and
<code>typing_extensions.Writer</code>. Patch by
Sebastian Rittau.</li>
<li>Add support for sentinels (<a
href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by
<a href="https://github.com/Viicos">Victorien Plot</a>.</li>
</ul>
<h2>4.14.0rc1</h2>
<p>Major changes:</p>
<ul>
<li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a
href="https://github.com/Viicos">Victorien Plot</a>.</li>
<li>Do not attempt to re-export names that have been removed from
<code>typing</code>,
anticipating the removal of <code>typing.no_type_check_decorator</code>
in Python 3.15.
Patch by Jelle Zijlstra.</li>
<li>Update <code>typing_extensions.Format</code>,
<code>typing_extensions.evaluate_forward_ref</code>, and
<code>typing_extensions.TypedDict</code> to align
with changes in Python 3.14. Patches by Jelle Zijlstra.</li>
<li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li>
</ul>
<p>New features:</p>
<ul>
<li>Add support for inline typed dictionaries (<a
href="https://peps.python.org/pep-0764/">PEP 764</a>).
Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li>
<li>Add <code>typing_extensions.Reader</code> and
<code>typing_extensions.Writer</code>. Patch by
Sebastian Rittau.</li>
<li>Add support for sentinels (<a
href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's
changelog</a>.</em></p>
<blockquote>
<h1>Release 4.14.0 (June 2, 2025)</h1>
<p>Changes since 4.14.0rc1:</p>
<ul>
<li>Remove <code>__or__</code> and <code>__ror__</code> methods from
<code>typing_extensions.Sentinel</code>
on Python versions &lt;3.10. PEP 604 was introduced in Python 3.10, and
<code>typing_extensions</code> does not generally attempt to backport
PEP-604 methods
to prior versions.</li>
<li>Further update <code>typing_extensions.evaluate_forward_ref</code>
with changes in Python 3.14.</li>
</ul>
<h1>Release 4.14.0rc1 (May 24, 2025)</h1>
<ul>
<li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a
href="https://github.com/Viicos">Victorien Plot</a>.</li>
<li>Do not attempt to re-export names that have been removed from
<code>typing</code>,
anticipating the removal of <code>typing.no_type_check_decorator</code>
in Python 3.15.
Patch by Jelle Zijlstra.</li>
<li>Update <code>typing_extensions.Format</code>,
<code>typing_extensions.evaluate_forward_ref</code>, and
<code>typing_extensions.TypedDict</code> to align
with changes in Python 3.14. Patches by Jelle Zijlstra.</li>
<li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li>
</ul>
<p>New features:</p>
<ul>
<li>Add support for inline typed dictionaries (<a
href="https://peps.python.org/pep-0764/">PEP 764</a>).
Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li>
<li>Add <code>typing_extensions.Reader</code> and
<code>typing_extensions.Writer</code>. Patch by
Sebastian Rittau.</li>
<li>Add support for sentinels (<a
href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by
<a href="https://github.com/Viicos">Victorien Plot</a>.</li>
</ul>
<h1>Release 4.13.2 (April 10, 2025)</h1>
<ul>
<li>Fix <code>TypeError</code> when taking the union of
<code>typing_extensions.TypeAliasType</code> and a
<code>typing.TypeAliasType</code> on Python 3.12 and 3.13.
Patch by <a href="https://github.com/jorenham">Joren
Hammudoglu</a>.</li>
<li>Backport from CPython PR <a
href="https://redirect.github.com/python/cpython/pull/132160">#132160</a>
to avoid having user arguments shadowed in generated
<code>__new__</code> by
<code>@typing_extensions.deprecated</code>.
Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li>
</ul>
<h1>Release 4.13.1 (April 3, 2025)</h1>
<p>Bugfixes:</p>
<ul>
<li>Fix regression in 4.13.0 on Python 3.10.2 causing a
<code>TypeError</code> when using <code>Concatenate</code>.
Patch by <a href="https://github.com/Daraan">Daraan</a>.</li>
<li>Fix <code>TypeError</code> when using
<code>evaluate_forward_ref</code> on Python 3.10.1-2 and 3.9.8-10.
Patch by <a href="https://github.com/Daraan">Daraan</a>.</li>
</ul>
<h1>Release 4.13.0 (March 25, 2025)</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b07d245256"><code>b07d245</code></a>
Prepare release 4.14.0 (<a
href="https://redirect.github.com/python/typing_extensions/issues/612">#612</a>)</li>
<li><a
href="fcf5265b30"><code>fcf5265</code></a>
Backport evaluate_forward_ref() changes (<a
href="https://redirect.github.com/python/typing_extensions/issues/611">#611</a>)</li>
<li><a
href="fadc1edbcf"><code>fadc1ed</code></a>
Remove PEP-604 methods from <code>Sentinel</code> on Python &lt;3.10 (<a
href="https://redirect.github.com/python/typing_extensions/issues/605">#605</a>)</li>
<li><a
href="44de568f73"><code>44de568</code></a>
Add 3.14 to project classifiers and tox.ini (<a
href="https://redirect.github.com/python/typing_extensions/issues/604">#604</a>)</li>
<li><a
href="36cc476058"><code>36cc476</code></a>
Prepare release 4.14.0rc1 (<a
href="https://redirect.github.com/python/typing_extensions/issues/603">#603</a>)</li>
<li><a
href="ec1876c650"><code>ec1876c</code></a>
More fixes for 3.14 and 3.15 (<a
href="https://redirect.github.com/python/typing_extensions/issues/602">#602</a>)</li>
<li><a
href="e89d789104"><code>e89d789</code></a>
Update <code>_caller()</code> implementation (<a
href="https://redirect.github.com/python/typing_extensions/issues/598">#598</a>)</li>
<li><a
href="34bfd8423a"><code>34bfd84</code></a>
third party: fix typeguard (<a
href="https://redirect.github.com/python/typing_extensions/issues/600">#600</a>)</li>
<li><a
href="479dae13d0"><code>479dae1</code></a>
Add support for sentinels (PEP 661) (<a
href="https://redirect.github.com/python/typing_extensions/issues/594">#594</a>)</li>
<li><a
href="f74a56a725"><code>f74a56a</code></a>
Update PEP 649/749 implementation (<a
href="https://redirect.github.com/python/typing_extensions/issues/596">#596</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/python/typing_extensions/compare/4.12.2...4.14.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typing-extensions&package-manager=pip&previous-version=4.12.2&new-version=4.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 15:03:08 +00:00
dependabot[bot]
6096cb4054 Bump phonenumbers from 9.0.2 to 9.0.8 (#18652) 
Bumps
[phonenumbers](https://github.com/daviddrysdale/python-phonenumbers)
from 9.0.2 to 9.0.8.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9959754cdf"><code>9959754</code></a>
Prep for 9.0.8 release</li>
<li><a
href="6ffa6ffbec"><code>6ffa6ff</code></a>
Generated files for metadata</li>
<li><a
href="4b028b4bd3"><code>4b028b4</code></a>
Merge metadata changes from upstream 9.0.8</li>
<li><a
href="6817dfb5ab"><code>6817dfb</code></a>
Prep for 9.0.7 release</li>
<li><a
href="e9a48434e2"><code>e9a4843</code></a>
Generated files for metadata</li>
<li><a
href="8580645ba9"><code>8580645</code></a>
Merge metadata changes from upstream 9.0.7</li>
<li><a
href="e6d5f6270e"><code>e6d5f62</code></a>
Prep for 9.0.6 release</li>
<li><a
href="e4e7dbec6c"><code>e4e7dbe</code></a>
Generated files for metadata</li>
<li><a
href="a8425e7a91"><code>a8425e7</code></a>
Merge metadata changes from upstream 9.0.6</li>
<li><a
href="e90d8ea116"><code>e90d8ea</code></a>
Prep for 9.0.5 release</li>
<li>Additional commits viewable in <a
href="https://github.com/daviddrysdale/python-phonenumbers/compare/v9.0.2...v9.0.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=phonenumbers&package-manager=pip&previous-version=9.0.2&new-version=9.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 15:01:59 +00:00
dependabot[bot]
fc710c4804 Bump attrs from 24.2.0 to 25.3.0 (#18649) 
Bumps [attrs](https://github.com/sponsors/hynek) from 24.2.0 to 25.3.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sponsors/hynek/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=attrs&package-manager=pip&previous-version=24.2.0&new-version=25.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 13:28:02 +00:00
dependabot[bot]
4ad93b296f Bump authlib from 1.5.2 to 1.6.0 (#18642) 
Bumps [authlib](https://github.com/authlib/authlib) from 1.5.2 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/authlib/authlib/releases">authlib's
releases</a>.</em></p>
<blockquote>
<h2>Version 1.6.0</h2>
<ul>
<li>Fix issue when <a
href="https://datatracker.ietf.org/doc/html/rfc9207.html">RFC9207</a> is
enabled and the authorization endpoint response is not a redirection.
[pull request <a
href="https://redirect.github.com/authlib/authlib/issues/733">#733</a>](<a
href="https://redirect.github.com/authlib/authlib/pull/733">authlib/authlib#733</a>)</li>
<li>Fix missing state parameter in authorization error responses. [issue
<a
href="https://redirect.github.com/authlib/authlib/issues/525">#525</a>](<a
href="https://redirect.github.com/authlib/authlib/issues/525">authlib/authlib#525</a>)</li>
<li>Support for acr and amr claims in id_token. [issue <a
href="https://redirect.github.com/authlib/authlib/issues/734">#734</a>](<a
href="https://redirect.github.com/authlib/authlib/issues/734">authlib/authlib#734</a>)</li>
<li>Support for the none JWS algorithm.</li>
<li>Fix response_types strict order during dynamic client registration.
[issue <a
href="https://redirect.github.com/authlib/authlib/issues/760">#760</a>](<a
href="https://redirect.github.com/authlib/authlib/issues/760">authlib/authlib#760</a>)</li>
<li>Implement <a
href="https://datatracker.ietf.org/doc/html/rfc9101.html">RFC9101 The
OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request
(JAR)</a>. [issue <a
href="https://redirect.github.com/authlib/authlib/issues/723">#723</a>](<a
href="https://redirect.github.com/authlib/authlib/issues/723">authlib/authlib#723</a>)</li>
<li>OIDC <a
href="https://docs.authlib.org/en/latest/specs/oidc.html#authlib.oidc.core.UserInfoEndpoint">UserInfo
endpoint</a> support. [issue <a
href="https://redirect.github.com/authlib/authlib/issues/459">#459</a>](<a
href="https://redirect.github.com/authlib/authlib/issues/459">authlib/authlib#459</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/authlib/authlib/blob/main/docs/changelog.rst">authlib's
changelog</a>.</em></p>
<blockquote>
<h2>Version 1.6.0</h2>
<p><strong>Released on May 22, 2025</strong></p>
<ul>
<li>Fix issue when :rfc:<code>RFC9207 &lt;9207&gt;</code> is enabled and
the authorization endpoint response is not a redirection.
:pr:<code>733</code></li>
<li>Fix missing <code>state</code> parameter in authorization error
responses. :issue:<code>525</code></li>
<li>Support for <code>acr</code> and <code>amr</code> claims in
<code>id_token</code>. :issue:<code>734</code></li>
<li>Support for the <code>none</code> JWS algorithm.</li>
<li>Fix <code>response_types</code> strict order during dynamic client
registration. :issue:<code>760</code></li>
<li>Implement :rfc:<code>RFC9101 The OAuth 2.0 Authorization Framework:
JWT-Secured Authorization Request (JAR) &lt;9101&gt;</code>.
:issue:<code>723</code></li>
<li>OIDC :class:<code>UserInfo endpoint
&lt;authlib.oidc.core.userinfo.UserInfoEndpoint&gt;</code> support.
:issue:<code>459</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fe87a117f9"><code>fe87a11</code></a>
chore: release version 1.6.0</li>
<li><a
href="036a0b7153"><code>036a0b7</code></a>
Merge pull request <a
href="https://redirect.github.com/authlib/authlib/issues/774">#774</a>
from azmeuk/459-userinfo</li>
<li><a
href="449a1a24a4"><code>449a1a2</code></a>
feat: OIDC userinfo endpoint support</li>
<li><a
href="d429c36717"><code>d429c36</code></a>
Merge pull request <a
href="https://redirect.github.com/authlib/authlib/issues/749">#749</a>
from azmeuk/724-jar</li>
<li><a
href="a524d23e95"><code>a524d23</code></a>
chore: move 1.7 deprecations to 1.8</li>
<li><a
href="f37e60ec0c"><code>f37e60e</code></a>
feat: implement rfc9101 JWT authorization request</li>
<li><a
href="8a6c714fdb"><code>8a6c714</code></a>
refactor: OAuth2 hook mechanism overhaul</li>
<li><a
href="ff1b66bedc"><code>ff1b66b</code></a>
refactor: extract OAuth2Payload from OAuth2Request</li>
<li><a
href="98eebd14b9"><code>98eebd1</code></a>
refactor: remove uncovered code in OAuth2Request</li>
<li><a
href="1b848e2a1e"><code>1b848e2</code></a>
refactor: create_authorization_response can take an optional 'grant'
arg</li>
<li>Additional commits viewable in <a
href="https://github.com/authlib/authlib/compare/v1.5.2...v1.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=authlib&package-manager=pip&previous-version=1.5.2&new-version=1.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 13:20:07 +00:00
dependabot[bot]
acabececc4 Bump ijson from 3.3.0 to 3.4.0 (#18650) 
Bumps [ijson](https://github.com/ICRAR/ijson) from 3.3.0 to 3.4.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ICRAR/ijson/blob/master/CHANGELOG.md">ijson's
changelog</a>.</em></p>
<blockquote>
<h2>[3.4.0]</h2>
<ul>
<li>Added support for PEP 489 multi-phase initialisation
and per-module state for our C extension,
allowing us to support sub-interpreters with per-interpreter GIL.</li>
<li>Advertise support for free-threading python mode.</li>
<li>Removed support for Python &lt; 3.9.</li>
<li>Enhanced generators so they yield all possible results to users
before errors are raised (<a
href="https://redirect.github.com/ICRAR/ijson/issues/123">#123</a>).</li>
<li>Added <code>ijson.ALL_BACKENDS</code> constant
listing all supported backends
(which might or not be available at runtime).</li>
<li>Added a <code>capabilities</code> constant to each backend
describing which capabilities it supports.</li>
<li>Exposing backend's name under
<code>&lt;backend&gt;.backend_name</code>,
and default backend's name under <code>ijson.backend_name</code>.
This is similar to the already existing <code>name</code> constant,
only slightly better named to hopefully avoid confusion.</li>
<li>Restructured source code so all code lives under <code>src/</code>,
and the <code>ijson.backends._yajl2</code> extension under
<code>src/ijson/backends/ext/_yajl2</code>.
This allows C backend tests to actually run on cibuildwheel.</li>
<li>Improved performance of <code>parse</code> routine in C backend by
~4%.</li>
<li>Fixed several potential stability issues in C backend
around correct error handling.</li>
<li>Fixed corner-case wrong behaviour of <code>yajl2_c</code> backend,
which didn't work correctly with user-provided event names.</li>
<li>Pointing to our own fork of yajl (for when we build it ourselves)
that contains fixes for all known CVEs (<a
href="https://redirect.github.com/ICRAR/ijson/issues/126">#126</a>).</li>
<li>Removed leftover compatibility bits in the C backend.</li>
<li>Fixed potential issue with <code>yajl</code> and <code>yajl2</code>
backends
where crashes could occur at interpreter shutdown.</li>
<li>Removed tox.</li>
<li>Moved static project metadata to <code>pyproject.toml</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="36701bed11"><code>36701be</code></a>
Release ijson 3.4.0</li>
<li><a
href="cfb044a36f"><code>cfb044a</code></a>
Modernize packaging (<a
href="https://redirect.github.com/ICRAR/ijson/issues/138">#138</a>)</li>
<li><a
href="044cf9b6b9"><code>044cf9b</code></a>
Bump pypa/cibuildwheel from 2.23.2 to 2.23.3 (<a
href="https://redirect.github.com/ICRAR/ijson/issues/140">#140</a>)</li>
<li><a
href="81e24b4045"><code>81e24b4</code></a>
Allow building embedded yajl with cmake 4.0</li>
<li><a
href="b3f9647a54"><code>b3f9647</code></a>
Bump pypa/cibuildwheel from 2.23.1 to 2.23.2 (<a
href="https://redirect.github.com/ICRAR/ijson/issues/137">#137</a>)</li>
<li><a
href="d8fd6d2ef5"><code>d8fd6d2</code></a>
Bump pypa/cibuildwheel from 2.23.0 to 2.23.1 (<a
href="https://redirect.github.com/ICRAR/ijson/issues/134">#134</a>)</li>
<li><a
href="caebc6fa38"><code>caebc6f</code></a>
Bump pypa/cibuildwheel from 2.22.0 to 2.23.0 (<a
href="https://redirect.github.com/ICRAR/ijson/issues/133">#133</a>)</li>
<li><a
href="698b114e7c"><code>698b114</code></a>
Downgrade to ubuntu-22.04 to avoid gcc segfault</li>
<li><a
href="9f28dc0d54"><code>9f28dc0</code></a>
Allow certain branches to trigger a full CI build</li>
<li><a
href="901fd3b3bd"><code>901fd3b</code></a>
Add custom event name interning to yajl2_c</li>
<li>Additional commits viewable in <a
href="https://github.com/ICRAR/ijson/compare/v3.3.0...v3.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ijson&package-manager=pip&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 13:18:49 +00:00
dependabot[bot]
d57a2f7372 Bump msgpack from 1.1.0 to 1.1.1 (#18651) 
Bumps [msgpack](https://github.com/msgpack/msgpack-python) from 1.1.0 to
1.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/msgpack/msgpack-python/releases">msgpack's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Python 3.13 trove classifier by <a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>
in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li>
<li>update Cython to 3.1.1 by <a
href="https://github.com/methane"><code>@​methane</code></a> in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/637">msgpack/msgpack-python#637</a></li>
<li>update cibuildwheel to v2.23.3 by <a
href="https://github.com/methane"><code>@​methane</code></a> in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/638">msgpack/msgpack-python#638</a></li>
<li>upload to PyPI on create a release by <a
href="https://github.com/methane"><code>@​methane</code></a> in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/639">msgpack/msgpack-python#639</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>
made their first contribution in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1">https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1</a></p>
<h2>v1.1.1rc1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Python 3.13 trove classifier by <a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>
in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li>
<li>update Cython to 3.1.1 by <a
href="https://github.com/methane"><code>@​methane</code></a> in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/637">msgpack/msgpack-python#637</a></li>
<li>update cibuildwheel to v2.23.3 by <a
href="https://github.com/methane"><code>@​methane</code></a> in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/638">msgpack/msgpack-python#638</a></li>
<li>upload to PyPI on create a release by <a
href="https://github.com/methane"><code>@​methane</code></a> in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/639">msgpack/msgpack-python#639</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a>
made their first contribution in <a
href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1rc1">https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1rc1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/msgpack/msgpack-python/blob/main/ChangeLog.rst">msgpack's
changelog</a>.</em></p>
<blockquote>
<h1>1.1.1</h1>
<p>Release Date: 2025-06-13</p>
<ul>
<li>No change from 1.1.1rc1.</li>
</ul>
<h1>1.1.1rc1</h1>
<p>Release Date: 2025-06-06</p>
<ul>
<li>Update Cython to 3.1.1 and cibuildwheel to 2.23.3.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="42f056f3cf"><code>42f056f</code></a>
v1.1.1</li>
<li><a
href="e6445d3b92"><code>e6445d3</code></a>
v1.1.1rc1</li>
<li><a
href="fe9e620a60"><code>fe9e620</code></a>
upload to PyPI on create a release (<a
href="https://redirect.github.com/msgpack/msgpack-python/issues/639">#639</a>)</li>
<li><a
href="cdc7644503"><code>cdc7644</code></a>
update cibuildwheel to v2.23.3 (<a
href="https://redirect.github.com/msgpack/msgpack-python/issues/638">#638</a>)</li>
<li><a
href="868aa2cd83"><code>868aa2c</code></a>
update Cython to 3.1.1 (<a
href="https://redirect.github.com/msgpack/msgpack-python/issues/637">#637</a>)</li>
<li><a
href="0eeabfb453"><code>0eeabfb</code></a>
Add Python 3.13 trove classifier (<a
href="https://redirect.github.com/msgpack/msgpack-python/issues/626">#626</a>)</li>
<li>See full diff in <a
href="https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=msgpack&package-manager=pip&previous-version=1.1.0&new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 15:02:27 +02:00
dependabot[bot]
b7d54b7f3c Bump types-setuptools from 75.2.0.20241019 to 80.9.0.20250529 (#18644) 
Bumps
[types-setuptools](https://github.com/typeshed-internal/stub_uploader)
from 75.2.0.20241019 to 80.9.0.20250529.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-setuptools&package-manager=pip&previous-version=75.2.0.20241019&new-version=80.9.0.20250529)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 12:15:22 +00:00
dependabot[bot]
6c4f8521d4 Bump ruff from 0.11.11 to 0.12.1 (#18645) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.11.11 to 0.12.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.12.1</h2>
<h2>Release Notes</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>flake8-errmsg</code>] Extend <code>EM101</code> to support
byte strings (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18867">#18867</a>)</li>
<li>[<code>flake8-use-pathlib</code>] Add autofix for
<code>PTH202</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18763">#18763</a>)</li>
<li>[<code>pygrep-hooks</code>] Add <code>AsyncMock</code> methods to
<code>invalid-mock-access</code> (<code>PGH005</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18547">#18547</a>)</li>
<li>[<code>pylint</code>] Ignore <code>__init__.py</code> files in
(<code>PLC0414</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18400">#18400</a>)</li>
<li>[<code>ruff</code>] Trigger <code>RUF037</code> for empty string and
byte strings (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18862">#18862</a>)</li>
<li>[formatter] Fix missing blank lines before decorated classes in
<code>.pyi</code> files (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18888">#18888</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Avoid generating diagnostics with per-file ignores (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18801">#18801</a>)</li>
<li>Handle parenthesized arguments in <code>remove_argument</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18805">#18805</a>)</li>
<li>[<code>flake8-logging</code>] Avoid false positive for
<code>exc_info=True</code> outside <code>logger.exception</code>
(<code>LOG014</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18737">#18737</a>)</li>
<li>[<code>flake8-pytest-style</code>] Enforce <code>pytest</code>
import for decorators (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18779">#18779</a>)</li>
<li>[<code>flake8-pytest-style</code>] Mark autofix for
<code>PT001</code> and <code>PT023</code> as unsafe if there's comments
in the decorator (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18792">#18792</a>)</li>
<li>[<code>flake8-pytest-style</code>]
<code>PT001</code>/<code>PT023</code> fix makes syntax error on
parenthesized decorator (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18782">#18782</a>)</li>
<li>[<code>flake8-raise</code>] Make fix unsafe if it deletes comments
(<code>RSE102</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18788">#18788</a>)</li>
<li>[<code>flake8-simplify</code>] Fix <code>SIM911</code> autofix
creating a syntax error (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18793">#18793</a>)</li>
<li>[<code>flake8-simplify</code>] Fix false negatives for shadowed
bindings (<code>SIM910</code>, <code>SIM911</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18794">#18794</a>)</li>
<li>[<code>flake8-simplify</code>] Preserve original behavior for
<code>except ()</code> and bare <code>except</code>
(<code>SIM105</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18213">#18213</a>)</li>
<li>[<code>flake8-pyi</code>] Fix <code>PYI041</code>'s fix causing
<code>TypeError</code> with <code>None | None | ...</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18637">#18637</a>)</li>
<li>[<code>perflint</code>] Fix <code>PERF101</code> autofix creating a
syntax error and mark autofix as unsafe if there are comments in the
<code>list</code> call expr (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18803">#18803</a>)</li>
<li>[<code>perflint</code>] Fix false negative in <code>PERF401</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18866">#18866</a>)</li>
<li>[<code>pylint</code>] Avoid flattening nested
<code>min</code>/<code>max</code> when outer call has single argument
(<code>PLW3301</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/16885">#16885</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLC2801</code> autofix creating a
syntax error (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18857">#18857</a>)</li>
<li>[<code>pylint</code>] Mark <code>PLE0241</code> autofix as unsafe if
there's comments in the base classes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18832">#18832</a>)</li>
<li>[<code>pylint</code>] Suppress
<code>PLE2510</code>/<code>PLE2512</code>/<code>PLE2513</code>/<code>PLE2514</code>/<code>PLE2515</code>
autofix if the text contains an odd number of backslashes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18856">#18856</a>)</li>
<li>[<code>refurb</code>] Detect more exotic float literals in
<code>FURB164</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18925">#18925</a>)</li>
<li>[<code>refurb</code>] Fix <code>FURB163</code> autofix creating a
syntax error for <code>yield</code> expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18756">#18756</a>)</li>
<li>[<code>refurb</code>] Mark <code>FURB129</code> autofix as unsafe if
there's comments in the <code>readlines</code> call (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18858">#18858</a>)</li>
<li>[<code>ruff</code>] Fix false positives and negatives in
<code>RUF010</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18690">#18690</a>)</li>
<li>Fix casing of <code>analyze.direction</code> variant names (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18892">#18892</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>Fix f-string interpolation escaping in generated fixes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18882">#18882</a>)</li>
<li>[<code>flake8-return</code>] Mark <code>RET501</code> fix unsafe if
comments are inside (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18780">#18780</a>)</li>
<li>[<code>flake8-async</code>] Fix detection for large integer sleep
durations in <code>ASYNC116</code> rule (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18767">#18767</a>)</li>
<li>[<code>flake8-async</code>] Mark autofix for <code>ASYNC115</code>
as unsafe if the call expression contains comments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18753">#18753</a>)</li>
<li>[<code>flake8-bugbear</code>] Mark autofix for <code>B004</code> as
unsafe if the <code>hasattr</code> call expr contains comments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18755">#18755</a>)</li>
<li>[<code>flake8-comprehension</code>] Mark autofix for
<code>C420</code> as unsafe if there's comments inside the dict
comprehension (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18768">#18768</a>)</li>
<li>[<code>flake8-comprehensions</code>] Handle template strings for
comprehension fixes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18710">#18710</a>)</li>
<li>[<code>flake8-future-annotations</code>] Add autofix
(<code>FA100</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18903">#18903</a>)</li>
<li>[<code>pyflakes</code>] Mark
<code>F504</code>/<code>F522</code>/<code>F523</code> autofix as unsafe
if there's a call with side effect (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18839">#18839</a>)</li>
<li>[<code>pylint</code>] Allow fix with comments and document
performance implications (<code>PLW3301</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18936">#18936</a>)</li>
<li>[<code>pylint</code>] Detect more exotic <code>NaN</code> literals
in <code>PLW0177</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18630">#18630</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.12.1</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>flake8-errmsg</code>] Extend <code>EM101</code> to support
byte strings (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18867">#18867</a>)</li>
<li>[<code>flake8-use-pathlib</code>] Add autofix for
<code>PTH202</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18763">#18763</a>)</li>
<li>[<code>pygrep-hooks</code>] Add <code>AsyncMock</code> methods to
<code>invalid-mock-access</code> (<code>PGH005</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18547">#18547</a>)</li>
<li>[<code>pylint</code>] Ignore <code>__init__.py</code> files in
(<code>PLC0414</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18400">#18400</a>)</li>
<li>[<code>ruff</code>] Trigger <code>RUF037</code> for empty string and
byte strings (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18862">#18862</a>)</li>
<li>[formatter] Fix missing blank lines before decorated classes in
<code>.pyi</code> files (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18888">#18888</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Avoid generating diagnostics with per-file ignores (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18801">#18801</a>)</li>
<li>Handle parenthesized arguments in <code>remove_argument</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18805">#18805</a>)</li>
<li>[<code>flake8-logging</code>] Avoid false positive for
<code>exc_info=True</code> outside <code>logger.exception</code>
(<code>LOG014</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18737">#18737</a>)</li>
<li>[<code>flake8-pytest-style</code>] Enforce <code>pytest</code>
import for decorators (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18779">#18779</a>)</li>
<li>[<code>flake8-pytest-style</code>] Mark autofix for
<code>PT001</code> and <code>PT023</code> as unsafe if there's comments
in the decorator (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18792">#18792</a>)</li>
<li>[<code>flake8-pytest-style</code>]
<code>PT001</code>/<code>PT023</code> fix makes syntax error on
parenthesized decorator (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18782">#18782</a>)</li>
<li>[<code>flake8-raise</code>] Make fix unsafe if it deletes comments
(<code>RSE102</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18788">#18788</a>)</li>
<li>[<code>flake8-simplify</code>] Fix <code>SIM911</code> autofix
creating a syntax error (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18793">#18793</a>)</li>
<li>[<code>flake8-simplify</code>] Fix false negatives for shadowed
bindings (<code>SIM910</code>, <code>SIM911</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18794">#18794</a>)</li>
<li>[<code>flake8-simplify</code>] Preserve original behavior for
<code>except ()</code> and bare <code>except</code>
(<code>SIM105</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18213">#18213</a>)</li>
<li>[<code>flake8-pyi</code>] Fix <code>PYI041</code>'s fix causing
<code>TypeError</code> with <code>None | None | ...</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18637">#18637</a>)</li>
<li>[<code>perflint</code>] Fix <code>PERF101</code> autofix creating a
syntax error and mark autofix as unsafe if there are comments in the
<code>list</code> call expr (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18803">#18803</a>)</li>
<li>[<code>perflint</code>] Fix false negative in <code>PERF401</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18866">#18866</a>)</li>
<li>[<code>pylint</code>] Avoid flattening nested
<code>min</code>/<code>max</code> when outer call has single argument
(<code>PLW3301</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/16885">#16885</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLC2801</code> autofix creating a
syntax error (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18857">#18857</a>)</li>
<li>[<code>pylint</code>] Mark <code>PLE0241</code> autofix as unsafe if
there's comments in the base classes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18832">#18832</a>)</li>
<li>[<code>pylint</code>] Suppress
<code>PLE2510</code>/<code>PLE2512</code>/<code>PLE2513</code>/<code>PLE2514</code>/<code>PLE2515</code>
autofix if the text contains an odd number of backslashes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18856">#18856</a>)</li>
<li>[<code>refurb</code>] Detect more exotic float literals in
<code>FURB164</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18925">#18925</a>)</li>
<li>[<code>refurb</code>] Fix <code>FURB163</code> autofix creating a
syntax error for <code>yield</code> expressions (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18756">#18756</a>)</li>
<li>[<code>refurb</code>] Mark <code>FURB129</code> autofix as unsafe if
there's comments in the <code>readlines</code> call (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18858">#18858</a>)</li>
<li>[<code>ruff</code>] Fix false positives and negatives in
<code>RUF010</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18690">#18690</a>)</li>
<li>Fix casing of <code>analyze.direction</code> variant names (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18892">#18892</a>)</li>
</ul>
<h3>Rule changes</h3>
<ul>
<li>Fix f-string interpolation escaping in generated fixes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18882">#18882</a>)</li>
<li>[<code>flake8-return</code>] Mark <code>RET501</code> fix unsafe if
comments are inside (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18780">#18780</a>)</li>
<li>[<code>flake8-async</code>] Fix detection for large integer sleep
durations in <code>ASYNC116</code> rule (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18767">#18767</a>)</li>
<li>[<code>flake8-async</code>] Mark autofix for <code>ASYNC115</code>
as unsafe if the call expression contains comments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18753">#18753</a>)</li>
<li>[<code>flake8-bugbear</code>] Mark autofix for <code>B004</code> as
unsafe if the <code>hasattr</code> call expr contains comments (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18755">#18755</a>)</li>
<li>[<code>flake8-comprehension</code>] Mark autofix for
<code>C420</code> as unsafe if there's comments inside the dict
comprehension (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18768">#18768</a>)</li>
<li>[<code>flake8-comprehensions</code>] Handle template strings for
comprehension fixes (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18710">#18710</a>)</li>
<li>[<code>flake8-future-annotations</code>] Add autofix
(<code>FA100</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18903">#18903</a>)</li>
<li>[<code>pyflakes</code>] Mark
<code>F504</code>/<code>F522</code>/<code>F523</code> autofix as unsafe
if there's a call with side effect (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18839">#18839</a>)</li>
<li>[<code>pylint</code>] Allow fix with comments and document
performance implications (<code>PLW3301</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18936">#18936</a>)</li>
<li>[<code>pylint</code>] Detect more exotic <code>NaN</code> literals
in <code>PLW0177</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18630">#18630</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLC1802</code> autofix creating a
syntax error and mark autofix as unsafe if there's comments in the
<code>len</code> call (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18836">#18836</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="32c54189cb"><code>32c5418</code></a>
Bump 0.12.1 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18969">#18969</a>)</li>
<li><a
href="b85c219283"><code>b85c219</code></a>
[<code>FastAPI</code>] Add fix safety section to <code>FAST002</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/issues/18940">#18940</a>)</li>
<li><a
href="b1d1cf1d38"><code>b1d1cf1</code></a>
[ty] Add regression test for leading tab mis-alignment in diagnostic
renderin...</li>
<li><a
href="1dcdf7f41d"><code>1dcdf7f</code></a>
[ty] Resolve python environment in
<code>Options::to_program_settings</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18960">#18960</a>)</li>
<li><a
href="d00697621e"><code>d006976</code></a>
[<code>ruff</code>] Fix false positives and negatives in
<code>RUF010</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18690">#18690</a>)</li>
<li><a
href="76619b96e5"><code>76619b9</code></a>
[ty] Fix rendering of long lines that are indented with tabs</li>
<li><a
href="6e25cfba2b"><code>6e25cfb</code></a>
[ty] Add regression test for diagnostic rendering panic</li>
<li><a
href="76387295a5"><code>7638729</code></a>
[ty] Move venv and conda env discovery to
<code>SearchPath::from_settings</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18938">#18938</a>)</li>
<li><a
href="d04e63a6d9"><code>d04e63a</code></a>
[ty] Add regression-benchmark for attribute-assignment hang (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18957">#18957</a>)</li>
<li><a
href="86fd9b634e"><code>86fd9b6</code></a>
[ty] Format conflicting types as an enumeration (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18956">#18956</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.11.11...0.12.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.11.11&new-version=0.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 11:58:44 +00:00
Andrew Morgan
be4c95baf1 Replace PyICU with Rust icu_segmenter crate (#18553) 
Co-authored-by: anoa's Codex Agent <codex@amorgan.xyz>
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-07-03 11:12:12 +01:00
dependabot[bot]
832690e746 Bump types-pyyaml from 6.0.12.20241230 to 6.0.12.20250516 (#18643) 
Bumps [types-pyyaml](https://github.com/typeshed-internal/stub_uploader)
from 6.0.12.20241230 to 6.0.12.20250516.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-pyyaml&package-manager=pip&previous-version=6.0.12.20241230&new-version=6.0.12.20250516)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 10:02:24 +00:00
dependabot[bot]
8075c963d8 Bump mypy-zope from 1.0.11 to 1.0.12 (#18640) 
Bumps [mypy-zope](https://github.com/Shoobx/mypy-zope) from 1.0.11 to
1.0.12.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/Shoobx/mypy-zope/blob/master/CHANGELOG.md">mypy-zope's
changelog</a>.</em></p>
<blockquote>
<h2>1.0.12 (2025-06-03)</h2>
<hr />
<ul>
<li>Support mypy-1.16</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fb4d6b3a5d"><code>fb4d6b3</code></a>
Preparing release 1.0.12</li>
<li><a
href="782aa68f7c"><code>782aa68</code></a>
Maintain changelog</li>
<li><a
href="dadddcf77c"><code>dadddcf</code></a>
Merge pull request <a
href="https://redirect.github.com/Shoobx/mypy-zope/issues/129">#129</a>
from Shoobx/dependabot/pip/mypy-gte-1.0.0-and-lt-1.17.0</li>
<li><a
href="1c2e2299cf"><code>1c2e229</code></a>
Update mypy requirement from &lt;1.16.0,&gt;=1.0.0 to
&gt;=1.0.0,&lt;1.17.0</li>
<li><a
href="77eb8fc78f"><code>77eb8fc</code></a>
Back to development: 1.0.12</li>
<li>See full diff in <a
href="https://github.com/Shoobx/mypy-zope/compare/1.0.11...1.0.12">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mypy-zope&package-manager=pip&previous-version=1.0.11&new-version=1.0.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 09:12:06 +00:00
dependabot[bot]
5898271365 Bump pydantic from 2.11.4 to 2.11.7 (#18639) 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.11.4 to
2.11.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.7 2025-06-14</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<h3>Fixes</h3>
<ul>
<li>Copy <code>FieldInfo</code> instance if necessary during
<code>FieldInfo</code> build by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11980">pydantic/pydantic#11980</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7">https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7</a></p>
<h2>v2.11.6 2025-06-13</h2>
<h2>v2.11.6 (2025-06-13)</h2>
<h3>What's Changed</h3>
<h4>Fixes</h4>
<ul>
<li>Rebuild dataclass fields before schema generation by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11949">#11949</a></li>
<li>Always store the original field assignment on <code>FieldInfo</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11946">#11946</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6">https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6</a></p>
<h2>v2.11.5 2025-05-22</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<h3>Fixes</h3>
<ul>
<li>Check if <code>FieldInfo</code> is complete after applying type
variable map by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11855">#11855</a></li>
<li>Do not delete mock validator/serializer in
<code>model_rebuild()</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11890">#11890</a></li>
<li>Do not duplicate metadata on model rebuild by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11902">#11902</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5">https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.11.7 (2025-06-14)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.11.7">GitHub
release</a></p>
<h3>What's Changed</h3>
<h4>Fixes</h4>
<ul>
<li>Copy <code>FieldInfo</code> instance if necessary during
<code>FieldInfo</code> build by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11898">#11898</a></li>
</ul>
<h2>v2.11.6 (2025-06-13)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.11.6">GitHub
release</a></p>
<h3>What's Changed</h3>
<h4>Fixes</h4>
<ul>
<li>Rebuild dataclass fields before schema generation by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11949">#11949</a></li>
<li>Always store the original field assignment on <code>FieldInfo</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11946">#11946</a></li>
</ul>
<h2>v2.11.5 (2025-05-22)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.11.5">GitHub
release</a></p>
<h3>What's Changed</h3>
<h4>Fixes</h4>
<ul>
<li>Check if <code>FieldInfo</code> is complete after applying type
variable map by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11855">#11855</a></li>
<li>Do not delete mock validator/serializer in
<code>model_rebuild()</code> by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11890">#11890</a></li>
<li>Do not duplicate metadata on model rebuild by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/11902">#11902</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5f033e46c5"><code>5f033e4</code></a>
Prepare release v2.11.7</li>
<li><a
href="c3368b83c4"><code>c3368b8</code></a>
Copy <code>FieldInfo</code> instance if necessary during
<code>FieldInfo</code> build (<a
href="https://redirect.github.com/pydantic/pydantic/issues/11980">#11980</a>)</li>
<li><a
href="3987b23db4"><code>3987b23</code></a>
Prepare release v2.11.6</li>
<li><a
href="dc7a9d20be"><code>dc7a9d2</code></a>
Always store the original field assignment on
<code>FieldInfo</code></li>
<li><a
href="c284c279a5"><code>c284c27</code></a>
Rebuild dataclass fields before schema generation</li>
<li><a
href="5e6d1dc71f"><code>5e6d1dc</code></a>
Prepare release v2.11.5</li>
<li><a
href="1b63218c42"><code>1b63218</code></a>
Do not duplicate metadata on model rebuild (<a
href="https://redirect.github.com/pydantic/pydantic/issues/11902">#11902</a>)</li>
<li><a
href="5aefad873b"><code>5aefad8</code></a>
Do not delete mock validator/serializer in
<code>model_rebuild()</code></li>
<li><a
href="8fbe6585f4"><code>8fbe658</code></a>
Check if <code>FieldInfo</code> is complete after applying type variable
map</li>
<li><a
href="12b371a0f7"><code>12b371a</code></a>
Update documentation about <code>@dataclass_transform</code>
support</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.11.4&new-version=2.11.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 10:46:03 +02:00
dependabot[bot]
ac268051f2 Bump hiredis from 3.1.0 to 3.2.1 (#18638) 
Bumps [hiredis](https://github.com/redis/hiredis-py) from 3.1.0 to
3.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/redis/hiredis-py/releases">hiredis's
releases</a>.</em></p>
<blockquote>
<h2>3.2.1</h2>
<h1>Changes</h1>
<ul>
<li>Fix assertion in reader.c (<a
href="https://redirect.github.com/redis/hiredis-py/issues/212">#212</a>)</li>
</ul>
<h2>Contributors</h2>
<p>We'd like to thank all the contributors who worked on this
release!</p>
<p><a href="https://github.com/uglide"><code>@​uglide</code></a></p>
<h2>3.2.0</h2>
<h1>Changes</h1>
<ul>
<li>Introduce new type for RESP3 PUSH notifications (<a
href="https://redirect.github.com/redis/hiredis-py/issues/208">#208</a>)</li>
<li>Run integration workflow on version branches (<a
href="https://redirect.github.com/redis/hiredis-py/issues/210">#210</a>)</li>
<li>Update hiredis to 1.3.0 (<a
href="https://redirect.github.com/redis/hiredis-py/issues/203">#203</a>)</li>
</ul>
<h2>Contributors</h2>
<p>We'd like to thank all the contributors who worked on this
release!</p>
<p><a href="https://github.com/uglide"><code>@​uglide</code></a></p>
<h2>3.1.1</h2>
<h2>Summary</h2>
<p>This is a maintenance release that addresses issues in RESP3
parsing.</p>
<h2>Changes</h2>
<ul>
<li>Fix memory leaks and segfaults in RESP3 map parsing (<a
href="https://redirect.github.com/redis/hiredis-py/issues/204">#204</a>,
<a
href="https://redirect.github.com/redis/hiredis-py/issues/205">#205</a>,
<a
href="https://redirect.github.com/redis/hiredis-py/issues/206">#206</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c6febde980"><code>c6febde</code></a>
Version 3.2.1</li>
<li><a
href="bbfc3a6133"><code>bbfc3a6</code></a>
Fix assertion in reader.c (<a
href="https://redirect.github.com/redis/hiredis-py/issues/212">#212</a>)</li>
<li><a
href="f715de2e7c"><code>f715de2</code></a>
Version 3.2.0</li>
<li><a
href="d5548270b6"><code>d554827</code></a>
Introduce new type for RESP3 PUSH notifications (<a
href="https://redirect.github.com/redis/hiredis-py/issues/208">#208</a>)</li>
<li><a
href="58fe9603cd"><code>58fe960</code></a>
Run integration workflow on version branches (<a
href="https://redirect.github.com/redis/hiredis-py/issues/210">#210</a>)</li>
<li><a
href="8608965483"><code>8608965</code></a>
Update hiredis to 1.3.0 (<a
href="https://redirect.github.com/redis/hiredis-py/issues/203">#203</a>)</li>
<li><a
href="ac31d58c5f"><code>ac31d58</code></a>
Bump version to 3.2.0-dev (<a
href="https://redirect.github.com/redis/hiredis-py/issues/207">#207</a>)</li>
<li><a
href="7e77f22963"><code>7e77f22</code></a>
Fix memory leak in RESP3 map parsing (<a
href="https://redirect.github.com/redis/hiredis-py/issues/204">#204</a>)</li>
<li><a
href="5b34a0e2aa"><code>5b34a0e</code></a>
Use GitHub Releases to track changelogs (<a
href="https://redirect.github.com/redis/hiredis-py/issues/202">#202</a>)</li>
<li>See full diff in <a
href="https://github.com/redis/hiredis-py/compare/v3.1.0...v3.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hiredis&package-manager=pip&previous-version=3.1.0&new-version=3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 08:38:40 +00:00
dependabot[bot]
fb9d737250 Bump types-bleach from 6.2.0.20241123 to 6.2.0.20250514 (#18634) 
Bumps [types-bleach](https://github.com/typeshed-internal/stub_uploader)
from 6.2.0.20241123 to 6.2.0.20250514.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-bleach&package-manager=pip&previous-version=6.2.0.20241123&new-version=6.2.0.20250514)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 08:17:26 +00:00
dependabot[bot]
9d9e14034a Bump jsonschema from 4.23.0 to 4.24.0 (#18630) 
Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from
4.23.0 to 4.24.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python-jsonschema/jsonschema/releases">jsonschema's
releases</a>.</em></p>
<blockquote>
<h2>v4.24.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>Fix calculation of evaluated properties by <a
href="https://github.com/V02460"><code>@​V02460</code></a> in <a
href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1351">python-jsonschema/jsonschema#1351</a></li>
<li>Support for Python 3.8 has been dropped, as it is end-of-life.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bkueng"><code>@​bkueng</code></a> made
their first contribution in <a
href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1326">python-jsonschema/jsonschema#1326</a></li>
<li><a href="https://github.com/V02460"><code>@​V02460</code></a> made
their first contribution in <a
href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1351">python-jsonschema/jsonschema#1351</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/python-jsonschema/jsonschema/compare/v4.23.0...v4.24.0">https://github.com/python-jsonschema/jsonschema/compare/v4.23.0...v4.24.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst">jsonschema's
changelog</a>.</em></p>
<blockquote>
<h1>v4.24.0</h1>
<ul>
<li>Fix improper handling of <code>unevaluatedProperties</code> in the
presence of <code>additionalProperties</code> (<a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1351">#1351</a>).</li>
<li>Support for Python 3.8 has been dropped, as it is end-of-life.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3e23ee5e69"><code>3e23ee5</code></a>
Add the bugfix to the changelog.</li>
<li><a
href="8917e85c65"><code>8917e85</code></a>
Stop running CIFuzz.</li>
<li><a
href="737e5ed536"><code>737e5ed</code></a>
Rely on ruff in pre-commit.</li>
<li><a
href="57e5e034cb"><code>57e5e03</code></a>
Test via PyPy 3.11.</li>
<li><a
href="d6c2ad7bbb"><code>d6c2ad7</code></a>
Add the zizmor setup here as well.</li>
<li><a
href="af9a857876"><code>af9a857</code></a>
Drop a dead pyproject section.</li>
<li><a
href="c64ef84609"><code>c64ef84</code></a>
This is less true than it once was...</li>
<li><a
href="9ff926f458"><code>9ff926f</code></a>
Merge branch 'additional-evaluated'</li>
<li><a
href="8290667beb"><code>8290667</code></a>
We still need to ditch pip-licenses...</li>
<li><a
href="6d973b5430"><code>6d973b5</code></a>
Update pre-commit hooks.</li>
<li>Additional commits viewable in <a
href="https://github.com/python-jsonschema/jsonschema/compare/v4.23.0...v4.24.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsonschema&package-manager=pip&previous-version=4.23.0&new-version=4.24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 07:40:30 +00:00
dependabot[bot]
dc974fdf83 Bump sentry-sdk from 2.22.0 to 2.32.0 (#18633) 
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
2.22.0 to 2.32.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>2.32.0</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>feat(sessions): Add top-level start- and end session methods (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4474">#4474</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>feat(openai-agents): Set tool span to failed if an error is raised
in the tool (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4527">#4527</a>)
by <a
href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li>
<li>fix(integrations/ray): Correctly pass keyword arguments to
ray.remote function (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4430">#4430</a>)
by <a
href="https://github.com/svartalf"><code>@​svartalf</code></a></li>
<li>fix(langchain): Make <code>span_map</code> an instance variable (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4476">#4476</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>fix(langchain): Ensure no duplicate
<code>SentryLangchainCallback</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4485">#4485</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>fix(Litestar): Apply <code>failed_request_status_codes</code> to
exceptions raised in middleware (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4074">#4074</a>)
by <a href="https://github.com/vrslev"><code>@​vrslev</code></a></li>
</ul>
<h2>2.31.0</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>
<p><strong>New Integration (BETA):</strong> Add support for
<code>openai-agents</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4437">#4437</a>)
by <a
href="https://github.com/antonpirker"><code>@​antonpirker</code></a></p>
<p>We can now instrument AI agents that are created with the <a
href="https://openai.github.io/openai-agents-python/">OpenAI Agents
SDK</a> out of the box.</p>
</li>
</ul>
<pre lang="python"><code>import sentry_sdk
from sentry_sdk.integrations.openai_agents import
OpenAIAgentsIntegration
<h1>Add the OpenAIAgentsIntegration to your sentry_sdk.init call:</h1>
<p>sentry_sdk.init(<br />
dsn=&quot;...&quot;,<br />
integrations=[<br />
OpenAIAgentsIntegration(),<br />
]<br />
)<br />
</code></pre></p>
<p>For more information see the <a
href="https://docs.sentry.io/platforms/python/integrations/openai-agents/">OpenAI
Agents integrations documentation</a>.</p>
<ul>
<li>Logs: Add support for <code>dict</code> arguments (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4478">#4478</a>)
by <a
href="https://github.com/AbhiPrasad"><code>@​AbhiPrasad</code></a></li>
<li>Add Cursor generated rules (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4493">#4493</a>)
by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a></li>
<li>Greatly simplify Langchain integrations <code>_wrap_configure</code>
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4479">#4479</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>Fix(ci): Remove tracerite pin (almost) (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4504">#4504</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix(profiling): Ensure profiler thread exits when needed (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4497">#4497</a>)
by <a
href="https://github.com/Zylphrex"><code>@​Zylphrex</code></a></li>
<li>Fix(ci): Do not install newest <code>tracerite</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4494">#4494</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix(scope): Handle token reset <code>LookupError</code>s gracefully
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4481">#4481</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Tests: Tox update (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4509">#4509</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Tests: Upper bound on fakeredis on old Python versions (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4482">#4482</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Tests: Regenerate tox (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4457">#4457</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
</ul>
<h2>2.30.0</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>
<p><strong>New beta feature:</strong> Sentry logs for Loguru (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4445">#4445</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></p>
<p>We can now capture Loguru logs and send them to Sentry.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>2.32.0</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>feat(sessions): Add top-level start- and end session methods (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4474">#4474</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>feat(openai-agents): Set tool span to failed if an error is raised
in the tool (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4527">#4527</a>)
by <a
href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li>
<li>fix(integrations/ray): Correctly pass keyword arguments to
ray.remote function (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4430">#4430</a>)
by <a
href="https://github.com/svartalf"><code>@​svartalf</code></a></li>
<li>fix(langchain): Make <code>span_map</code> an instance variable (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4476">#4476</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>fix(langchain): Ensure no duplicate
<code>SentryLangchainCallback</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4485">#4485</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>fix(Litestar): Apply <code>failed_request_status_codes</code> to
exceptions raised in middleware (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4074">#4074</a>)
by <a href="https://github.com/vrslev"><code>@​vrslev</code></a></li>
</ul>
<h2>2.31.0</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>
<p><strong>New Integration (BETA):</strong> Add support for
<code>openai-agents</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4437">#4437</a>)
by <a
href="https://github.com/antonpirker"><code>@​antonpirker</code></a></p>
<p>We can now instrument AI agents that are created with the <a
href="https://openai.github.io/openai-agents-python/">OpenAI Agents
SDK</a> out of the box.</p>
</li>
</ul>
<pre lang="python"><code>import sentry_sdk
from sentry_sdk.integrations.openai_agents import
OpenAIAgentsIntegration
<h1>Add the OpenAIAgentsIntegration to your sentry_sdk.init call:</h1>
<p>sentry_sdk.init(<br />
dsn=&quot;...&quot;,<br />
integrations=[<br />
OpenAIAgentsIntegration(),<br />
]<br />
)<br />
</code></pre></p>
<p>For more information see the <a
href="https://docs.sentry.io/platforms/python/integrations/openai-agents/">OpenAI
Agents integrations documentation</a>.</p>
<ul>
<li>Logs: Add support for <code>dict</code> arguments (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4478">#4478</a>)
by <a
href="https://github.com/AbhiPrasad"><code>@​AbhiPrasad</code></a></li>
<li>Add Cursor generated rules (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4493">#4493</a>)
by <a
href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a></li>
<li>Greatly simplify Langchain integrations <code>_wrap_configure</code>
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4479">#4479</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>Fix(ci): Remove tracerite pin (almost) (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4504">#4504</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix(profiling): Ensure profiler thread exits when needed (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4497">#4497</a>)
by <a
href="https://github.com/Zylphrex"><code>@​Zylphrex</code></a></li>
<li>Fix(ci): Do not install newest <code>tracerite</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4494">#4494</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix(scope): Handle token reset <code>LookupError</code>s gracefully
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4481">#4481</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Tests: Tox update (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4509">#4509</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Tests: Upper bound on fakeredis on old Python versions (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4482">#4482</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Tests: Regenerate tox (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4457">#4457</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
</ul>
<h2>2.30.0</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li><strong>New beta feature:</strong> Sentry logs for Loguru (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4445">#4445</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b022dc731"><code>4b022dc</code></a>
Merge branch 'master' into release/2.32.0</li>
<li><a
href="2634a523b3"><code>2634a52</code></a>
Pin zope.event (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4531">#4531</a>)</li>
<li><a
href="c815a3245d"><code>c815a32</code></a>
updated changelog</li>
<li><a
href="bca8816ac1"><code>bca8816</code></a>
release: 2.32.0</li>
<li><a
href="546ce1f710"><code>546ce1f</code></a>
Set tool span to failed if an error is raised in the tool (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4527">#4527</a>)</li>
<li><a
href="ab2e3f08b6"><code>ab2e3f0</code></a>
fix(integrations/ray): Correctly pass keyword arguments to ray.remote
functio...</li>
<li><a
href="7804260fbf"><code>7804260</code></a>
fix(langchain): Make <code>span_map</code> an instance variable (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4476">#4476</a>)</li>
<li><a
href="0a2d8585f1"><code>0a2d858</code></a>
fix(langchain): Ensure no duplicate <code>SentryLangchainCallback</code>
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/4485">#4485</a>)</li>
<li><a
href="dae02180df"><code>dae0218</code></a>
fix(Litestar): Apply <code>failed_request_status_codes</code> to
exceptions raised in mi...</li>
<li><a
href="65d31af4ff"><code>65d31af</code></a>
Merge branch 'release/2.31.0'</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/2.22.0...2.32.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=pip&previous-version=2.22.0&new-version=2.32.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-03 07:35:31 +00:00
dependabot[bot]
c2108948a3 Bump treq from 24.9.1 to 25.5.0 (#18610) 
Bumps [treq](https://github.com/twisted/treq) from 24.9.1 to 25.5.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/twisted/treq/blob/trunk/CHANGELOG.rst">treq's
changelog</a>.</em></p>
<blockquote>
<h1>25.5.0 (2025-05-31)</h1>
<h2>Features</h2>
<ul>
<li>treq is packaged with Hatchling, and consequently no longer directly
depends on setuptools.
(<code>[#388](https://github.com/twisted/treq/issues/388)
&lt;https://github.com/twisted/treq/issues/388&gt;</code>__)</li>
</ul>
<h2>Improved Documentation</h2>
<ul>
<li>Update documentation to use <code>async</code>/<code>await</code>
syntax (<code>[#409](https://github.com/twisted/treq/issues/409)
&lt;https://github.com/twisted/treq/issues/409&gt;</code>__)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>Support for Python 3.8, which has reached end of support, is
deprecated. This is the last release with support for Python 3.8.
(<code>[#407](https://github.com/twisted/treq/issues/407)
&lt;https://github.com/twisted/treq/issues/407&gt;</code>__)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6869fa5d09"><code>6869fa5</code></a>
Merge pull request <a
href="https://redirect.github.com/twisted/treq/issues/410">#410</a> from
twisted/release-25.5.0</li>
<li><a
href="56266566cf"><code>5626656</code></a>
Test with Python 3.13 final</li>
<li><a
href="f10185e4da"><code>f10185e</code></a>
Generate the changelog</li>
<li><a
href="4b846664f1"><code>4b84666</code></a>
Version 25.5.0</li>
<li><a
href="72a4441f59"><code>72a4441</code></a>
Merge pull request <a
href="https://redirect.github.com/twisted/treq/issues/409">#409</a> from
twisted/rtd-shiny</li>
<li><a
href="0a814edd8a"><code>0a814ed</code></a>
Add changefragment</li>
<li><a
href="993cc47df5"><code>993cc47</code></a>
Fix changelog warnings</li>
<li><a
href="3992177456"><code>3992177</code></a>
Link to CookieJar</li>
<li><a
href="cff43d93b6"><code>cff43d9</code></a>
Update source_suffix conf</li>
<li><a
href="e39c8511b1"><code>e39c851</code></a>
async def print_response</li>
<li>Additional commits viewable in <a
href="https://github.com/twisted/treq/compare/treq-24.9.1...treq-25.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=treq&package-manager=pip&previous-version=24.9.1&new-version=25.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-02 16:51:43 +00:00
dependabot[bot]
cb4b5585a4 Bump prometheus-client from 0.21.0 to 0.22.1 (#18609) 
Bumps [prometheus-client](https://github.com/prometheus/client_python)
from 0.21.0 to 0.22.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_python/releases">prometheus-client's
releases</a>.</em></p>
<blockquote>
<h2>v0.22.1</h2>
<h2>What's Changed</h2>
<ul>
<li>BugFix: Skip validating and parsing comment lines early (<a
href="https://redirect.github.com/prometheus/client_python/issues/1108">#1108</a>)
by <a href="https://github.com/wissamir"><code>@​wissamir</code></a> in
<a
href="https://redirect.github.com/prometheus/client_python/pull/1109">prometheus/client_python#1109</a></li>
<li>Use License Expressions in pyproject.toml by <a
href="https://github.com/csmarchbanks"><code>@​csmarchbanks</code></a>
in <a
href="https://redirect.github.com/prometheus/client_python/pull/1111">prometheus/client_python#1111</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/client_python/compare/v0.22.0...v0.22.1">https://github.com/prometheus/client_python/compare/v0.22.0...v0.22.1</a></p>
<h2>v0.22.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add support for native histograms in OM parser by <a
href="https://github.com/vesari"><code>@​vesari</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1040">prometheus/client_python#1040</a></li>
<li>Add exemplar support to CounterMetricFamily [Fix <a
href="https://redirect.github.com/prometheus/client_python/issues/1062">#1062</a>]
by <a href="https://github.com/lod"><code>@​lod</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1063">prometheus/client_python#1063</a></li>
<li>Fix <code>write_to_textfile</code> leaves back temp files on errors
by <a href="https://github.com/ethanschen"><code>@​ethanschen</code></a>
in <a
href="https://redirect.github.com/prometheus/client_python/pull/1066">prometheus/client_python#1066</a></li>
<li>Support UTF-8 in metric creation, parsing, and exposition by <a
href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1070">prometheus/client_python#1070</a></li>
<li>Fix incorrect use of reentrant locks by <a
href="https://github.com/suligap"><code>@​suligap</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1076">prometheus/client_python#1076</a></li>
<li>Remove Python 3.8 support by <a
href="https://github.com/kajinamit"><code>@​kajinamit</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1075">prometheus/client_python#1075</a></li>
<li>Check if labelvalues is in _metrics before deletion in
MetricWrapperBase.remove() by <a
href="https://github.com/GlorifiedPig"><code>@​GlorifiedPig</code></a>
in <a
href="https://redirect.github.com/prometheus/client_python/pull/1077">prometheus/client_python#1077</a></li>
<li>Add support for Python 3.13 by <a
href="https://github.com/Pliner"><code>@​Pliner</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1080">prometheus/client_python#1080</a></li>
<li>Correct nh sample span structure and parsing by <a
href="https://github.com/vesari"><code>@​vesari</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1082">prometheus/client_python#1082</a></li>
<li>Migrate from setup.py to pyproject.toml by <a
href="https://github.com/csmarchbanks"><code>@​csmarchbanks</code></a>
in <a
href="https://redirect.github.com/prometheus/client_python/pull/1084">prometheus/client_python#1084</a></li>
<li>Changed pushgateway.md by <a
href="https://github.com/mallika-mur"><code>@​mallika-mur</code></a> in
<a
href="https://redirect.github.com/prometheus/client_python/pull/1083">prometheus/client_python#1083</a></li>
<li>Fix order-dependent flaky tests related to UTF-8 support by <a
href="https://github.com/dg98"><code>@​dg98</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1093">prometheus/client_python#1093</a></li>
<li>Update versions for docs Github actions by <a
href="https://github.com/csmarchbanks"><code>@​csmarchbanks</code></a>
in <a
href="https://redirect.github.com/prometheus/client_python/pull/1096">prometheus/client_python#1096</a></li>
<li>Documentation Updates by <a
href="https://github.com/ethanschen"><code>@​ethanschen</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1097">prometheus/client_python#1097</a></li>
<li>Add note on gauge.set_function not working with multiprocessing by
<a href="https://github.com/aapeliv"><code>@​aapeliv</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1098">prometheus/client_python#1098</a></li>
<li>Don't send an empty HTTP header for /favicon.ico by <a
href="https://github.com/noselasd"><code>@​noselasd</code></a> in <a
href="https://redirect.github.com/prometheus/client_python/pull/1101">prometheus/client_python#1101</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/prometheus/client_python/compare/v0.21.0...v0.22.0">https://github.com/prometheus/client_python/compare/v0.21.0...v0.22.0</a></p>
<h2>0.21.1 / 2024-12-03</h2>
<h2>What's Changed</h2>
<p>[BUGFIX] Revert incorrect use of reentrant locks. <a
href="https://redirect.github.com/prometheus/client_python/issues/1076">#1076</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d24220a6c4"><code>d24220a</code></a>
Release 0.22.1</li>
<li><a
href="f294cbbf1d"><code>f294cbb</code></a>
Use License Expressions in pyproject.toml (<a
href="https://redirect.github.com/prometheus/client_python/issues/1111">#1111</a>)</li>
<li><a
href="938b73e0bc"><code>938b73e</code></a>
BugFix: Skip validating and parsing comment lines early (<a
href="https://redirect.github.com/prometheus/client_python/issues/1108">#1108</a>)
(<a
href="https://redirect.github.com/prometheus/client_python/issues/1109">#1109</a>)</li>
<li><a
href="8dfa10e5ff"><code>8dfa10e</code></a>
Release 0.22.0</li>
<li><a
href="e3902ea45b"><code>e3902ea</code></a>
Don't send an empty HTTP header. (<a
href="https://redirect.github.com/prometheus/client_python/issues/1101">#1101</a>)</li>
<li><a
href="23ab8264ce"><code>23ab826</code></a>
Add note on gauge.set_function not working with mp, see <a
href="https://redirect.github.com/prometheus/client_python/issues/504">#504</a>
(<a
href="https://redirect.github.com/prometheus/client_python/issues/1098">#1098</a>)</li>
<li><a
href="c1ff3b28d3"><code>c1ff3b2</code></a>
Update docs (<a
href="https://redirect.github.com/prometheus/client_python/issues/1097">#1097</a>)</li>
<li><a
href="e3bfa1f101"><code>e3bfa1f</code></a>
Update versions for docs Github actions (<a
href="https://redirect.github.com/prometheus/client_python/issues/1096">#1096</a>)</li>
<li><a
href="de8bb4adf7"><code>de8bb4a</code></a>
Fix order-dependent flaky tests related to UTF-8 support (<a
href="https://redirect.github.com/prometheus/client_python/issues/1093">#1093</a>)</li>
<li><a
href="46eae7bae8"><code>46eae7b</code></a>
Changed pushgateway.md (<a
href="https://redirect.github.com/prometheus/client_python/issues/1083">#1083</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/client_python/compare/v0.21.0...v0.22.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=prometheus-client&package-manager=pip&previous-version=0.21.0&new-version=0.22.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-02 16:39:13 +00:00
dependabot[bot]
a3ec2d3b3f Bump pillow from 11.2.1 to 11.3.0 (#18624) 
Bumps [pillow](https://github.com/python-pillow/Pillow) from 11.2.1 to
11.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python-pillow/Pillow/releases">pillow's
releases</a>.</em></p>
<blockquote>
<h2>11.3.0</h2>
<p><a
href="https://pillow.readthedocs.io/en/stable/releasenotes/11.3.0.html">https://pillow.readthedocs.io/en/stable/releasenotes/11.3.0.html</a></p>
<h2>Deprecations</h2>
<ul>
<li>Deprecate fromarray mode argument <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9018">#9018</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Deprecate saving I mode images as PNG <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9023">#9023</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>Added release notes for <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9041">#9041</a>
<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9042">#9042</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Add release notes for <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8912">#8912</a>
and <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8969">#8969</a>
<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9019">#9019</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>ImageFont does not handle multiline text <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9000">#9000</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Updated Ubuntu CI targets <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8988">#8988</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update MinGW package names <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8987">#8987</a>
[<a href="https://github.com/H4M5TER"><code>@​H4M5TER</code></a>]</li>
<li>Updated docstring <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8943">#8943</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Mention that tobytes() with the raw encoder uses Pack.c <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8878">#8878</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Refactor docs <code>Makefile</code> <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8933">#8933</a>
[<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li>
<li>Add template for quarterly release issue <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8932">#8932</a>
[<a
href="https://github.com/aclark4life"><code>@​aclark4life</code></a>]</li>
<li>Add list of third party plugins <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8910">#8910</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update redirected URL <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8919">#8919</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Docs: use sentence case for headers <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8914">#8914</a>
[<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li>
<li>Docs: remove unused Makefile targets <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8917">#8917</a>
[<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li>
<li>Remove indentation from lists <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8915">#8915</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Python 3.13 is tested on Arch <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8894">#8894</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Move XV Thumbnails to read only section <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8893">#8893</a>
[<a
href="https://github.com/aclark4life"><code>@​aclark4life</code></a>]</li>
<li>Updated macOS tested Pillow versions <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8890">#8890</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
</ul>
<h2>Dependencies</h2>
<ul>
<li>Add AVIF to wheels using only aomenc and dav1d AVIF codecs for
reduced size <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8858">#8858</a>
[<a href="https://github.com/fdintino"><code>@​fdintino</code></a>]</li>
<li>Use same AVIF URL when fetching dependency <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8871">#8871</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update dependency mypy to v1.16.1 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9026">#9026</a>
[@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li>
<li>Update libpng to 1.6.49 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9014">#9014</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update dependency cibuildwheel to v3 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9010">#9010</a>
[@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li>
<li>Updated libjpeg-turbo to 3.1.1 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9009">#9009</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update dependency mypy to v1.16.0 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8991">#8991</a>
[@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li>
<li>Updated libpng to 1.6.48 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8940">#8940</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Updated Ghostscript to 10.5.1 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8939">#8939</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Updated harfbuzz to 11.2.1 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8937">#8937</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Updated libavif to 1.3.0 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8949">#8949</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update dependency cibuildwheel to v2.23.3 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8931">#8931</a>
[@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li>
<li>Updated harfbuzz to 11.1.0 <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8904">#8904</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
</ul>
<h2>Testing</h2>
<ul>
<li>Add <code>match</code> parameter to <code>pytest.warns()</code> <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9038">#9038</a>
[<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li>
<li>Increase pytest verbosity <a
href="https://redirect.github.com/python-pillow/Pillow/issues/9040">#9040</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Improve SgiImagePlugin test coverage <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8896">#8896</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
<li>Update ruff pre-commit ID <a
href="https://redirect.github.com/python-pillow/Pillow/issues/8994">#8994</a>
[<a
href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="89f1f4626a"><code>89f1f46</code></a>
11.3.0 version bump</li>
<li><a
href="f2de251c76"><code>f2de251</code></a>
Updated check script paths (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9052">#9052</a>)</li>
<li><a
href="84855d11c8"><code>84855d1</code></a>
Raise FileNotFoundError when opening an empty path (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9048">#9048</a>)</li>
<li><a
href="204d11d4da"><code>204d11d</code></a>
Raise FileNotFoundError when opening an empty path</li>
<li><a
href="2b39f7581e"><code>2b39f75</code></a>
Handle IPTC TIFF tags with incorrect type (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/8925">#8925</a>)</li>
<li><a
href="e7a53ba19b"><code>e7a53ba</code></a>
Do not update palette for L mode GIF frame (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/8924">#8924</a>)</li>
<li><a
href="c22230b761"><code>c22230b</code></a>
Use save parameters as encoderinfo defaults (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9001">#9001</a>)</li>
<li><a
href="da10ed1cf3"><code>da10ed1</code></a>
Add support for iOS (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/9030">#9030</a>)</li>
<li><a
href="be2b4e7864"><code>be2b4e7</code></a>
Fix qtables and quality scaling (<a
href="https://redirect.github.com/python-pillow/Pillow/issues/8879">#8879</a>)</li>
<li><a
href="d4162f8505"><code>d4162f8</code></a>
Updated return type</li>
<li>Additional commits viewable in <a
href="https://github.com/python-pillow/Pillow/compare/11.2.1...11.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pillow&package-manager=pip&previous-version=11.2.1&new-version=11.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/element-hq/synapse/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-02 18:29:37 +02:00
dependabot[bot]
81ca2923d1 Bump types-jsonschema from 4.23.0.20250516 to 4.24.0.20250528 (#18611) 
Bumps
[types-jsonschema](https://github.com/typeshed-internal/stub_uploader)
from 4.23.0.20250516 to 4.24.0.20250528.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-jsonschema&package-manager=pip&previous-version=4.23.0.20250516&new-version=4.24.0.20250528)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-02 18:25:50 +02:00
dependabot[bot]
2f21b27465 Bump pyasn1-modules from 0.4.1 to 0.4.2 (#18495) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-25 17:00:19 +01:00
dependabot[bot]
3807fd42e1 Bump urllib3 from 2.2.2 to 2.5.0 (#18572) 2025-06-25 15:50:11 +01:00
dependabot[bot]
6fabf82f4f Bump types-opentracing from 2.4.10.6 to 2.4.10.20250622 (#18586) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-24 17:30:36 +01:00
Andrew Morgan
6791e6e250 Unbreak unit tests with Twisted 25.5.0 by add parsePOSTFormSubmission arg to FakeSite (#18577) 
Co-authored-by: anoa's Codex Agent <codex@amorgan.xyz>
 2025-06-24 11:52:06 +01:00
dependabot[bot]
51dbbbb40f Bump types-requests from 2.32.0.20250328 to 2.32.4.20250611 (#18558) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-17 13:43:01 +01:00
dependabot[bot]
6b1e3c9c66 Bump requests from 2.32.2 to 2.32.4 (#18533) 2025-06-13 12:34:38 +01:00
dependabot[bot]
d82ad6e554 Bump lxml from 5.3.0 to 5.4.0 (#18480) 
Bumps [lxml](https://github.com/lxml/lxml) from 5.3.0 to 5.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lxml/lxml/releases">lxml's
releases</a>.</em></p>
<blockquote>
<h2>lxml-5.4.0</h2>
<h1>5.4.0 (2025-04-22)</h1>
<h2>Bugs fixed</h2>
<ul>
<li>LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to
resolve several CVEs.
(Binary wheels for Windows continue to use a patched libxml2 2.11.9 and
libxslt 1.1.39.)
Issue found by Anatoly Katyushin, see <a
href="https://bugs.launchpad.net/lxml/+bug/2107279">https://bugs.launchpad.net/lxml/+bug/2107279</a></li>
</ul>
<h2>lxml-5.3.2</h2>
<p>No release notes provided.</p>
<h2>lxml-5.3.1</h2>
<p>No release notes provided.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/lxml/lxml/blob/master/CHANGES.txt">lxml's
changelog</a>.</em></p>
<blockquote>
<h1>5.4.0 (2025-04-22)</h1>
<h2>Bugs fixed</h2>
<ul>
<li>LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to
resolve several CVEs.
(Binary wheels for Windows continue to use a patched libxml2 2.11.9 and
libxslt 1.1.39.)
Issue found by Anatoly Katyushin.</li>
</ul>
<h1>5.3.2 (2025-04-05)</h1>
<p>This release resolves CVE-2025-24928 as described in
<a
href="https://gitlab.gnome.org/GNOME/libxml2/-/issues/847">https://gitlab.gnome.org/GNOME/libxml2/-/issues/847</a></p>
<h2>Bugs fixed</h2>
<ul>
<li>
<p>Binary wheels use libxml2 2.12.10 and libxslt 1.1.42.</p>
</li>
<li>
<p>Binary wheels for Windows use a patched libxml2 2.11.9 and libxslt
1.1.39.</p>
</li>
</ul>
<h1>5.3.1 (2025-02-09)</h1>
<h2>Bugs fixed</h2>
<ul>
<li>
<p>GH#440: Some tests were adapted for libxml2 2.14.0.
Patch by Nick Wellnhofer.</p>
</li>
<li>
<p>LP#2097175: <code>DTD(external_id=&quot;…&quot;)</code> erroneously
required a byte string as ID value.</p>
</li>
<li>
<p>GH#450: <code>iterparse()</code> internally triggered the
`DeprecationWarning`` added in lxml 5.3.0 when parsing HTML.</p>
</li>
</ul>
<h2>Other changes</h2>
<ul>
<li>GH#442: Binary wheels for macOS no longer use the linker flag
<code>-flat_namespace</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e76d57af8"><code>6e76d57</code></a>
Build: Exclude slow Py3.9 wheel builds for s390/ppc and Py3.7 for
ARM64.</li>
<li><a
href="ee10c02bb7"><code>ee10c02</code></a>
Prepare release of lxml 5.4.0.</li>
<li><a
href="0e4f3c3372"><code>0e4f3c3</code></a>
Prepare release of lxml 5.3.3.</li>
<li><a
href="b4703fc2e7"><code>b4703fc</code></a>
Update changelog.</li>
<li><a
href="db723bb3b9"><code>db723bb</code></a>
Build: Use libxslt 1.1.43 instead of 1.1.42 to resolve some CVEs.</li>
<li><a
href="a664877bde"><code>a664877</code></a>
Build: Use libxml2 2.13.8 instead of 2.12.x to resolve some CVEs.</li>
<li><a
href="df4633e7a9"><code>df4633e</code></a>
Remove appveyor usage.</li>
<li><a
href="820db896be"><code>820db89</code></a>
CI: Allow Py3.14 jobs to fail.</li>
<li><a
href="93ad02aad6"><code>93ad02a</code></a>
docs: Add a note about C compiler installation to error message (<a
href="https://redirect.github.com/lxml/lxml/issues/454">GH-454</a>)</li>
<li><a
href="16878dac70"><code>16878da</code></a>
Add some hints to the documentation on how to build lxml (<a
href="https://redirect.github.com/lxml/lxml/issues/453">GH-453</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lxml/lxml/compare/lxml-5.3.0...lxml-5.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lxml&package-manager=pip&previous-version=5.3.0&new-version=5.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-28 11:59:59 +02:00
dependabot[bot]
58e8521313 Bump ruff from 0.11.10 to 0.11.11 (#18482) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.11.10 to 0.11.11.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/releases">ruff's
releases</a>.</em></p>
<blockquote>
<h2>0.11.11</h2>
<h2>Release Notes</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>airflow</code>] Add autofixes for <code>AIR302</code> and
<code>AIR312</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17942">#17942</a>)</li>
<li>[<code>airflow</code>] Move rules from <code>AIR312</code> to
<code>AIR302</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17940">#17940</a>)</li>
<li>[<code>airflow</code>] Update <code>AIR301</code> and
<code>AIR311</code> with the latest Airflow implementations (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17985">#17985</a>)</li>
<li>[<code>flake8-simplify</code>] Enable fix in preview mode
(<code>SIM117</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18208">#18208</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix inconsistent formatting of match-case on <code>[]</code> and
<code>_</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18147">#18147</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLW1514</code> not recognizing the
<code>encoding</code> positional argument of <code>codecs.open</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18109">#18109</a>)</li>
</ul>
<h3>CLI</h3>
<ul>
<li>Add full option name in formatter warning (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18217">#18217</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Fix rendering of admonition in docs (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18163">#18163</a>)</li>
<li>[<code>flake8-print</code>] Improve print/pprint docs for
<code>T201</code> and <code>T203</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18130">#18130</a>)</li>
<li>[<code>flake8-simplify</code>] Add fix safety section
(<code>SIM110</code>,<code>SIM210</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18114">#18114</a>,<a
href="https://redirect.github.com/astral-sh/ruff/pull/18100">#18100</a>)</li>
<li>[<code>pylint</code>] Fix docs example that produced different
output (<code>PLW0603</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18216">#18216</a>)</li>
</ul>
<h2>Contributors</h2>
<ul>
<li><a
href="https://github.com/AlexWaygood"><code>@​AlexWaygood</code></a></li>
<li><a
href="https://github.com/BradonZhang"><code>@​BradonZhang</code></a></li>
<li><a
href="https://github.com/BurntSushi"><code>@​BurntSushi</code></a></li>
<li><a
href="https://github.com/CodeMan62"><code>@​CodeMan62</code></a></li>
<li><a
href="https://github.com/InSyncWithFoo"><code>@​InSyncWithFoo</code></a></li>
<li><a
href="https://github.com/LaBatata101"><code>@​LaBatata101</code></a></li>
<li><a href="https://github.com/Lee-W"><code>@​Lee-W</code></a></li>
<li><a
href="https://github.com/Mathemmagician"><code>@​Mathemmagician</code></a></li>
<li><a
href="https://github.com/MatthewMckee4"><code>@​MatthewMckee4</code></a></li>
<li><a
href="https://github.com/MichaReiser"><code>@​MichaReiser</code></a></li>
<li><a
href="https://github.com/TomerBin"><code>@​TomerBin</code></a></li>
<li><a
href="https://github.com/VascoSch92"><code>@​VascoSch92</code></a></li>
<li><a
href="https://github.com/adamaaronson"><code>@​adamaaronson</code></a></li>
<li><a
href="https://github.com/brainwane"><code>@​brainwane</code></a></li>
<li><a
href="https://github.com/brandtbucher"><code>@​brandtbucher</code></a></li>
<li><a href="https://github.com/carljm"><code>@​carljm</code></a></li>
<li><a
href="https://github.com/dcreager"><code>@​dcreager</code></a></li>
<li><a
href="https://github.com/dhruvmanila"><code>@​dhruvmanila</code></a></li>
<li><a
href="https://github.com/dragon-dxw"><code>@​dragon-dxw</code></a></li>
<li><a
href="https://github.com/felixscherz"><code>@​felixscherz</code></a></li>
<li><a
href="https://github.com/kiran-4444"><code>@​kiran-4444</code></a></li>
<li><a
href="https://github.com/maxmynter"><code>@​maxmynter</code></a></li>
<li><a href="https://github.com/ntBre"><code>@​ntBre</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's
changelog</a>.</em></p>
<blockquote>
<h2>0.11.11</h2>
<h3>Preview features</h3>
<ul>
<li>[<code>airflow</code>] Add autofixes for <code>AIR302</code> and
<code>AIR312</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17942">#17942</a>)</li>
<li>[<code>airflow</code>] Move rules from <code>AIR312</code> to
<code>AIR302</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17940">#17940</a>)</li>
<li>[<code>airflow</code>] Update <code>AIR301</code> and
<code>AIR311</code> with the latest Airflow implementations (<a
href="https://redirect.github.com/astral-sh/ruff/pull/17985">#17985</a>)</li>
<li>[<code>flake8-simplify</code>] Enable fix in preview mode
(<code>SIM117</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18208">#18208</a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>Fix inconsistent formatting of match-case on <code>[]</code> and
<code>_</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18147">#18147</a>)</li>
<li>[<code>pylint</code>] Fix <code>PLW1514</code> not recognizing the
<code>encoding</code> positional argument of <code>codecs.open</code>
(<a
href="https://redirect.github.com/astral-sh/ruff/pull/18109">#18109</a>)</li>
</ul>
<h3>CLI</h3>
<ul>
<li>Add full option name in formatter warning (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18217">#18217</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Fix rendering of admonition in docs (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18163">#18163</a>)</li>
<li>[<code>flake8-print</code>] Improve print/pprint docs for
<code>T201</code> and <code>T203</code> (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18130">#18130</a>)</li>
<li>[<code>flake8-simplify</code>] Add fix safety section
(<code>SIM110</code>,<code>SIM210</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18114">#18114</a>,<a
href="https://redirect.github.com/astral-sh/ruff/pull/18100">#18100</a>)</li>
<li>[<code>pylint</code>] Fix docs example that produced different
output (<code>PLW0603</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/pull/18216">#18216</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0397682f1f"><code>0397682</code></a>
Bump 0.11.11 (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18259">#18259</a>)</li>
<li><a
href="bcefa459f4"><code>bcefa45</code></a>
[ty] Rename <code>call-possibly-unbound-method</code> to
`possibly-unbound-implicit-call...</li>
<li><a
href="91b7a570c2"><code>91b7a57</code></a>
[ty] Implement Python's floor division semantics for
<code>Literal</code> <code>int</code>s (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18249">#18249</a>)</li>
<li><a
href="98da200d45"><code>98da200</code></a>
[ty] Fix server panic when calling <code>system_mut</code> (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18252">#18252</a>)</li>
<li><a
href="029085fa72"><code>029085f</code></a>
[ty] Clarify <code>ty check</code> output default in documentation. (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18246">#18246</a>)</li>
<li><a
href="6df10c638e"><code>6df10c6</code></a>
[<code>pylint</code>] Fix docs example that produced different output
(<code>PLW0603</code>) (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18216">#18216</a>)</li>
<li><a
href="bdf488462a"><code>bdf4884</code></a>
Preserve tuple parentheses in case patterns (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18147">#18147</a>)</li>
<li><a
href="01eeb2f0d6"><code>01eeb2f</code></a>
[ty] Support frozen dataclasses (<a
href="https://redirect.github.com/astral-sh/ruff/issues/17974">#17974</a>)</li>
<li><a
href="cb04343b3b"><code>cb04343</code></a>
[ty] Split <code>invalid-base</code> error code into two error codes (<a
href="https://redirect.github.com/astral-sh/ruff/issues/18245">#18245</a>)</li>
<li><a
href="02394b8049"><code>02394b8</code></a>
[ty] Improve <code>invalid-type-form</code> diagnostic where a
module-literal type is us...</li>
<li>Additional commits viewable in <a
href="https://github.com/astral-sh/ruff/compare/0.11.10...0.11.11">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.11.10&new-version=0.11.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-28 11:58:45 +02:00
dependabot[bot]
3680de63a7 Bump types-jsonschema from 4.23.0.20241208 to 4.23.0.20250516 (#18481) 
Bumps
[types-jsonschema](https://github.com/typeshed-internal/stub_uploader)
from 4.23.0.20241208 to 4.23.0.20250516.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/typeshed-internal/stub_uploader/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-jsonschema&package-manager=pip&previous-version=4.23.0.20241208&new-version=4.23.0.20250516)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-28 11:58:30 +02:00
Andrew Morgan
1624073191 Bump Tornado from 6.4.2 to 6.5.0 (#18459) 
Bumps tornado 6.5.0 to mitigate
[CVE-2025-47287](https://nvd.nist.gov/vuln/detail/CVE-2025-47287).

This dependency is only used indirectly through our sentry dependency.

### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [x] Pull request is based on the develop branch
* [x] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [ ] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct (run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
 2025-05-21 22:24:12 +00:00
dependabot[bot]
9d43bec326 Bump ruff from 0.7.3 to 0.11.10 (#18451) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
 2025-05-20 15:23:30 +01:00
dependabot[bot]
303c5c4daa Bump setuptools from 72.1.0 to 78.1.1 (#18461) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-20 12:03:10 +01:00
dependabot[bot]
afeb0e01c5 Bump pyopenssl from 25.0.0 to 25.1.0 (#18450) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-19 13:06:45 +01:00
dependabot[bot]
cd1a3ac584 Bump authlib from 1.5.1 to 1.5.2 (#18452) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-19 13:06:11 +01:00
Andrew Morgan
2db54c88ff Explicitly enable pypy for cibuildwheel (#18417) 2025-05-13 15:19:30 +01:00
dependabot[bot]
ba2f1be891 Bump types-requests from 2.32.0.20241016 to 2.32.0.20250328 (#18427) 2025-05-13 15:12:34 +01:00
dependabot[bot]
c626d54cea Bump mypy-zope from 1.0.9 to 1.0.11 (#18428) 2025-05-13 15:12:22 +01:00
dependabot[bot]
40ce11ded0 Bump pillow from 11.1.0 to 11.2.1 (#18429) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-13 09:46:03 +01:00
dependabot[bot]
1920dfff40 Bump pydantic from 2.10.3 to 2.11.4 (#18394) 2025-05-09 16:36:54 +01:00
dependabot[bot]
b7728a2df1 Bump packaging from 24.2 to 25.0 (#18393) 2025-05-09 15:37:05 +01:00
dependabot[bot]
c6dfe70014 Bump txredisapi from 1.4.10 to 1.4.11 (#18392) 2025-05-09 15:36:41 +01:00
dependabot[bot]
75832f25b0 Bump types-jsonschema from 4.23.0.20240813 to 4.23.0.20241208 (#18305) 2025-04-29 10:07:49 +01:00