24873 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Andrew Morgan	5c2765bd7a	1.134.0rc1 v1.134.0rc1	2025-07-09 11:31:01 +01:00
Quentin Gliech	f8a7872ddb	Use native arm runners for building wheels (#18618) ... This takes down the CI time to build wheels from 50 minutes to <10 minutes. **It also fixes macOS ARM builds, and includes more ARM builds in general** (we were ignoring pypy and musl before). This doesn't cost much for us to do this, reasons for not doing this is 1. space on PyPI and 2. keeping them 'officially' supported? This is the list of wheels this built (`+` are the ones added): ```diff matrix_synapse-1.133.0-cp39-abi3-macosx_10_9_x86_64.whl + matrix_synapse-1.133.0-cp39-abi3-macosx_11_0_arm64.whl matrix_synapse-1.133.0-cp39-abi3-manylinux_2_28_aarch64.whl matrix_synapse-1.133.0-cp39-abi3-manylinux_2_28_x86_64.whl + matrix_synapse-1.133.0-cp39-abi3-musllinux_1_2_aarch64.whl matrix_synapse-1.133.0-cp39-abi3-musllinux_1_2_x86_64.whl matrix_synapse-1.133.0-pp310-pypy310_pp73-macosx_10_15_x86_64.whl + matrix_synapse-1.133.0-pp310-pypy310_pp73-macosx_11_0_arm64.whl + matrix_synapse-1.133.0-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl matrix_synapse-1.133.0-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl matrix_synapse-1.133.0-pp311-pypy311_pp73-macosx_10_15_x86_64.whl + matrix_synapse-1.133.0-pp311-pypy311_pp73-macosx_11_0_arm64.whl + matrix_synapse-1.133.0-pp311-pypy311_pp73-manylinux_2_28_aarch64.whl matrix_synapse-1.133.0-pp311-pypy311_pp73-manylinux_2_28_x86_64.whl ``` And the numbers aaaaare 🥁 - [before](https://github.com/element-hq/synapse/actions/runs/16072488018): 54 minutes - [after](https://github.com/element-hq/synapse/actions/runs/16004034949?pr=18618): 10 minutes **Revert [e43b0f9](e43b0f9bd1) before merging**	2025-07-08 11:30:36 +00:00
Andrew Morgan	b8ad9bf1b7	Add .zed/ to .gitignore (#18623)	2025-07-08 11:57:23 +01:00
Quentin Gliech	9b86458900	Speed up the building of Docker images using ARM CI workers (#18620) ... This splits the building of docker images in 2 jobs, one for each platform, using the native ARM runners for arm64. The tricky part here is to get back a nice multi-arch manifest. Previously, you'd do that by pushing each platform image in two distinct tags, then referencing them in a multi-arch manifest. Nowadays, it's possible to push images by their digest only, then creating the manifest for those pushed digests separately This is inspired by the Docker docs on how to distribute multi-platform image builds: https://docs.docker.com/build/ci/github-actions/multi-platform/#distribute-build-across-multiple-runners `ghcr.io/element-hq/synapse:sha-c733dd6` is an example image that got built by this workflow (there is a temporary sha-* tag on workflow_dispatch runs to help trying out the workflow) I also had to make sure we sign the manifests correctly: ``` $ cosign verify --certificate-oidc-issuer https://token.actions.githubusercontent.com --certificate-identity-regexp 'https://github.com/element-hq/synapse/.github/workflows/docker.yml@.*' ghcr.io/element-hq/synapse:sha-c733dd6 Verification for ghcr.io/element-hq/synapse:sha-c733dd6 -- The following checks were performed on each of these signatures: - The cosign claims were validated - Existence of the claims in the transparency log was verified offline - The code-signing certificate was verified using trusted certificate authority certificates ``` And the numbers aaaaare 🥁 - [before](https://github.com/element-hq/synapse/actions/runs/16118229296/job/45477093703): 30 minutes - [after](https://github.com/element-hq/synapse/actions/runs/16021743575): 4 minutes --------- Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>	2025-07-08 10:53:12 +00:00
dependabot[bot]	57220706b2	Bump typing-extensions from 4.14.0 to 4.14.1 (#18668) ... Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.14.0 to 4.14.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python/typing_extensions/releases">typing-extensions's releases</a>.</em></p> <blockquote> <h2>4.14.1</h2> <h1>Release 4.14.1 (July 4, 2025)</h1> <ul> <li>Fix usage of <code>typing_extensions.TypedDict</code> nested inside other types (e.g., <code>typing.Type[typing_extensions.TypedDict]</code>). This is not allowed by the type system but worked on older versions, so we maintain support.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's changelog</a>.</em></p> <blockquote> <h1>Release 4.14.1 (July 4, 2025)</h1> <ul> <li>Fix usage of <code>typing_extensions.TypedDict</code> nested inside other types (e.g., <code>typing.Type[typing_extensions.TypedDict]</code>). This is not allowed by the type system but worked on older versions, so we maintain support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="42027aba35"><code>42027ab</code></a> Prepare release 4.14.1 (<a href="https://redirect.github.com/python/typing_extensions/issues/620">#620</a>)</li> <li><a href="59d2c20858"><code>59d2c20</code></a> Fix off by one in pickle protocol tests (<a href="https://redirect.github.com/python/typing_extensions/issues/618">#618</a>)</li> <li><a href="40e22ebb2c"><code>40e22eb</code></a> Do not use slots for <code>_TypedDictSpecialForm</code> (<a href="https://redirect.github.com/python/typing_extensions/issues/616">#616</a>)</li> <li><a href="d17c456d36"><code>d17c456</code></a> allow TypedDict as a type argument (<a href="https://redirect.github.com/python/typing_extensions/issues/614">#614</a>)</li> <li>See full diff in <a href="https://github.com/python/typing_extensions/compare/4.14.0...4.14.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-07 13:24:30 +00:00
dependabot[bot]	616ada3dfe	Bump tokio from 1.46.0 to 1.46.1 (#18667) ... Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.0 to 1.46.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.46.1</h2> <h1>1.46.1 (July 4th, 2025)</h1> <p>This release fixes incorrect spawn locations in runtime task hooks for tasks spawned using <code>tokio::spawn</code> rather than <code>Runtime::spawn</code>. This issue only effected the spawn location in <code>TaskMeta::spawned_at</code>, and did not effect task locations in Tracing events.</p> <h2>Unstable</h2> <ul> <li>runtime: add <code>TaskMeta::spawn_location</code> tracking where a task was spawned (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7440">#7440</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7440">#7440</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7440">tokio-rs/tokio#7440</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="ab3ff69cf2"><code>ab3ff69</code></a> chore: prepare to release v1.46.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7444">#7444</a>)</li> <li><a href="a0d5b8ab30"><code>a0d5b8a</code></a> runtime(unstable): fix task hook spawn locations for <code>tokio::spawn</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7440">#7440</a>)</li> <li><a href="a1ee3ef218"><code>a1ee3ef</code></a> chore: fix some minor typos in the comments (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7442">#7442</a>)</li> <li><a href="171cd148a3"><code>171cd14</code></a> changelog: fix typo in <code>pipe::OpenOptions</code> for 1.46.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7439">#7439</a>)</li> <li>See full diff in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.0...tokio-1.46.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-07 15:20:43 +02:00
dependabot[bot]	49e46b84de	Bump types-psycopg2 from 2.9.21.20250318 to 2.9.21.20250516 (#18658) ... Bumps [types-psycopg2](https://github.com/typeshed-internal/stub_uploader) from 2.9.21.20250318 to 2.9.21.20250516. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/typeshed-internal/stub_uploader/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-04 11:13:41 +00:00
dependabot[bot]	4a7b166d80	Bump ruff from 0.12.1 to 0.12.2 (#18657) ... Bumps [ruff](https://github.com/astral-sh/ruff) from 0.12.1 to 0.12.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>0.12.2</h2> <h2>Release Notes</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-pyi</code>] Expand <code>Optional[A]</code> to <code>A | None</code> (<code>PYI016</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18572">#18572</a>)</li> <li>[<code>pyupgrade</code>] Mark <code>UP008</code> fix safe if no comments are in range (<a href="https://redirect.github.com/astral-sh/ruff/pull/18683">#18683</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>[<code>flake8-comprehensions</code>] Fix <code>C420</code> to prepend whitespace when needed (<a href="https://redirect.github.com/astral-sh/ruff/pull/18616">#18616</a>)</li> <li>[<code>perflint</code>] Fix <code>PERF403</code> panic on attribute or subscription loop variable (<a href="https://redirect.github.com/astral-sh/ruff/pull/19042">#19042</a>)</li> <li>[<code>pydocstyle</code>] Fix <code>D413</code> infinite loop for parenthesized docstring (<a href="https://redirect.github.com/astral-sh/ruff/pull/18930">#18930</a>)</li> <li>[<code>pylint</code>] Fix <code>PLW0108</code> autofix introducing a syntax error when the lambda's body contains an assignment expression (<a href="https://redirect.github.com/astral-sh/ruff/pull/18678">#18678</a>)</li> <li>[<code>refurb</code>] Fix false positive on empty tuples (<code>FURB168</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19058">#19058</a>)</li> <li>[<code>ruff</code>] Allow more <code>field</code> calls from <code>attrs</code> (<code>RUF009</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19021">#19021</a>)</li> <li>[<code>ruff</code>] Fix syntax error introduced for an empty string followed by a u-prefixed string (<code>UP025</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18899">#18899</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>flake8-executable</code>] Allow <code>uvx</code> in shebang line (<code>EXE003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18967">#18967</a>)</li> <li>[<code>pandas</code>] Avoid flagging <code>PD002</code> if <code>pandas</code> is not imported (<a href="https://redirect.github.com/astral-sh/ruff/pull/18963">#18963</a>)</li> <li>[<code>pyupgrade</code>] Avoid PEP-604 unions with <code>typing.NamedTuple</code> (<code>UP007</code>, <code>UP045</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18682">#18682</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Document link between <code>import-outside-top-level (PLC0415)</code> and <code>lint.flake8-tidy-imports.banned-module-level-imports</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18733">#18733</a>)</li> <li>Fix description of the <code>format.skip-magic-trailing-comma</code> example (<a href="https://redirect.github.com/astral-sh/ruff/pull/19095">#19095</a>)</li> <li>[<code>airflow</code>] Make <code>AIR302</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18988">#18988</a>)</li> <li>[<code>airflow</code>] Make <code>AIR312</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18989">#18989</a>)</li> <li>[<code>flake8-annotations</code>] Make <code>ANN401</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18974">#18974</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC100</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18993">#18993</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC105</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19002">#19002</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC110</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18975">#18975</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC210</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18977">#18977</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC220</code>, <code>ASYNC221</code>, and <code>ASYNC222</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18978">#18978</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC251</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18990">#18990</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S201</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19017">#19017</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S604</code> and <code>S609</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19049">#19049</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B028</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19054">#19054</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B911</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19051">#19051</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ011</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19055">#19055</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ901</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19056">#19056</a>)</li> <li>[<code>flake8-pyi</code>] Make <code>PYI032</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19061">#19061</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI014</code>, <code>PYI015</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19097">#19097</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI042</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19101">#19101</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI059</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19080">#19080</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI062</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19079">#19079</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT023</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19104">#19104</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT030</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19105">#19105</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.12.2</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-pyi</code>] Expand <code>Optional[A]</code> to <code>A | None</code> (<code>PYI016</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18572">#18572</a>)</li> <li>[<code>pyupgrade</code>] Mark <code>UP008</code> fix safe if no comments are in range (<a href="https://redirect.github.com/astral-sh/ruff/pull/18683">#18683</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>[<code>flake8-comprehensions</code>] Fix <code>C420</code> to prepend whitespace when needed (<a href="https://redirect.github.com/astral-sh/ruff/pull/18616">#18616</a>)</li> <li>[<code>perflint</code>] Fix <code>PERF403</code> panic on attribute or subscription loop variable (<a href="https://redirect.github.com/astral-sh/ruff/pull/19042">#19042</a>)</li> <li>[<code>pydocstyle</code>] Fix <code>D413</code> infinite loop for parenthesized docstring (<a href="https://redirect.github.com/astral-sh/ruff/pull/18930">#18930</a>)</li> <li>[<code>pylint</code>] Fix <code>PLW0108</code> autofix introducing a syntax error when the lambda's body contains an assignment expression (<a href="https://redirect.github.com/astral-sh/ruff/pull/18678">#18678</a>)</li> <li>[<code>refurb</code>] Fix false positive on empty tuples (<code>FURB168</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19058">#19058</a>)</li> <li>[<code>ruff</code>] Allow more <code>field</code> calls from <code>attrs</code> (<code>RUF009</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19021">#19021</a>)</li> <li>[<code>ruff</code>] Fix syntax error introduced for an empty string followed by a u-prefixed string (<code>UP025</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18899">#18899</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>flake8-executable</code>] Allow <code>uvx</code> in shebang line (<code>EXE003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18967">#18967</a>)</li> <li>[<code>pandas</code>] Avoid flagging <code>PD002</code> if <code>pandas</code> is not imported (<a href="https://redirect.github.com/astral-sh/ruff/pull/18963">#18963</a>)</li> <li>[<code>pyupgrade</code>] Avoid PEP-604 unions with <code>typing.NamedTuple</code> (<code>UP007</code>, <code>UP045</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18682">#18682</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Document link between <code>import-outside-top-level (PLC0415)</code> and <code>lint.flake8-tidy-imports.banned-module-level-imports</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18733">#18733</a>)</li> <li>Fix description of the <code>format.skip-magic-trailing-comma</code> example (<a href="https://redirect.github.com/astral-sh/ruff/pull/19095">#19095</a>)</li> <li>[<code>airflow</code>] Make <code>AIR302</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18988">#18988</a>)</li> <li>[<code>airflow</code>] Make <code>AIR312</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18989">#18989</a>)</li> <li>[<code>flake8-annotations</code>] Make <code>ANN401</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18974">#18974</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC100</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18993">#18993</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC105</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19002">#19002</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC110</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18975">#18975</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC210</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18977">#18977</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC220</code>, <code>ASYNC221</code>, and <code>ASYNC222</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18978">#18978</a>)</li> <li>[<code>flake8-async</code>] Make <code>ASYNC251</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/18990">#18990</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S201</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19017">#19017</a>)</li> <li>[<code>flake8-bandit</code>] Make <code>S604</code> and <code>S609</code> examples error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19049">#19049</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B028</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19054">#19054</a>)</li> <li>[<code>flake8-bugbear</code>] Make <code>B911</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19051">#19051</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ011</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19055">#19055</a>)</li> <li>[<code>flake8-datetimez</code>] Make <code>DTZ901</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19056">#19056</a>)</li> <li>[<code>flake8-pyi</code>] Make <code>PYI032</code> example error out-of-the-box (<a href="https://redirect.github.com/astral-sh/ruff/pull/19061">#19061</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI014</code>, <code>PYI015</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19097">#19097</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI042</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19101">#19101</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI059</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19080">#19080</a>)</li> <li>[<code>flake8-pyi</code>] Make example error out-of-the-box (<code>PYI062</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19079">#19079</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT023</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19104">#19104</a>)</li> <li>[<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT030</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19105">#19105</a>)</li> <li>[<code>flake8-quotes</code>] Make example error out-of-the-box (<code>Q003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/19106">#19106</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="9bee8376a1"><code>9bee837</code></a> Bump 0.12.2 (<a href="https://redirect.github.com/astral-sh/ruff/issues/19126">#19126</a>)</li> <li><a href="1c6717b149"><code>1c6717b</code></a> Filter private symbols from stubs if they are internal types (<a href="https://redirect.github.com/astral-sh/ruff/issues/19121">#19121</a>)</li> <li><a href="1b813cd5f1"><code>1b813cd</code></a> Fix description of the <code>format.skip-magic-trailing-comma</code> example (<a href="https://redirect.github.com/astral-sh/ruff/issues/19095">#19095</a>)</li> <li><a href="b00f68a23c"><code>b00f68a</code></a> [<code>ruff</code>] Allow more <code>field</code> calls from <code>attrs</code> (<code>RUF009</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19021">#19021</a>)</li> <li><a href="710c60f713"><code>710c60f</code></a> [<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT023</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19104">#19104</a>)</li> <li><a href="811e25d16e"><code>811e25d</code></a> [<code>flake8-pytest-style</code>] Make example error out-of-the-box (<code>PT030</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19105">#19105</a>)</li> <li><a href="b78af2db48"><code>b78af2d</code></a> [<code>flake8-quotes</code>] Make example error out-of-the-box (<code>Q003</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19106">#19106</a>)</li> <li><a href="4f36f0677f"><code>4f36f06</code></a> Document link between <code>import-outside-top-level (PLC0415)</code> and `lint.flake8-t...</li> <li><a href="2589a2938e"><code>2589a29</code></a> [<code>flake8-simplify</code>] Make example error out-of-the-box (<code>SIM113</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19109">#19109</a>)</li> <li><a href="26bb8f7b71"><code>26bb8f7</code></a> [<code>flake8-simplify</code>] Make example error out-of-the-box (<code>SIM401</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/19110">#19110</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/0.12.1...0.12.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-04 11:12:59 +00:00
dependabot[bot]	d61b919030	Bump setuptools-rust from 1.10.2 to 1.11.1 (#18655) ... Bumps [setuptools-rust](https://github.com/PyO3/setuptools-rust) from 1.10.2 to 1.11.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/PyO3/setuptools-rust/releases">setuptools-rust's releases</a>.</em></p> <blockquote> <h2>v1.11.1</h2> <h3>Fixed</h3> <ul> <li>Fix finding cargo artifacts when filenames are empty. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/521">#521</a></li> </ul> <h2>v1.11.0</h2> <h3>Packaging</h3> <ul> <li>Drop support for Python 3.8. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/479">#479</a></li> <li>Support free-threaded Python. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/502">#502</a></li> <li>Support adding custom env vars. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/504">#504</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyO3/setuptools-rust/blob/main/CHANGELOG.md">setuptools-rust's changelog</a>.</em></p> <blockquote> <h2>1.11.1 (2025-04-04)</h2> <h3>Fixed</h3> <ul> <li>Fix finding cargo artifacts when filenames are empty. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/521">#521</a></li> </ul> <h2>1.11.0 (2025-03-14)</h2> <h3>Packaging</h3> <ul> <li>Drop support for Python 3.8. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/479">#479</a></li> <li>Support free-threaded Python. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/502">#502</a></li> <li>Support adding custom env vars. <a href="https://redirect.github.com/PyO3/setuptools-rust/pull/504">#504</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="cc5c233993"><code>cc5c233</code></a> release: 1.11.1 (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/529">#529</a>)</li> <li><a href="faa610deef"><code>faa610d</code></a> Fix finding cargo artifacts when <code>filenames</code> are empty (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/521">#521</a>)</li> <li><a href="a766bd503f"><code>a766bd5</code></a> use <code>SETUPTOOLS_RUST_CARGO_PROFILE=dev</code> for main matrix, document it (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/527">#527</a>)</li> <li><a href="229c492984"><code>229c492</code></a> build(deps): bump the deps group across 5 directories with 1 update (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/522">#522</a>)</li> <li><a href="4141b0b4c8"><code>4141b0b</code></a> build(deps): bump pypa/cibuildwheel from 2.22.0 to 2.23.2 (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/523">#523</a>)</li> <li><a href="fc4d72c6b9"><code>fc4d72c</code></a> build(deps): bump pyo3 in /examples/hello-world-setuppy (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/524">#524</a>)</li> <li><a href="f20ba9c69c"><code>f20ba9c</code></a> replace quansight-labs/setup-python with actions/setup-python (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/520">#520</a>)</li> <li><a href="1054e1c645"><code>1054e1c</code></a> release: 1.11.0 (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/518">#518</a>)</li> <li><a href="d6817d765e"><code>d6817d7</code></a> Support adding custom env vars (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/504">#504</a>)</li> <li><a href="17980efa98"><code>17980ef</code></a> build(deps): bump the deps group across 3 directories with 1 update (<a href="https://redirect.github.com/PyO3/setuptools-rust/issues/516">#516</a>)</li> <li>Additional commits viewable in <a href="https://github.com/PyO3/setuptools-rust/compare/v1.10.2...v1.11.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-04 09:05:25 +00:00
dependabot[bot]	cb0d5a3012	Bump typing-extensions from 4.12.2 to 4.14.0 (#18654) ... Bumps [typing-extensions](https://github.com/python/typing_extensions) from 4.12.2 to 4.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python/typing_extensions/releases">typing-extensions's releases</a>.</em></p> <blockquote> <h2>4.14.0</h2> <p>This release adds several new features, including experimental support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>) and sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>), and support for changes in Python 3.14. In addition, Python 3.8 is no longer supported.</p> <p>Changes since 4.14.0rc1:</p> <ul> <li>Remove <code>__or__</code> and <code>__ror__</code> methods from <code>typing_extensions.Sentinel</code> on Python versions &lt;3.10. PEP 604 was introduced in Python 3.10, and <code>typing_extensions</code> does not generally attempt to backport PEP-604 methods to prior versions.</li> <li>Further update <code>typing_extensions.evaluate_forward_ref</code> with changes in Python 3.14.</li> </ul> <p>Changes included in 4.14.0rc1:</p> <ul> <li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Do not attempt to re-export names that have been removed from <code>typing</code>, anticipating the removal of <code>typing.no_type_check_decorator</code> in Python 3.15. Patch by Jelle Zijlstra.</li> <li>Update <code>typing_extensions.Format</code>, <code>typing_extensions.evaluate_forward_ref</code>, and <code>typing_extensions.TypedDict</code> to align with changes in Python 3.14. Patches by Jelle Zijlstra.</li> <li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li> </ul> <p>New features:</p> <ul> <li>Add support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Add <code>typing_extensions.Reader</code> and <code>typing_extensions.Writer</code>. Patch by Sebastian Rittau.</li> <li>Add support for sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> </ul> <h2>4.14.0rc1</h2> <p>Major changes:</p> <ul> <li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Do not attempt to re-export names that have been removed from <code>typing</code>, anticipating the removal of <code>typing.no_type_check_decorator</code> in Python 3.15. Patch by Jelle Zijlstra.</li> <li>Update <code>typing_extensions.Format</code>, <code>typing_extensions.evaluate_forward_ref</code>, and <code>typing_extensions.TypedDict</code> to align with changes in Python 3.14. Patches by Jelle Zijlstra.</li> <li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li> </ul> <p>New features:</p> <ul> <li>Add support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Add <code>typing_extensions.Reader</code> and <code>typing_extensions.Writer</code>. Patch by Sebastian Rittau.</li> <li>Add support for sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python/typing_extensions/blob/main/CHANGELOG.md">typing-extensions's changelog</a>.</em></p> <blockquote> <h1>Release 4.14.0 (June 2, 2025)</h1> <p>Changes since 4.14.0rc1:</p> <ul> <li>Remove <code>__or__</code> and <code>__ror__</code> methods from <code>typing_extensions.Sentinel</code> on Python versions &lt;3.10. PEP 604 was introduced in Python 3.10, and <code>typing_extensions</code> does not generally attempt to backport PEP-604 methods to prior versions.</li> <li>Further update <code>typing_extensions.evaluate_forward_ref</code> with changes in Python 3.14.</li> </ul> <h1>Release 4.14.0rc1 (May 24, 2025)</h1> <ul> <li>Drop support for Python 3.8 (including PyPy-3.8). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Do not attempt to re-export names that have been removed from <code>typing</code>, anticipating the removal of <code>typing.no_type_check_decorator</code> in Python 3.15. Patch by Jelle Zijlstra.</li> <li>Update <code>typing_extensions.Format</code>, <code>typing_extensions.evaluate_forward_ref</code>, and <code>typing_extensions.TypedDict</code> to align with changes in Python 3.14. Patches by Jelle Zijlstra.</li> <li>Fix tests for Python 3.14 and 3.15. Patches by Jelle Zijlstra.</li> </ul> <p>New features:</p> <ul> <li>Add support for inline typed dictionaries (<a href="https://peps.python.org/pep-0764/">PEP 764</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> <li>Add <code>typing_extensions.Reader</code> and <code>typing_extensions.Writer</code>. Patch by Sebastian Rittau.</li> <li>Add support for sentinels (<a href="https://peps.python.org/pep-0661/">PEP 661</a>). Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> </ul> <h1>Release 4.13.2 (April 10, 2025)</h1> <ul> <li>Fix <code>TypeError</code> when taking the union of <code>typing_extensions.TypeAliasType</code> and a <code>typing.TypeAliasType</code> on Python 3.12 and 3.13. Patch by <a href="https://github.com/jorenham">Joren Hammudoglu</a>.</li> <li>Backport from CPython PR <a href="https://redirect.github.com/python/cpython/pull/132160">#132160</a> to avoid having user arguments shadowed in generated <code>__new__</code> by <code>@typing_extensions.deprecated</code>. Patch by <a href="https://github.com/Viicos">Victorien Plot</a>.</li> </ul> <h1>Release 4.13.1 (April 3, 2025)</h1> <p>Bugfixes:</p> <ul> <li>Fix regression in 4.13.0 on Python 3.10.2 causing a <code>TypeError</code> when using <code>Concatenate</code>. Patch by <a href="https://github.com/Daraan">Daraan</a>.</li> <li>Fix <code>TypeError</code> when using <code>evaluate_forward_ref</code> on Python 3.10.1-2 and 3.9.8-10. Patch by <a href="https://github.com/Daraan">Daraan</a>.</li> </ul> <h1>Release 4.13.0 (March 25, 2025)</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="b07d245256"><code>b07d245</code></a> Prepare release 4.14.0 (<a href="https://redirect.github.com/python/typing_extensions/issues/612">#612</a>)</li> <li><a href="fcf5265b30"><code>fcf5265</code></a> Backport evaluate_forward_ref() changes (<a href="https://redirect.github.com/python/typing_extensions/issues/611">#611</a>)</li> <li><a href="fadc1edbcf"><code>fadc1ed</code></a> Remove PEP-604 methods from <code>Sentinel</code> on Python &lt;3.10 (<a href="https://redirect.github.com/python/typing_extensions/issues/605">#605</a>)</li> <li><a href="44de568f73"><code>44de568</code></a> Add 3.14 to project classifiers and tox.ini (<a href="https://redirect.github.com/python/typing_extensions/issues/604">#604</a>)</li> <li><a href="36cc476058"><code>36cc476</code></a> Prepare release 4.14.0rc1 (<a href="https://redirect.github.com/python/typing_extensions/issues/603">#603</a>)</li> <li><a href="ec1876c650"><code>ec1876c</code></a> More fixes for 3.14 and 3.15 (<a href="https://redirect.github.com/python/typing_extensions/issues/602">#602</a>)</li> <li><a href="e89d789104"><code>e89d789</code></a> Update <code>_caller()</code> implementation (<a href="https://redirect.github.com/python/typing_extensions/issues/598">#598</a>)</li> <li><a href="34bfd8423a"><code>34bfd84</code></a> third party: fix typeguard (<a href="https://redirect.github.com/python/typing_extensions/issues/600">#600</a>)</li> <li><a href="479dae13d0"><code>479dae1</code></a> Add support for sentinels (PEP 661) (<a href="https://redirect.github.com/python/typing_extensions/issues/594">#594</a>)</li> <li><a href="f74a56a725"><code>f74a56a</code></a> Update PEP 649/749 implementation (<a href="https://redirect.github.com/python/typing_extensions/issues/596">#596</a>)</li> <li>Additional commits viewable in <a href="https://github.com/python/typing_extensions/compare/4.12.2...4.14.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 15:03:08 +00:00
dependabot[bot]	6096cb4054	Bump phonenumbers from 9.0.2 to 9.0.8 (#18652) ... Bumps [phonenumbers](https://github.com/daviddrysdale/python-phonenumbers) from 9.0.2 to 9.0.8. <details> <summary>Commits</summary> <ul> <li><a href="9959754cdf"><code>9959754</code></a> Prep for 9.0.8 release</li> <li><a href="6ffa6ffbec"><code>6ffa6ff</code></a> Generated files for metadata</li> <li><a href="4b028b4bd3"><code>4b028b4</code></a> Merge metadata changes from upstream 9.0.8</li> <li><a href="6817dfb5ab"><code>6817dfb</code></a> Prep for 9.0.7 release</li> <li><a href="e9a48434e2"><code>e9a4843</code></a> Generated files for metadata</li> <li><a href="8580645ba9"><code>8580645</code></a> Merge metadata changes from upstream 9.0.7</li> <li><a href="e6d5f6270e"><code>e6d5f62</code></a> Prep for 9.0.6 release</li> <li><a href="e4e7dbec6c"><code>e4e7dbe</code></a> Generated files for metadata</li> <li><a href="a8425e7a91"><code>a8425e7</code></a> Merge metadata changes from upstream 9.0.6</li> <li><a href="e90d8ea116"><code>e90d8ea</code></a> Prep for 9.0.5 release</li> <li>Additional commits viewable in <a href="https://github.com/daviddrysdale/python-phonenumbers/compare/v9.0.2...v9.0.8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 15:01:59 +00:00
dependabot[bot]	fc710c4804	Bump attrs from 24.2.0 to 25.3.0 (#18649) ... Bumps [attrs](https://github.com/sponsors/hynek) from 24.2.0 to 25.3.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/sponsors/hynek/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 13:28:02 +00:00
dependabot[bot]	4ad93b296f	Bump authlib from 1.5.2 to 1.6.0 (#18642) ... Bumps [authlib](https://github.com/authlib/authlib) from 1.5.2 to 1.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/authlib/authlib/releases">authlib's releases</a>.</em></p> <blockquote> <h2>Version 1.6.0</h2> <ul> <li>Fix issue when <a href="https://datatracker.ietf.org/doc/html/rfc9207.html">RFC9207</a> is enabled and the authorization endpoint response is not a redirection. [pull request <a href="https://redirect.github.com/authlib/authlib/issues/733">#733</a>](<a href="https://redirect.github.com/authlib/authlib/pull/733">authlib/authlib#733</a>)</li> <li>Fix missing state parameter in authorization error responses. [issue <a href="https://redirect.github.com/authlib/authlib/issues/525">#525</a>](<a href="https://redirect.github.com/authlib/authlib/issues/525">authlib/authlib#525</a>)</li> <li>Support for acr and amr claims in id_token. [issue <a href="https://redirect.github.com/authlib/authlib/issues/734">#734</a>](<a href="https://redirect.github.com/authlib/authlib/issues/734">authlib/authlib#734</a>)</li> <li>Support for the none JWS algorithm.</li> <li>Fix response_types strict order during dynamic client registration. [issue <a href="https://redirect.github.com/authlib/authlib/issues/760">#760</a>](<a href="https://redirect.github.com/authlib/authlib/issues/760">authlib/authlib#760</a>)</li> <li>Implement <a href="https://datatracker.ietf.org/doc/html/rfc9101.html">RFC9101 The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR)</a>. [issue <a href="https://redirect.github.com/authlib/authlib/issues/723">#723</a>](<a href="https://redirect.github.com/authlib/authlib/issues/723">authlib/authlib#723</a>)</li> <li>OIDC <a href="https://docs.authlib.org/en/latest/specs/oidc.html#authlib.oidc.core.UserInfoEndpoint">UserInfo endpoint</a> support. [issue <a href="https://redirect.github.com/authlib/authlib/issues/459">#459</a>](<a href="https://redirect.github.com/authlib/authlib/issues/459">authlib/authlib#459</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/authlib/authlib/blob/main/docs/changelog.rst">authlib's changelog</a>.</em></p> <blockquote> <h2>Version 1.6.0</h2> <p><strong>Released on May 22, 2025</strong></p> <ul> <li>Fix issue when :rfc:<code>RFC9207 &lt;9207&gt;</code> is enabled and the authorization endpoint response is not a redirection. :pr:<code>733</code></li> <li>Fix missing <code>state</code> parameter in authorization error responses. :issue:<code>525</code></li> <li>Support for <code>acr</code> and <code>amr</code> claims in <code>id_token</code>. :issue:<code>734</code></li> <li>Support for the <code>none</code> JWS algorithm.</li> <li>Fix <code>response_types</code> strict order during dynamic client registration. :issue:<code>760</code></li> <li>Implement :rfc:<code>RFC9101 The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR) &lt;9101&gt;</code>. :issue:<code>723</code></li> <li>OIDC :class:<code>UserInfo endpoint &lt;authlib.oidc.core.userinfo.UserInfoEndpoint&gt;</code> support. :issue:<code>459</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="fe87a117f9"><code>fe87a11</code></a> chore: release version 1.6.0</li> <li><a href="036a0b7153"><code>036a0b7</code></a> Merge pull request <a href="https://redirect.github.com/authlib/authlib/issues/774">#774</a> from azmeuk/459-userinfo</li> <li><a href="449a1a24a4"><code>449a1a2</code></a> feat: OIDC userinfo endpoint support</li> <li><a href="d429c36717"><code>d429c36</code></a> Merge pull request <a href="https://redirect.github.com/authlib/authlib/issues/749">#749</a> from azmeuk/724-jar</li> <li><a href="a524d23e95"><code>a524d23</code></a> chore: move 1.7 deprecations to 1.8</li> <li><a href="f37e60ec0c"><code>f37e60e</code></a> feat: implement rfc9101 JWT authorization request</li> <li><a href="8a6c714fdb"><code>8a6c714</code></a> refactor: OAuth2 hook mechanism overhaul</li> <li><a href="ff1b66bedc"><code>ff1b66b</code></a> refactor: extract OAuth2Payload from OAuth2Request</li> <li><a href="98eebd14b9"><code>98eebd1</code></a> refactor: remove uncovered code in OAuth2Request</li> <li><a href="1b848e2a1e"><code>1b848e2</code></a> refactor: create_authorization_response can take an optional 'grant' arg</li> <li>Additional commits viewable in <a href="https://github.com/authlib/authlib/compare/v1.5.2...v1.6.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 13:20:07 +00:00
dependabot[bot]	acabececc4	Bump ijson from 3.3.0 to 3.4.0 (#18650) ... Bumps [ijson](https://github.com/ICRAR/ijson) from 3.3.0 to 3.4.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ICRAR/ijson/blob/master/CHANGELOG.md">ijson's changelog</a>.</em></p> <blockquote> <h2>[3.4.0]</h2> <ul> <li>Added support for PEP 489 multi-phase initialisation and per-module state for our C extension, allowing us to support sub-interpreters with per-interpreter GIL.</li> <li>Advertise support for free-threading python mode.</li> <li>Removed support for Python &lt; 3.9.</li> <li>Enhanced generators so they yield all possible results to users before errors are raised (<a href="https://redirect.github.com/ICRAR/ijson/issues/123">#123</a>).</li> <li>Added <code>ijson.ALL_BACKENDS</code> constant listing all supported backends (which might or not be available at runtime).</li> <li>Added a <code>capabilities</code> constant to each backend describing which capabilities it supports.</li> <li>Exposing backend's name under <code>&lt;backend&gt;.backend_name</code>, and default backend's name under <code>ijson.backend_name</code>. This is similar to the already existing <code>name</code> constant, only slightly better named to hopefully avoid confusion.</li> <li>Restructured source code so all code lives under <code>src/</code>, and the <code>ijson.backends._yajl2</code> extension under <code>src/ijson/backends/ext/_yajl2</code>. This allows C backend tests to actually run on cibuildwheel.</li> <li>Improved performance of <code>parse</code> routine in C backend by ~4%.</li> <li>Fixed several potential stability issues in C backend around correct error handling.</li> <li>Fixed corner-case wrong behaviour of <code>yajl2_c</code> backend, which didn't work correctly with user-provided event names.</li> <li>Pointing to our own fork of yajl (for when we build it ourselves) that contains fixes for all known CVEs (<a href="https://redirect.github.com/ICRAR/ijson/issues/126">#126</a>).</li> <li>Removed leftover compatibility bits in the C backend.</li> <li>Fixed potential issue with <code>yajl</code> and <code>yajl2</code> backends where crashes could occur at interpreter shutdown.</li> <li>Removed tox.</li> <li>Moved static project metadata to <code>pyproject.toml</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="36701bed11"><code>36701be</code></a> Release ijson 3.4.0</li> <li><a href="cfb044a36f"><code>cfb044a</code></a> Modernize packaging (<a href="https://redirect.github.com/ICRAR/ijson/issues/138">#138</a>)</li> <li><a href="044cf9b6b9"><code>044cf9b</code></a> Bump pypa/cibuildwheel from 2.23.2 to 2.23.3 (<a href="https://redirect.github.com/ICRAR/ijson/issues/140">#140</a>)</li> <li><a href="81e24b4045"><code>81e24b4</code></a> Allow building embedded yajl with cmake 4.0</li> <li><a href="b3f9647a54"><code>b3f9647</code></a> Bump pypa/cibuildwheel from 2.23.1 to 2.23.2 (<a href="https://redirect.github.com/ICRAR/ijson/issues/137">#137</a>)</li> <li><a href="d8fd6d2ef5"><code>d8fd6d2</code></a> Bump pypa/cibuildwheel from 2.23.0 to 2.23.1 (<a href="https://redirect.github.com/ICRAR/ijson/issues/134">#134</a>)</li> <li><a href="caebc6fa38"><code>caebc6f</code></a> Bump pypa/cibuildwheel from 2.22.0 to 2.23.0 (<a href="https://redirect.github.com/ICRAR/ijson/issues/133">#133</a>)</li> <li><a href="698b114e7c"><code>698b114</code></a> Downgrade to ubuntu-22.04 to avoid gcc segfault</li> <li><a href="9f28dc0d54"><code>9f28dc0</code></a> Allow certain branches to trigger a full CI build</li> <li><a href="901fd3b3bd"><code>901fd3b</code></a> Add custom event name interning to yajl2_c</li> <li>Additional commits viewable in <a href="https://github.com/ICRAR/ijson/compare/v3.3.0...v3.4.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 13:18:49 +00:00
dependabot[bot]	d57a2f7372	Bump msgpack from 1.1.0 to 1.1.1 (#18651) ... Bumps [msgpack](https://github.com/msgpack/msgpack-python) from 1.1.0 to 1.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/msgpack/msgpack-python/releases">msgpack's releases</a>.</em></p> <blockquote> <h2>v1.1.1</h2> <h2>What's Changed</h2> <ul> <li>Add Python 3.13 trove classifier by <a href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li> <li>update Cython to 3.1.1 by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/637">msgpack/msgpack-python#637</a></li> <li>update cibuildwheel to v2.23.3 by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/638">msgpack/msgpack-python#638</a></li> <li>upload to PyPI on create a release by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/639">msgpack/msgpack-python#639</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a> made their first contribution in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1">https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1</a></p> <h2>v1.1.1rc1</h2> <h2>What's Changed</h2> <ul> <li>Add Python 3.13 trove classifier by <a href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li> <li>update Cython to 3.1.1 by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/637">msgpack/msgpack-python#637</a></li> <li>update cibuildwheel to v2.23.3 by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/638">msgpack/msgpack-python#638</a></li> <li>upload to PyPI on create a release by <a href="https://github.com/methane"><code>@​methane</code></a> in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/639">msgpack/msgpack-python#639</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/edgarrmondragon"><code>@​edgarrmondragon</code></a> made their first contribution in <a href="https://redirect.github.com/msgpack/msgpack-python/pull/626">msgpack/msgpack-python#626</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1rc1">https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1rc1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/msgpack/msgpack-python/blob/main/ChangeLog.rst">msgpack's changelog</a>.</em></p> <blockquote> <h1>1.1.1</h1> <p>Release Date: 2025-06-13</p> <ul> <li>No change from 1.1.1rc1.</li> </ul> <h1>1.1.1rc1</h1> <p>Release Date: 2025-06-06</p> <ul> <li>Update Cython to 3.1.1 and cibuildwheel to 2.23.3.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="42f056f3cf"><code>42f056f</code></a> v1.1.1</li> <li><a href="e6445d3b92"><code>e6445d3</code></a> v1.1.1rc1</li> <li><a href="fe9e620a60"><code>fe9e620</code></a> upload to PyPI on create a release (<a href="https://redirect.github.com/msgpack/msgpack-python/issues/639">#639</a>)</li> <li><a href="cdc7644503"><code>cdc7644</code></a> update cibuildwheel to v2.23.3 (<a href="https://redirect.github.com/msgpack/msgpack-python/issues/638">#638</a>)</li> <li><a href="868aa2cd83"><code>868aa2c</code></a> update Cython to 3.1.1 (<a href="https://redirect.github.com/msgpack/msgpack-python/issues/637">#637</a>)</li> <li><a href="0eeabfb453"><code>0eeabfb</code></a> Add Python 3.13 trove classifier (<a href="https://redirect.github.com/msgpack/msgpack-python/issues/626">#626</a>)</li> <li>See full diff in <a href="https://github.com/msgpack/msgpack-python/compare/v1.1.0...v1.1.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 15:02:27 +02:00
dependabot[bot]	b7d54b7f3c	Bump types-setuptools from 75.2.0.20241019 to 80.9.0.20250529 (#18644) ... Bumps [types-setuptools](https://github.com/typeshed-internal/stub_uploader) from 75.2.0.20241019 to 80.9.0.20250529. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/typeshed-internal/stub_uploader/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 12:15:22 +00:00
dependabot[bot]	6c4f8521d4	Bump ruff from 0.11.11 to 0.12.1 (#18645) ... Bumps [ruff](https://github.com/astral-sh/ruff) from 0.11.11 to 0.12.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>0.12.1</h2> <h2>Release Notes</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-errmsg</code>] Extend <code>EM101</code> to support byte strings (<a href="https://redirect.github.com/astral-sh/ruff/pull/18867">#18867</a>)</li> <li>[<code>flake8-use-pathlib</code>] Add autofix for <code>PTH202</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18763">#18763</a>)</li> <li>[<code>pygrep-hooks</code>] Add <code>AsyncMock</code> methods to <code>invalid-mock-access</code> (<code>PGH005</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18547">#18547</a>)</li> <li>[<code>pylint</code>] Ignore <code>__init__.py</code> files in (<code>PLC0414</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18400">#18400</a>)</li> <li>[<code>ruff</code>] Trigger <code>RUF037</code> for empty string and byte strings (<a href="https://redirect.github.com/astral-sh/ruff/pull/18862">#18862</a>)</li> <li>[formatter] Fix missing blank lines before decorated classes in <code>.pyi</code> files (<a href="https://redirect.github.com/astral-sh/ruff/pull/18888">#18888</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Avoid generating diagnostics with per-file ignores (<a href="https://redirect.github.com/astral-sh/ruff/pull/18801">#18801</a>)</li> <li>Handle parenthesized arguments in <code>remove_argument</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18805">#18805</a>)</li> <li>[<code>flake8-logging</code>] Avoid false positive for <code>exc_info=True</code> outside <code>logger.exception</code> (<code>LOG014</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18737">#18737</a>)</li> <li>[<code>flake8-pytest-style</code>] Enforce <code>pytest</code> import for decorators (<a href="https://redirect.github.com/astral-sh/ruff/pull/18779">#18779</a>)</li> <li>[<code>flake8-pytest-style</code>] Mark autofix for <code>PT001</code> and <code>PT023</code> as unsafe if there's comments in the decorator (<a href="https://redirect.github.com/astral-sh/ruff/pull/18792">#18792</a>)</li> <li>[<code>flake8-pytest-style</code>] <code>PT001</code>/<code>PT023</code> fix makes syntax error on parenthesized decorator (<a href="https://redirect.github.com/astral-sh/ruff/pull/18782">#18782</a>)</li> <li>[<code>flake8-raise</code>] Make fix unsafe if it deletes comments (<code>RSE102</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18788">#18788</a>)</li> <li>[<code>flake8-simplify</code>] Fix <code>SIM911</code> autofix creating a syntax error (<a href="https://redirect.github.com/astral-sh/ruff/pull/18793">#18793</a>)</li> <li>[<code>flake8-simplify</code>] Fix false negatives for shadowed bindings (<code>SIM910</code>, <code>SIM911</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18794">#18794</a>)</li> <li>[<code>flake8-simplify</code>] Preserve original behavior for <code>except ()</code> and bare <code>except</code> (<code>SIM105</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18213">#18213</a>)</li> <li>[<code>flake8-pyi</code>] Fix <code>PYI041</code>'s fix causing <code>TypeError</code> with <code>None | None | ...</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18637">#18637</a>)</li> <li>[<code>perflint</code>] Fix <code>PERF101</code> autofix creating a syntax error and mark autofix as unsafe if there are comments in the <code>list</code> call expr (<a href="https://redirect.github.com/astral-sh/ruff/pull/18803">#18803</a>)</li> <li>[<code>perflint</code>] Fix false negative in <code>PERF401</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18866">#18866</a>)</li> <li>[<code>pylint</code>] Avoid flattening nested <code>min</code>/<code>max</code> when outer call has single argument (<code>PLW3301</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/16885">#16885</a>)</li> <li>[<code>pylint</code>] Fix <code>PLC2801</code> autofix creating a syntax error (<a href="https://redirect.github.com/astral-sh/ruff/pull/18857">#18857</a>)</li> <li>[<code>pylint</code>] Mark <code>PLE0241</code> autofix as unsafe if there's comments in the base classes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18832">#18832</a>)</li> <li>[<code>pylint</code>] Suppress <code>PLE2510</code>/<code>PLE2512</code>/<code>PLE2513</code>/<code>PLE2514</code>/<code>PLE2515</code> autofix if the text contains an odd number of backslashes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18856">#18856</a>)</li> <li>[<code>refurb</code>] Detect more exotic float literals in <code>FURB164</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18925">#18925</a>)</li> <li>[<code>refurb</code>] Fix <code>FURB163</code> autofix creating a syntax error for <code>yield</code> expressions (<a href="https://redirect.github.com/astral-sh/ruff/pull/18756">#18756</a>)</li> <li>[<code>refurb</code>] Mark <code>FURB129</code> autofix as unsafe if there's comments in the <code>readlines</code> call (<a href="https://redirect.github.com/astral-sh/ruff/pull/18858">#18858</a>)</li> <li>[<code>ruff</code>] Fix false positives and negatives in <code>RUF010</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18690">#18690</a>)</li> <li>Fix casing of <code>analyze.direction</code> variant names (<a href="https://redirect.github.com/astral-sh/ruff/pull/18892">#18892</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>Fix f-string interpolation escaping in generated fixes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18882">#18882</a>)</li> <li>[<code>flake8-return</code>] Mark <code>RET501</code> fix unsafe if comments are inside (<a href="https://redirect.github.com/astral-sh/ruff/pull/18780">#18780</a>)</li> <li>[<code>flake8-async</code>] Fix detection for large integer sleep durations in <code>ASYNC116</code> rule (<a href="https://redirect.github.com/astral-sh/ruff/pull/18767">#18767</a>)</li> <li>[<code>flake8-async</code>] Mark autofix for <code>ASYNC115</code> as unsafe if the call expression contains comments (<a href="https://redirect.github.com/astral-sh/ruff/pull/18753">#18753</a>)</li> <li>[<code>flake8-bugbear</code>] Mark autofix for <code>B004</code> as unsafe if the <code>hasattr</code> call expr contains comments (<a href="https://redirect.github.com/astral-sh/ruff/pull/18755">#18755</a>)</li> <li>[<code>flake8-comprehension</code>] Mark autofix for <code>C420</code> as unsafe if there's comments inside the dict comprehension (<a href="https://redirect.github.com/astral-sh/ruff/pull/18768">#18768</a>)</li> <li>[<code>flake8-comprehensions</code>] Handle template strings for comprehension fixes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18710">#18710</a>)</li> <li>[<code>flake8-future-annotations</code>] Add autofix (<code>FA100</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18903">#18903</a>)</li> <li>[<code>pyflakes</code>] Mark <code>F504</code>/<code>F522</code>/<code>F523</code> autofix as unsafe if there's a call with side effect (<a href="https://redirect.github.com/astral-sh/ruff/pull/18839">#18839</a>)</li> <li>[<code>pylint</code>] Allow fix with comments and document performance implications (<code>PLW3301</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18936">#18936</a>)</li> <li>[<code>pylint</code>] Detect more exotic <code>NaN</code> literals in <code>PLW0177</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18630">#18630</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.12.1</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-errmsg</code>] Extend <code>EM101</code> to support byte strings (<a href="https://redirect.github.com/astral-sh/ruff/pull/18867">#18867</a>)</li> <li>[<code>flake8-use-pathlib</code>] Add autofix for <code>PTH202</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18763">#18763</a>)</li> <li>[<code>pygrep-hooks</code>] Add <code>AsyncMock</code> methods to <code>invalid-mock-access</code> (<code>PGH005</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18547">#18547</a>)</li> <li>[<code>pylint</code>] Ignore <code>__init__.py</code> files in (<code>PLC0414</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18400">#18400</a>)</li> <li>[<code>ruff</code>] Trigger <code>RUF037</code> for empty string and byte strings (<a href="https://redirect.github.com/astral-sh/ruff/pull/18862">#18862</a>)</li> <li>[formatter] Fix missing blank lines before decorated classes in <code>.pyi</code> files (<a href="https://redirect.github.com/astral-sh/ruff/pull/18888">#18888</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Avoid generating diagnostics with per-file ignores (<a href="https://redirect.github.com/astral-sh/ruff/pull/18801">#18801</a>)</li> <li>Handle parenthesized arguments in <code>remove_argument</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18805">#18805</a>)</li> <li>[<code>flake8-logging</code>] Avoid false positive for <code>exc_info=True</code> outside <code>logger.exception</code> (<code>LOG014</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18737">#18737</a>)</li> <li>[<code>flake8-pytest-style</code>] Enforce <code>pytest</code> import for decorators (<a href="https://redirect.github.com/astral-sh/ruff/pull/18779">#18779</a>)</li> <li>[<code>flake8-pytest-style</code>] Mark autofix for <code>PT001</code> and <code>PT023</code> as unsafe if there's comments in the decorator (<a href="https://redirect.github.com/astral-sh/ruff/pull/18792">#18792</a>)</li> <li>[<code>flake8-pytest-style</code>] <code>PT001</code>/<code>PT023</code> fix makes syntax error on parenthesized decorator (<a href="https://redirect.github.com/astral-sh/ruff/pull/18782">#18782</a>)</li> <li>[<code>flake8-raise</code>] Make fix unsafe if it deletes comments (<code>RSE102</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18788">#18788</a>)</li> <li>[<code>flake8-simplify</code>] Fix <code>SIM911</code> autofix creating a syntax error (<a href="https://redirect.github.com/astral-sh/ruff/pull/18793">#18793</a>)</li> <li>[<code>flake8-simplify</code>] Fix false negatives for shadowed bindings (<code>SIM910</code>, <code>SIM911</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18794">#18794</a>)</li> <li>[<code>flake8-simplify</code>] Preserve original behavior for <code>except ()</code> and bare <code>except</code> (<code>SIM105</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18213">#18213</a>)</li> <li>[<code>flake8-pyi</code>] Fix <code>PYI041</code>'s fix causing <code>TypeError</code> with <code>None | None | ...</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18637">#18637</a>)</li> <li>[<code>perflint</code>] Fix <code>PERF101</code> autofix creating a syntax error and mark autofix as unsafe if there are comments in the <code>list</code> call expr (<a href="https://redirect.github.com/astral-sh/ruff/pull/18803">#18803</a>)</li> <li>[<code>perflint</code>] Fix false negative in <code>PERF401</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18866">#18866</a>)</li> <li>[<code>pylint</code>] Avoid flattening nested <code>min</code>/<code>max</code> when outer call has single argument (<code>PLW3301</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/16885">#16885</a>)</li> <li>[<code>pylint</code>] Fix <code>PLC2801</code> autofix creating a syntax error (<a href="https://redirect.github.com/astral-sh/ruff/pull/18857">#18857</a>)</li> <li>[<code>pylint</code>] Mark <code>PLE0241</code> autofix as unsafe if there's comments in the base classes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18832">#18832</a>)</li> <li>[<code>pylint</code>] Suppress <code>PLE2510</code>/<code>PLE2512</code>/<code>PLE2513</code>/<code>PLE2514</code>/<code>PLE2515</code> autofix if the text contains an odd number of backslashes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18856">#18856</a>)</li> <li>[<code>refurb</code>] Detect more exotic float literals in <code>FURB164</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18925">#18925</a>)</li> <li>[<code>refurb</code>] Fix <code>FURB163</code> autofix creating a syntax error for <code>yield</code> expressions (<a href="https://redirect.github.com/astral-sh/ruff/pull/18756">#18756</a>)</li> <li>[<code>refurb</code>] Mark <code>FURB129</code> autofix as unsafe if there's comments in the <code>readlines</code> call (<a href="https://redirect.github.com/astral-sh/ruff/pull/18858">#18858</a>)</li> <li>[<code>ruff</code>] Fix false positives and negatives in <code>RUF010</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18690">#18690</a>)</li> <li>Fix casing of <code>analyze.direction</code> variant names (<a href="https://redirect.github.com/astral-sh/ruff/pull/18892">#18892</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>Fix f-string interpolation escaping in generated fixes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18882">#18882</a>)</li> <li>[<code>flake8-return</code>] Mark <code>RET501</code> fix unsafe if comments are inside (<a href="https://redirect.github.com/astral-sh/ruff/pull/18780">#18780</a>)</li> <li>[<code>flake8-async</code>] Fix detection for large integer sleep durations in <code>ASYNC116</code> rule (<a href="https://redirect.github.com/astral-sh/ruff/pull/18767">#18767</a>)</li> <li>[<code>flake8-async</code>] Mark autofix for <code>ASYNC115</code> as unsafe if the call expression contains comments (<a href="https://redirect.github.com/astral-sh/ruff/pull/18753">#18753</a>)</li> <li>[<code>flake8-bugbear</code>] Mark autofix for <code>B004</code> as unsafe if the <code>hasattr</code> call expr contains comments (<a href="https://redirect.github.com/astral-sh/ruff/pull/18755">#18755</a>)</li> <li>[<code>flake8-comprehension</code>] Mark autofix for <code>C420</code> as unsafe if there's comments inside the dict comprehension (<a href="https://redirect.github.com/astral-sh/ruff/pull/18768">#18768</a>)</li> <li>[<code>flake8-comprehensions</code>] Handle template strings for comprehension fixes (<a href="https://redirect.github.com/astral-sh/ruff/pull/18710">#18710</a>)</li> <li>[<code>flake8-future-annotations</code>] Add autofix (<code>FA100</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18903">#18903</a>)</li> <li>[<code>pyflakes</code>] Mark <code>F504</code>/<code>F522</code>/<code>F523</code> autofix as unsafe if there's a call with side effect (<a href="https://redirect.github.com/astral-sh/ruff/pull/18839">#18839</a>)</li> <li>[<code>pylint</code>] Allow fix with comments and document performance implications (<code>PLW3301</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18936">#18936</a>)</li> <li>[<code>pylint</code>] Detect more exotic <code>NaN</code> literals in <code>PLW0177</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18630">#18630</a>)</li> <li>[<code>pylint</code>] Fix <code>PLC1802</code> autofix creating a syntax error and mark autofix as unsafe if there's comments in the <code>len</code> call (<a href="https://redirect.github.com/astral-sh/ruff/pull/18836">#18836</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="32c54189cb"><code>32c5418</code></a> Bump 0.12.1 (<a href="https://redirect.github.com/astral-sh/ruff/issues/18969">#18969</a>)</li> <li><a href="b85c219283"><code>b85c219</code></a> [<code>FastAPI</code>] Add fix safety section to <code>FAST002</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/18940">#18940</a>)</li> <li><a href="b1d1cf1d38"><code>b1d1cf1</code></a> [ty] Add regression test for leading tab mis-alignment in diagnostic renderin...</li> <li><a href="1dcdf7f41d"><code>1dcdf7f</code></a> [ty] Resolve python environment in <code>Options::to_program_settings</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/18960">#18960</a>)</li> <li><a href="d00697621e"><code>d006976</code></a> [<code>ruff</code>] Fix false positives and negatives in <code>RUF010</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/18690">#18690</a>)</li> <li><a href="76619b96e5"><code>76619b9</code></a> [ty] Fix rendering of long lines that are indented with tabs</li> <li><a href="6e25cfba2b"><code>6e25cfb</code></a> [ty] Add regression test for diagnostic rendering panic</li> <li><a href="76387295a5"><code>7638729</code></a> [ty] Move venv and conda env discovery to <code>SearchPath::from_settings</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/18938">#18938</a>)</li> <li><a href="d04e63a6d9"><code>d04e63a</code></a> [ty] Add regression-benchmark for attribute-assignment hang (<a href="https://redirect.github.com/astral-sh/ruff/issues/18957">#18957</a>)</li> <li><a href="86fd9b634e"><code>86fd9b6</code></a> [ty] Format conflicting types as an enumeration (<a href="https://redirect.github.com/astral-sh/ruff/issues/18956">#18956</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/0.11.11...0.12.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 11:58:44 +00:00
Andrew Morgan	a06d5cef32	Update Cargo.lock (#18646)	2025-07-03 12:28:11 +01:00
Andrew Morgan	be4c95baf1	Replace PyICU with Rust icu_segmenter crate (#18553) ... Co-authored-by: anoa's Codex Agent <codex@amorgan.xyz> Co-authored-by: Quentin Gliech <quenting@element.io>	2025-07-03 11:12:12 +01:00
dependabot[bot]	832690e746	Bump types-pyyaml from 6.0.12.20241230 to 6.0.12.20250516 (#18643) ... Bumps [types-pyyaml](https://github.com/typeshed-internal/stub_uploader) from 6.0.12.20241230 to 6.0.12.20250516. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/typeshed-internal/stub_uploader/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 10:02:24 +00:00
Alex Durham	0d0f966b31	Fix GET /_matrix/federation/v1/query/profile response (#18593) ... Don't send the fields `avatar_url` and `displayname` when they are not defined for the queried user. Before this change they would be sent and set to null in the JSON response object, which would violate the OpenAPI definitions (https://spec.matrix.org/v1.11/server-server-api/#get_matrixfederationv1queryprofile). Fixes: #18442 ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --------- Co-authored-by: Quentin Gliech <quenting@element.io>	2025-07-03 09:59:45 +00:00
V02460	8f4caeeaf6	Raise setuptools_rust version cap to 1.11.1 (#18576) ... Request to raise the defensive version cap for setuptools_rust from 1.10.2 to 1.11.1. ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))	2025-07-03 09:12:49 +00:00
dependabot[bot]	8075c963d8	Bump mypy-zope from 1.0.11 to 1.0.12 (#18640) ... Bumps [mypy-zope](https://github.com/Shoobx/mypy-zope) from 1.0.11 to 1.0.12. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Shoobx/mypy-zope/blob/master/CHANGELOG.md">mypy-zope's changelog</a>.</em></p> <blockquote> <h2>1.0.12 (2025-06-03)</h2> <hr /> <ul> <li>Support mypy-1.16</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="fb4d6b3a5d"><code>fb4d6b3</code></a> Preparing release 1.0.12</li> <li><a href="782aa68f7c"><code>782aa68</code></a> Maintain changelog</li> <li><a href="dadddcf77c"><code>dadddcf</code></a> Merge pull request <a href="https://redirect.github.com/Shoobx/mypy-zope/issues/129">#129</a> from Shoobx/dependabot/pip/mypy-gte-1.0.0-and-lt-1.17.0</li> <li><a href="1c2e2299cf"><code>1c2e229</code></a> Update mypy requirement from &lt;1.16.0,&gt;=1.0.0 to &gt;=1.0.0,&lt;1.17.0</li> <li><a href="77eb8fc78f"><code>77eb8fc</code></a> Back to development: 1.0.12</li> <li>See full diff in <a href="https://github.com/Shoobx/mypy-zope/compare/1.0.11...1.0.12">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 09:12:06 +00:00
dependabot[bot]	5898271365	Bump pydantic from 2.11.4 to 2.11.7 (#18639) ... Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.11.4 to 2.11.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/releases">pydantic's releases</a>.</em></p> <blockquote> <h2>v2.11.7 2025-06-14</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Fixes</h3> <ul> <li>Copy <code>FieldInfo</code> instance if necessary during <code>FieldInfo</code> build by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11980">pydantic/pydantic#11980</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7">https://github.com/pydantic/pydantic/compare/v2.11.6...v2.11.7</a></p> <h2>v2.11.6 2025-06-13</h2> <h2>v2.11.6 (2025-06-13)</h2> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Rebuild dataclass fields before schema generation by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11949">#11949</a></li> <li>Always store the original field assignment on <code>FieldInfo</code> by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11946">#11946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6">https://github.com/pydantic/pydantic/compare/v2.11.5...v2.11.6</a></p> <h2>v2.11.5 2025-05-22</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Fixes</h3> <ul> <li>Check if <code>FieldInfo</code> is complete after applying type variable map by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11855">#11855</a></li> <li>Do not delete mock validator/serializer in <code>model_rebuild()</code> by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11890">#11890</a></li> <li>Do not duplicate metadata on model rebuild by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11902">#11902</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5">https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.5</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's changelog</a>.</em></p> <blockquote> <h2>v2.11.7 (2025-06-14)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.11.7">GitHub release</a></p> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Copy <code>FieldInfo</code> instance if necessary during <code>FieldInfo</code> build by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11898">#11898</a></li> </ul> <h2>v2.11.6 (2025-06-13)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.11.6">GitHub release</a></p> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Rebuild dataclass fields before schema generation by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11949">#11949</a></li> <li>Always store the original field assignment on <code>FieldInfo</code> by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11946">#11946</a></li> </ul> <h2>v2.11.5 (2025-05-22)</h2> <p><a href="https://github.com/pydantic/pydantic/releases/tag/v2.11.5">GitHub release</a></p> <h3>What's Changed</h3> <h4>Fixes</h4> <ul> <li>Check if <code>FieldInfo</code> is complete after applying type variable map by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11855">#11855</a></li> <li>Do not delete mock validator/serializer in <code>model_rebuild()</code> by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11890">#11890</a></li> <li>Do not duplicate metadata on model rebuild by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a href="https://redirect.github.com/pydantic/pydantic/pull/11902">#11902</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="5f033e46c5"><code>5f033e4</code></a> Prepare release v2.11.7</li> <li><a href="c3368b83c4"><code>c3368b8</code></a> Copy <code>FieldInfo</code> instance if necessary during <code>FieldInfo</code> build (<a href="https://redirect.github.com/pydantic/pydantic/issues/11980">#11980</a>)</li> <li><a href="3987b23db4"><code>3987b23</code></a> Prepare release v2.11.6</li> <li><a href="dc7a9d20be"><code>dc7a9d2</code></a> Always store the original field assignment on <code>FieldInfo</code></li> <li><a href="c284c279a5"><code>c284c27</code></a> Rebuild dataclass fields before schema generation</li> <li><a href="5e6d1dc71f"><code>5e6d1dc</code></a> Prepare release v2.11.5</li> <li><a href="1b63218c42"><code>1b63218</code></a> Do not duplicate metadata on model rebuild (<a href="https://redirect.github.com/pydantic/pydantic/issues/11902">#11902</a>)</li> <li><a href="5aefad873b"><code>5aefad8</code></a> Do not delete mock validator/serializer in <code>model_rebuild()</code></li> <li><a href="8fbe6585f4"><code>8fbe658</code></a> Check if <code>FieldInfo</code> is complete after applying type variable map</li> <li><a href="12b371a0f7"><code>12b371a</code></a> Update documentation about <code>@dataclass_transform</code> support</li> <li>Additional commits viewable in <a href="https://github.com/pydantic/pydantic/compare/v2.11.4...v2.11.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 10:46:03 +02:00
dependabot[bot]	ac268051f2	Bump hiredis from 3.1.0 to 3.2.1 (#18638) ... Bumps [hiredis](https://github.com/redis/hiredis-py) from 3.1.0 to 3.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/redis/hiredis-py/releases">hiredis's releases</a>.</em></p> <blockquote> <h2>3.2.1</h2> <h1>Changes</h1> <ul> <li>Fix assertion in reader.c (<a href="https://redirect.github.com/redis/hiredis-py/issues/212">#212</a>)</li> </ul> <h2>Contributors</h2> <p>We'd like to thank all the contributors who worked on this release!</p> <p><a href="https://github.com/uglide"><code>@​uglide</code></a></p> <h2>3.2.0</h2> <h1>Changes</h1> <ul> <li>Introduce new type for RESP3 PUSH notifications (<a href="https://redirect.github.com/redis/hiredis-py/issues/208">#208</a>)</li> <li>Run integration workflow on version branches (<a href="https://redirect.github.com/redis/hiredis-py/issues/210">#210</a>)</li> <li>Update hiredis to 1.3.0 (<a href="https://redirect.github.com/redis/hiredis-py/issues/203">#203</a>)</li> </ul> <h2>Contributors</h2> <p>We'd like to thank all the contributors who worked on this release!</p> <p><a href="https://github.com/uglide"><code>@​uglide</code></a></p> <h2>3.1.1</h2> <h2>Summary</h2> <p>This is a maintenance release that addresses issues in RESP3 parsing.</p> <h2>Changes</h2> <ul> <li>Fix memory leaks and segfaults in RESP3 map parsing (<a href="https://redirect.github.com/redis/hiredis-py/issues/204">#204</a>, <a href="https://redirect.github.com/redis/hiredis-py/issues/205">#205</a>, <a href="https://redirect.github.com/redis/hiredis-py/issues/206">#206</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="c6febde980"><code>c6febde</code></a> Version 3.2.1</li> <li><a href="bbfc3a6133"><code>bbfc3a6</code></a> Fix assertion in reader.c (<a href="https://redirect.github.com/redis/hiredis-py/issues/212">#212</a>)</li> <li><a href="f715de2e7c"><code>f715de2</code></a> Version 3.2.0</li> <li><a href="d5548270b6"><code>d554827</code></a> Introduce new type for RESP3 PUSH notifications (<a href="https://redirect.github.com/redis/hiredis-py/issues/208">#208</a>)</li> <li><a href="58fe9603cd"><code>58fe960</code></a> Run integration workflow on version branches (<a href="https://redirect.github.com/redis/hiredis-py/issues/210">#210</a>)</li> <li><a href="8608965483"><code>8608965</code></a> Update hiredis to 1.3.0 (<a href="https://redirect.github.com/redis/hiredis-py/issues/203">#203</a>)</li> <li><a href="ac31d58c5f"><code>ac31d58</code></a> Bump version to 3.2.0-dev (<a href="https://redirect.github.com/redis/hiredis-py/issues/207">#207</a>)</li> <li><a href="7e77f22963"><code>7e77f22</code></a> Fix memory leak in RESP3 map parsing (<a href="https://redirect.github.com/redis/hiredis-py/issues/204">#204</a>)</li> <li><a href="5b34a0e2aa"><code>5b34a0e</code></a> Use GitHub Releases to track changelogs (<a href="https://redirect.github.com/redis/hiredis-py/issues/202">#202</a>)</li> <li>See full diff in <a href="https://github.com/redis/hiredis-py/compare/v3.1.0...v3.2.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 08:38:40 +00:00
dependabot[bot]	777c3f56de	Bump reqwest from 0.12.20 to 0.12.22 (#18627) ... Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.20 to 0.12.22. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.22</h2> <h2>tl;dr</h2> <ul> <li>Fix socks proxies when resolving IPv6 destinations.</li> </ul> <h2>What's Changed</h2> <ul> <li>fix(socks): bracket IPv6 addresses when formatting destination host by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2753">seanmonstar/reqwest#2753</a></li> <li>Prepare v0.12.22 by <a href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2754">seanmonstar/reqwest#2754</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.21...v0.12.22">https://github.com/seanmonstar/reqwest/compare/v0.12.21...v0.12.22</a></p> <h2>v0.12.21</h2> <h2>tl;dr</h2> <ul> <li>Fix socks proxy to use <code>socks4a://</code> instead of <code>socks4h://</code>.</li> <li>Fix <code>Error::is_timeout()</code> to check for hyper and IO timeouts too.</li> <li>Fix request <code>Error</code> to again include URLs when possible.</li> <li>Fix socks connect error to include more context.</li> <li>(wasm) implement <code>Default</code> for <code>Body</code>.</li> </ul> <h2>What's Changed</h2> <ul> <li>chore: remove unused slab dep by <a href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2729">seanmonstar/reqwest#2729</a></li> <li>docs: mention requiring Tokio by <a href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2731">seanmonstar/reqwest#2731</a></li> <li>Fix Typos in Comments for Multipart and Redirect Tests by <a href="https://github.com/leopardracer"><code>@​leopardracer</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2738">seanmonstar/reqwest#2738</a></li> <li>fix: request errors should include url by <a href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2741">seanmonstar/reqwest#2741</a></li> <li>fix: consider timeout from hyper::Error by <a href="https://github.com/flisky"><code>@​flisky</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2742">seanmonstar/reqwest#2742</a></li> <li>feat: add Default impl for wasm::Body by <a href="https://github.com/jpopesculian"><code>@​jpopesculian</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2746">seanmonstar/reqwest#2746</a></li> <li>fix: Fix SOCKS4a proxy protocol matching by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2732">seanmonstar/reqwest#2732</a></li> <li>fix: add more context and description to SOCKS errors by <a href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2750">seanmonstar/reqwest#2750</a></li> <li>Prepare v0.12.21 by <a href="https://github.com/seanmonstar"><code>@​seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2751">seanmonstar/reqwest#2751</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/leopardracer"><code>@​leopardracer</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2738">seanmonstar/reqwest#2738</a></li> <li><a href="https://github.com/jpopesculian"><code>@​jpopesculian</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2746">seanmonstar/reqwest#2746</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.21">https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.21</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.22</h2> <ul> <li>Fix socks proxies when resolving IPv6 destinations.</li> </ul> <h2>v0.12.21</h2> <ul> <li>Fix socks proxy to use <code>socks4a://</code> instead of <code>socks4h://</code>.</li> <li>Fix <code>Error::is_timeout()</code> to check for hyper and IO timeouts too.</li> <li>Fix request <code>Error</code> to again include URLs when possible.</li> <li>Fix socks connect error to include more context.</li> <li>(wasm) implement <code>Default</code> for <code>Body</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="e6e2d8a25d"><code>e6e2d8a</code></a> v0.12.22</li> <li><a href="a9ab0fae3f"><code>a9ab0fa</code></a> fix(socks): bracket IPv6 addresses when formatting destination host (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2753">#2753</a>)</li> <li><a href="b739726c4a"><code>b739726</code></a> v0.12.21</li> <li><a href="d9ecdc19b3"><code>d9ecdc1</code></a> fix: add more context and description to SOCKS errors (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2750">#2750</a>)</li> <li><a href="d4c9eec3c2"><code>d4c9eec</code></a> fix: look for socks4a instead of socks4h (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2732">#2732</a>)</li> <li><a href="d793ed2623"><code>d793ed2</code></a> (wasm) feat: add Default impl for wasm::Body (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2746">#2746</a>)</li> <li><a href="4cb2866cd4"><code>4cb2866</code></a> fix: Error::is_timeout() checks for hyper::Error::is_timeout() (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2742">#2742</a>)</li> <li><a href="1794d99737"><code>1794d99</code></a> fix: request errors should include url (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2741">#2741</a>)</li> <li><a href="9edbd2e00b"><code>9edbd2e</code></a> tests: fix typos in multipart and redirect tests (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2738">#2738</a>)</li> <li><a href="e03d6f4ec4"><code>e03d6f4</code></a> docs: mention requiring Tokio (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2731">#2731</a>)</li> <li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.20...v0.12.22">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 08:31:48 +00:00
dependabot[bot]	fb9d737250	Bump types-bleach from 6.2.0.20241123 to 6.2.0.20250514 (#18634) ... Bumps [types-bleach](https://github.com/typeshed-internal/stub_uploader) from 6.2.0.20241123 to 6.2.0.20250514. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/typeshed-internal/stub_uploader/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 08:17:26 +00:00
dependabot[bot]	9d9e14034a	Bump jsonschema from 4.23.0 to 4.24.0 (#18630) ... Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.23.0 to 4.24.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python-jsonschema/jsonschema/releases">jsonschema's releases</a>.</em></p> <blockquote> <h2>v4.24.0</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <ul> <li>Fix calculation of evaluated properties by <a href="https://github.com/V02460"><code>@​V02460</code></a> in <a href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1351">python-jsonschema/jsonschema#1351</a></li> <li>Support for Python 3.8 has been dropped, as it is end-of-life.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/bkueng"><code>@​bkueng</code></a> made their first contribution in <a href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1326">python-jsonschema/jsonschema#1326</a></li> <li><a href="https://github.com/V02460"><code>@​V02460</code></a> made their first contribution in <a href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1351">python-jsonschema/jsonschema#1351</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/python-jsonschema/jsonschema/compare/v4.23.0...v4.24.0">https://github.com/python-jsonschema/jsonschema/compare/v4.23.0...v4.24.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst">jsonschema's changelog</a>.</em></p> <blockquote> <h1>v4.24.0</h1> <ul> <li>Fix improper handling of <code>unevaluatedProperties</code> in the presence of <code>additionalProperties</code> (<a href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1351">#1351</a>).</li> <li>Support for Python 3.8 has been dropped, as it is end-of-life.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="3e23ee5e69"><code>3e23ee5</code></a> Add the bugfix to the changelog.</li> <li><a href="8917e85c65"><code>8917e85</code></a> Stop running CIFuzz.</li> <li><a href="737e5ed536"><code>737e5ed</code></a> Rely on ruff in pre-commit.</li> <li><a href="57e5e034cb"><code>57e5e03</code></a> Test via PyPy 3.11.</li> <li><a href="d6c2ad7bbb"><code>d6c2ad7</code></a> Add the zizmor setup here as well.</li> <li><a href="af9a857876"><code>af9a857</code></a> Drop a dead pyproject section.</li> <li><a href="c64ef84609"><code>c64ef84</code></a> This is less true than it once was...</li> <li><a href="9ff926f458"><code>9ff926f</code></a> Merge branch 'additional-evaluated'</li> <li><a href="8290667beb"><code>8290667</code></a> We still need to ditch pip-licenses...</li> <li><a href="6d973b5430"><code>6d973b5</code></a> Update pre-commit hooks.</li> <li>Additional commits viewable in <a href="https://github.com/python-jsonschema/jsonschema/compare/v4.23.0...v4.24.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 07:40:30 +00:00
dependabot[bot]	dc974fdf83	Bump sentry-sdk from 2.22.0 to 2.32.0 (#18633) ... Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.22.0 to 2.32.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>2.32.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>feat(sessions): Add top-level start- and end session methods (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4474">#4474</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>feat(openai-agents): Set tool span to failed if an error is raised in the tool (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4527">#4527</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>fix(integrations/ray): Correctly pass keyword arguments to ray.remote function (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4430">#4430</a>) by <a href="https://github.com/svartalf"><code>@​svartalf</code></a></li> <li>fix(langchain): Make <code>span_map</code> an instance variable (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4476">#4476</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>fix(langchain): Ensure no duplicate <code>SentryLangchainCallback</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4485">#4485</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>fix(Litestar): Apply <code>failed_request_status_codes</code> to exceptions raised in middleware (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4074">#4074</a>) by <a href="https://github.com/vrslev"><code>@​vrslev</code></a></li> </ul> <h2>2.31.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li> <p><strong>New Integration (BETA):</strong> Add support for <code>openai-agents</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4437">#4437</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></p> <p>We can now instrument AI agents that are created with the <a href="https://openai.github.io/openai-agents-python/">OpenAI Agents SDK</a> out of the box.</p> </li> </ul> <pre lang="python"><code>import sentry_sdk from sentry_sdk.integrations.openai_agents import OpenAIAgentsIntegration <h1>Add the OpenAIAgentsIntegration to your sentry_sdk.init call:</h1> <p>sentry_sdk.init(<br /> dsn=&quot;...&quot;,<br /> integrations=[<br /> OpenAIAgentsIntegration(),<br /> ]<br /> )<br /> </code></pre></p> <p>For more information see the <a href="https://docs.sentry.io/platforms/python/integrations/openai-agents/">OpenAI Agents integrations documentation</a>.</p> <ul> <li>Logs: Add support for <code>dict</code> arguments (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4478">#4478</a>) by <a href="https://github.com/AbhiPrasad"><code>@​AbhiPrasad</code></a></li> <li>Add Cursor generated rules (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4493">#4493</a>) by <a href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a></li> <li>Greatly simplify Langchain integrations <code>_wrap_configure</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4479">#4479</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>Fix(ci): Remove tracerite pin (almost) (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4504">#4504</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix(profiling): Ensure profiler thread exits when needed (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4497">#4497</a>) by <a href="https://github.com/Zylphrex"><code>@​Zylphrex</code></a></li> <li>Fix(ci): Do not install newest <code>tracerite</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4494">#4494</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix(scope): Handle token reset <code>LookupError</code>s gracefully (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4481">#4481</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Tests: Tox update (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4509">#4509</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Tests: Upper bound on fakeredis on old Python versions (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4482">#4482</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Tests: Regenerate tox (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4457">#4457</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> </ul> <h2>2.30.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li> <p><strong>New beta feature:</strong> Sentry logs for Loguru (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4445">#4445</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></p> <p>We can now capture Loguru logs and send them to Sentry.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>2.32.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>feat(sessions): Add top-level start- and end session methods (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4474">#4474</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>feat(openai-agents): Set tool span to failed if an error is raised in the tool (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4527">#4527</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>fix(integrations/ray): Correctly pass keyword arguments to ray.remote function (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4430">#4430</a>) by <a href="https://github.com/svartalf"><code>@​svartalf</code></a></li> <li>fix(langchain): Make <code>span_map</code> an instance variable (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4476">#4476</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>fix(langchain): Ensure no duplicate <code>SentryLangchainCallback</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4485">#4485</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>fix(Litestar): Apply <code>failed_request_status_codes</code> to exceptions raised in middleware (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4074">#4074</a>) by <a href="https://github.com/vrslev"><code>@​vrslev</code></a></li> </ul> <h2>2.31.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li> <p><strong>New Integration (BETA):</strong> Add support for <code>openai-agents</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4437">#4437</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></p> <p>We can now instrument AI agents that are created with the <a href="https://openai.github.io/openai-agents-python/">OpenAI Agents SDK</a> out of the box.</p> </li> </ul> <pre lang="python"><code>import sentry_sdk from sentry_sdk.integrations.openai_agents import OpenAIAgentsIntegration <h1>Add the OpenAIAgentsIntegration to your sentry_sdk.init call:</h1> <p>sentry_sdk.init(<br /> dsn=&quot;...&quot;,<br /> integrations=[<br /> OpenAIAgentsIntegration(),<br /> ]<br /> )<br /> </code></pre></p> <p>For more information see the <a href="https://docs.sentry.io/platforms/python/integrations/openai-agents/">OpenAI Agents integrations documentation</a>.</p> <ul> <li>Logs: Add support for <code>dict</code> arguments (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4478">#4478</a>) by <a href="https://github.com/AbhiPrasad"><code>@​AbhiPrasad</code></a></li> <li>Add Cursor generated rules (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4493">#4493</a>) by <a href="https://github.com/sl0thentr0py"><code>@​sl0thentr0py</code></a></li> <li>Greatly simplify Langchain integrations <code>_wrap_configure</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4479">#4479</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>Fix(ci): Remove tracerite pin (almost) (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4504">#4504</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix(profiling): Ensure profiler thread exits when needed (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4497">#4497</a>) by <a href="https://github.com/Zylphrex"><code>@​Zylphrex</code></a></li> <li>Fix(ci): Do not install newest <code>tracerite</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4494">#4494</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix(scope): Handle token reset <code>LookupError</code>s gracefully (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4481">#4481</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Tests: Tox update (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4509">#4509</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Tests: Upper bound on fakeredis on old Python versions (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4482">#4482</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Tests: Regenerate tox (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4457">#4457</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> </ul> <h2>2.30.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li><strong>New beta feature:</strong> Sentry logs for Loguru (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4445">#4445</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="4b022dc731"><code>4b022dc</code></a> Merge branch 'master' into release/2.32.0</li> <li><a href="2634a523b3"><code>2634a52</code></a> Pin zope.event (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4531">#4531</a>)</li> <li><a href="c815a3245d"><code>c815a32</code></a> updated changelog</li> <li><a href="bca8816ac1"><code>bca8816</code></a> release: 2.32.0</li> <li><a href="546ce1f710"><code>546ce1f</code></a> Set tool span to failed if an error is raised in the tool (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4527">#4527</a>)</li> <li><a href="ab2e3f08b6"><code>ab2e3f0</code></a> fix(integrations/ray): Correctly pass keyword arguments to ray.remote functio...</li> <li><a href="7804260fbf"><code>7804260</code></a> fix(langchain): Make <code>span_map</code> an instance variable (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4476">#4476</a>)</li> <li><a href="0a2d8585f1"><code>0a2d858</code></a> fix(langchain): Ensure no duplicate <code>SentryLangchainCallback</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/4485">#4485</a>)</li> <li><a href="dae02180df"><code>dae0218</code></a> fix(Litestar): Apply <code>failed_request_status_codes</code> to exceptions raised in mi...</li> <li><a href="65d31af4ff"><code>65d31af</code></a> Merge branch 'release/2.31.0'</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-python/compare/2.22.0...2.32.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-03 07:35:31 +00:00
Andrew Morgan	e6b8eedd02	Update Rust in CI to v1.87.0 as well as dtolnay/rust-toolchain GitHub Action pinned commit hash (#18596)	2025-07-02 18:48:28 +00:00
dependabot[bot]	87fc518e0c	Bump base64 from 0.21.7 to 0.22.1 (#18629) ... Bumps [base64](https://github.com/marshallpierce/rust-base64) from 0.21.7 to 0.22.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md">base64's changelog</a>.</em></p> <blockquote> <h1>0.22.1</h1> <ul> <li>Correct the symbols used for the predefined <code>alphabet::BIN_HEX</code>.</li> </ul> <h1>0.22.0</h1> <ul> <li><code>DecodeSliceError::OutputSliceTooSmall</code> is now conservative rather than precise. That is, the error will only occur if the decoded output <em>cannot</em> fit, meaning that <code>Engine::decode_slice</code> can now be used with exactly-sized output slices. As part of this, <code>Engine::internal_decode</code> now returns <code>DecodeSliceError</code> instead of <code>DecodeError</code>, but that is not expected to affect any external callers.</li> <li><code>DecodeError::InvalidLength</code> now refers specifically to the <em>number of valid symbols</em> being invalid (i.e. <code>len % 4 == 1</code>), rather than just the number of input bytes. This avoids confusing scenarios when based on interpretation you could make a case for either <code>InvalidLength</code> or <code>InvalidByte</code> being appropriate.</li> <li>Decoding is somewhat faster (5-10%)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="e144006974"><code>e144006</code></a> v0.22.1</li> <li><a href="64cca59ddb"><code>64cca59</code></a> Merge pull request <a href="https://redirect.github.com/marshallpierce/rust-base64/issues/271">#271</a> from JobanSD/patch-1</li> <li><a href="838355e0ac"><code>838355e</code></a> Correct BinHex 4.0 alphabet according to specifications</li> <li><a href="bf15ccf30a"><code>bf15ccf</code></a> Merge pull request <a href="https://redirect.github.com/marshallpierce/rust-base64/issues/270">#270</a> from marshallpierce/mp/clippy</li> <li><a href="fc6aabee8a"><code>fc6aabe</code></a> Appease clippy</li> <li><a href="9a518a2d5d"><code>9a518a2</code></a> Merge pull request <a href="https://redirect.github.com/marshallpierce/rust-base64/issues/267">#267</a> from bdura/patch-1</li> <li><a href="d96c80f242"><code>d96c80f</code></a> Merge branch 'marshallpierce:master' into patch-1</li> <li><a href="5d70ba7576"><code>5d70ba7</code></a> Merge pull request <a href="https://redirect.github.com/marshallpierce/rust-base64/issues/269">#269</a> from marshallpierce/mp/decode-precisely</li> <li><a href="efb6c006c7"><code>efb6c00</code></a> Release notes</li> <li><a href="2b91084a31"><code>2b91084</code></a> Add some tests to boost coverage</li> <li>Additional commits viewable in <a href="https://github.com/marshallpierce/rust-base64/compare/v0.21.7...v0.22.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 17:44:42 +00:00
dependabot[bot]	3bd476eb0d	Bump tokio from 1.45.1 to 1.46.0 (#18628) ... Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.45.1 to 1.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.46.0</h2> <h1>1.46.0 (July 2nd, 2025)</h1> <h3>Fixed</h3> <ul> <li>net: fixed <code>TcpStream::shutdown</code> incorrectly returning an error on macOS (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7290">#7290</a>)</li> </ul> <h2>Added</h2> <ul> <li>sync: <code>mpsc::OwnedPermit::{same_channel, same_channel_as_sender}</code> methods (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7389">#7389</a>)</li> <li>macros: <code>biased</code> option for <code>join!</code> and <code>try_join!</code>, similar to <code>select!</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7307">#7307</a>)</li> <li>net: support for cygwin (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7393">#7393</a>)</li> <li>net: support <code>pope::OpenOptions::read_write</code> on Android (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7426">#7426</a>)</li> <li>net: add <code>Clone</code> implementation for <code>net::unix::SocketAddr</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7422">#7422</a>)</li> </ul> <h2>Changed</h2> <ul> <li>runtime: eliminate unnecessary lfence while operating on <code>queue::Local&lt;T&gt;</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7340">#7340</a>)</li> <li>task: disallow blocking in <code>LocalSet::{poll,drop}</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7372">#7372</a>)</li> </ul> <h2>Unstable</h2> <ul> <li>runtime: add <code>TaskMeta::spawn_location</code> tracking where a task was spawned (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7417">#7417</a>)</li> <li>runtime: removed borrow from <code>LocalOptions</code> parameter to <code>runtime::Builder::build_local</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7346">#7346</a>)</li> </ul> <h2>Documented</h2> <ul> <li>io: clarify behavior of seeking when <code>start_seek</code> is not used (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7366">#7366</a>)</li> <li>io: document cancellation safety of <code>AsyncWriteExt::flush</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7364">#7364</a>)</li> <li>net: fix docs for <code>recv_buffer_size</code> method (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7336">#7336</a>)</li> <li>net: fix broken link of <code>RawFd</code> in <code>TcpSocket</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7416">#7416</a>)</li> <li>net: update <code>AsRawFd</code> doc link to current Rust stdlib location (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7429">#7429</a>)</li> <li>readme: fix double period in reactor description (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7363">#7363</a>)</li> <li>runtime: add doc note that <code>on_*_task_poll</code> is unstable (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7311">#7311</a>)</li> <li>sync: update broadcast docs on allocation failure (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7352">#7352</a>)</li> <li>time: add a missing panic scenario of <code>time::advance</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7394">#7394</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7290">#7290</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7290">tokio-rs/tokio#7290</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7307">#7307</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7307">tokio-rs/tokio#7307</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7311">#7311</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7311">tokio-rs/tokio#7311</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7336">#7336</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7336">tokio-rs/tokio#7336</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7340">#7340</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7340">tokio-rs/tokio#7340</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7346">#7346</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7346">tokio-rs/tokio#7346</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7352">#7352</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7352">tokio-rs/tokio#7352</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7363">#7363</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7363">tokio-rs/tokio#7363</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7364">#7364</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7364">tokio-rs/tokio#7364</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7366">#7366</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7366">tokio-rs/tokio#7366</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7372">#7372</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7372">tokio-rs/tokio#7372</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7389">#7389</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7389">tokio-rs/tokio#7389</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7393">#7393</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7393">tokio-rs/tokio#7393</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="3f1f268583"><code>3f1f268</code></a> chore: prepare Tokio v1.46.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7437">#7437</a>)</li> <li><a href="3e890cc017"><code>3e890cc</code></a> rt(unstable): add spawn <code>Location</code> to <code>TaskMeta</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7417">#7417</a>)</li> <li><a href="69290a6432"><code>69290a6</code></a> net: derive <code>Clone</code> for <code>net::unix::SocketAddr</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7422">#7422</a>)</li> <li><a href="e2b175848b"><code>e2b1758</code></a> fuzz: cfg fuzz tests under cfg(test) (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7428">#7428</a>)</li> <li><a href="b7a75b5be3"><code>b7a75b5</code></a> net: update <code>AsRawFd</code> doc link to current Rust stdlib location (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7429">#7429</a>)</li> <li><a href="6b705b3053"><code>6b705b3</code></a> net: allow <code>pipe::OpenOptions::read_write</code> on Android (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7426">#7426</a>)</li> <li><a href="3636fd018a"><code>3636fd0</code></a> net: fix broken link of <code>RawFd</code> in <code>TcpSocket</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7416">#7416</a>)</li> <li><a href="2506c9fa99"><code>2506c9f</code></a> benches: revert &quot;properly gate unix benches&quot; (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7412">#7412</a>)</li> <li><a href="b3a14483bf"><code>b3a1448</code></a> sync: improve docs of <code>tokio_util::sync::CancellationToken</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7408">#7408</a>)</li> <li><a href="013f323def"><code>013f323</code></a> docs: add a missing panic scenario of <code>time::advance</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7394">#7394</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.45.1...tokio-1.46.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 17:44:22 +00:00
dependabot[bot]	717f67f3d3	Bump Swatinem/rust-cache from 2.7.8 to 2.8.0 (#18612) ... Bumps [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) from 2.7.8 to 2.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/swatinem/rust-cache/releases">Swatinem/rust-cache's releases</a>.</em></p> <blockquote> <h2>v2.8.0</h2> <h2>What's Changed</h2> <ul> <li>Add cache-workspace-crates feature by <a href="https://github.com/jbransen"><code>@​jbransen</code></a> in <a href="https://redirect.github.com/Swatinem/rust-cache/pull/246">Swatinem/rust-cache#246</a></li> <li>Feat: support warpbuild cache provider by <a href="https://github.com/stegaBOB"><code>@​stegaBOB</code></a> in <a href="https://redirect.github.com/Swatinem/rust-cache/pull/247">Swatinem/rust-cache#247</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jbransen"><code>@​jbransen</code></a> made their first contribution in <a href="https://redirect.github.com/Swatinem/rust-cache/pull/246">Swatinem/rust-cache#246</a></li> <li><a href="https://github.com/stegaBOB"><code>@​stegaBOB</code></a> made their first contribution in <a href="https://redirect.github.com/Swatinem/rust-cache/pull/247">Swatinem/rust-cache#247</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Swatinem/rust-cache/compare/v2.7.8...v2.8.0">https://github.com/Swatinem/rust-cache/compare/v2.7.8...v2.8.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md">Swatinem/rust-cache's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>2.8.0</h2> <ul> <li>Add support for <code>warpbuild</code> cache provider</li> <li>Add new <code>cache-workspace-crates</code> feature</li> </ul> <h2>2.7.8</h2> <ul> <li>Include CPU arch in the cache key</li> </ul> <h2>2.7.7</h2> <ul> <li>Also cache <code>cargo install</code> metadata</li> </ul> <h2>2.7.6</h2> <ul> <li>Allow opting out of caching $CARGO_HOME/bin</li> <li>Add runner OS in cache key</li> <li>Adds an option to do lookup-only of the cache</li> </ul> <h2>2.7.5</h2> <ul> <li>Support Cargo.lock format cargo-lock v4</li> <li>Only run macOsWorkaround() on macOS</li> </ul> <h2>2.7.3</h2> <ul> <li>Work around upstream problem that causes cache saving to hang for minutes.</li> </ul> <h2>2.7.2</h2> <ul> <li>Only key by <code>Cargo.toml</code> and <code>Cargo.lock</code> files of workspace members.</li> </ul> <h2>2.7.1</h2> <ul> <li>Update toml parser to fix parsing errors.</li> </ul> <h2>2.7.0</h2> <ul> <li>Properly cache <code>trybuild</code> tests.</li> </ul> <h2>2.6.2</h2> <ul> <li>Fix <code>toml</code> parsing.</li> </ul> <h2>2.6.1</h2> <ul> <li>Fix hash contributions of <code>Cargo.lock</code>/<code>Cargo.toml</code> files.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="98c8021b55"><code>98c8021</code></a> 2.8.0</li> <li><a href="14d3bc39c4"><code>14d3bc3</code></a> update Changelog</li> <li><a href="52ea1434f8"><code>52ea143</code></a> support warpbuild cache provider (<a href="https://redirect.github.com/swatinem/rust-cache/issues/247">#247</a>)</li> <li><a href="eaa85be6b1"><code>eaa85be</code></a> Add cache-workspace-crates feature (<a href="https://redirect.github.com/swatinem/rust-cache/issues/246">#246</a>)</li> <li><a href="901019c0f8"><code>901019c</code></a> Update the test lockfiles</li> <li>See full diff in <a href="9d47c6ad4b...98c8021b55">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 16:54:29 +00:00
dependabot[bot]	c2108948a3	Bump treq from 24.9.1 to 25.5.0 (#18610) ... Bumps [treq](https://github.com/twisted/treq) from 24.9.1 to 25.5.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/twisted/treq/blob/trunk/CHANGELOG.rst">treq's changelog</a>.</em></p> <blockquote> <h1>25.5.0 (2025-05-31)</h1> <h2>Features</h2> <ul> <li>treq is packaged with Hatchling, and consequently no longer directly depends on setuptools. (<code>[#388](https://github.com/twisted/treq/issues/388) &lt;https://github.com/twisted/treq/issues/388&gt;</code>__)</li> </ul> <h2>Improved Documentation</h2> <ul> <li>Update documentation to use <code>async</code>/<code>await</code> syntax (<code>[#409](https://github.com/twisted/treq/issues/409) &lt;https://github.com/twisted/treq/issues/409&gt;</code>__)</li> </ul> <h2>Deprecations and Removals</h2> <ul> <li>Support for Python 3.8, which has reached end of support, is deprecated. This is the last release with support for Python 3.8. (<code>[#407](https://github.com/twisted/treq/issues/407) &lt;https://github.com/twisted/treq/issues/407&gt;</code>__)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="6869fa5d09"><code>6869fa5</code></a> Merge pull request <a href="https://redirect.github.com/twisted/treq/issues/410">#410</a> from twisted/release-25.5.0</li> <li><a href="56266566cf"><code>5626656</code></a> Test with Python 3.13 final</li> <li><a href="f10185e4da"><code>f10185e</code></a> Generate the changelog</li> <li><a href="4b846664f1"><code>4b84666</code></a> Version 25.5.0</li> <li><a href="72a4441f59"><code>72a4441</code></a> Merge pull request <a href="https://redirect.github.com/twisted/treq/issues/409">#409</a> from twisted/rtd-shiny</li> <li><a href="0a814edd8a"><code>0a814ed</code></a> Add changefragment</li> <li><a href="993cc47df5"><code>993cc47</code></a> Fix changelog warnings</li> <li><a href="3992177456"><code>3992177</code></a> Link to CookieJar</li> <li><a href="cff43d93b6"><code>cff43d9</code></a> Update source_suffix conf</li> <li><a href="e39c8511b1"><code>e39c851</code></a> async def print_response</li> <li>Additional commits viewable in <a href="https://github.com/twisted/treq/compare/treq-24.9.1...treq-25.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 16:51:43 +00:00
dependabot[bot]	cb4b5585a4	Bump prometheus-client from 0.21.0 to 0.22.1 (#18609) ... Bumps [prometheus-client](https://github.com/prometheus/client_python) from 0.21.0 to 0.22.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_python/releases">prometheus-client's releases</a>.</em></p> <blockquote> <h2>v0.22.1</h2> <h2>What's Changed</h2> <ul> <li>BugFix: Skip validating and parsing comment lines early (<a href="https://redirect.github.com/prometheus/client_python/issues/1108">#1108</a>) by <a href="https://github.com/wissamir"><code>@​wissamir</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1109">prometheus/client_python#1109</a></li> <li>Use License Expressions in pyproject.toml by <a href="https://github.com/csmarchbanks"><code>@​csmarchbanks</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1111">prometheus/client_python#1111</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/client_python/compare/v0.22.0...v0.22.1">https://github.com/prometheus/client_python/compare/v0.22.0...v0.22.1</a></p> <h2>v0.22.0</h2> <h2>What's Changed</h2> <ul> <li>Add support for native histograms in OM parser by <a href="https://github.com/vesari"><code>@​vesari</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1040">prometheus/client_python#1040</a></li> <li>Add exemplar support to CounterMetricFamily [Fix <a href="https://redirect.github.com/prometheus/client_python/issues/1062">#1062</a>] by <a href="https://github.com/lod"><code>@​lod</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1063">prometheus/client_python#1063</a></li> <li>Fix <code>write_to_textfile</code> leaves back temp files on errors by <a href="https://github.com/ethanschen"><code>@​ethanschen</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1066">prometheus/client_python#1066</a></li> <li>Support UTF-8 in metric creation, parsing, and exposition by <a href="https://github.com/ywwg"><code>@​ywwg</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1070">prometheus/client_python#1070</a></li> <li>Fix incorrect use of reentrant locks by <a href="https://github.com/suligap"><code>@​suligap</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1076">prometheus/client_python#1076</a></li> <li>Remove Python 3.8 support by <a href="https://github.com/kajinamit"><code>@​kajinamit</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1075">prometheus/client_python#1075</a></li> <li>Check if labelvalues is in _metrics before deletion in MetricWrapperBase.remove() by <a href="https://github.com/GlorifiedPig"><code>@​GlorifiedPig</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1077">prometheus/client_python#1077</a></li> <li>Add support for Python 3.13 by <a href="https://github.com/Pliner"><code>@​Pliner</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1080">prometheus/client_python#1080</a></li> <li>Correct nh sample span structure and parsing by <a href="https://github.com/vesari"><code>@​vesari</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1082">prometheus/client_python#1082</a></li> <li>Migrate from setup.py to pyproject.toml by <a href="https://github.com/csmarchbanks"><code>@​csmarchbanks</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1084">prometheus/client_python#1084</a></li> <li>Changed pushgateway.md by <a href="https://github.com/mallika-mur"><code>@​mallika-mur</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1083">prometheus/client_python#1083</a></li> <li>Fix order-dependent flaky tests related to UTF-8 support by <a href="https://github.com/dg98"><code>@​dg98</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1093">prometheus/client_python#1093</a></li> <li>Update versions for docs Github actions by <a href="https://github.com/csmarchbanks"><code>@​csmarchbanks</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1096">prometheus/client_python#1096</a></li> <li>Documentation Updates by <a href="https://github.com/ethanschen"><code>@​ethanschen</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1097">prometheus/client_python#1097</a></li> <li>Add note on gauge.set_function not working with multiprocessing by <a href="https://github.com/aapeliv"><code>@​aapeliv</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1098">prometheus/client_python#1098</a></li> <li>Don't send an empty HTTP header for /favicon.ico by <a href="https://github.com/noselasd"><code>@​noselasd</code></a> in <a href="https://redirect.github.com/prometheus/client_python/pull/1101">prometheus/client_python#1101</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/prometheus/client_python/compare/v0.21.0...v0.22.0">https://github.com/prometheus/client_python/compare/v0.21.0...v0.22.0</a></p> <h2>0.21.1 / 2024-12-03</h2> <h2>What's Changed</h2> <p>[BUGFIX] Revert incorrect use of reentrant locks. <a href="https://redirect.github.com/prometheus/client_python/issues/1076">#1076</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="d24220a6c4"><code>d24220a</code></a> Release 0.22.1</li> <li><a href="f294cbbf1d"><code>f294cbb</code></a> Use License Expressions in pyproject.toml (<a href="https://redirect.github.com/prometheus/client_python/issues/1111">#1111</a>)</li> <li><a href="938b73e0bc"><code>938b73e</code></a> BugFix: Skip validating and parsing comment lines early (<a href="https://redirect.github.com/prometheus/client_python/issues/1108">#1108</a>) (<a href="https://redirect.github.com/prometheus/client_python/issues/1109">#1109</a>)</li> <li><a href="8dfa10e5ff"><code>8dfa10e</code></a> Release 0.22.0</li> <li><a href="e3902ea45b"><code>e3902ea</code></a> Don't send an empty HTTP header. (<a href="https://redirect.github.com/prometheus/client_python/issues/1101">#1101</a>)</li> <li><a href="23ab8264ce"><code>23ab826</code></a> Add note on gauge.set_function not working with mp, see <a href="https://redirect.github.com/prometheus/client_python/issues/504">#504</a> (<a href="https://redirect.github.com/prometheus/client_python/issues/1098">#1098</a>)</li> <li><a href="c1ff3b28d3"><code>c1ff3b2</code></a> Update docs (<a href="https://redirect.github.com/prometheus/client_python/issues/1097">#1097</a>)</li> <li><a href="e3bfa1f101"><code>e3bfa1f</code></a> Update versions for docs Github actions (<a href="https://redirect.github.com/prometheus/client_python/issues/1096">#1096</a>)</li> <li><a href="de8bb4adf7"><code>de8bb4a</code></a> Fix order-dependent flaky tests related to UTF-8 support (<a href="https://redirect.github.com/prometheus/client_python/issues/1093">#1093</a>)</li> <li><a href="46eae7bae8"><code>46eae7b</code></a> Changed pushgateway.md (<a href="https://redirect.github.com/prometheus/client_python/issues/1083">#1083</a>)</li> <li>Additional commits viewable in <a href="https://github.com/prometheus/client_python/compare/v0.21.0...v0.22.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 16:39:13 +00:00
dependabot[bot]	a3ec2d3b3f	Bump pillow from 11.2.1 to 11.3.0 (#18624) ... Bumps [pillow](https://github.com/python-pillow/Pillow) from 11.2.1 to 11.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/python-pillow/Pillow/releases">pillow's releases</a>.</em></p> <blockquote> <h2>11.3.0</h2> <p><a href="https://pillow.readthedocs.io/en/stable/releasenotes/11.3.0.html">https://pillow.readthedocs.io/en/stable/releasenotes/11.3.0.html</a></p> <h2>Deprecations</h2> <ul> <li>Deprecate fromarray mode argument <a href="https://redirect.github.com/python-pillow/Pillow/issues/9018">#9018</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Deprecate saving I mode images as PNG <a href="https://redirect.github.com/python-pillow/Pillow/issues/9023">#9023</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> </ul> <h2>Documentation</h2> <ul> <li>Added release notes for <a href="https://redirect.github.com/python-pillow/Pillow/issues/9041">#9041</a> <a href="https://redirect.github.com/python-pillow/Pillow/issues/9042">#9042</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Add release notes for <a href="https://redirect.github.com/python-pillow/Pillow/issues/8912">#8912</a> and <a href="https://redirect.github.com/python-pillow/Pillow/issues/8969">#8969</a> <a href="https://redirect.github.com/python-pillow/Pillow/issues/9019">#9019</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>ImageFont does not handle multiline text <a href="https://redirect.github.com/python-pillow/Pillow/issues/9000">#9000</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Updated Ubuntu CI targets <a href="https://redirect.github.com/python-pillow/Pillow/issues/8988">#8988</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update MinGW package names <a href="https://redirect.github.com/python-pillow/Pillow/issues/8987">#8987</a> [<a href="https://github.com/H4M5TER"><code>@​H4M5TER</code></a>]</li> <li>Updated docstring <a href="https://redirect.github.com/python-pillow/Pillow/issues/8943">#8943</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Mention that tobytes() with the raw encoder uses Pack.c <a href="https://redirect.github.com/python-pillow/Pillow/issues/8878">#8878</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Refactor docs <code>Makefile</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/8933">#8933</a> [<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li> <li>Add template for quarterly release issue <a href="https://redirect.github.com/python-pillow/Pillow/issues/8932">#8932</a> [<a href="https://github.com/aclark4life"><code>@​aclark4life</code></a>]</li> <li>Add list of third party plugins <a href="https://redirect.github.com/python-pillow/Pillow/issues/8910">#8910</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update redirected URL <a href="https://redirect.github.com/python-pillow/Pillow/issues/8919">#8919</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Docs: use sentence case for headers <a href="https://redirect.github.com/python-pillow/Pillow/issues/8914">#8914</a> [<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li> <li>Docs: remove unused Makefile targets <a href="https://redirect.github.com/python-pillow/Pillow/issues/8917">#8917</a> [<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li> <li>Remove indentation from lists <a href="https://redirect.github.com/python-pillow/Pillow/issues/8915">#8915</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Python 3.13 is tested on Arch <a href="https://redirect.github.com/python-pillow/Pillow/issues/8894">#8894</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Move XV Thumbnails to read only section <a href="https://redirect.github.com/python-pillow/Pillow/issues/8893">#8893</a> [<a href="https://github.com/aclark4life"><code>@​aclark4life</code></a>]</li> <li>Updated macOS tested Pillow versions <a href="https://redirect.github.com/python-pillow/Pillow/issues/8890">#8890</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> </ul> <h2>Dependencies</h2> <ul> <li>Add AVIF to wheels using only aomenc and dav1d AVIF codecs for reduced size <a href="https://redirect.github.com/python-pillow/Pillow/issues/8858">#8858</a> [<a href="https://github.com/fdintino"><code>@​fdintino</code></a>]</li> <li>Use same AVIF URL when fetching dependency <a href="https://redirect.github.com/python-pillow/Pillow/issues/8871">#8871</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update dependency mypy to v1.16.1 <a href="https://redirect.github.com/python-pillow/Pillow/issues/9026">#9026</a> [@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li> <li>Update libpng to 1.6.49 <a href="https://redirect.github.com/python-pillow/Pillow/issues/9014">#9014</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update dependency cibuildwheel to v3 <a href="https://redirect.github.com/python-pillow/Pillow/issues/9010">#9010</a> [@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li> <li>Updated libjpeg-turbo to 3.1.1 <a href="https://redirect.github.com/python-pillow/Pillow/issues/9009">#9009</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update dependency mypy to v1.16.0 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8991">#8991</a> [@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li> <li>Updated libpng to 1.6.48 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8940">#8940</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Updated Ghostscript to 10.5.1 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8939">#8939</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Updated harfbuzz to 11.2.1 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8937">#8937</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Updated libavif to 1.3.0 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8949">#8949</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update dependency cibuildwheel to v2.23.3 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8931">#8931</a> [@<a href="https://github.com/apps/renovate">renovate[bot]</a>]</li> <li>Updated harfbuzz to 11.1.0 <a href="https://redirect.github.com/python-pillow/Pillow/issues/8904">#8904</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> </ul> <h2>Testing</h2> <ul> <li>Add <code>match</code> parameter to <code>pytest.warns()</code> <a href="https://redirect.github.com/python-pillow/Pillow/issues/9038">#9038</a> [<a href="https://github.com/hugovk"><code>@​hugovk</code></a>]</li> <li>Increase pytest verbosity <a href="https://redirect.github.com/python-pillow/Pillow/issues/9040">#9040</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Improve SgiImagePlugin test coverage <a href="https://redirect.github.com/python-pillow/Pillow/issues/8896">#8896</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> <li>Update ruff pre-commit ID <a href="https://redirect.github.com/python-pillow/Pillow/issues/8994">#8994</a> [<a href="https://github.com/radarhere"><code>@​radarhere</code></a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="89f1f4626a"><code>89f1f46</code></a> 11.3.0 version bump</li> <li><a href="f2de251c76"><code>f2de251</code></a> Updated check script paths (<a href="https://redirect.github.com/python-pillow/Pillow/issues/9052">#9052</a>)</li> <li><a href="84855d11c8"><code>84855d1</code></a> Raise FileNotFoundError when opening an empty path (<a href="https://redirect.github.com/python-pillow/Pillow/issues/9048">#9048</a>)</li> <li><a href="204d11d4da"><code>204d11d</code></a> Raise FileNotFoundError when opening an empty path</li> <li><a href="2b39f7581e"><code>2b39f75</code></a> Handle IPTC TIFF tags with incorrect type (<a href="https://redirect.github.com/python-pillow/Pillow/issues/8925">#8925</a>)</li> <li><a href="e7a53ba19b"><code>e7a53ba</code></a> Do not update palette for L mode GIF frame (<a href="https://redirect.github.com/python-pillow/Pillow/issues/8924">#8924</a>)</li> <li><a href="c22230b761"><code>c22230b</code></a> Use save parameters as encoderinfo defaults (<a href="https://redirect.github.com/python-pillow/Pillow/issues/9001">#9001</a>)</li> <li><a href="da10ed1cf3"><code>da10ed1</code></a> Add support for iOS (<a href="https://redirect.github.com/python-pillow/Pillow/issues/9030">#9030</a>)</li> <li><a href="be2b4e7864"><code>be2b4e7</code></a> Fix qtables and quality scaling (<a href="https://redirect.github.com/python-pillow/Pillow/issues/8879">#8879</a>)</li> <li><a href="d4162f8505"><code>d4162f8</code></a> Updated return type</li> <li>Additional commits viewable in <a href="https://github.com/python-pillow/Pillow/compare/11.2.1...11.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/element-hq/synapse/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 18:29:37 +02:00
dependabot[bot]	81ca2923d1	Bump types-jsonschema from 4.23.0.20250516 to 4.24.0.20250528 (#18611) ... Bumps [types-jsonschema](https://github.com/typeshed-internal/stub_uploader) from 4.23.0.20250516 to 4.24.0.20250528. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/typeshed-internal/stub_uploader/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 18:25:50 +02:00
dependabot[bot]	2372f3e6b7	Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 (#18608) ... Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.0 to 3.9.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.9.1</h2> <h2>What's Changed</h2> <ul> <li>default action install to use release v2.5.1 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/193">sigstore/cosign-installer#193</a></li> <li>default cosign to v2.5.2 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/194">sigstore/cosign-installer#194</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1">https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="398d4b0eee"><code>398d4b0</code></a> default cosign to v2.5.2 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/194">#194</a>)</li> <li><a href="84f54a2bcd"><code>84f54a2</code></a> default action install to use release v2.5.1 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/193">#193</a>)</li> <li>See full diff in <a href="fb28c2b633...398d4b0eee">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 18:22:41 +02:00
dependabot[bot]	82757144e9	Bump stefanzweifel/git-auto-commit-action from 5.2.0 to 6.0.1 (#18607) ... Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 5.2.0 to 6.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stefanzweifel/git-auto-commit-action/releases">stefanzweifel/git-auto-commit-action's releases</a>.</em></p> <blockquote> <h2>v6.0.1</h2> <h2>Fixed</h2> <ul> <li>Disable Check if Repo is in Detached State (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/379">#379</a>) <a href="https://github.com/@stefanzweifel"><code>@​stefanzweifel</code></a></li> </ul> <h2>v6.0.0</h2> <h2>Added</h2> <ul> <li>Throw error early if repository is in a detached state (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/357">#357</a>)</li> </ul> <h2>Fixed</h2> <ul> <li>Fix PAT instructions with Dependabot (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/376">#376</a>) <a href="https://github.com/@Dreamsorcerer"><code>@​Dreamsorcerer</code></a></li> </ul> <h2>Removed</h2> <ul> <li>Remove support for <code>create_branch</code>, <code>skip_checkout</code>, <code>skip_Fetch</code> (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/314">#314</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md">stefanzweifel/git-auto-commit-action's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/en/1.0.0/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p> <h2><a href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.1...HEAD">Unreleased</a></h2> <blockquote> <p>TBD</p> </blockquote> <h2><a href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v6.0.0...v6.0.1">v6.0.1</a> - 2025-06-11</h2> <h3>Fixed</h3> <ul> <li>Disable Check if Repo is in Detached State (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/379">#379</a>) <a href="https://github.com/@stefanzweifel"><code>@​stefanzweifel</code></a></li> </ul> <h2><a href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.2.0...v6.0.0">v6.0.0</a> - 2025-06-10</h2> <h3>Added</h3> <ul> <li>Throw error early if repository is in a detached state (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/357">#357</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix PAT instructions with Dependabot (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/376">#376</a>) <a href="https://github.com/@Dreamsorcerer"><code>@​Dreamsorcerer</code></a></li> </ul> <h3>Removed</h3> <ul> <li>Remove support for <code>create_branch</code>, <code>skip_checkout</code>, <code>skip_Fetch</code> (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/314">#314</a>)</li> </ul> <h2><a href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.1.0...v5.2.0">v5.2.0</a> - 2025-04-19</h2> <h3>Added</h3> <ul> <li>Add <code>create_git_tag_only</code> option to skip commiting and always create a git-tag. (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/364">#364</a>) <a href="https://github.com/@zMynxx"><code>@​zMynxx</code></a></li> <li>Add Test for <code>create_git_tag_only</code> feature (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/367">#367</a>) <a href="https://github.com/@stefanzweifel"><code>@​stefanzweifel</code></a></li> </ul> <h3>Fixed</h3> <ul> <li>docs: Update README.md per <a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/354">#354</a> (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/361">#361</a>) <a href="https://github.com/@rasa"><code>@​rasa</code></a></li> </ul> <h2><a href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...v5.1.0">v5.1.0</a> - 2025-01-11</h2> <h3>Changed</h3> <ul> <li>Include <code>github.actor_id</code> in default <code>commit_author</code> (<a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/354">#354</a>) <a href="https://github.com/@parkerbxyz"><code>@​parkerbxyz</code></a></li> </ul> <h3>Fixed</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="778341af66"><code>778341a</code></a> Merge pull request <a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/379">#379</a> from stefanzweifel/disable-detached-state-check</li> <li><a href="33b203d92a"><code>33b203d</code></a> Disable Check if Repo is in Detached State</li> <li><a href="a82d80a75f"><code>a82d80a</code></a> Update CHANGELOG</li> <li><a href="3cc016cfc8"><code>3cc016c</code></a> Merge pull request <a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/375">#375</a> from stefanzweifel/v6-next</li> <li><a href="ddb7ae4159"><code>ddb7ae4</code></a> Merge pull request <a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/376">#376</a> from Dreamsorcerer/patch-1</li> <li><a href="b001e5f0ff"><code>b001e5f</code></a> Apply suggestions from code review</li> <li><a href="6494dc61d3"><code>6494dc6</code></a> Fix PAT instructions with Dependabot</li> <li><a href="76180511d9"><code>7618051</code></a> Add deprecated inputs to fix unbound variable issue</li> <li><a href="ae114628ea"><code>ae11462</code></a> Merge pull request <a href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/371">#371</a> from stefanzweifel/dependabot/npm_and_yarn/bats-1.12.0</li> <li><a href="3058f91afb"><code>3058f91</code></a> Bump bats from 1.11.1 to 1.12.0</li> <li>Additional commits viewable in <a href="b863ae1933...778341af66">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-02 18:21:51 +02:00
Andrew Ferrazzutti	2f9c9d5eba	Forbid locked users from using POST /login (#18594) ... Discussed in the [Synapse Dev room](https://matrix.to/#/!vcyiEtMVHIhWXcJAfl:sw1v.org/$K4UojQtvaSpxSe35TWFXtKWGoAuHwHFcKo8qn2lwxSs?via=matrix.org&via=element.io&via=envs.net) ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))	2025-07-02 18:18:33 +02:00
V02460	6ddbb03612	Raise poetry-core version cap to 2.1.3 (#18575) ... Request to raise the defensive version cap for poetry-core from 1.9.1 to 2.1.3. My understanding is that the major version bump of poetry signals the transition to standardized pyproject.toml metadata, but does not affect backwards compatibility. This is a subset of the changes in #18432 Fixes #18200 ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))	2025-07-02 15:57:30 +00:00
Erik Johnston	cc8da2c5ed	Log the room ID we're purging state for (#18625) ... So we can see what we're deleting.	2025-07-02 15:02:12 +01:00
reivilibre	c17fd947f3	Fix documentation of the Delete Room Admin API's status field. (#18519) ... Fixes: #18502 --------- Signed-off-by: Olivier 'reivilibre <oliverw@matrix.org>	2025-07-01 17:55:38 +01:00
Quentin Gliech	24bcdb3f3c	Merge branch 'master' into develop	2025-07-01 17:37:49 +02:00
Quentin Gliech	e3ed93adf3	Add a note in the changelog about the manylinux wheels v1.133.0	2025-07-01 16:01:28 +02:00
Quentin Gliech	214ac2f005	1.133.0	2025-07-01 15:13:42 +02:00
Quentin Gliech	c471e84697	Bump cibuildwheel to 3.0.0 to fix the building of wheels (#18615) ... Fixes https://github.com/element-hq/synapse/issues/18614 This upgrade CIBW to 3.0, which now builds using the manylinux_2_28 image, as the previous image is EOL and not supported by some of our dependencies anymore. This also updates the job to use the `ubuntu-24.04` base image instead of `ubuntu-22.04`	2025-07-01 14:54:33 +02:00
Andrew Morgan	291880012f	Stop sending or processing the origin field in PDUs (#18418) ... Co-authored-by: Quentin Gliech <quenting@element.io> Co-authored-by: Eric Eastwood <erice@element.io>	2025-07-01 12:04:23 +01:00
Krishan	a2bee2f255	Add via param to hierarchy enpoint (#18070) ... ### Pull Request Checklist Implementation of [MSC4235](https://github.com/matrix-org/matrix-spec-proposals/pull/4235) as per suggestion in [pull request 17750](https://github.com/element-hq/synapse/pull/17750#issuecomment-2411248598). <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --------- Co-authored-by: Quentin Gliech <quenting@element.io>	2025-06-30 12:42:14 +00:00
Erik Johnston	3878699df7	Speed up device deletion (#18602) ... This is to handle the case of deleting lots of "bot" devices at once. Reviewable commit-by-commit --------- Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>	2025-06-30 11:48:57 +01:00