Skip to content

chore(deps): update beartype requirement from 0.21.0 to 0.22.2 #88

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update beartype requirement from 0.21.0 to 0.22.2 #88

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 6, 2025

Updates the requirements on beartype to permit the latest version.

Release notes

Sourced from beartype's releases.

Beartype 0.22.2: Yo Dawg We Heard You Like LLM

@​beartype is proud as a cub gnawing its first salmon to announce: @​beartype has been Tidelifted! For our security-conscious corporate and government userbase, the best way to secure your enterprise and support @​beartype is now through [Tidelift][] vis-a-vis a [SonarQube Advanced Security][] subscription. More on that later. We now return to your regularly scheduled release party. DJ Leycec in residence. Hit those fat QA jams.

Beartype 0.22.0 0.22.1 0.22.2 portals into the mortal plenum with a disturbing "WHOOOMP!" As you panic, all the oxygen in the room is rapidly vacuumed into an adjacent hyperdimension. It's not @​beartype's safest entrance – but it's one we're all sure to remember. This is @​beartype 0.22.2: don't ask what happened to 0.22.0. just... don't.

pip install --upgrade --pre beartype   # beartype casts magic missile on the darkness

The central dogma of @​beartype 0.22.2 is LLM compatibility. Do you like LLM? Do you like compatibility? Then your code likes @​beartype 0.22.2 (even against your better judgement). But before the liking starts...

@​beartype 0.22.2 salutes you who are about to code

@​leycec and his beautiful science wife are eating well. Thanks entirely to...

GitHub Sponsors: Befriend the Bear and Get a Bear for Life

This release comes courtesy these proud GitHub Sponsors, without whom @​leycec's cats would currently be eating grasshoppers in the abandoned back lot again:

Additional financial shout-outs to @​ilyapoz (@​Ilia Pozhilov), the amazing former Yandex code cosmonaut who graciously donated a pile of Georgian lari to @​beartype this go-around. Apparently, the lari is denominated in the ლ Unicode character. What a symbol! It looks like a beautiful hat. If only the Canadian dollar was half as manly. 😭

Thanks so much, masters of fintech and Yandex.

The Masters of Fintech and Yandex. That's who.

Tidelift: A Rising Tide Lifted @​beartype's Not-At-All-Leaky Boat

This release also comes courtesy [Tidelift][], which very graciously pays out recurring income to security-sensitive open-source projects like @​beartype, NumPy, and other stuff you probably care about. @​beartype joining [Tidelift][] has super-positive implications for Python's broader QA community – including:

  • No rugpull. @​beartype is much less likely to die, disappear, or otherwise wither on the entropic vine now. Sadly, most open-source software does. Without recurring income, most open-source software never makes it to the [Tidelift][] stage. It vanishes without a trace at 5:37AM on a Monday morning, leaving your once-profitable corporate enterprise and your once-stable local government without a working QA solution. That won't happen to @​beartype.
  • Actual security. Thanks to Tidelift making me do it, @​beartype now features an actual honest-to-Ursula security policy. It's boring. It's bog-standard. If we were responsible, we'd encourage you to read it. Instead, here's the tl;dr:
    1. @​beartype users who discover security vulnerabilities are invited to privately disclose those vulnerabilities by submitting a GitHub-managed security vulnerability.
    2. @​beartype will then privately resolve those vulnerabilities.
    3. @​beartype will then publish a new stable release containing those resolutions.
    4. @​beartype will then publicly document your discovery, crediting you and your fearsome l33t skills. Seriously, they're fearsome. We're afraid. With great power comes great responsibility QA. Somebody smart said that.
    5. GitHub will then include these vulnerabilities in its own GitHub Advisory Database, improving everyone's security. Luckily, you are part of everyone. ...what does that even mean?

If you represent a security-conscious corporate, government, or non-profit, the best way bar none for you to support @​beartype and secure your own workflow is by subscribing to [Tidelift][] through [SonarQube Advanced Security][]. Security giant [Sonar][] recently acquired [Tidelift][], guaranteeing the economic viability of the Tidelift model for billions of future open-source projects that have yet to be born. Join the jargon-laden conversation and pay someone else to think about unreadable acronyms like SAST, SCA, and SBOM for once.

Pictured: Artistic rendition of the @​beartype development process before Tidelift. You weren't supposed to see this.

!!STUFF YOU WANNA READ EVEN THOUGH ITS EXHAUSTING!!

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): update beartype requirement from 0.21.0 to 0.22.2
1d778ab 
Updates the requirements on [beartype](https://github.com/beartype/beartype) to permit the latest version.
- [Release notes](https://github.com/beartype/beartype/releases)
- [Changelog](https://github.com/beartype/beartype/blob/main/doc/RELEASE.rst)
- [Commits](beartype/beartype@v0.21.0...v0.22.2)

---
updated-dependencies:
- dependency-name: beartype
  dependency-version: 0.22.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@judithspd judithspd

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@judithspd