Skip to content

Bump the pip-dependencies group with 8 updates #453

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the pip-dependencies group with 8 updates #453

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025
edited
Loading

Bumps the pip-dependencies group with 8 updates:

Package From To
debugpy 1.8.16 1.8.17
docutils 0.22 0.22.2
grpcio 1.74.0 1.75.1
grpcio-tools 1.74.0 1.75.1
more-itertools 10.7.0 10.8.0
protobuf 6.32.0 6.32.1
twine 6.1.0 6.2.0
coverage 7.10.6 7.10.7

Updates debugpy from 1.8.16 to 1.8.17

Commits

Updates docutils from 0.22 to 0.22.2

Commits

Updates grpcio from 1.74.0 to 1.75.1

Release notes

Sourced from grpcio's releases.

Release v1.75.1

This is release gRPC Core 1.75.1 (gemini).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

What's Changed

Python

  • Release grpcio wheels with Python 3.14 support (#40403)
  • Asyncio: fixes grpc shutdown race condition occurring during python interpreter finalizations. (#40447)
    • This also addresses previously reported issues with empty error message on Python interpreter exit (Error in sys.excepthook:/Original exception was: empty): #36655, #38679, #33342
  • Python 3.14: preserve current behavior when using grpc.aio async methods outside of a running event loop. (#40750)
    • Note: using async methods outside of a running event loop is discouraged by Python, and will be deprecated in future gRPC releases. Please use the asyncio.run() function (or asyncio.Runner for custom loop factories). For interactive mode, use dedicated asyncio REPL: python -m asyncio.

Full Changelog: grpc/grpc@v1.75.0...v1.75.1

Release v1.75.0

This is release 1.75.0 (gemini) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [Security] Cherry Pick Spiffe Verification. (#40515)
  • [Python][Typeguard] Part 3 - Add Typeguard to AIO stack in tests. (#40217)
  • [c-ares] update version to 1.34.5. (#39508)
  • [pick_first] fix bug that caused us to stop attempting to connect. (#40162)

C++

  • [OTel C++] Implement retry metrics. (#39195)

Objective-C

  • Fix data race by adding custom getter for state property with @synchronized locking. (#40146)

Python

  • gRPC Python (grpcio) now depends on typing-extensions~=4.13. (#40137)
  • Update musllinux wheels from musllinux_1_1 to musllinux_1_2. (#40317)
    • Dropping musllinux_1_1 because it reached EOL in November 2024

... (truncated)

Commits
  • 9b63ce0 [Backport][v1.75.x][Fix] PHP macOS build: composer sha sum update, harden ins...
  • 3ab7404 [Release] Bump version to 1.75.1 (on v1.75.x branch) (#40773)
  • 876e1d1 [Backport][v1.75.x][Python] Handle python3.14 get_event_loop behavior changes...
  • 74ec067 [Backport][v1.75.x][Python][Support 3.14] Enable 3.14 supported wheels (#40726)
  • ff24d38 [Backport][v1.75.x][Python] aio: skip grpc/aio shutdown if py interpreter is ...
  • 093085c [build] Fix objc boringssl build backport (#40689)
  • 8c45613 [release] Bump release version on v1.75.x branch to v1.75.0 (#40644)
  • d382f40 [Backport][v1.75.x][Python][Support 3.14] Enable Python 3.14 interpreters for...
  • e6db475 [Backport][v1.75.x][Python] Build manylinux aarch64 without cross-compilation...
  • 77dc9c8 [Backport][v1.75.x][Python] Updating rules_python to 1.5.4 (#40607)
  • Additional commits viewable in compare view

Updates grpcio-tools from 1.74.0 to 1.75.1

Release notes

Sourced from grpcio-tools's releases.

Release v1.75.1

This is release gRPC Core 1.75.1 (gemini).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

What's Changed

Python

  • Release grpcio wheels with Python 3.14 support (#40403)
  • Asyncio: fixes grpc shutdown race condition occurring during python interpreter finalizations. (#40447)
    • This also addresses previously reported issues with empty error message on Python interpreter exit (Error in sys.excepthook:/Original exception was: empty): #36655, #38679, #33342
  • Python 3.14: preserve current behavior when using grpc.aio async methods outside of a running event loop. (#40750)
    • Note: using async methods outside of a running event loop is discouraged by Python, and will be deprecated in future gRPC releases. Please use the asyncio.run() function (or asyncio.Runner for custom loop factories). For interactive mode, use dedicated asyncio REPL: python -m asyncio.

Full Changelog: grpc/grpc@v1.75.0...v1.75.1

Release v1.75.0

This is release 1.75.0 (gemini) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [Security] Cherry Pick Spiffe Verification. (#40515)
  • [Python][Typeguard] Part 3 - Add Typeguard to AIO stack in tests. (#40217)
  • [c-ares] update version to 1.34.5. (#39508)
  • [pick_first] fix bug that caused us to stop attempting to connect. (#40162)

C++

  • [OTel C++] Implement retry metrics. (#39195)

Objective-C

  • Fix data race by adding custom getter for state property with @synchronized locking. (#40146)

Python

  • gRPC Python (grpcio) now depends on typing-extensions~=4.13. (#40137)
  • Update musllinux wheels from musllinux_1_1 to musllinux_1_2. (#40317)
    • Dropping musllinux_1_1 because it reached EOL in November 2024

... (truncated)

Commits
  • 9b63ce0 [Backport][v1.75.x][Fix] PHP macOS build: composer sha sum update, harden ins...
  • 3ab7404 [Release] Bump version to 1.75.1 (on v1.75.x branch) (#40773)
  • 876e1d1 [Backport][v1.75.x][Python] Handle python3.14 get_event_loop behavior changes...
  • 74ec067 [Backport][v1.75.x][Python][Support 3.14] Enable 3.14 supported wheels (#40726)
  • ff24d38 [Backport][v1.75.x][Python] aio: skip grpc/aio shutdown if py interpreter is ...
  • 093085c [build] Fix objc boringssl build backport (#40689)
  • 8c45613 [release] Bump release version on v1.75.x branch to v1.75.0 (#40644)
  • d382f40 [Backport][v1.75.x][Python][Support 3.14] Enable Python 3.14 interpreters for...
  • e6db475 [Backport][v1.75.x][Python] Build manylinux aarch64 without cross-compilation...
  • 77dc9c8 [Backport][v1.75.x][Python] Updating rules_python to 1.5.4 (#40607)
  • Additional commits viewable in compare view

Updates more-itertools from 10.7.0 to 10.8.0

Release notes

Sourced from more-itertools's releases.

Version 10.8.0

What's Changed

... (truncated)

Commits
  • 8c1a6ef Merge pull request #1071 from more-itertools/version-10.8.0
  • 24be440 Add note for issue 1054
  • 3dd5980 Add a note for issue 1063
  • 2ce52d1 Update docs for 10.8.0
  • eae9156 Bump version: 10.7.0 → 10.8.0
  • a80f1c5 Merge pull request #1068 from rhettinger/cleanup_tail
  • 5701589 Merge pull request #1067 from rhettinger/reshape_beautification
  • 58e0331 Merge pull request #1069 from rhettinger/derangements_doc
  • 9a3d7e3 Clarify how derangements treats duplicate inputs
  • c509b14 Clean-up tail(). Prefer try/except over the Sized ABC.
  • Additional commits viewable in compare view

Updates protobuf from 6.32.0 to 6.32.1

Commits

Updates twine from 6.1.0 to 6.2.0

Changelog

Sourced from twine's changelog.

twine 6.2.0 (2025-09-04)

Features ^^^^^^^^

  • Automatically refresh short-lived PyPI token in long running Trusted Publishing uploads.

    In the event that a trusted publishing upload job is taking longer than the validity period of a trusted publishing token (15 minutes at the time of this writing), and we are already 10 minutes into that validity period, we will begin to attempt to replace the token on each subsequent request. ([#1246](https://github.com/pypa/twine/issues/1246) <https://github.com/pypa/twine/issues/1246>_)

Bugfixes ^^^^^^^^

  • Fix compatibility kludge for invalid License-File metadata entries emitted by build backends to work also with packaging version 24.0. ([#1217](https://github.com/pypa/twine/issues/1217) <https://github.com/pypa/twine/issues/1217>_)
  • Fix a couple of incorrectly rendered error messages. ([#1224](https://github.com/pypa/twine/issues/1224) <https://github.com/pypa/twine/issues/1224>_)
  • twine now enforces keyring >= 21.2.0, which was previously implicitly required by API usage. ([#1229](https://github.com/pypa/twine/issues/1229) <https://github.com/pypa/twine/issues/1229>_)
  • twine now catches configparser.Error to prevent accidental leaks of secret tokens or passwords to the user's console. ([#1240](https://github.com/pypa/twine/issues/1240) <https://github.com/pypa/twine/issues/1240>_)

Deprecations and Removals ^^^^^^^^^^^^^^^^^^^^^^^^^

  • Remove hacks that support --skip-existing for indexes other than PyPI and TestPyPI.

    To date, these hacks continue to accrue and there have been numerous issues with them, not the least of which being that every time we update them, the paid index providers change things to break the compatibility we implement for them. Beyond that, these hacks do not work when text is internationalized in the response from the index provider.

    For a sample of past issues, see:

... (truncated)

Commits
  • 14ceb29 Update changelog for 6.2.0 (#1264)
  • 60e377b build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#1263)
  • 88821f2 feat(package): remove MD5 hashing entirely (#1262)
  • ce5fe53 build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0
  • 6a696ed PEP 639 compliance
  • 9175334 rename 1247.misc.rst to changelog/1247.misc.rst
  • d94a475 fix(tests): update expected error message
  • c1c02d1 Remove --skip-existing support for non-PyPI indices
  • a24d308 Set trusted publishing logging to INFO/WARN (#1247)
  • becf1a8 Fix py3.9 mypy error in __init__ around PackageMetadata
  • Additional commits viewable in compare view

Updates coverage from 7.10.6 to 7.10.7

Changelog

Sourced from coverage's changelog.

Version 7.10.7 — 2025-09-21

  • Performance: with branch coverage in large files, generating HTML, JSON, or LCOV reports could take far too long due to some quadratic behavior when creating the function and class index pages. This is now fixed, closing issue 2048_. Thanks to Daniel Diniz for help diagnosing the problem.

  • Most warnings and a few errors now have links to a page in the docs explaining the specific message. Closes issue 1921_.

.. _issue 1921: nedbat/coveragepy#1921 .. _issue 2048: nedbat/coveragepy#2048

.. _changes_7-10-6:

Commits
  • 92a2af5 docs: sample HTML for 7.10.7
  • 952afda docs: prep for 7.10.7
  • a301761 build: riscv64 wheels (#2055)
  • 5daff8d docs: now source is formatted with ruff
  • 04bbc3a docs: discuss cog in the contributing docs
  • c181b93 build: use cog --check-fail-msg to instruct devs
  • 33c4ba1 chore: make upgrade
  • 0744b73 chore: bump the action-dependencies group across 1 directory with 2 updates (...
  • 0d5a112 perf: bulk narrowing to avoid N**2. #2048
  • a868ed9 docs: mention Python Discord on the index page
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
grpcio [>= 1.65.1.a, < 1.65.2]
grpcio-tools [>= 1.65.1.a, < 1.65.2]
grpcio [>= 1.65.4.a, < 1.65.5]
grpcio-tools [>= 1.65.4.a, < 1.65.5]
grpcio [>= 1.65.2.a, < 1.65.3]
grpcio-tools [>= 1.65.2.a, < 1.65.3]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the pip-dependencies group with 8 updates
bd87b62 
Bumps the pip-dependencies group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [debugpy](https://github.com/microsoft/debugpy) | `1.8.16` | `1.8.17` |
| [docutils](https://github.com/rtfd/recommonmark) | `0.22` | `0.22.2` |
| [grpcio](https://github.com/grpc/grpc) | `1.74.0` | `1.75.1` |
| [grpcio-tools](https://github.com/grpc/grpc) | `1.74.0` | `1.75.1` |
| [more-itertools](https://github.com/more-itertools/more-itertools) | `10.7.0` | `10.8.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `6.32.0` | `6.32.1` |
| [twine](https://github.com/pypa/twine) | `6.1.0` | `6.2.0` |
| [coverage](https://github.com/nedbat/coveragepy) | `7.10.6` | `7.10.7` |


Updates `debugpy` from 1.8.16 to 1.8.17
- [Release notes](https://github.com/microsoft/debugpy/releases)
- [Commits](microsoft/debugpy@v1.8.16...v1.8.17)

Updates `docutils` from 0.22 to 0.22.2
- [Changelog](https://github.com/readthedocs/recommonmark/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rtfd/recommonmark/commits)

Updates `grpcio` from 1.74.0 to 1.75.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](grpc/grpc@v1.74.0...v1.75.1)

Updates `grpcio-tools` from 1.74.0 to 1.75.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](grpc/grpc@v1.74.0...v1.75.1)

Updates `more-itertools` from 10.7.0 to 10.8.0
- [Release notes](https://github.com/more-itertools/more-itertools/releases)
- [Commits](more-itertools/more-itertools@v10.7.0...v10.8.0)

Updates `protobuf` from 6.32.0 to 6.32.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `twine` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/pypa/twine/releases)
- [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst)
- [Commits](pypa/twine@6.1.0...6.2.0)

Updates `coverage` from 7.10.6 to 7.10.7
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.10.6...7.10.7)

---
updated-dependencies:
- dependency-name: debugpy
  dependency-version: 1.8.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: docutils
  dependency-version: 0.22.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: grpcio
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: grpcio-tools
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: more-itertools
  dependency-version: 10.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: protobuf
  dependency-version: 6.32.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
- dependency-name: twine
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-dependencies
- dependency-name: coverage
  dependency-version: 7.10.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 1, 2025
@chadlwilson chadlwilson enabled auto-merge (squash) October 1, 2025 15:42
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 1, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 1, 2025
auto-merge was automatically disabled November 1, 2025 15:03

Pull request was closed

@dependabot dependabot bot deleted the dependabot/pip/pip-dependencies-3c7383d1db branch November 1, 2025 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chadlwilson chadlwilson chadlwilson approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chadlwilson