Skip to content

build(deps): bump the minor-and-patch group with 8 updates #695

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 25, 2025
Merged

build(deps): bump the minor-and-patch group with 8 updates #695

merged 1 commit into from
Aug 25, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 25, 2025

Bumps the minor-and-patch group with 8 updates:

Package From To
requests 2.32.4 2.32.5
jsonschema 4.25.0 4.25.1
coverage 7.10.4 7.10.5
authlib 1.6.1 1.6.2
beautifulsoup4 4.13.4 4.13.5
ruamel-yaml 0.18.14 0.18.15
starlette 0.47.2 0.47.3
typer 0.16.0 0.16.1

Updates requests from 2.32.4 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.
Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.
Commits
  • b25c87d v2.32.5
  • 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
  • b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
  • 46e939b Update publish workflow to use artifact-id instead of name
  • 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
  • 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
  • 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
  • fec96cd Update Makefile rules (#6996)
  • d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
  • 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
  • Additional commits viewable in compare view

Updates jsonschema from 4.25.0 to 4.25.1

Release notes

Sourced from jsonschema's releases.

v4.25.1

What's Changed

Full Changelog: python-jsonschema/jsonschema@v4.25.0...v4.25.1

Changelog

Sourced from jsonschema's changelog.

v4.25.1

  • Fix an incorrect required argument in the Validator protocol's type annotations (#1396).
Commits
  • 331c384 Add the fix to the changelog.
  • c1ec0a6 Merge pull request #1398 from python-jsonschema/dependabot/github_actions/ast...
  • 8e7d594 Merge pull request #1399 from python-jsonschema/dependabot/github_actions/act...
  • 460f4fa Merge pull request #1396 from sirosen/improve-protocol-init-signature
  • 1e58409 [pre-commit.ci] auto fixes from pre-commit.com hooks
  • 64bc217 Add a typing test for the Validator protocol
  • 6c25741 Bump actions/checkout from 4 to 5
  • bf603d5 Bump astral-sh/setup-uv from 6.4.3 to 6.5.0
  • a916d8f Fix Validator protocol init to match runtime
  • de60f18 Merge pull request #1397 from python-jsonschema/pre-commit-ci-update-config
  • Additional commits viewable in compare view

Updates coverage from 7.10.4 to 7.10.5

Changelog

Sourced from coverage's changelog.

Version 7.10.5 — 2025-08-23

  • Big speed improvements for coverage combine: it's now about twice as fast! Huge thanks to Alex Gaynor for pull requests 2032 <pull 2032_>, 2033 <pull 2033_>, and 2034 <pull 2034_>_.

.. _pull 2032: nedbat/coveragepy#2032 .. _pull 2033: nedbat/coveragepy#2033 .. _pull 2034: nedbat/coveragepy#2034

.. _changes_7-10-4:

Commits
  • 810abeb chore: make upgrade
  • 3c8f1b5 build: use --universal to keep platform conditions in .pip files
  • 107ae05 docs: sample HTML for 7.10.5
  • b5bc6d4 docs: prep for 7.10.5
  • a5c18cc style: auto-generated changes shouldn't trigger ruff re-formatting
  • 1f9f840 build: tooling for ruff formatting
  • 9ee5b3e chore: make upgrade
  • bfeb2ae style: fix things so pylint is happy with ruff
  • 82467f7 chore: ruff format .
  • 0a7b733 refactor: remove unused things from lab/
  • Additional commits viewable in compare view

Updates authlib from 1.6.1 to 1.6.2

Release notes

Sourced from authlib's releases.

v1.6.2

What's Changed

Full Changelog: authlib/authlib@v1.6.1...v1.6.2

Changelog

Sourced from authlib's changelog.

Version 1.6.2

Released on Aug 23, 2025

  • Temporarily restore OAuth2Request body parameter. :issue:781 :pr:791
  • Allow 127.0.0.1 in insecure transport mode. :pr:788
  • Raise MissingCodeException when the code parameter is missing. :issue:793 :pr:794
  • Fix id_token generation with EdDSA algs. :issue:799 :pr:800
Commits
  • 3385fbf chore: bump to 1.6.2
  • c5cb682 doc: changelog
  • 746eb32 Merge pull request #800 from azmeuk/799-create-half-hash
  • 53315e2 chore: update pull request template
  • 6fa7195 fix: id_token generation with EdDSA algs
  • 731f618 fix: linters
  • c9890da Merge pull request #794 from authlib/fix-missing-code
  • 0668d81 chore: use GH types instead of labels in ticket templates
  • 7092587 Merge pull request #791 from azmeuk/781-jar-compatibility
  • 95e7d33 chore: update readme
  • Additional commits viewable in compare view

Updates beautifulsoup4 from 4.13.4 to 4.13.5

Updates ruamel-yaml from 0.18.14 to 0.18.15

Updates starlette from 0.47.2 to 0.47.3

Release notes

Sourced from starlette's releases.

Version 0.47.3

Fixed

New Contributors

Full Changelog: Kludex/starlette@0.47.2...0.47.3

Changelog

Sourced from starlette's changelog.

0.47.3 (August 24, 2025)

Fixed

  • Use asyncio.iscoroutinefunction for Python 3.12 and older #2984.
Commits

Updates typer from 0.16.0 to 0.16.1

Release notes

Sourced from typer's releases.

0.16.1

Fixes

  • 🐛 Avoid printing additional output with no_args_is_help=True and Click 8.2. PR #1278 by @​svlandeg.

Docs

Internal

Changelog

Sourced from typer's changelog.

0.16.1

Fixes

  • 🐛 Avoid printing additional output with no_args_is_help=True and Click 8.2. PR #1278 by @​svlandeg.

Docs

Internal

Commits
  • 17e2615 🔖 Release version 0.16.1
  • 4a1606c 📝 Update release notes
  • c7d957c 🐛 Avoid printing additional output with no_args_is_help=True and Click 8.2 ...
  • 55f190e 📝 Update release notes
  • 74dc420 📝 Update release notes
  • a671e9b ⬆ Bump ruff from 0.11.13 to 0.12.9 (#1276)
  • 8c6e038 ⬆ [pre-commit.ci] pre-commit autoupdate (#1247)
  • 9fe7815 📝 Update release notes
  • 201fe73 ⬆ Bump actions/checkout from 4 to 5 (#1271)
  • 3978597 📝 Update release notes
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the minor-and-patch group with 8 updates
672625c 
Bumps the minor-and-patch group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [requests](https://github.com/psf/requests) | `2.32.4` | `2.32.5` |
| [jsonschema](https://github.com/python-jsonschema/jsonschema) | `4.25.0` | `4.25.1` |
| [coverage](https://github.com/nedbat/coveragepy) | `7.10.4` | `7.10.5` |
| [authlib](https://github.com/authlib/authlib) | `1.6.1` | `1.6.2` |
| [beautifulsoup4](https://www.crummy.com/software/BeautifulSoup/bs4/) | `4.13.4` | `4.13.5` |
| ruamel-yaml | `0.18.14` | `0.18.15` |
| [starlette](https://github.com/encode/starlette) | `0.47.2` | `0.47.3` |
| [typer](https://github.com/fastapi/typer) | `0.16.0` | `0.16.1` |


Updates `requests` from 2.32.4 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.4...v2.32.5)

Updates `jsonschema` from 4.25.0 to 4.25.1
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.25.0...v4.25.1)

Updates `coverage` from 7.10.4 to 7.10.5
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](nedbat/coveragepy@7.10.4...7.10.5)

Updates `authlib` from 1.6.1 to 1.6.2
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/main/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.1...v1.6.2)

Updates `beautifulsoup4` from 4.13.4 to 4.13.5

Updates `ruamel-yaml` from 0.18.14 to 0.18.15

Updates `starlette` from 0.47.2 to 0.47.3
- [Release notes](https://github.com/encode/starlette/releases)
- [Changelog](https://github.com/encode/starlette/blob/master/docs/release-notes.md)
- [Commits](Kludex/starlette@0.47.2...0.47.3)

Updates `typer` from 0.16.0 to 0.16.1
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.16.0...0.16.1)

---
updated-dependencies:
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: jsonschema
  dependency-version: 4.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: coverage
  dependency-version: 7.10.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: authlib
  dependency-version: 1.6.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: beautifulsoup4
  dependency-version: 4.13.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: ruamel-yaml
  dependency-version: 0.18.15
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: starlette
  dependency-version: 0.47.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: typer
  dependency-version: 0.16.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Aug 25, 2025
@gadomski gadomski merged commit eb5033b into main Aug 25, 2025
10 checks passed
@gadomski gadomski deleted the dependabot/pip/minor-and-patch-3abca9f1ae branch August 25, 2025 23:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gadomski