Skip to content

build(deps): bump the minor-and-patch group with 10 updates #708

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 6, 2025
Merged

build(deps): bump the minor-and-patch group with 10 updates #708

merged 1 commit into from
Oct 6, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 6, 2025

Bumps the minor-and-patch group with 10 updates:

Package From To
certifi 2025.8.3 2025.10.5
furo 2025.7.19 2025.9.25
isort 6.0.1 6.1.0
authlib 1.6.4 1.6.5
cryptography 46.0.1 46.0.2
identify 2.6.14 2.6.15
nltk 3.9.1 3.9.2
pydantic 2.11.9 2.11.10
pydantic-core 2.33.2 2.40.1
typing-inspection 0.4.1 0.4.2

Updates certifi from 2025.8.3 to 2025.10.5

Commits
  • fb14ac4 2025.10.05 (#371)
  • 2c7c7ee Add Python 3.14 classifier in setup.py
  • 1a5cb7b Bump actions/setup-python from 5.6.0 to 6.0.0 (#367)
  • dea5960 Bump pypa/gh-action-pypi-publish from 1.12.4 to 1.13.0 (#366)
  • 83566b7 Bump actions/checkout from 4.2.2 to 5.0.0
  • ca2e121 Bump actions/download-artifact from 4.3.0 to 5.0.0
  • See full diff in compare view

Updates furo from 2025.7.19 to 2025.9.25

Changelog

Sourced from furo's changelog.

Changelog

2025.09.25 -- Gleaming Green

  • Change the dark mode code back to native.

2025.07.19 -- Frozen Flame

  • ✨ Switch to accessible-pygments themes
  • ✨ Prefetch the sidebar logos
  • ✨ Fix flickering header drop shadow on Safari
  • Add rel=edit attribute to "Edit this page" link/icon
  • Bump NodeJS and npm dependency versions
  • Bump Saas & Webpack major versions
  • Improve current page detection to be resilient to sticky elements above header
  • Modernise Sass and use @use + @forward
  • Remove top of code border-radius with captions
  • Remove "debug printf" for headerTop value
  • Use distinct images for light and dark mode in the documentation
  • Use the modern Saas Modules

2024.08.06 -- Energetic Eminence

  • ✨ Add support for Sphinx 8
  • ✨ Add smoother transitions between breakpoints
  • Increase specificity of table-wrapper selector
  • Avoid page breaks inside paragraphs

2024.07.18 -- Dull Denim

  • Improve how icons are handled and aligned.
  • Improve scroll event handler.
  • Hide the copybutton by default.
  • Fix source_view_link configuration handling.
  • Fix close tag on pencil icon.

2024.05.06 -- Cheerful Cerulean

  • ✨ Add new custom icons for auto mode, reflecting the currently active theme.

... (truncated)

Commits

Updates isort from 6.0.1 to 6.1.0

Release notes

Sourced from isort's releases.

6.1.0

Changes

👷 Continuous Integration

📦 Dependencies

Changelog

Sourced from isort's changelog.

6.1.0 October 1 2025

Commits
  • ec0efae Merge pull request #2410 from PyCQA/docs/discussion
  • 8af675f Update docs discussions channel
  • a03dae8 Merge pull request #2409 from PyCQA/build/py314-classifier
  • 2232a26 Add python 3.14 classifier and badge
  • ec48dd7 Merge pull request #2405 from dvarrazzo/fix/drop-pkg-resources
  • be46cd4 refactor: make importlib metadata package import lazy
  • 18ecd0c chore: drop branch guarding unsupported Python versions
  • 1d42e56 fix: drop use of non-standard pkg_resources API
  • 0c8fc82 Merge pull request #2406 from PyCQA/dependabot/github_actions/github-actions-...
  • 3478763 Bump actions/checkout from 4 to 5 in the github-actions group
  • Additional commits viewable in compare view

Updates authlib from 1.6.4 to 1.6.5

Changelog

Sourced from authlib's changelog.

Version 1.6.5

Released on Oct 2, 2025

  • RFC7591 generate_client_info and generate_client_secret take a request parameter.
  • Add size limitation when decode JWS/JWE to prevent DoS.
  • Add size limitation for DEF JWE zip algorithm.
Commits

Updates cryptography from 46.0.1 to 46.0.2

Changelog

Sourced from cryptography's changelog.

46.0.2 - 2025-09-30


* Updated Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.5.4.

.. _v46-0-1:

Commits

Updates identify from 2.6.14 to 2.6.15

Commits
  • 31f8d82 v2.6.15
  • 05b2674 Merge pull request #541 from wjt/piskel
  • d34fd8a Add .piskel extension
  • 729b41e Merge pull request #542 from Freso/pkgbuild-shell
  • 49356f3 fix: make PKGBUILD files a superset of .bash
  • 01a201f Merge pull request #540 from pre-commit/pre-commit-ci-update-config
  • 2aa9828 [pre-commit.ci] pre-commit autoupdate
  • 672764d Merge pull request #538 from pre-commit/pre-commit-ci-update-config
  • faf2281 [pre-commit.ci] pre-commit autoupdate
  • See full diff in compare view

Updates nltk from 3.9.1 to 3.9.2

Changelog

Sourced from nltk's changelog.

Version 3.9.2 2025-10-01

  • Update download checksums to use SHA256 in built index
  • Fix percentage escape in new-style string formatting
  • replace shortened URLs using goo.gl
  • Make Wordnet interoperable with various taggers and tagged corpora
  • Fix saving PerceptronTagger
  • Document how to reproduce old Wordnet studies
  • properly initialize Portuguese corpus reader
  • support for mixed rules conversion into Chomsky Normal Form
  • only import tkinter if a GUI is needed
  • issue #2112 with Corenlp
  • new environment variable NLTK_DOWNLOADER_FORCE_INTERACTIVE_SHELL
  • Lesk defaults to most frequent sense in case of ties

Thanks to the following contributors to 3.9.2: Jose Cols, Peter de Blanc, GeneralPoxter, Eric Kafe, William LaCroix, Jason Liu, Samer Masterson, Mike014, purificant, Andrew Ernest Ritz, samertm, Ikram Ul Haq, Christopher Smith, Ryan Mannion

Version 3.9.1 2024-08-19

  • Fixed bug that prevented wordnet from loading

Version 3.9 2024-08-18

  • Fix security vulnerability CVE-2024-39705 (breaking change)
  • Replace pickled models (punkt, chunker, taggers) by new pickle-free "_tab" packages
  • No longer sort Wordnet synsets and relations (sort in calling function when required)
  • Only strip the last suffix in Wordnet Morphy, thus restricting synsets() results
  • Add Python 3.12 support
  • Many other minor fixes

Thanks to the following contributors to 3.8.2: Tom Aarsen, Cat Lee Ball, Veralara Bernhard, Carlos Brandt, Konstantin Chernyshev, Michael Higgins, Eric Kafe, Vivek Kalyan, David Lukes, Rob Malouf, purificant, Alex Rudnick, Liling Tan, Akihiro Yamazaki.

Version 3.8.1 2023-01-02

  • Resolve RCE vulnerability in localhost WordNet Browser (#3100)
  • Remove unused tool scripts (#3099)
  • Resolve XSS vulnerability in localhost WordNet Browser (#3096)
  • Add Python 3.11 support (#3090)

Thanks to the following contributors to 3.8.1: Francis Bond, John Vandenberg, Tom Aarsen

Version 3.8 2022-12-12

  • Refactor dispersion plot (#3082)
  • Provide type hints for LazyCorpusLoader variables (#3081)
  • Throw warning when LanguageModel is initialized with incorrect vocabulary (#3080)

... (truncated)

Commits
  • 4e17ea3 Updates for 3.9.2
  • 77ed66b Merge pull request #3425 from ekaf/ci-blank-data
  • 13d6791 Update .github/workflows/ci.yml
  • d2cf5d4 Ensure nltk_data path is in the environment
  • 4473fde Test CI with no data
  • 1f1614b Merge pull request #3349 from ShadokDuBas/fix/bug_ccg_logic_side_effect_on_le...
  • 7e9779e Merge pull request #3419 from ekaf/hotfix-3416
  • 83bd737 Merge pull request #3423 from purificant/_dependabot
  • e96cce0 Merge pull request #3422 from purificant/_pre_commit
  • bcf6ea6 Merge pull request #3421 from purificant/_py_versions
  • Additional commits viewable in compare view

Updates pydantic from 2.11.9 to 2.11.10

Changelog

Sourced from pydantic's changelog.

v2.11.10 (2025-10-04)

GitHub release

What's Changed

Fixes

Commits

Updates pydantic-core from 2.33.2 to 2.40.1

Release notes

Sourced from pydantic-core's releases.

v2.40.1 2025-10-02

What's Changed

Full Changelog: pydantic/pydantic-core@v2.40.0...v2.40.1

v2.40.0 2025-10-01

What's Changed

New Contributors

Full Changelog: pydantic/pydantic-core@v2.39.0...v2.40.0

v2.39.0 2025-08-11

What's Changed

Full Changelog: pydantic/pydantic-core@v2.38.0...v2.39.0

v2.38.0 2025-08-04

What's Changed

... (truncated)

Commits
  • 70bd6f9 Prepare release v2.40.1 (#1819)
  • 32c76bf Only create class instance after validation in `ModelValidator.validate_const...
  • 8d06fac Bump maturin to v1.9.4 (#1817)
  • d677428 Add quotes to field name in serialization warning (#1816)
  • 7a1a124 Reapply "Match return type of SerializationInfo.mode() to mode of model_dump(...
  • edfdce8 ci: fix pydantic integration test to actually use local core (#1814)
  • 13a34ef release: 2.40.0 (#1812)
  • 52d7510 Bump regex from 1.11.1 to 1.11.3 (#1804)
  • 22e88b1 Bump CodSpeedHQ/action from 3 to 4 (#1805)
  • 37d2ce4 Bump actions/setup-python from 5 to 6 (#1803)
  • Additional commits viewable in compare view

Updates typing-inspection from 0.4.1 to 0.4.2

Release notes

Sourced from typing-inspection's releases.

v0.4.2 2025-10-01

What's Changed

Full Changelog: pydantic/typing-inspection@v0.4.1...v0.4.2

Changelog

Sourced from typing-inspection's changelog.

v0.4.2 (2025-10-01)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the minor-and-patch group with 10 updates
f6f373a 
Bumps the minor-and-patch group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [certifi](https://github.com/certifi/python-certifi) | `2025.8.3` | `2025.10.5` |
| [furo](https://github.com/pradyunsg/furo) | `2025.7.19` | `2025.9.25` |
| [isort](https://github.com/PyCQA/isort) | `6.0.1` | `6.1.0` |
| [authlib](https://github.com/authlib/authlib) | `1.6.4` | `1.6.5` |
| [cryptography](https://github.com/pyca/cryptography) | `46.0.1` | `46.0.2` |
| [identify](https://github.com/pre-commit/identify) | `2.6.14` | `2.6.15` |
| [nltk](https://github.com/nltk/nltk) | `3.9.1` | `3.9.2` |
| [pydantic](https://github.com/pydantic/pydantic) | `2.11.9` | `2.11.10` |
| [pydantic-core](https://github.com/pydantic/pydantic-core) | `2.33.2` | `2.40.1` |
| [typing-inspection](https://github.com/pydantic/typing-inspection) | `0.4.1` | `0.4.2` |


Updates `certifi` from 2025.8.3 to 2025.10.5
- [Commits](certifi/python-certifi@2025.08.03...2025.10.05)

Updates `furo` from 2025.7.19 to 2025.9.25
- [Release notes](https://github.com/pradyunsg/furo/releases)
- [Changelog](https://github.com/pradyunsg/furo/blob/main/docs/changelog.md)
- [Commits](pradyunsg/furo@2025.07.19...2025.09.25)

Updates `isort` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/PyCQA/isort/releases)
- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)
- [Commits](PyCQA/isort@6.0.1...6.1.0)

Updates `authlib` from 1.6.4 to 1.6.5
- [Release notes](https://github.com/authlib/authlib/releases)
- [Changelog](https://github.com/authlib/authlib/blob/main/docs/changelog.rst)
- [Commits](authlib/authlib@v1.6.4...v1.6.5)

Updates `cryptography` from 46.0.1 to 46.0.2
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@46.0.1...46.0.2)

Updates `identify` from 2.6.14 to 2.6.15
- [Commits](pre-commit/identify@v2.6.14...v2.6.15)

Updates `nltk` from 3.9.1 to 3.9.2
- [Changelog](https://github.com/nltk/nltk/blob/develop/ChangeLog)
- [Commits](nltk/nltk@3.9.1...3.9.2)

Updates `pydantic` from 2.11.9 to 2.11.10
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/v2.11.10/HISTORY.md)
- [Commits](pydantic/pydantic@v2.11.9...v2.11.10)

Updates `pydantic-core` from 2.33.2 to 2.40.1
- [Release notes](https://github.com/pydantic/pydantic-core/releases)
- [Commits](pydantic/pydantic-core@v2.33.2...v2.40.1)

Updates `typing-inspection` from 0.4.1 to 0.4.2
- [Release notes](https://github.com/pydantic/typing-inspection/releases)
- [Changelog](https://github.com/pydantic/typing-inspection/blob/main/HISTORY.md)
- [Commits](pydantic/typing-inspection@v0.4.1...v0.4.2)

---
updated-dependencies:
- dependency-name: certifi
  dependency-version: 2025.10.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: furo
  dependency-version: 2025.9.25
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: isort
  dependency-version: 6.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: authlib
  dependency-version: 1.6.5
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: cryptography
  dependency-version: 46.0.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: identify
  dependency-version: 2.6.15
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: nltk
  dependency-version: 3.9.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: pydantic
  dependency-version: 2.11.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: pydantic-core
  dependency-version: 2.40.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: typing-inspection
  dependency-version: 0.4.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 6, 2025
@gadomski gadomski merged commit 61b18fb into main Oct 6, 2025
10 checks passed
@gadomski gadomski deleted the dependabot/pip/minor-and-patch-dc8940bdb8 branch October 6, 2025 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@gadomski