Skip to content

Bump the workflows-dependencies group in /.github/workflows with 4 updates#275

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/dot-github/workflows/workflows-dependencies-60a2b48285
Open

Bump the workflows-dependencies group in /.github/workflows with 4 updates#275
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/dot-github/workflows/workflows-dependencies-60a2b48285

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps the workflows-dependencies group in /.github/workflows with 4 updates: pip, nox, poetry and virtualenv.

Updates pip from 26.0 to 26.0.1

Changelog

Sourced from pip's changelog.

26.0.1 (2026-02-04)

Bug Fixes

  • Fix --pre not being respected from the command line when a requirement file includes an option e.g. -extra-index-url. ([#13788](https://github.com/pypa/pip/issues/13788) <https://github.com/pypa/pip/issues/13788>_)
Commits

Updates nox from 2025.11.12 to 2026.2.9

Release notes

Sourced from nox's releases.

2026.02.09 ❤️‍🩹

This small release supports uv 0.10's new requirement that --clear be passed to clear an environment. Python 3.8 support was temporarily re-added since uv 0.10 still supports 3.8, so nox on 3.8 was affected.

We'd like to thank the following folks who contributed to this release:

Bugfixes:

Internal changes:

Documentation:

Changelog

Sourced from nox's changelog.

Changelog

2026.02.09

This small release supports uv 0.10's new requirement that --clear be passed to clear an environment. Python 3.8 support was temporarily re-added since uv 0.10 still supports 3.8, so nox on 3.8 was affected.

We'd like to thank the following folks who contributed to this release:

Bugfixes:

Internal changes:

Documentation:

Commits

Updates poetry from 2.3.1 to 2.3.2

Release notes

Sourced from poetry's releases.

2.3.2

Changed

  • Allow dulwich>=1.0 (#10701).

poetry-core (2.3.1)

  • Fix an issue where platform_release could not be parsed on Windows Server (#911).
Changelog

Sourced from poetry's changelog.

[2.3.2] - 2026-02-01

Changed

  • Allow dulwich>=1.0 (#10701).
Commits

Updates virtualenv from 20.36.1 to 21.1.0

Release notes

Sourced from virtualenv's releases.

21.1.0

What's Changed

Full Changelog: pypa/virtualenv@21.0.0...21.1.0

21.0.0

What's Changed

Full Changelog: pypa/virtualenv@20.39.1...21.0.0

20.39.1

What's Changed

Full Changelog: pypa/virtualenv@20.39.0...20.39.1

20.39.0

What's Changed

Full Changelog: pypa/virtualenv@20.38.0...20.39.0

20.38.0

What's Changed

... (truncated)

Changelog

Sourced from virtualenv's changelog.

Features - 21.1.0

  • Add comprehensive type annotations across the entire codebase and ship a PEP 561 py.typed marker so downstream consumers and type checkers recognize virtualenv as an inline-typed package - by :user:rahuldevikar. (:issue:3075)

v21.0.0 (2026-02-25)

Deprecations and Removals - 21.0.0

  • The Python discovery logic has been extracted into a standalone python-discovery package on PyPI (documentation <https://python-discovery.readthedocs.io/>_) and is now consumed as a dependency. If you previously imported discovery internals directly (e.g. from virtualenv.discovery.py_info import PythonInfo), switch to from python_discovery import PythonInfo. Backward-compatibility re-export shims are provided at virtualenv.discovery.py_info, virtualenv.discovery.py_spec, and virtualenv.discovery.cached_py_info, however these are considered unsupported and may be removed in a future release - by :user:gaborbernat. (:issue:3070)

v20.39.1 (2026-02-25)

Features - 20.39.1

  • Add support for creating virtual environments with RustPython - by :user:elmjag. (:issue:3010)

v20.39.0 (2026-02-23)

Features - 20.39.0

  • Automatically resolve version manager shims (pyenv, mise, asdf) to the real Python binary during discovery, preventing incorrect interpreter selection when shims are on PATH - by :user:gaborbernat. (:issue:3049)
  • Add architecture (ISA) awareness to Python discovery — users can now specify a CPU architecture suffix in the --python spec string (e.g. cpython3.12-64-arm64) to distinguish between interpreters that share the same version and bitness but target different architectures. Uses sysconfig.get_platform() as the data source, with cross-platform normalization (amd64x86_64, aarch64arm64). Omitting the suffix preserves existing behavior - by :user:rahuldevikar. (:issue:3059)

v20.38.0 (2026-02-19)

Features - 20.38.0

... (truncated)

Commits
  • 404a3e5 release 21.1.0
  • 981d87c add comprehensive type annotations across the entire codebase (#3076)
  • 17d98ba Add security policy
  • 7687420 release 21.0.0
  • 8ec3142 📝 docs(changelog): add removal entry for python-discovery extraction (#3074)
  • f89d46c ♻️ refactor(discovery): extract py_discovery as self-contained package (#3070)
  • 0272c72 release 20.39.1
  • b1ca37f 🐛 fix(create): add pythonw3.exe to Windows venvs (#3073)
  • 1d4a338 ✨ feat(create): add RustPython support (#3071)
  • a10c5d4 Align dependency versions across projects (#3069)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the workflows-dependencies group
1d1ee74 
Bumps the workflows-dependencies group in /.github/workflows with 4 updates: [pip](https://github.com/pypa/pip), [nox](https://github.com/wntrblm/nox), [poetry](https://github.com/python-poetry/poetry) and [virtualenv](https://github.com/pypa/virtualenv).


Updates `pip` from 26.0 to 26.0.1
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@26.0...26.0.1)

Updates `nox` from 2025.11.12 to 2026.2.9
- [Release notes](https://github.com/wntrblm/nox/releases)
- [Changelog](https://github.com/wntrblm/nox/blob/main/CHANGELOG.md)
- [Commits](wntrblm/nox@2025.11.12...2026.02.09)

Updates `poetry` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.3.1...2.3.2)

Updates `virtualenv` from 20.36.1 to 21.1.0
- [Release notes](https://github.com/pypa/virtualenv/releases)
- [Changelog](https://github.com/pypa/virtualenv/blob/main/docs/changelog.rst)
- [Commits](pypa/virtualenv@20.36.1...21.1.0)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: workflows-dependencies
- dependency-name: nox
  dependency-version: 2026.2.9
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflows-dependencies
- dependency-name: poetry
  dependency-version: 2.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: workflows-dependencies
- dependency-name: virtualenv
  dependency-version: 21.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflows-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants