chore(deps): Bump the python-minor group in /backend with 10 updates#266
Closed
dependabot[bot] wants to merge 1 commit into
Closed
chore(deps): Bump the python-minor group in /backend with 10 updates#266dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Contributor
Dependency Update AnalysisUpdate Type: Analysis Details
Security Audit ResultsFrontend (npm audit)INFO - Unable to parse npm audit results Backend (safety check)INFO - Unable to parse safety check results |
Contributor
|
Manual Review Required This dependency update requires manual review: Reason:
Review Checklist:
Next Steps:
cc: @maintainers |
Bumps the python-minor group in /backend with 10 updates: | Package | From | To | | --- | --- | --- | | [fastapi](https://github.com/fastapi/fastapi) | `0.128.0` | `0.128.5` | | [starlette](https://github.com/Kludex/starlette) | `0.50.0` | `0.52.1` | | [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.45` | `2.0.46` | | [alembic](https://github.com/sqlalchemy/alembic) | `1.17.2` | `1.18.3` | | [pymongo](https://github.com/mongodb/mongo-python-driver) | `4.15.5` | `4.16.0` | | [pyjwt](https://github.com/jpadilla/pyjwt) | `2.10.1` | `2.11.0` | | [cryptography](https://github.com/pyca/cryptography) | `46.0.3` | `46.0.4` | | [prometheus-client](https://github.com/prometheus/client_python) | `0.23.1` | `0.24.1` | | [psutil](https://github.com/giampaolo/psutil) | `7.2.1` | `7.2.2` | | [aiosmtplib](https://github.com/cole/aiosmtplib) | `5.0.0` | `5.1.0` | Updates `fastapi` from 0.128.0 to 0.128.5 - [Release notes](https://github.com/fastapi/fastapi/releases) - [Commits](fastapi/fastapi@0.128.0...0.128.5) Updates `starlette` from 0.50.0 to 0.52.1 - [Release notes](https://github.com/Kludex/starlette/releases) - [Changelog](https://github.com/Kludex/starlette/blob/main/docs/release-notes.md) - [Commits](Kludex/starlette@0.50.0...0.52.1) Updates `sqlalchemy` from 2.0.45 to 2.0.46 - [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases) - [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst) - [Commits](https://github.com/sqlalchemy/sqlalchemy/commits) Updates `alembic` from 1.17.2 to 1.18.3 - [Release notes](https://github.com/sqlalchemy/alembic/releases) - [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES) - [Commits](https://github.com/sqlalchemy/alembic/commits) Updates `pymongo` from 4.15.5 to 4.16.0 - [Release notes](https://github.com/mongodb/mongo-python-driver/releases) - [Changelog](https://github.com/mongodb/mongo-python-driver/blob/master/doc/changelog.rst) - [Commits](mongodb/mongo-python-driver@4.15.5...4.16.0) Updates `pyjwt` from 2.10.1 to 2.11.0 - [Release notes](https://github.com/jpadilla/pyjwt/releases) - [Changelog](https://github.com/jpadilla/pyjwt/blob/master/CHANGELOG.rst) - [Commits](jpadilla/pyjwt@2.10.1...2.11.0) Updates `cryptography` from 46.0.3 to 46.0.4 - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@46.0.3...46.0.4) Updates `prometheus-client` from 0.23.1 to 0.24.1 - [Release notes](https://github.com/prometheus/client_python/releases) - [Commits](prometheus/client_python@v0.23.1...v0.24.1) Updates `psutil` from 7.2.1 to 7.2.2 - [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst) - [Commits](giampaolo/psutil@release-7.2.1...release-7.2.2) Updates `aiosmtplib` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/cole/aiosmtplib/releases) - [Changelog](https://github.com/cole/aiosmtplib/blob/main/CHANGELOG.rst) - [Commits](cole/aiosmtplib@v5.0.0...v5.1.0) --- updated-dependencies: - dependency-name: fastapi dependency-version: 0.128.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: starlette dependency-version: 0.52.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: sqlalchemy dependency-version: 2.0.46 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: alembic dependency-version: 1.18.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: pymongo dependency-version: 4.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: pyjwt dependency-version: 2.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: cryptography dependency-version: 46.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: prometheus-client dependency-version: 0.24.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor - dependency-name: psutil dependency-version: 7.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-minor - dependency-name: aiosmtplib dependency-version: 5.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-minor ... Signed-off-by: dependabot[bot] <support@github.com>
a4d4fb9 to
00e0f69
Compare
Contributor
Dependency Update AnalysisUpdate Type: Analysis Details
Security Audit ResultsFrontend (npm audit)INFO - Unable to parse npm audit results Backend (safety check)INFO - Unable to parse safety check results |
Contributor
|
Manual Review Required This dependency update requires manual review: Reason:
Review Checklist:
Next Steps:
cc: @maintainers |
Contributor
Author
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the python-minor group in /backend with 10 updates:
0.128.00.128.50.50.00.52.12.0.452.0.461.17.21.18.34.15.54.16.02.10.12.11.046.0.346.0.40.23.10.24.17.2.17.2.25.0.05.1.0Updates
fastapifrom 0.128.0 to 0.128.5Release notes
Sourced from fastapi's releases.
... (truncated)
Commits
dedf140🔖 Release version 0.128.579d4dfb📝 Update release notes9f4ecf5✅ Add inline snapshot tests for OpenAPI before changes from Pydantic v2 (#14864)c48539f📝 Update release notes2e7d375♻️ Refactor and simplify Pydantic v2 (and v1) compatibility internal utils (#...8eac94b🔖 Release version 0.128.458cdfc7📝 Update release notesd59fbc3♻️ Refactor internals, simplify Pydantic v2/v1 utils,create_model_field, b...cc6ced6📝 Update release notescf55bad♻️ Simplify internals, remove Pydantic v1 only logic, no longer needed (#14857)Updates
starlettefrom 0.50.0 to 0.52.1Release notes
Sourced from starlette's releases.
... (truncated)
Changelog
Sourced from starlette's changelog.
Commits
e5b8a5dVersion 0.52.1 (#3110)d02eadeOnly usetyping_extensionsin older Python versions (#3109)f490b42Version 0.52.0 (#3107)d8c7cf9TurnStateinto aMapping(#3036)cfce146chore: bump coverage (#3103)9138e55fix: setup github pages for deployment (#3102)aff6df7docs: add environment for github docs (#3101)434bab9docS: fix gh pages deploy (#3100)03426bedocs: replace mkdocs by zensical (#3098)df2ee22Version 0.51.0 (#3097)Updates
sqlalchemyfrom 2.0.45 to 2.0.46Release notes
Sourced from sqlalchemy's releases.
... (truncated)
Commits
Updates
alembicfrom 1.17.2 to 1.18.3Release notes
Sourced from alembic's releases.
... (truncated)
Commits
Updates
pymongofrom 4.15.5 to 4.16.0Release notes
Sourced from pymongo's releases.
Changelog
Sourced from pymongo's changelog.
Commits
3290101Prepare 4.16.0 release (#2672)1be94d2PYTHON-5685 Fix unified spec sync metadata for csot and sessions tests (#2669)6585d9cPYTHON-2442: Refactor: use _asdict() in _options_dict() (#2670)fdb1f7ePYTHON-5677 Prevent ClientEncryption from loading crypt shared library (#2659)0cd9763Bump zizmorcore/zizmor-action from cb3d8e846e148d1111d90b03375b9c03deceda37 t...2f263d4PYTHON-5680 Fix handling of expectedDocuments in Unified Test Runner (#2665)e9658b2Add 4.15.5 release date to changelog (#2666)10dd204Update coverage[toml] requirement from <=7.10.6,>=5 to >=5,<=7.10.7 (#2662)1300677[Spec Resync] 12-22-2025 (#2663)18c1f14PYTHON-5529 Introduce optin setting to await for MinPoolSize population (#2664)Updates
pyjwtfrom 2.10.1 to 2.11.0Release notes
Sourced from pyjwt's releases.
... (truncated)
Changelog
Sourced from pyjwt's changelog.
Commits
697344dbump up versione4d0aecfix: pre-commitdf9a6a0fix: failing test2b2e53cfix: docs635c8d8fix: failing mypy96ae356feat: add minimum key length validation for HMAC and RSA5b86227fix: enforce ECDSA curve validation per RFC 7518 Section 3.404947d7Bump actions/download-artifact from 6 to 7 (#1125)dd44834Fix leeway value in usage documentation (#1124)407f0bdThoroughly test type annotations, and resolve errors (#1112)Updates
cryptographyfrom 46.0.3 to 46.0.4Changelog
Sourced from cryptography's changelog.
Commits
e6f44fcbump for 46.0.4 and drop win arm64 due to CI issues (#14217)Updates
prometheus-clientfrom 0.23.1 to 0.24.1Release notes
Sourced from prometheus-client's releases.
Commits
f417f6eRelease 0.24.16f0e967Pass correct registry to MultiProcessCollector (#1152)c5024d3Release 0.24.0e1cdc20Add Django exporter (#1088) (#1143)7b99592Added compression support in pushgateway (#1144)13df124Relax registry type annotations for exposition (#1149)a264ec0Don't interleave histogram metrics in multi-process collector (#1148)e8f8baefix(multiprocess): avoid double-building child metric names (#1035) (#1146)1783ca8Add support for Python 3.14 (#1142)378510bAdd remove_matching() method for metric label deletion (#1121)Updates
psutilfrom 7.2.1 to 7.2.2Changelog
Sourced from psutil's changelog.
Commits
9eea97dPre-release938ac64Rm sphinxcontrib.googleanalytics; override layout.html9dcbb7eAdd sphinxcontrib-googleanalytics to requirements.txt76eaf9aTry to add google analytics to docde1cafaUpdate doc mentioning Process.wait() internal detailsbb30943Refact can_use_pidfd_open() and can_use_kqueue()a571717#2708, macos / cmdline / environ; raise AD instead of OSError(0) (#2709)8b98c3ePre-release700b7e6[macOS] fix potential leaks in error paths (#2707)7cc7923Windows / cmdline(): be more defensive in free()ing in case of errorUpdates
aiosmtplibfrom 5.0.0 to 5.1.0Release notes
Sourced from aiosmtplib's releases.
Changelog
Sourced from aiosmtplib's changelog.
Commits
eb59588chore: v5.1.0d8100f8feat: xoauth25a5e2d5upgrade annotationsb83a450ci: pre-commit autoupdateb895375ci: pre-commit autoupdate1fbc7d0ci: pre-commit autoupdateDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions