Bump tomli from 2.4.0 to 2.4.1 in /python/helpers by dependabot[bot] · Pull Request #101 · JaclynCodes/dependabot-core

dependabot · 2026-03-29T16:05:47Z

Bumps tomli from 2.4.0 to 2.4.1.

Changelog

2.4.1

Fixed

Limit number of parts of a TOML key to address quadratic time complexity

Commits

c5f4469 Bump version: 2.4.0 → 2.4.1
2bcd262 Add change log for 2.4.1 and 2.3.1
e1fdb94 Limit number of parts of a key (#286)
c20c491 pre-commit autoupdate
920e20b Update performance benchmark and results
064e492 Merge pull request #280 from hukkin/version-2.4.0
See full diff in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

…lpers/lodash-4.17.23

Bumps [tar](https://github.com/isaacs/node-tar) to 7.5.6 and updates ancestor dependencies [tar](https://github.com/isaacs/node-tar), [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist) and [npm](https://github.com/npm/cli). These dependencies need to be updated together. Updates `tar` from 6.2.1 to 7.5.6 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.2.1...v7.5.6) Updates `@npmcli/arborist` from 8.0.0 to 9.1.10 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md) - [Commits](https://github.com/npm/cli/commits/arborist-v9.1.10/workspaces/arborist) Updates `npm` from 6.14.18 to 11.8.0 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md) - [Commits](npm/cli@v6.14.18...v11.8.0) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.6 dependency-type: indirect - dependency-name: "@npmcli/arborist" dependency-version: 9.1.10 dependency-type: direct:production - dependency-name: npm dependency-version: 11.8.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

…lpers/multi-6afa301cf6 Bump tar, @npmcli/arborist and npm in /bun/helpers

Bumps [symfony/process](https://github.com/symfony/process) from 7.3.0 to 7.4.5. - [Release notes](https://github.com/symfony/process/releases) - [Changelog](https://github.com/symfony/process/blob/8.1/CHANGELOG.md) - [Commits](symfony/process@v7.3.0...v7.4.5) --- updated-dependencies: - dependency-name: symfony/process dependency-version: 7.4.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [nuget/helpers/lib/NuGet.Client](https://github.com/NuGet/NuGet.Client) from `2948e02` to `53c7a9c`. - [Release notes](https://github.com/NuGet/NuGet.Client/releases) - [Commits](NuGet/NuGet.Client@2948e02...53c7a9c) --- updated-dependencies: - dependency-name: nuget/helpers/lib/NuGet.Client dependency-version: 53c7a9c9b4a3c31d9adf13fc873f2432eb53768e dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps library/rust from 1.88.0-bookworm to 1.93.0-bookworm. --- updated-dependencies: - dependency-name: library/rust dependency-version: 1.93.0-bookworm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.26.0 to 0.32.0. - [Commits](golang/mod@v0.26.0...v0.32.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [dotnet-sdk](https://github.com/dotnet/sdk) from 9.0.302 to 10.0.102. - [Release notes](https://github.com/dotnet/sdk/releases) - [Commits](dotnet/sdk@v9.0.302...v10.0.102) --- updated-dependencies: - dependency-name: dotnet-sdk dependency-version: 10.0.102 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the pip-tools group in /python/helpers with 1 update: [pip-tools](https://github.com/jazzband/pip-tools). Updates `pip-tools` from 7.4.1 to 7.5.2 - [Release notes](https://github.com/jazzband/pip-tools/releases) - [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md) - [Commits](jazzband/pip-tools@7.4.1...v7.5.2) --- updated-dependencies: - dependency-name: pip-tools dependency-version: 7.5.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: pip-tools ... Signed-off-by: dependabot[bot] <support@github.com>

…elpers/lib/NuGetUpdater/dotnet-sdk-10.0.102

…/pip-tools-ae90bfcbbe

…y/rust-1.93.0-bookworm

…elpers/v2/symfony/process-7.4.5

…es/helpers/golang.org/x/mod-0.32.0

…lpers/lib/NuGet.Client-53c7a9c

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps and [brace-expansion](https://github.com/juliangruber/brace-expansion). These dependencies needed to be updated together. Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `brace-expansion` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect - dependency-name: brace-expansion dependency-version: 2.0.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

…nd_yarn/helpers/lodash-4.17.23

…nd_yarn/helpers/multi-c22e25d29b

Bumps the npm-dependencies group in /npm_and_yarn/helpers with 3 updates: [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist), [nock](https://github.com/nock/nock) and [semver](https://github.com/npm/node-semver). Updates `@npmcli/arborist` from 8.0.0 to 9.1.10 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md) - [Commits](https://github.com/npm/cli/commits/arborist-v9.1.10/workspaces/arborist) Updates `nock` from 13.5.6 to 14.0.10 - [Release notes](https://github.com/nock/nock/releases) - [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md) - [Commits](nock/nock@v13.5.6...v14.0.10) Updates `semver` from 7.6.3 to 7.7.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v7.6.3...v7.7.3) --- updated-dependencies: - dependency-name: "@npmcli/arborist" dependency-version: 9.1.10 dependency-type: direct:production update-type: version-update:semver-major dependency-group: npm-dependencies - dependency-name: nock dependency-version: 14.0.10 dependency-type: direct:production update-type: version-update:semver-major dependency-group: npm-dependencies - dependency-name: semver dependency-version: 7.7.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

…nd_yarn/helpers/npm-dependencies-b295cd00ec Bump the npm-dependencies group in /npm_and_yarn/helpers with 3 updates

Bumps the prod-dependencies group with 1 update in the /composer/helpers/v2 directory: [composer/composer](https://github.com/composer/composer). Updates `composer/composer` from 2.8.9 to 2.9.4 - [Release notes](https://github.com/composer/composer/releases) - [Changelog](https://github.com/composer/composer/blob/main/CHANGELOG.md) - [Commits](composer/composer@2.8.9...2.9.4) --- updated-dependencies: - dependency-name: composer/composer dependency-version: 2.9.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

…helpers/v2/prod-dependencies-2bf85eb48c Bump composer/composer from 2.8.9 to 2.9.4 in /composer/helpers/v2 in the prod-dependencies group across 1 directory

) Bumps the prod-dependencies group with 25 updates in the /updater directory: | Package | From | To | | --- | --- | --- | | [zeitwerk](https://github.com/fxn/zeitwerk) | `2.7.1` | `2.7.4` | | [parallel](https://github.com/grosser/parallel) | `1.26.3` | `1.27.0` | | [aws-sdk-codecommit](https://github.com/aws/aws-sdk-ruby) | `1.63.0` | `1.96.0` | | [aws-sdk-ecr](https://github.com/aws/aws-sdk-ruby) | `1.68.0` | `1.119.0` | | [commonmarker](https://github.com/gjtorikian/commonmarker) | `2.3.1` | `2.6.3` | | [excon](https://github.com/excon/excon) | `1.2.5` | `1.3.2` | | [faraday](https://github.com/lostisland/faraday) | `2.7.11` | `2.14.0` | | [faraday-retry](https://github.com/lostisland/faraday-retry) | `2.2.0` | `2.4.0` | | [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.18.9` | `1.19.0` | | [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-ruby) | `1.5.0` | `1.7.0` | | [opentelemetry-metrics-api](https://github.com/open-telemetry/opentelemetry-ruby) | `0.3.0` | `0.4.0` | | [ostruct](https://github.com/ruby/ostruct) | `0.6.1` | `0.6.3` | | [parser](https://github.com/whitequark/parser) | `3.3.7.1` | `3.3.10.1` | | [psych](https://github.com/ruby/psych) | `5.1.2` | `5.3.1` | | [sorbet-runtime](https://github.com/sorbet/sorbet) | `0.5.11952` | `0.6.12903` | | [stackprof](https://github.com/tmm1/stackprof) | `0.2.25` | `0.2.27` | | [toml-rb](https://github.com/emancu/toml-rb) | `4.0.0` | `4.1.0` | | [parseconfig](https://github.com/datafolklabs/ruby-parseconfig) | `1.0.8` | `1.1.2` | | [http](https://github.com/httprb/http) | `5.1.1` | `5.3.1` | | [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-ruby) | `0.30.0` | `0.31.1` | | [opentelemetry-exporter-otlp-logs](https://github.com/open-telemetry/opentelemetry-ruby) | `0.2.0` | `0.2.2` | | [opentelemetry-exporter-otlp-metrics](https://github.com/open-telemetry/opentelemetry-ruby) | `0.4.0` | `0.6.1` | | [opentelemetry-instrumentation-excon](https://github.com/open-telemetry/opentelemetry-ruby-contrib) | `0.23.0` | `0.27.0` | | [opentelemetry-logs-sdk](https://github.com/open-telemetry/opentelemetry-ruby) | `0.2.0` | `0.4.0` | | [opentelemetry-metrics-sdk](https://github.com/open-telemetry/opentelemetry-ruby) | `0.6.0` | `0.11.2` | Updates `zeitwerk` from 2.7.1 to 2.7.4 - [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md) - [Commits](https://github.com/fxn/zeitwerk/commits) Updates `parallel` from 1.26.3 to 1.27.0 - [Commits](grosser/parallel@v1.26.3...v1.27.0) Updates `aws-sdk-codecommit` from 1.63.0 to 1.96.0 - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-codecommit/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Updates `aws-sdk-ecr` from 1.68.0 to 1.119.0 - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ecr/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Updates `commonmarker` from 2.3.1 to 2.6.3 - [Release notes](https://github.com/gjtorikian/commonmarker/releases) - [Changelog](https://github.com/gjtorikian/commonmarker/blob/main/CHANGELOG.md) - [Commits](gjtorikian/commonmarker@v2.3.1...v2.6.3) Updates `excon` from 1.2.5 to 1.3.2 - [Changelog](https://github.com/excon/excon/blob/master/changelog.txt) - [Commits](excon/excon@v1.2.5...v1.3.2) Updates `faraday` from 2.7.11 to 2.14.0 - [Release notes](https://github.com/lostisland/faraday/releases) - [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md) - [Commits](lostisland/faraday@v2.7.11...v2.14.0) Updates `faraday-retry` from 2.2.0 to 2.4.0 - [Release notes](https://github.com/lostisland/faraday-retry/releases) - [Changelog](https://github.com/lostisland/faraday-retry/blob/main/CHANGELOG.md) - [Commits](lostisland/faraday-retry@v2.2.0...v2.4.0) Updates `json` from 2.9.1 to 2.11.3 - [Release notes](https://github.com/ruby/json/releases) - [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md) - [Commits](ruby/json@v2.9.1...v2.11.3) Updates `nokogiri` from 1.18.9 to 1.19.0 - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](sparklemotion/nokogiri@v1.18.9...v1.19.0) Updates `opentelemetry-api` from 1.5.0 to 1.7.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/api/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-api/v1.5.0...opentelemetry-api/v1.7.0) Updates `opentelemetry-metrics-api` from 0.3.0 to 0.4.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/metrics_api/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-metrics-api/v0.3.0...opentelemetry-metrics-api/v0.4.0) Updates `ostruct` from 0.6.1 to 0.6.3 - [Release notes](https://github.com/ruby/ostruct/releases) - [Commits](ruby/ostruct@v0.6.1...v0.6.3) Updates `parser` from 3.3.7.1 to 3.3.10.1 - [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md) - [Commits](whitequark/parser@v3.3.7.1...v3.3.10.1) Updates `psych` from 5.1.2 to 5.3.1 - [Release notes](https://github.com/ruby/psych/releases) - [Commits](ruby/psych@v5.1.2...v5.3.1) Updates `sorbet-runtime` from 0.5.11952 to 0.6.12903 - [Release notes](https://github.com/sorbet/sorbet/releases) - [Commits](https://github.com/sorbet/sorbet/commits) Updates `stackprof` from 0.2.25 to 0.2.27 - [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md) - [Commits](tmm1/stackprof@v0.2.25...v0.2.27) Updates `toml-rb` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/emancu/toml-rb/releases) - [Commits](emancu/toml-rb@v4.0.0...v4.1.0) Updates `parseconfig` from 1.0.8 to 1.1.2 - [Changelog](https://github.com/datafolklabs/ruby-parseconfig/blob/master/Changelog) - [Commits](https://github.com/datafolklabs/ruby-parseconfig/commits) Updates `http` from 5.1.1 to 5.3.1 - [Changelog](https://github.com/httprb/http/blob/main/CHANGELOG.md) - [Commits](httprb/http@v5.1.1...v5.3.1) Updates `opentelemetry-exporter-otlp` from 0.30.0 to 0.31.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp/v0.30.0...opentelemetry-exporter-otlp/v0.31.1) Updates `opentelemetry-exporter-otlp-logs` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp-logs/v0.2.0...opentelemetry-exporter-otlp-logs/v0.2.2) Updates `opentelemetry-exporter-otlp-metrics` from 0.4.0 to 0.6.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp-metrics/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp-metrics/v0.4.0...opentelemetry-exporter-otlp-metrics/v0.6.1) Updates `opentelemetry-instrumentation-excon` from 0.23.0 to 0.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/excon/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-excon/v0.23.0...opentelemetry-instrumentation-excon/v0.27.0) Updates `opentelemetry-instrumentation-faraday` from 0.26.0 to 0.31.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/faraday/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-faraday/v0.26.0...opentelemetry-instrumentation-faraday/v0.31.0) Updates `opentelemetry-instrumentation-http` from 0.24.0 to 0.28.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/http/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-http/v0.24.0...opentelemetry-instrumentation-http/v0.28.0) Updates `opentelemetry-instrumentation-net_http` from 0.23.0 to 0.27.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/net_http/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-net_http/v0.23.0...opentelemetry-instrumentation-net_http/v0.27.0) Updates `opentelemetry-logs-sdk` from 0.2.0 to 0.4.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/logs_sdk/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-logs-sdk/v0.2.0...opentelemetry-logs-sdk/v0.4.0) Updates `opentelemetry-metrics-sdk` from 0.6.0 to 0.11.2 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/metrics_sdk/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-metrics-sdk/v0.6.0...opentelemetry-metrics-sdk/v0.11.2) Updates `opentelemetry-sdk` from 1.8.0 to 1.10.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/sdk/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-sdk/v1.8.0...opentelemetry-sdk/v1.10.0) --- updated-dependencies: - dependency-name: zeitwerk dependency-version: 2.7.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: parallel dependency-version: 1.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: aws-sdk-codecommit dependency-version: 1.96.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: aws-sdk-ecr dependency-version: 1.119.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: commonmarker dependency-version: 2.6.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: excon dependency-version: 1.3.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: faraday dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: faraday-retry dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: json dependency-version: 2.11.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: nokogiri dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-api dependency-version: 1.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-metrics-api dependency-version: 0.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: ostruct dependency-version: 0.6.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: parser dependency-version: 3.3.10.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: psych dependency-version: 5.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: sorbet-runtime dependency-version: 0.6.12903 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: stackprof dependency-version: 0.2.27 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: toml-rb dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: parseconfig dependency-version: 1.1.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: http dependency-version: 5.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-exporter-otlp dependency-version: 0.31.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-exporter-otlp-logs dependency-version: 0.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies - dependency-name: opentelemetry-exporter-otlp-metrics dependency-version: 0.6.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-instrumentation-excon dependency-version: 0.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-instrumentation-faraday dependency-version: 0.31.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-instrumentation-http dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-instrumentation-net_http dependency-version: 0.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-logs-sdk dependency-version: 0.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-metrics-sdk dependency-version: 0.11.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-sdk dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…tes (#20)

Bumps the poetry group in /python/helpers with 1 update: [poetry](https://github.com/python-poetry/poetry). Updates `poetry` from 2.1.1 to 2.3.1 - [Release notes](https://github.com/python-poetry/poetry/releases) - [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md) - [Commits](python-poetry/poetry@2.1.1...2.3.1) --- updated-dependencies: - dependency-name: poetry dependency-version: 2.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: poetry ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the dev-dependencies group with 1 update in the /npm_and_yarn/helpers directory: [prettier](https://github.com/prettier/prettier). Updates `prettier` from 3.6.2 to 3.8.1 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.6.2...3.8.1) --- updated-dependencies: - dependency-name: prettier dependency-version: 3.8.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the prod-dependencies group with 2 updates in the /updater directory: [aws-sdk-ecr](https://github.com/aws/aws-sdk-ruby) and [sorbet-runtime](https://github.com/sorbet/sorbet). Updates `aws-sdk-ecr` from 1.121.0 to 1.122.0 - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ecr/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Updates `sorbet-runtime` from 0.6.12957 to 0.6.12977 - [Release notes](https://github.com/sorbet/sorbet/releases) - [Commits](https://github.com/sorbet/sorbet/commits) --- updated-dependencies: - dependency-name: aws-sdk-ecr dependency-version: 1.122.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: sorbet-runtime dependency-version: 0.6.12977 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the common group in /python/helpers with 1 update: [cython](https://github.com/cython/cython). Updates `cython` from 3.1.2 to 3.2.4 - [Release notes](https://github.com/cython/cython/releases) - [Changelog](https://github.com/cython/cython/blob/master/CHANGES.rst) - [Commits](cython/cython@3.1.2...3.2.4) --- updated-dependencies: - dependency-name: cython dependency-version: 3.2.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: common ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [tomli](https://github.com/hukkin/tomli) from 2.2.1 to 2.4.0. - [Changelog](https://github.com/hukkin/tomli/blob/master/CHANGELOG.md) - [Commits](hukkin/tomli@2.2.1...2.4.0) --- updated-dependencies: - dependency-name: tomli dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [pip](https://github.com/pypa/pip) from 24.2 to 26.0. - [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst) - [Commits](pypa/pip@24.2...26.0) --- updated-dependencies: - dependency-name: pip dependency-version: '26.0' dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps library/golang from 1.24.5-bookworm to 1.26.1-bookworm. --- updated-dependencies: - dependency-name: library/golang dependency-version: 1.26.1-bookworm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps library/rust from 1.93.0-bookworm to 1.94.0-bookworm. --- updated-dependencies: - dependency-name: library/rust dependency-version: 1.94.0-bookworm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [nuget/helpers/lib/NuGet.Client](https://github.com/NuGet/NuGet.Client) from `acc6c0e` to `e6283f3`. - [Release notes](https://github.com/NuGet/NuGet.Client/releases) - [Commits](NuGet/NuGet.Client@acc6c0e...e6283f3) --- updated-dependencies: - dependency-name: nuget/helpers/lib/NuGet.Client dependency-version: e6283f3f736c9674b1789d5c6c849ff9bbf6685c dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the pip-tools group in /python/helpers with 1 update: [pip-tools](https://github.com/jazzband/pip-tools). Updates `pip-tools` from 7.5.2 to 7.5.3 - [Release notes](https://github.com/jazzband/pip-tools/releases) - [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md) - [Commits](jazzband/pip-tools@v7.5.2...v7.5.3) --- updated-dependencies: - dependency-name: pip-tools dependency-version: 7.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: pip-tools ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the dev-dependencies group with 1 update in the /updater directory: [rubocop](https://github.com/rubocop/rubocop). Updates `rubocop` from 1.85.0 to 1.85.1 - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](rubocop/rubocop@v1.85.0...v1.85.1) --- updated-dependencies: - dependency-name: rubocop dependency-version: 1.85.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [terminal-table](https://github.com/tj/terminal-table) from 3.0.2 to 4.0.0. - [Release notes](https://github.com/tj/terminal-table/releases) - [Changelog](https://github.com/tj/terminal-table/blob/master/History.rdoc) - [Commits](tj/terminal-table@v3.0.2...v4.0.0) --- updated-dependencies: - dependency-name: terminal-table dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the prod-dependencies group with 8 updates in the /updater directory: | Package | From | To | | --- | --- | --- | | [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-ruby) | `0.31.1` | `0.32.0` | | [opentelemetry-exporter-otlp-logs](https://github.com/open-telemetry/opentelemetry-ruby) | `0.2.2` | `0.3.0` | | [opentelemetry-exporter-otlp-metrics](https://github.com/open-telemetry/opentelemetry-ruby) | `0.6.1` | `0.7.0` | | [aws-sdk-ecr](https://github.com/aws/aws-sdk-ruby) | `1.122.0` | `1.123.0` | | [commonmarker](https://github.com/gjtorikian/commonmarker) | `2.6.3` | `2.7.0` | | [excon](https://github.com/excon/excon) | `1.3.2` | `1.4.0` | | [json](https://github.com/ruby/json) | `2.18.1` | `2.19.1` | | [sorbet-runtime](https://github.com/sorbet/sorbet) | `0.6.12977` | `0.6.13028` | Updates `opentelemetry-exporter-otlp` from 0.31.1 to 0.32.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp/v0.31.1...opentelemetry-exporter-otlp/v0.32.0) Updates `opentelemetry-exporter-otlp-logs` from 0.2.2 to 0.3.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp-logs/v0.2.2...opentelemetry-exporter-otlp-logs/v0.3.0) Updates `opentelemetry-exporter-otlp-metrics` from 0.6.1 to 0.7.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp-metrics/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp-metrics/v0.6.1...opentelemetry-exporter-otlp-metrics/v0.7.0) Updates `aws-sdk-ecr` from 1.122.0 to 1.123.0 - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ecr/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) Updates `commonmarker` from 2.6.3 to 2.7.0 - [Release notes](https://github.com/gjtorikian/commonmarker/releases) - [Changelog](https://github.com/gjtorikian/commonmarker/blob/main/CHANGELOG.md) - [Commits](gjtorikian/commonmarker@v2.6.3...v2.7.0) Updates `excon` from 1.3.2 to 1.4.0 - [Changelog](https://github.com/excon/excon/blob/master/changelog.txt) - [Commits](excon/excon@v1.3.2...v1.4.0) Updates `json` from 2.18.1 to 2.19.1 - [Release notes](https://github.com/ruby/json/releases) - [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md) - [Commits](ruby/json@v2.18.1...v2.19.1) Updates `opentelemetry-api` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/api/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-api/v1.7.0...opentelemetry-api/v1.8.0) Updates `sorbet-runtime` from 0.6.12977 to 0.6.13028 - [Release notes](https://github.com/sorbet/sorbet/releases) - [Commits](https://github.com/sorbet/sorbet/commits) --- updated-dependencies: - dependency-name: opentelemetry-exporter-otlp dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-exporter-otlp-logs dependency-version: 0.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-exporter-otlp-metrics dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: aws-sdk-ecr dependency-version: 1.123.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: commonmarker dependency-version: 2.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: excon dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: json dependency-version: 2.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: opentelemetry-api dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod-dependencies - dependency-name: sorbet-runtime dependency-version: 0.6.13028 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [json](https://github.com/ruby/json) from 2.19.1 to 2.19.2. - [Release notes](https://github.com/ruby/json/releases) - [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md) - [Commits](ruby/json@v2.19.1...v2.19.2) --- updated-dependencies: - dependency-name: json dependency-version: 2.19.2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

--- updated-dependencies: - dependency-name: phpstan/phpstan dependency-version: 2.1.42 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [nuget/helpers/lib/NuGet.Client](https://github.com/NuGet/NuGet.Client) from `e6283f3` to `e7ef15e`. - [Release notes](https://github.com/NuGet/NuGet.Client/releases) - [Commits](NuGet/NuGet.Client@e6283f3...e7ef15e) --- updated-dependencies: - dependency-name: nuget/helpers/lib/NuGet.Client dependency-version: e7ef15ed658310dfcb0015095d1bd9444dc5c9dd dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps library/rust from 1.94.0-bookworm to 1.95.0-bookworm. --- updated-dependencies: - dependency-name: library/rust dependency-version: 1.95.0-bookworm dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the prod-dependencies group with 1 update in the /composer/helpers/v2 directory: [composer/composer](https://github.com/composer/composer). Updates `composer/composer` from 2.9.5 to 2.9.7 - [Release notes](https://github.com/composer/composer/releases) - [Changelog](https://github.com/composer/composer/blob/main/CHANGELOG.md) - [Commits](composer/composer@2.9.5...2.9.7) --- updated-dependencies: - dependency-name: composer/composer dependency-version: 2.9.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.12 to 1.1.14. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@v1.1.12...v1.1.14) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.14 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [poetry](https://github.com/python-poetry/poetry) from 2.3.2 to 2.3.4. - [Release notes](https://github.com/python-poetry/poetry/releases) - [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md) - [Commits](python-poetry/poetry@2.3.2...2.3.4) --- updated-dependencies: - dependency-name: poetry dependency-version: 2.3.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [nuget/helpers/lib/dotnet-core](https://github.com/dotnet/core) from `d9ecafa` to `e903085`. - [Release notes](https://github.com/dotnet/core/releases) - [Commits](dotnet/core@d9ecafa...e903085) --- updated-dependencies: - dependency-name: nuget/helpers/lib/dotnet-core dependency-version: e90308508d0a52161b512332ebe0723433e8235a dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [tomli](https://github.com/hukkin/tomli) from 2.4.0 to 2.4.1. - [Changelog](https://github.com/hukkin/tomli/blob/master/CHANGELOG.md) - [Commits](hukkin/tomli@2.4.0...2.4.1) --- updated-dependencies: - dependency-name: tomli dependency-version: 2.4.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot and others added 30 commits January 23, 2026 21:35

Merge pull request #3 from JaclynCodes/dependabot/npm_and_yarn/bun/he…

cd6d109

…lpers/lodash-4.17.23

Merge pull request #4 from JaclynCodes/dependabot/npm_and_yarn/bun/he…

82a0666

…lpers/multi-6afa301cf6 Bump tar, @npmcli/arborist and npm in /bun/helpers

Merge pull request #11 from JaclynCodes/dependabot/dotnet_sdk/nuget/h…

3909d20

…elpers/lib/NuGetUpdater/dotnet-sdk-10.0.102

Merge pull request #17 from JaclynCodes/dependabot/pip/python/helpers…

044211a

…/pip-tools-ae90bfcbbe

Merge pull request #8 from JaclynCodes/dependabot/docker/cargo/librar…

d32e152

…y/rust-1.93.0-bookworm

Merge pull request #5 from JaclynCodes/dependabot/composer/composer/h…

c931ab1

…elpers/v2/symfony/process-7.4.5

Merge pull request #9 from JaclynCodes/dependabot/go_modules/go_modul…

96b1e3d

…es/helpers/golang.org/x/mod-0.32.0

Merge pull request #6 from JaclynCodes/dependabot/submodules/nuget/he…

716bdde

…lpers/lib/NuGet.Client-53c7a9c

Merge pull request #36 from JaclynCodes/dependabot/npm_and_yarn/npm_a…

b2aa71f

…nd_yarn/helpers/lodash-4.17.23

Merge pull request #37 from JaclynCodes/dependabot/npm_and_yarn/npm_a…

7e11852

…nd_yarn/helpers/multi-c22e25d29b

Merge pull request #16 from JaclynCodes/dependabot/npm_and_yarn/npm_a…

ff55ac1

…nd_yarn/helpers/npm-dependencies-b295cd00ec Bump the npm-dependencies group in /npm_and_yarn/helpers with 3 updates

Merge pull request #10 from JaclynCodes/dependabot/composer/composer/…

c718a32

…helpers/v2/prod-dependencies-2bf85eb48c Bump composer/composer from 2.8.9 to 2.9.4 in /composer/helpers/v2 in the prod-dependencies group across 1 directory

Bump npm from 6.14.18 to 11.9.0 in /npm_and_yarn/helpers (#51)

bdec2f5

Bump the pnpm-dependencies group in /npm_and_yarn/helpers with 2 upda…

5f122db

…tes (#20)

Bump nuget/helpers/lib/dotnet-core from 218ef74 to d9ecafa (#59)

da9fa89

Bump nuget/helpers/lib/NuGet.Client from 53c7a9c to acc6c0e (#58)

ea7a455

Bump ajv from 6.12.6 to 6.14.0 in /npm_and_yarn/helpers (#68)

ccb69a5

dependabot Bot added 15 commits March 1, 2026 16:54

Bump phpstan/phpstan

75484fa

--- updated-dependencies: - dependency-name: phpstan/phpstan dependency-version: 2.1.42 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Mar 29, 2026

github-actions Bot added the L: python label Mar 29, 2026

dependabot Bot added 6 commits April 21, 2026 14:22

dependabot Bot force-pushed the dependabot/pip/python/helpers/tomli-2.4.1 branch from f41bad8 to 040f711 Compare April 22, 2026 18:03

dependabot Bot force-pushed the dependabot/pip/python/helpers/tomli-2.4.1 branch from 040f711 to a88fca9 Compare April 22, 2026 18:04

JaclynCodes force-pushed the main branch from 86ad247 to a0a2daa Compare May 2, 2026 22:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump tomli from 2.4.0 to 2.4.1 in /python/helpers#101

Bump tomli from 2.4.0 to 2.4.1 in /python/helpers#101
dependabot[bot] wants to merge 58 commits into
mainfrom
dependabot/pip/python/helpers/tomli-2.4.1

dependabot Bot commented on behalf of github Mar 29, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Mar 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

2.4.1

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Mar 29, 2026 •

edited

Loading