Skip to content

deps(dev): bump the python-dev-minor group across 1 directory with 14 updates#19

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dev-minor-dc88001c6c
Closed

deps(dev): bump the python-dev-minor group across 1 directory with 14 updates#19
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-dev-minor-dc88001c6c

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 14, 2026

Copy link
Copy Markdown

Bumps the python-dev-minor group with 14 updates in the / directory:

Package From To
bandit 1.8.0 1.9.2
hypothesis 6.135.0 6.150.2
mypy 1.13.0 1.19.1
openapi-spec-validator 0.7.1 0.7.2
pip-licenses 5.0.0 5.5.0
pre-commit 4.0.1 4.5.1
pytest-benchmark 5.1.0 5.2.3
ruff 0.8.4 0.14.11
types-requests 2.32.0.20241016 2.32.4.20260107
alembic 1.13.2 1.18.0
fastapi 0.115.6 0.128.0
pydantic-settings 2.4.0 2.12.0
sqlalchemy 2.0.32 2.0.45
uvicorn[standard] 0.30.5 0.40.0

Updates bandit from 1.8.0 to 1.9.2

Release notes

Sourced from bandit's releases.

1.9.2

What's Changed

Full Changelog: PyCQA/bandit@1.9.1...1.9.2

1.9.1

What's Changed

Full Changelog: PyCQA/bandit@1.9.0...1.9.1

1.9.0

What's Changed

New Contributors

Full Changelog: PyCQA/bandit@1.8.6...1.9.0

1.8.6

What's Changed

New Contributors

... (truncated)

Commits

Updates hypothesis from 6.135.0 to 6.150.2

Release notes

Sourced from hypothesis's releases.

Hypothesis for Python - version 6.150.2

Update some internal type hints.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.150.1

This patch fixes a bug where "recursive()" would fail in cases where the "extend=" function does not reference it's argument - which was assumed by the recent "min_leaves=" feature, because the strategy can't actually recurse otherwise. (issue #4638)

Now, the historical behavior is working-but-deprecated, or an error if you explicitly pass "min_leaves=".

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.150.0

This release adds a "min_leaves" argument to "recursive()", which ensures that generated recursive structures have at least the specified number of leaf nodes (issue #4205).

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.149.1

Add type hints to an internal class.

The canonical version of these notes (with links) is on readthedocs.

Hypothesis for Python - version 6.149.0

This release extends the explain-phase "# or any other generated value" comments to sub-arguments within "builds()", "tuples()", and "fixed_dictionaries()".

Previously, these comments only appeared on top-level test arguments. Now, when the explain phase determines that a sub-argument can vary freely without affecting the test failure, you'll see comments like:

Falsifying example: test_foo( obj=MyClass( x=0, # or any other generated value y=True, ), data=( '', # or any other generated value 42, ), )

This makes it easier to understand which parts of complex inputs actually matter for reproducing a failure.

... (truncated)

Commits
  • a3d5bff Bump hypothesis-python version to 6.150.2 and update changelog
  • 6100544 Merge pull request #4512 from Liam-DeVoe/next
  • 1cab11e simplify entrypoints
  • 174c1f1 Bump hypothesis-python version to 6.150.1 and update changelog
  • 8cc1f38 Merge pull request #4639 from Zac-HD/fix-recursive-strategy
  • c62b34a Merge branch 'master' into next
  • 6541d3c Merge branch 'master' into fix-recursive-strategy
  • 4a322b4 Merge pull request #4641 from Liam-DeVoe/test-updates
  • a0082e8 spacing
  • b1bc5c2 update changelog
  • Additional commits viewable in compare view

Updates mypy from 1.13.0 to 1.19.1

Changelog

Sourced from mypy's changelog.

Mypy 1.19.1

  • Fix noncommutative joins with bounded TypeVars (Shantanu, PR 20345)
  • Respect output format for cached runs by serializing raw errors in cache metas (Ivan Levkivskyi, PR 20372)
  • Allow types.NoneType in match cases (A5rocks, PR 20383)
  • Fix mypyc generator regression with empty tuple (BobTheBuidler, PR 20371)
  • Fix crash involving Unpack-ed TypeVarTuple (Shantanu, PR 20323)
  • Fix crash on star import of redefinition (Ivan Levkivskyi, PR 20333)
  • Fix crash on typevar with forward ref used in other module (Ivan Levkivskyi, PR 20334)
  • Fail with an explicit error on PyPy (Ivan Levkivskyi, PR 20389)

Acknowledgements

Thanks to all mypy contributors who contributed to this release:

  • A5rocks
  • BobTheBuidler
  • bzoracler
  • Chainfire
  • Christoph Tyralla
  • David Foster
  • Frank Dana
  • Guo Ci
  • iap
  • Ivan Levkivskyi
  • James Hilton-Balfe
  • jhance
  • Joren Hammudoglu
  • Jukka Lehtosalo
  • KarelKenens
  • Kevin Kannammalil
  • Marc Mueller
  • Michael Carlstrom
  • Michael J. Sullivan
  • Piotr Sawicki
  • Randolf Scholz
  • Shantanu
  • Sigve Sebastian Farstad
  • sobolevn
  • Stanislav Terliakov
  • Stephen Morton
  • Theodore Ando
  • Thiago J. Barbalho
  • wyattscarpenter

I’d also like to thank my employer, Dropbox, for supporting mypy development.

Mypy 1.18

We’ve just uploaded mypy 1.18.1 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance

... (truncated)

Commits

Updates openapi-spec-validator from 0.7.1 to 0.7.2

Release notes

Sourced from openapi-spec-validator's releases.

0.7.2

Fixes

  • Allow undefined required properties #312
  • Extract extra options recursively #391
Commits
  • 42dad2f Version 0.7.2
  • cbf99da Merge pull request #391 from tembleking/fix-recursive-extra-options
  • ae91d80 Added _collect_properties function missing type annotation
  • 8f069ee fix: extract extra options recursively
  • 4970181 Merge pull request #384 from python-openapi/fix/artifact-actions-fix
  • db82563 Artifact actions fix
  • 762b0c8 Merge pull request #377 from python-openapi/dependabot/docker/python-3.12.6-a...
  • dbd0d48 Merge pull request #364 from python-openapi/dependabot/pip/certifi-2024.7.4
  • b92647c Merge pull request #365 from python-openapi/dependabot/pip/sphinx-immaterial-...
  • 7df88d9 Merge pull request #367 from python-openapi/dependabot/pip/zipp-3.19.1
  • Additional commits viewable in compare view

Updates pip-licenses from 5.0.0 to 5.5.0

Release notes

Sourced from pip-licenses's releases.

v-5.5.0

Patch Notes for v-5.5.0

  • Minor Security updates
  • Initial Implementation of PEP-639 support
  • Initial support for builtin tomllib for Python 3.11+ (reducing external dependencies by 1)
  • Fixes an edge case where packages are named with version info.
  • Declares support for Python 3.13 & 3.14

Impacted GHI:

  • Contributed to #236

Included and Superseded PRs

  • includes and supersedes #210
  • includes and supersedes #213
  • includes and supersedes #214
  • includes and supersedes #215
  • includes and supersedes #218
  • includes and supersedes #219
  • includes and supersedes #222
  • includes and supersedes #230

Changelog

Sourced from pip-licenses's changelog.

5.5.0

  • Replace dependency on tomli with builtin tomllib for Python 3.11
  • Added support for License-Expression metadata field, see PEP 639
  • Added --from=expression option
  • Breaking change: The --from=all output now includes the License-Expression value
  • Fixed KeyError with --partial and --allow-only if a license matches multiple allowed licenses.
  • Declare support for Python 3.13 and 3.14
  • Added RST/Sphinx workflow example for --with-license-file option in documentation
Commits
  • 67e539e [FEATURE] Release Attestation
  • 72342f7 Minor refactor for duplicate ids
  • 363b272 Minor fix for continuous deployment setup logic
  • 2818ae4 [YANK] minor fixes to v-5.5.0rc1 -- bump to rc2
  • 5456cf7 [UPDATE] Improved CI/CD (and version 5.5 bump)
  • 99100d0 [MERGE] pull request #218 from cdce8p/python-313
  • 8980be4 Declare support for Python 3.13 and 3.14
  • 1bec845 [MERGE] pull request #238 from raimon49/patch-partial-matching-refactor-231
  • 379fce6 Add additional test case.
  • 863ccf2 [MERGE] pull request #219 from cdce8p/update-build-system
  • Additional commits viewable in compare view

Updates pre-commit from 4.0.1 to 4.5.1

Release notes

Sourced from pre-commit's releases.

pre-commit v4.5.1

Fixes

  • Fix language: python with repo: local without additional_dependencies.

pre-commit v4.5.0

Features

pre-commit v4.4.0

Features

Fixes

pre-commit v4.3.0

Features

pre-commit v4.2.0

Features

  • For language: python first attempt a versioned python executable for the default language version before consulting a potentially unversioned sys.executable.

Fixes

... (truncated)

Changelog

Sourced from pre-commit's changelog.

4.5.1 - 2025-12-16

Fixes

  • Fix language: python with repo: local without additional_dependencies.

4.5.0 - 2025-11-22

Features

4.4.0 - 2025-11-08

Features

Fixes

4.3.0 - 2025-08-09

Features

... (truncated)

Commits
  • 8a0630c v4.5.1
  • fcbc745 Merge pull request #3597 from pre-commit/empty-setup-py
  • 51592ee fix python local template when artifact dirs are present
  • 67e8faf Merge pull request #3596 from pre-commit/pre-commit-ci-update-config
  • c251e6b [pre-commit.ci] pre-commit autoupdate
  • 98ccafa Merge pull request #3593 from pre-commit/pre-commit-ci-update-config
  • 4895355 [pre-commit.ci] pre-commit autoupdate
  • 2cedd58 Merge pull request #3588 from pre-commit/pre-commit-ci-update-config
  • 465192d [pre-commit.ci] pre-commit autoupdate
  • fd42f96 Merge pull request #3586 from pre-commit/zipapp-sha256-file-not-needed
  • Additional commits viewable in compare view

Updates pytest-benchmark from 5.1.0 to 5.2.3

Changelog

Sourced from pytest-benchmark's changelog.

v5.2.3 (2025-11-09)

  • Add support for pytest 9.0.
  • Moved the README.rst/CHANGELOG.rst concatenation from setup.py to pyproject.toml.

v5.2.2 (2025-11-07)

  • Fixed auto-disable to work with newer xdist (pytest-benchmark auto disables benchmarks if xdist is enabled by design). Contributed by Thomas B. Brunner in [#294](https://github.com/ionelmc/pytest-benchmark/issues/294) <https://github.com/ionelmc/pytest-benchmark/pull/294>_.

v5.2.1 (2025-11-04)

  • Add markers so pytest doesn't try to assert-rewrite the plugin internals (fixes those pytest.PytestAssertRewriteWarning: Module already imported so cannot be rewritten; pytest_benchmark warnings).

v5.2.0 (2025-10-30)

  • Added support for a per-round teardown function to pedantic mode. Contributed Patrick Winter by [#264](https://github.com/ionelmc/pytest-benchmark/issues/264) <https://github.com/ionelmc/pytest-benchmark/pull/264>_.
  • Added --benchmark-time-unit option. Contributed by Tony Kuo in [#281](https://github.com/ionelmc/pytest-benchmark/issues/281) <https://github.com/ionelmc/pytest-benchmark/pull/281>_.
  • Fixed deprecated hook examples in docstrings. Contributed by Ali-Akber Saifee in [#284](https://github.com/ionelmc/pytest-benchmark/issues/284) <https://github.com/ionelmc/pytest-benchmark/pull/284>_.
  • Changed --benchmark-compare-fail to accept percentages higher than 100%. Contributed by Ben Avrahami in [#280](https://github.com/ionelmc/pytest-benchmark/issues/280) <https://github.com/ionelmc/pytest-benchmark/pull/280>_.
  • Added minimal typing support. Contributed by Sorin Sbarnea in [#290](https://github.com/ionelmc/pytest-benchmark/issues/290) <https://github.com/ionelmc/pytest-benchmark/pull/290>_.
  • Fixed support for Python 3.9. Contributed by Enno Gotthold in [#291](https://github.com/ionelmc/pytest-benchmark/issues/291) <https://github.com/ionelmc/pytest-benchmark/pull/291>_.
  • Replaced the complicated and broken code of pytest_benchmark.utils.clonefunc with a simple return of the input. That function was supposed to allow benchmarking with the cost of PyPy JIT included but it's a hassle to maintain.
  • Moved the instrumentation pause outside the round loops (in addition to tracing, profiling is paused too). Pedantic mode will keep doing this per round (as the user manually controls the round count). This is necessary because in some scenarios setting and unsetting the tracer too much will overflow an internal counter (found to cause "OverflowError: events set too many times" at least on Python 3.13).
Commits
  • b857483 Bump version: 5.2.2 → 5.2.3
  • 7f5abf9 Add a note about the readme.
  • b8e5f53 Fix bad wrap.
  • 931d50f Add back some escapes. Oops.
  • d5c2f7e Add support for pytest 9.0. Fixes #295.
  • 9a3888a Move readme+changelog extraction to static pyproject config.
  • d34bf73 Bump version: 5.2.1 → 5.2.2
  • cf2ac34 Bump prek.
  • 8bfc327 Improve formatting (docutils chokes on those arguments with colons and bracke...
  • 190b487 Prefix all headings with letters to allow docutils or whatever generate stabl...
  • Additional commits viewable in compare view

Updates ruff from 0.8.4 to 0.14.11

Release notes

Sourced from ruff's releases.

0.14.11

Release Notes

Released on 2026-01-08.

Preview features

  • Consolidate diagnostics for matched disable/enable suppression comments (#22099)
  • Report diagnostics for invalid/unmatched range suppression comments (#21908)
  • [airflow] Passing positional argument into airflow.lineage.hook.HookLineageCollector.create_asset is not allowed (AIR303) (#22046)
  • [refurb] Mark FURB192 fix as always unsafe (#22210)
  • [ruff] Add non-empty-init-module (RUF067) (#22143)

Bug fixes

  • Fix GitHub format for multi-line diagnostics (#22108)
  • [flake8-unused-arguments] Mark **kwargs in TypeVar as used (ARG001) (#22214)

Rule changes

  • Add help: subdiagnostics for several Ruff rules that can sometimes appear to disagree with ty (#22331)
  • [pylint] Demote PLW1510 fix to display-only (#22318)
  • [pylint] Ignore identical members (PLR1714) (#22220)
  • [pylint] Improve diagnostic range for PLC0206 (#22312)
  • [ruff] Improve fix title for RUF102 invalid rule code (#22100)
  • [flake8-simplify]: Avoid unnecessary builtins import for SIM105 (#22358)

Configuration

  • Allow Python 3.15 as valid target-version value in preview (#22419)
  • Check required-version before parsing rules (#22410)
  • Include configured src directories when resolving graphs (#22451)

Documentation

  • Update T201 suggestion to not use root logger to satisfy LOG015 (#22059)
  • Fix iter example in unsafe fixes doc (#22118)
  • [flake8_print] better suggestion for basicConfig in T201 docs (#22101)
  • [pylint] Restore the fix safety docs for PLW0133 (#22211)
  • Fix Jupyter notebook discovery info for editors (#22447)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.14.11

Released on 2026-01-08.

Preview features

  • Consolidate diagnostics for matched disable/enable suppression comments (#22099)
  • Report diagnostics for invalid/unmatched range suppression comments (#21908)
  • [airflow] Passing positional argument into airflow.lineage.hook.HookLineageCollector.create_asset is not allowed (AIR303) (#22046)
  • [refurb] Mark FURB192 fix as always unsafe (#22210)
  • [ruff] Add non-empty-init-module (RUF067) (#22143)

Bug fixes

  • Fix GitHub format for multi-line diagnostics (#22108)
  • [flake8-unused-arguments] Mark **kwargs in TypeVar as used (ARG001) (#22214)

Rule changes

  • Add help: subdiagnostics for several Ruff rules that can sometimes appear to disagree with ty (#22331)
  • [pylint] Demote PLW1510 fix to display-only (#22318)
  • [pylint] Ignore identical members (PLR1714) (#22220)
  • [pylint] Improve diagnostic range for PLC0206 (#22312)
  • [ruff] Improve fix title for RUF102 invalid rule code (#22100)
  • [flake8-simplify]: Avoid unnecessary builtins import for SIM105 (#22358)

Configuration

  • Allow Python 3.15 as valid target-version value in preview (#22419)
  • Check required-version before parsing rules (#22410)
  • Include configured src directories when resolving graphs (#22451)

Documentation

  • Update T201 suggestion to not use root logger to satisfy LOG015 (#22059)
  • Fix iter example in unsafe fixes doc (#22118)
  • [flake8_print] better suggestion for basicConfig in T201 docs (#22101)
  • [pylint] Restore the fix safety docs for PLW0133 (#22211)
  • Fix Jupyter notebook discovery info for editors (#22447)

Contributors

... (truncated)

Commits
  • c920cf8 Bump 0.14.11 (#22462)
  • bb757b5 [ty] Don't show diagnostics for excluded files (#22455)
  • 1f49e8e Include configured src directories when resolving graphs (#22451)
  • 701f513 [ty] Only consider fully static pivots when deriving transitive constraints (...
  • eea9ad8 Pin maturin version (#22454)
  • eeac2bd [ty] Optimize union building for unions with many enum-literal members (#22363)
  • 7319c37 docs: fix jupyter notebook discovery info for editors (#22447)
  • 805503c [ruff] Improve fix title for RUF102 invalid rule code (#22100)
  • 68a2f6c [ty] Fix super() with TypeVar-annotated self and cls parameter (#22208)
  • abaa735 [ty] Improve UnionBuilder performance by changing Type::is_subtype_of cal...
  • Additional commits viewable in compare view

Updates types-requests from 2.32.0.20241016 to 2.32.4.20260107

Commits

Updates alembic from 1.13.2 to 1.18.0

Release notes

Sourced from alembic's releases.

1.18.0

Released: January 9, 2026

feature

  • [feature] [operations] When alembic is run in "verbose" mode, alembic now logs a message to indicate from which file is used to load the configuration.

    References: #1737

  • [feature] [autogenerate] Autogenerate reflection sweeps now use the "bulk" inspector methods introduced in SQLAlchemy 2.0, which for selected dialects including PostgreSQL and Oracle use batched queries to reflect whole collections of tables using O(1) queries rather than O(N).

    References: #1771

  • [feature] [autogenerate] Release 1.18.0 introduces a plugin system that allows for automatic loading of third-party extensions as well as configurable autogenerate compare functionality on a per-environment basis.

    The Plugin class provides a common interface for extensions that register handlers among Alembic's existing extension points such as Operations.register_operation() and Operations.implementation_for(). A new interface for registering autogenerate comparison handlers, Plugin.add_autogenerate_comparator(), provides for autogenerate compare functionality that may be custom-configured on a per-environment basis using the new EnvironmentContext.configure.autogenerate_plugins parameter.

    The change does not impact well known Alembic add-ons such as alembic-utils, which continue to work as before; however, such add-ons have the option to provide plugin entrypoints going forward.

    As part of this change, Alembic's autogenerate compare functionality is reorganized into a series of internal plugins under the alembic.autogenerate namespace, which may be individually or collectively identified for inclusion and/or exclusion within the EnvironmentContext.configure() call using a new parameter EnvironmentContext.configure.autogenerate_plugins. This parameter is also where third party comparison plugins may also be indicated.

    See alembic.plugins.toplevel for complete documentation on the new Plugin class as well as autogenerate-specific usage instructions.

... (truncated)

Commits

Updates fastapi from 0.115.6 to 0.128.0

Release notes

Sourced from fastapi's releases.

0.128.0

Breaking Changes

Internal

0.127.1

Refactors

Docs

Translations

Internal

0.127.0

Breaking Changes

Translations

  • 🔧 Add LLM prompt file for Korean, generated from the existing translations. PR #14546 by @​tiangolo.
  • 🔧 Add LLM prompt file for Japanese, generated from the existing translations. PR #14545 by @​tiangolo.

Internal

0.126.0

Upgrades

  • ➖ Drop support for Pydantic v1, keeping short temporary support for Pydantic v2's pydantic.v1. PR #14575 by @​tiangolo.

... (truncated)

Commits

… updates

Bumps the python-dev-minor group with 14 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [bandit](https://github.com/PyCQA/bandit) | `1.8.0` | `1.9.2` |
| [hypothesis](https://github.com/HypothesisWorks/hypothesis) | `6.135.0` | `6.150.2` |
| [mypy](https://github.com/python/mypy) | `1.13.0` | `1.19.1` |
| [openapi-spec-validator](https://github.com/python-openapi/openapi-spec-validator) | `0.7.1` | `0.7.2` |
| [pip-licenses](https://github.com/raimon49/pip-licenses) | `5.0.0` | `5.5.0` |
| [pre-commit](https://github.com/pre-commit/pre-commit) | `4.0.1` | `4.5.1` |
| [pytest-benchmark](https://github.com/ionelmc/pytest-benchmark) | `5.1.0` | `5.2.3` |
| [ruff](https://github.com/astral-sh/ruff) | `0.8.4` | `0.14.11` |
| [types-requests](https://github.com/typeshed-internal/stub_uploader) | `2.32.0.20241016` | `2.32.4.20260107` |
| [alembic](https://github.com/sqlalchemy/alembic) | `1.13.2` | `1.18.0` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.115.6` | `0.128.0` |
| [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.4.0` | `2.12.0` |
| [sqlalchemy](https://github.com/sqlalchemy/sqlalchemy) | `2.0.32` | `2.0.45` |
| [uvicorn[standard]](https://github.com/Kludex/uvicorn) | `0.30.5` | `0.40.0` |



Updates `bandit` from 1.8.0 to 1.9.2
- [Release notes](https://github.com/PyCQA/bandit/releases)
- [Commits](PyCQA/bandit@1.8.0...1.9.2)

Updates `hypothesis` from 6.135.0 to 6.150.2
- [Release notes](https://github.com/HypothesisWorks/hypothesis/releases)
- [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.135.0...hypothesis-python-6.150.2)

Updates `mypy` from 1.13.0 to 1.19.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@v1.13.0...v1.19.1)

Updates `openapi-spec-validator` from 0.7.1 to 0.7.2
- [Release notes](https://github.com/python-openapi/openapi-spec-validator/releases)
- [Commits](python-openapi/openapi-spec-validator@0.7.1...0.7.2)

Updates `pip-licenses` from 5.0.0 to 5.5.0
- [Release notes](https://github.com/raimon49/pip-licenses/releases)
- [Changelog](https://github.com/raimon49/pip-licenses/blob/master/CHANGELOG.md)
- [Commits](raimon49/pip-licenses@v-5.0.0...v-5.5.0)

Updates `pre-commit` from 4.0.1 to 4.5.1
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/main/CHANGELOG.md)
- [Commits](pre-commit/pre-commit@v4.0.1...v4.5.1)

Updates `pytest-benchmark` from 5.1.0 to 5.2.3
- [Changelog](https://github.com/ionelmc/pytest-benchmark/blob/master/CHANGELOG.rst)
- [Commits](ionelmc/pytest-benchmark@v5.1.0...v5.2.3)

Updates `ruff` from 0.8.4 to 0.14.11
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.8.4...0.14.11)

Updates `types-requests` from 2.32.0.20241016 to 2.32.4.20260107
- [Commits](https://github.com/typeshed-internal/stub_uploader/commits)

Updates `alembic` from 1.13.2 to 1.18.0
- [Release notes](https://github.com/sqlalchemy/alembic/releases)
- [Changelog](https://github.com/sqlalchemy/alembic/blob/main/CHANGES)
- [Commits](https://github.com/sqlalchemy/alembic/commits)

Updates `fastapi` from 0.115.6 to 0.128.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.115.6...0.128.0)

Updates `pydantic-settings` from 2.4.0 to 2.12.0
- [Release notes](https://github.com/pydantic/pydantic-settings/releases)
- [Commits](pydantic/pydantic-settings@v2.4.0...v2.12.0)

Updates `sqlalchemy` from 2.0.32 to 2.0.45
- [Release notes](https://github.com/sqlalchemy/sqlalchemy/releases)
- [Changelog](https://github.com/sqlalchemy/sqlalchemy/blob/main/CHANGES.rst)
- [Commits](https://github.com/sqlalchemy/sqlalchemy/commits)

Updates `uvicorn[standard]` from 0.30.5 to 0.40.0
- [Release notes](https://github.com/Kludex/uvicorn/releases)
- [Changelog](https://github.com/Kludex/uvicorn/blob/main/docs/release-notes.md)
- [Commits](Kludex/uvicorn@0.30.5...0.40.0)

---
updated-dependencies:
- dependency-name: bandit
  dependency-version: 1.9.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: hypothesis
  dependency-version: 6.150.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: mypy
  dependency-version: 1.19.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: openapi-spec-validator
  dependency-version: 0.7.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dev-minor
- dependency-name: pip-licenses
  dependency-version: 5.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: pre-commit
  dependency-version: 4.5.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: pytest-benchmark
  dependency-version: 5.2.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: ruff
  dependency-version: 0.14.11
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: types-requests
  dependency-version: 2.32.4.20260107
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-dev-minor
- dependency-name: alembic
  dependency-version: 1.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: fastapi
  dependency-version: 0.128.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: pydantic-settings
  dependency-version: 2.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
- dependency-name: sqlalchemy
  dependency-version: 2.0.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dev-minor
- dependency-name: uvicorn[standard]
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-dev-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jan 14, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies, dev, python. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@coderabbitai

coderabbitai Bot commented Jan 14, 2026

Copy link
Copy Markdown

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.


Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

Copy link
Copy Markdown

Test Results (ubuntu-latest/Python 3.11)

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit f797877.

@github-actions

Copy link
Copy Markdown

Test Results (ubuntu-latest/Python 3.12)

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit f797877.

@TechNavii TechNavii closed this Jan 14, 2026
@TechNavii TechNavii deleted the dependabot/pip/python-dev-minor-dc88001c6c branch January 14, 2026 04:45
@dependabot @github

dependabot Bot commented on behalf of github Jan 14, 2026

Copy link
Copy Markdown
Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant