Skip to content

Bump the all-dependencies group with 4 updates#641

Merged
tomjemmett merged 1 commit into
mainfrom
dependabot/uv/all-dependencies-97f3b05606
Jun 29, 2026
Merged

Bump the all-dependencies group with 4 updates#641
tomjemmett merged 1 commit into
mainfrom
dependabot/uv/all-dependencies-97f3b05606

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-dependencies group with 4 updates: pandas, coverage, ruff and setuptools-scm.

Updates pandas from 3.0.3 to 3.0.4

Release notes

Sourced from pandas's releases.

pandas 3.0.4

We are pleased to announce the release of pandas 3.0.4. This is a patch release in the 3.0.x series and includes some regression fixes and bug fixes. We recommend that all users of the 3.0.x series upgrade to this version.

See the full whatsnew for a list of all the changes.

Pandas 3.0 supports Python 3.11 and higher. The release can be installed from PyPI:

python -m pip install --upgrade pandas==3.0.*

Or from conda-forge

conda install -c conda-forge pandas=3.0

Please report any issues with the release on the pandas issue tracker.

Thanks to all the contributors who made this release possible.

Commits
  • 8188eb1 RLS: 3.0.4 (#66079)
  • bd35f15 [3.0.x] BUG: fix CoW issue in eval() (#66072)
  • 6195872 [backport 3.0.x] BUG: anchor whole alternation in Series.str.match for PyArro...
  • 70313be Backport PR #66051 on branch 3.0.x (BUG: fix regression in DataFrame setitem ...
  • 57ed3e2 [backport 3.0.x] Bump pypa/cibuildwheel from 3.4.1 to 4.1.0 (#65934) (#66026)
  • f9693fc [backport 3.0.x] BUG(pandas 3.0 regression): drop(index=...) doesn't accept N...
  • 9760fff [backport 3.0.x] BUG: support for operations with custom objects / object dty...
  • f03f3ab [backport 3.0.x] ENH: fallback to zoneinfo Python API (for correct tz localiz...
  • 774a50d Backport PR #65066 on branch 3.0.x (BUG: escape SQL identifiers in ADBCDataba...
  • 15494e8 [3.0.x] BUG: fix segfault adding non-tick DateOffset to datetime data under t...
  • Additional commits viewable in compare view

Updates coverage from 7.14.2 to 7.14.3

Changelog

Sourced from coverage's changelog.

Version 7.14.3 — 2026-06-22

  • Fix: the default ... exclusion rule now also matches function bodies whose closing return-type bracket is on its own line (for example, after a long -> dict[ ... ] annotation that a formatter has split over multiple lines). Closes issue 2185, thanks Mengjia Shang <pull 2196_>.

  • Fix: On 3.13t, we incorrectly issued Couldn't import C tracer errors. We can't import the C tracer because in 7.14.2 we stopped shipping compiled wheels for 3.13t. Thanks, Hugo van Kemenade <pull 2203_>_.

.. _issue 2185: coveragepy/coveragepy#2185 .. _pull 2196: coveragepy/coveragepy#2196 .. _pull 2203: coveragepy/coveragepy#2203

.. _changes_7-14-2:

Commits
  • 22f13ea docs: sample HTML for 7.14.3
  • 2ca4e5f docs: prep for 7.14.3
  • 01d714e docs: add changelog entry for #2203
  • f36248d fix: don't emit 'Couldn't import C tracer' warning for 3.13t (#2203)
  • 86d73d1 docs: thanks, Mengjia Shang
  • 3d4ae3c docs: add the #2196 pr link to CHANGES
  • f4b2b4d fix: exclude ... bodies after multi-line return-type annotations (#2185) (#...
  • 1980ed0 chore: bump sigstore/gh-action-sigstore-python (#2201)
  • bca3217 build: since we don't ship 3.13t, don't test it
  • 77550d8 docs: oops, mismatched pull requests
  • Additional commits viewable in compare view

Updates ruff from 0.15.18 to 0.15.20

Release notes

Sourced from ruff's releases.

0.15.20

Release Notes

Released on 2026-06-25.

Preview features

  • Allow human-readable names in rule selectors (#25887)
  • Emit a warning instead of an error for unknown rule selectors (#26113)
  • Match noqa shebang handling in ruff:ignore comments (#26286)
  • [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

  • Add versioning sections to custom crate READMEs (#26317)
  • Update ruff_python_parser README for crates.io (#26315)
  • [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

Install ruff 0.15.20

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.ps1 | iex"

Download ruff 0.15.20

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum
ruff-x86_64-pc-windows-msvc.zip x64 Windows checksum
ruff-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
ruff-i686-unknown-linux-gnu.tar.gz x86 Linux checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.20

Released on 2026-06-25.

Preview features

  • Allow human-readable names in rule selectors (#25887)
  • Emit a warning instead of an error for unknown rule selectors (#26113)
  • Match noqa shebang handling in ruff:ignore comments (#26286)
  • [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

  • Add versioning sections to custom crate READMEs (#26317)
  • Update ruff_python_parser README for crates.io (#26315)
  • [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

0.15.19

Released on 2026-06-23.

Preview features

  • Support human-readable names when hovering suppression comments and in code actions (#26114)

Bug fixes

  • Fall back to default settings when editor-only settings are invalid (#26244)
  • Fix panic when inserting text at a notebook cell boundary (#26111)

Rule changes

  • [pylint] Update fix suggestions for __floor__, __trunc__, __length_hint__, and __matmul__ variants (PLC2801) (#26239)

Performance

  • Avoid allocating when parsing single string literals (#26200)
  • Avoid reallocating singleton call arguments (#26223)
  • Lazily create source files for lint diagnostics (#26226)
  • Optimize formatter text width and indentation (#26236)
  • Reserve capacity for builtin bindings (#26229)
  • Skip repeated-key checks for singleton dictionaries (#26228)
  • Use ArrayVec for qualified name segments (#26224)

... (truncated)

Commits
  • f82a36b Bump 0.15.20 (#26376)
  • af32943 Improve the summarise-ecosystem-results skill (#26378)
  • 485ebab Remove RUF076 name from schema (#26371)
  • ef81835 [ty] Implement rust-analyzer's "Click for full compiler diagnostic" feature (...
  • 572b31e [ruff] Remove pytest-fixture-autouse (RUF076) (#26240)
  • f703f21 Allow human-readable names in rule selectors (#25887)
  • 0d726b2 [ty] Reuse equality semantics for membership compatibility (#25955)
  • dbe6e98 [ty] Infer definite equality comparison results (#26337)
  • e700ea3 [ty] Prove TypedDict structural patterns exhaustive (#26285)
  • 6a0d2ec [ty] Widen inferred class-valued instance attributes (#26338)
  • Additional commits viewable in compare view

Updates setuptools-scm from 10.0.5 to 10.2.0

Release notes

Sourced from setuptools-scm's releases.

setuptools-scm v10.2.0

Added

  • Restore Python 3.8 and 3.9 support, re-enabling use as a build dependency for projects like scikit-build that still support these versions. (#1445)

Miscellaneous

  • Move PKG-INFO discovery tests from vcs-versioning to setuptools-scm where the entry points are registered. (#1446)

setuptools-scm v10.1.2

Fixed

  • Fix DeprecationWarning leak by threading VcsEnvironment through VersionInferenceConfig and using env.make_reader() in _should_write_to_source. (#1424)

setuptools-scm v10.1.1

Fixed

  • Update CI to use PyPy 3.11 as cryptography has no PyPy 3.10 build available (#1421)

setuptools-scm v10.1.0

Added

  • Add backward-compatible shims in setuptools_scm.git, setuptools_scm.hg, setuptools_scm.hg_git, and setuptools_scm.scm_workdir so that external code calling get_scm_version(config) or run_describe(config) with an explicit Configuration continues to work. The shim automatically wires _config and VcsEnvironment onto the workdir. (#compat-shims)
  • Write scm_version.json and scm_file_list.json into egg-info directories during egg_info, enabling sdist fallback version inference when no VCS is present. Add ScmEggInfoMixin for workdir-based file finding in find_sources(). (#egg-info-metadata)
  • Add write_to_source pyproject.toml option to control whether version files are written to the source tree. When unset, a deprecation warning advises setting it explicitly before the default changes in a future major release. The SETUPTOOLS_SCM_WRITE_TO_SOURCE environment variable overrides this setting. (#1301)
  • Adopt the workdir-centric pipeline from vcs-versioning: version discovery now follows an explicit env → config → workdir → version chain instead of relying on ambient globals and parse entry points. The egg_info command writes scm_version.json and scm_file_list.json metadata so sdists can infer versions without a VCS checkout. Requires vcs-versioning >= 2.0.0.dev0. (#1378)

Fixed

  • Fix worktree file listing test to expect relative paths from the file finder. The test now passes on Linux; Windows remains xfail due to a subprocess limitation with worktree directories. (#620)
  • Remove the _warn_on_old_setuptools() check that incorrectly warned when a custom build-backend caused setuptools.__version__ to return the project version instead of setuptools' version. The minimum setuptools version is now enforced via build-system requirements. (#1192)
  • Wrap version in setuptools.sic() when normalize = false to prevent setuptools from re-normalizing the version after our hook returns. This preserves CalVer zero-padding (e.g. 2024.01.05) and other non-canonical version strings in dist.metadata.version. (#1354)
  • Skip writing non-package version files to build_lib, fixing incorrect inclusion of root-level version files in wheels. (#1364)

Documentation

  • Rewrite the GitHub Actions CI/CD example to use a dedicated build job (via build-and-inspect-python-package) and OIDC Trusted Publishers instead of building in publishing jobs with long-lived API tokens. (#1215)
Commits
  • a705891 Merge pull request #1448 from pypa/release/main
  • 630448e Prepare release: setuptools-scm v10.2.0, vcs-versioning v2.2.0
  • aaf4950 Merge pull request #1445 from RonnyPfannschmidt/python-legacy
  • dd60bf9 Merge pull request #1447 from RonnyPfannschmidt/fix/1446-move-pkginfo-tests
  • 535f5ff fix: move PKG-INFO discovery tests to setuptools-scm (#1446)
  • 3546a0e feat: restore Python 3.8 and 3.9 support
  • 0cde123 Merge pull request #1443 from pypa/release/main
  • 51bc391 Prepare release: vcs-versioning v2.1.2
  • 310f3c3 Merge pull request #1442 from RonnyPfannschmidt/fix/1439-metadata-workdir-cus...
  • b7b70a8 fix: don't re-parse stored tags through tag_regex in MetadataWorkdir (#1439)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all-dependencies group with 4 updates: [pandas](https://github.com/pandas-dev/pandas), [coverage](https://github.com/coveragepy/coveragepy), [ruff](https://github.com/astral-sh/ruff) and [setuptools-scm](https://github.com/pypa/setuptools-scm).


Updates `pandas` from 3.0.3 to 3.0.4
- [Release notes](https://github.com/pandas-dev/pandas/releases)
- [Commits](pandas-dev/pandas@v3.0.3...v3.0.4)

Updates `coverage` from 7.14.2 to 7.14.3
- [Release notes](https://github.com/coveragepy/coveragepy/releases)
- [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst)
- [Commits](coveragepy/coveragepy@7.14.2...7.14.3)

Updates `ruff` from 0.15.18 to 0.15.20
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.18...0.15.20)

Updates `setuptools-scm` from 10.0.5 to 10.2.0
- [Release notes](https://github.com/pypa/setuptools-scm/releases)
- [Changelog](https://github.com/pypa/setuptools-scm/blob/main/RELEASE_SYSTEM.md)
- [Commits](pypa/setuptools-scm@setuptools-scm-v10.0.5...setuptools-scm-v10.2.0)

---
updated-dependencies:
- dependency-name: pandas
  dependency-version: 3.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: coverage
  dependency-version: 7.14.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: ruff
  dependency-version: 0.15.20
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: setuptools-scm
  dependency-version: 10.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 29, 2026
@dependabot dependabot Bot requested review from a team and tomjemmett as code owners June 29, 2026 01:07
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 29, 2026
@tomjemmett tomjemmett merged commit e823bee into main Jun 29, 2026
6 checks passed
@tomjemmett tomjemmett deleted the dependabot/uv/all-dependencies-97f3b05606 branch June 29, 2026 09:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant