Skip to content

Bump the python-dependencies group across 1 directory with 3 updates#2098

Merged
edmorley merged 2 commits into
mainfrom
dependabot/pip/python-dependencies-29075fcd15
Jun 4, 2026
Merged

Bump the python-dependencies group across 1 directory with 3 updates#2098
edmorley merged 2 commits into
mainfrom
dependabot/pip/python-dependencies-29075fcd15

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026
edited by edmorley
Loading

Copy link
Copy Markdown
Contributor

Bumps the python-dependencies group with 3 updates in the / directory: poetry, uv and pip.

Updates poetry from 2.4.0 to 2.4.1

Release notes

Sourced from poetry's releases.

2.4.1

Changed

  • Re-allow installer==0.7.0 (#10887).

Fixed

  • Fix an issue where poetry update <package> failed when <package> was a transitive dependency (#10885).
Changelog

Sourced from poetry's changelog.

[2.4.1] - 2026-05-09

Changed

  • Re-allow installer==0.7.0 (#10887).

Fixed

  • Fix an issue where poetry update <package> failed when <package> was a transitive dependency (#10885).
Commits

Updates uv from 0.11.11 to 0.11.19

Release notes

Sourced from uv's releases.

0.11.19

Release Notes

Released on 2026-06-03.

Python

  • Add CPython 3.15.0b2 (#19531)

Enhancements

  • Always compute SHA256 for remote distributions (#19662)
  • Add PyEmscripten platform (PEP 783) (#19629)
  • Add Pyodide 2025 target triple (#19653)

Preview features

  • Make preview features for commands have names that aren't ambiguous with the command (#19645)
  • Respect --isolated in uv check (#19666)

Bug fixes

  • Continue tool uninstall after dangling receipts (#19623)
  • Skip Unix-specific installation steps when cross-installing Windows Python distributions (#19424)

Install uv 0.11.19

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/uv/releases/download/0.11.19/uv-installer.ps1 | iex"

Download uv 0.11.19

File Platform Checksum
uv-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
uv-x86_64-apple-darwin.tar.gz Intel macOS checksum
uv-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
uv-i686-pc-windows-msvc.zip x86 Windows checksum
uv-x86_64-pc-windows-msvc.zip x64 Windows checksum
uv-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
uv-i686-unknown-linux-gnu.tar.gz x86 Linux checksum

... (truncated)

Changelog

Sourced from uv's changelog.

0.11.19

Released on 2026-06-03.

Python

  • Add CPython 3.15.0b2 (#19531)

Enhancements

  • Always compute SHA256 for remote distributions (#19662)
  • Add PyEmscripten platform (PEP 783) (#19629)
  • Add Pyodide 2025 target triple (#19653)

Preview features

  • Make preview features for commands have names that aren't ambiguous with the command (#19645)
  • Respect --isolated in uv check (#19666)

Bug fixes

  • Continue tool uninstall after dangling receipts (#19623)
  • Skip Unix-specific installation steps when cross-installing Windows Python distributions (#19424)

0.11.18

Released on 2026-06-01.

Performance

  • Fix performance regression in unzip of local wheels (#19637)

Preview

  • Add uv check to run ty from uv (#19605)

Bug fixes

  • Update activation scripts with upstream fixes (#19628)

Other changes

0.11.17

Released on 2026-05-28.

Enhancements

... (truncated)

Commits

Updates pip from 26.1.1 to 26.1.2

Changelog

Sourced from pip's changelog.

26.1.2 (2026-05-31)

Bug Fixes

  • Reject console_scripts and gui_scripts entry points whose name would install a script outside the scripts directory. ([#14000](https://github.com/pypa/pip/issues/14000) <https://github.com/pypa/pip/issues/14000>_)
  • Fix installation incorrectly failing when the target path contains a doubled slash, such as with pip install --root //.... ([#14001](https://github.com/pypa/pip/issues/14001) <https://github.com/pypa/pip/issues/14001>_)
  • Send a consistent Accept-Encoding header to avoid a spurious Cache entry deserialization failed warning. ([#14012](https://github.com/pypa/pip/issues/14012) <https://github.com/pypa/pip/issues/14012>_)
Commits
  • 31d7d16 Bump for release
  • 79f348c Update AUTHORS.txt
  • 237a925 Merge pull request #14001 from notatallshaw/fix-is-within-directory
  • 34d0285 Merge pull request #14006 from laymonage/fix-requirements_from_scripts-space-...
  • 09d3e07 Merge pull request #14012 from notatallshaw/stable-accept-encoding
  • fa7854f Use is_within_directory for entry point check
  • d01b46c NEWS ENTRY
  • 7ff8bdd Fix is_within_directory for doubled-slash roots
  • 7ea3466 NEWS ENTRY
  • 85673ea Fix Accept-Encoding to gzip, deflate
  • Additional commits viewable in compare view

GUS-W-22841953.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Dependabot pull requests that update Python dependencies labels Jun 2, 2026
@dependabot dependabot Bot requested a review from edmorley as a code owner June 2, 2026 20:14
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Dependabot pull requests that update Python dependencies labels Jun 2, 2026
@dependabot
Bump the python-dependencies group across 1 directory with 3 updates
766db5a 
Bumps the python-dependencies group with 3 updates in the / directory: [poetry](https://github.com/python-poetry/poetry), [uv](https://github.com/astral-sh/uv) and [pip](https://github.com/pypa/pip).


Updates `poetry` from 2.4.0 to 2.4.1
- [Release notes](https://github.com/python-poetry/poetry/releases)
- [Changelog](https://github.com/python-poetry/poetry/blob/main/CHANGELOG.md)
- [Commits](python-poetry/poetry@2.4.0...2.4.1)

Updates `uv` from 0.11.11 to 0.11.19
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](astral-sh/uv@0.11.11...0.11.19)

Updates `pip` from 26.1.1 to 26.1.2
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](pypa/pip@26.1.1...26.1.2)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: 26.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: poetry
  dependency-version: 2.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
- dependency-name: uv
  dependency-version: 0.11.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the python-dependencies group with 3 updates Bump the python-dependencies group across 1 directory with 3 updates Jun 4, 2026
@dependabot dependabot Bot force-pushed the dependabot/pip/python-dependencies-29075fcd15 branch from 7447256 to 766db5a Compare June 4, 2026 12:56
@edmorley edmorley enabled auto-merge (squash) June 4, 2026 13:32
@edmorley edmorley merged commit 6d2b511 into main Jun 4, 2026
6 of 7 checks passed
@edmorley edmorley deleted the dependabot/pip/python-dependencies-29075fcd15 branch June 4, 2026 13:33
@heroku-linguist heroku-linguist Bot mentioned this pull request Jun 4, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@edmorley edmorley edmorley approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Dependabot pull requests that update Python dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@edmorley