Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the pip group with 6 updates #2059

Merged
merged 1 commit into from
Feb 3, 2025
Merged

chore(deps): bump the pip group with 6 updates #2059

merged 1 commit into from
Feb 3, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 3, 2025

Bumps the pip group with 6 updates:

Package From To
mkdocs-material 9.5.50 9.6.1
ruff 0.9.3 0.9.4
semgrep 1.104.0 1.106.0
codespell 2.4.0 2.4.1
pytest-asyncio 0.25.2 0.25.3
fastapi 0.115.7 0.115.8

Updates mkdocs-material from 9.5.50 to 9.6.1

Release notes

Sourced from mkdocs-material's releases.

mkdocs-material-9.6.1

  • Fixed #7943: Tags plugin crashing due to merge error

mkdocs-material-9.6.0

  • Added meta plugin
  • Rewrite of the tags plugin
  • Added support for allow lists in tags plugin
  • Added support for and custom sorting in tags plugin
  • Added support for related links in blog plugin
  • Added support for custom index pages in blog plugin
  • Added support for navigation subtitles
  • Fixed #7924: Anchors might require two clicks when using instant navigation
Changelog

Sourced from mkdocs-material's changelog.

mkdocs-material-9.6.1 (2025-01-31)

  • Fixed #7943: Tags plugin crashing due to merge error

mkdocs-material-9.6.0 (2025-01-31)

  • Added meta plugin
  • Rewrite of the tags plugin
  • Added support for allow lists in tags plugin
  • Added support for and custom sorting in tags plugin
  • Added support for related links in blog plugin
  • Added support for custom index pages in blog plugin
  • Added support for navigation subtitles
  • Fixed #7924: Anchors might require two clicks when using instant navigation

mkdocs-material-9.5.50 (2025-01-18)

  • Fixed #7913: Social plugin renders attribute lists in page title

mkdocs-material-9.5.49+insiders-4.53.15 (2025-01-15)

  • Fixed #7896: Scoped tags listings not rendering in subsections

mkdocs-material-9.5.49 (2024-12-16)

  • Adjusted title color in dark mode for all supported Mermaid.js diagrams
  • Fixed #7803: Privacy plugin crashes on generated files
  • Fixed #7781: Mermaid.js flow chart title not visible in dark mode

mkdocs-material-9.5.48 (2024-12-08)

  • Fixed #7774: Disabling social cards doesn't work

mkdocs-material-9.5.47 (2024-12-01)

  • Fixed #7750: Numeric tags break search
  • Fixed #7748: Blog plugin breaks when using future drafts (9.5.45 regression)

mkdocs-material-9.5.46 (2024-11-25)

  • Added support for removing preload hints in privacy plugin
  • Fixed #7734: Code blocks in h5 headlines are uppercased
  • Fixed #7725: Blog plugin crashing on missing timezone (9.5.45 regression)

mkdocs-material-9.5.45 (2024-11-20)

  • Reduced size of Docker image through multi-stage build
  • Fixed #7708: Blog plugin crashing on YAML dates with timezones

mkdocs-material-9.5.44 (2024-11-05)

... (truncated)

Commits

Updates ruff from 0.9.3 to 0.9.4

Release notes

Sourced from ruff's releases.

0.9.4

Release Notes

Preview features

  • [airflow] Extend airflow context parameter check for BaseOperator.execute (AIR302) (#15713)
  • [airflow] Update AIR302 to check for deprecated context keys (#15144)
  • [flake8-bandit] Permit suspicious imports within stub files (S4) (#15822)
  • [pylint] Do not trigger PLR6201 on empty collections (#15732)
  • [refurb] Do not emit diagnostic when loop variables are used outside loop body (FURB122) (#15757)
  • [ruff] Add support for more re patterns (RUF055) (#15764)
  • [ruff] Check for shadowed map before suggesting fix (RUF058) (#15790)
  • [ruff] Do not emit diagnostic when all arguments to zip() are variadic (RUF058) (#15744)
  • [ruff] Parenthesize fix when argument spans multiple lines for unnecessary-round (RUF057) (#15703)

Rule changes

  • Preserve quote style in generated code (#15726, #15778, #15794)
  • [flake8-bugbear] Exempt NewType calls where the original type is immutable (B008) (#15765)
  • [pylint] Honor banned top-level imports by TID253 in PLC0415. (#15628)
  • [pyupgrade] Ignore is_typeddict and TypedDict for deprecated-import (UP035) (#15800)

CLI

  • Fix formatter warning message for flake8-quotes option (#15788)
  • Implement tab autocomplete for ruff config (#15603)

Bug fixes

  • [flake8-comprehensions] Do not emit unnecessary-map diagnostic when lambda has different arity (C417) (#15802)
  • [flake8-comprehensions] Parenthesize sorted when needed for unnecessary-call-around-sorted (C413) (#15825)
  • [pyupgrade] Handle end-of-line comments for quoted-annotation (UP037) (#15824)

Documentation

  • Add missing config docstrings (#15803)
  • Add references to trio.run_process and anyio.run_process (#15761)
  • Use uv init --lib in tutorial (#15718)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.9.4

Preview features

  • [airflow] Extend airflow context parameter check for BaseOperator.execute (AIR302) (#15713)
  • [airflow] Update AIR302 to check for deprecated context keys (#15144)
  • [flake8-bandit] Permit suspicious imports within stub files (S4) (#15822)
  • [pylint] Do not trigger PLR6201 on empty collections (#15732)
  • [refurb] Do not emit diagnostic when loop variables are used outside loop body (FURB122) (#15757)
  • [ruff] Add support for more re patterns (RUF055) (#15764)
  • [ruff] Check for shadowed map before suggesting fix (RUF058) (#15790)
  • [ruff] Do not emit diagnostic when all arguments to zip() are variadic (RUF058) (#15744)
  • [ruff] Parenthesize fix when argument spans multiple lines for unnecessary-round (RUF057) (#15703)

Rule changes

  • Preserve quote style in generated code (#15726, #15778, #15794)
  • [flake8-bugbear] Exempt NewType calls where the original type is immutable (B008) (#15765)
  • [pylint] Honor banned top-level imports by TID253 in PLC0415. (#15628)
  • [pyupgrade] Ignore is_typeddict and TypedDict for deprecated-import (UP035) (#15800)

CLI

  • Fix formatter warning message for flake8-quotes option (#15788)
  • Implement tab autocomplete for ruff config (#15603)

Bug fixes

  • [flake8-comprehensions] Do not emit unnecessary-map diagnostic when lambda has different arity (C417) (#15802)
  • [flake8-comprehensions] Parenthesize sorted when needed for unnecessary-call-around-sorted (C413) (#15825)
  • [pyupgrade] Handle end-of-line comments for quoted-annotation (UP037) (#15824)

Documentation

  • Add missing config docstrings (#15803)
  • Add references to trio.run_process and anyio.run_process (#15761)
  • Use uv init --lib in tutorial (#15718)
Commits
  • 854ab03 Bump version to 0.9.4 (#15831)
  • b0b8b06 Remove semicolon after TypeScript interface definition (#15827)
  • 451f251 [red-knot] Clarify behavior when redeclaring base class attributes (#15826)
  • 13cf3e6 [flake8-comprehensions] Parenthesize sorted when needed for `unnecessary-...
  • 56f956a [pyupgrade] Handle end-of-line comments for quoted-annotation (UP037) (...
  • 7a10a40 [flake8-bandit] Permit suspicious imports within stub files (S4) (#15822)
  • 3125332 [red-knot] Format mdtest snippets with the latest version of black (#15819)
  • 15d886a [red-knot] Consider all definitions after terminal statements unreachable (#1...
  • e1c9d10 [flake8-comprehensions] Do not emit unnecessary-map diagnostic when lambd...
  • 23c9884 Preserve quotes in generated f-strings (#15794)
  • Additional commits viewable in compare view

Updates semgrep from 1.104.0 to 1.106.0

Release notes

Sourced from semgrep's releases.

Release v1.106.0

1.106.0 - 2025-01-29

See 1.105.0 Changelog:

1.105.0 - 2025-01-29

Added

  • Semgrep can dynamically resolve dependencies for C# Solutions denoted by *.csproj (sc-2015)

Changed

  • Added extra defensive try/catch around lockfile parsing (parsing)

Fixed

  • LSP shortlinks in diagnostics should no longer drop anchors or query parameters in URIs. (gh-10687)
  • Some bug fixes to pnpm lockfile parsing. (gh-2955)
  • Fix npm aliasing bug in yarn parser. (sc-2052)
  • Fixed bug where supply chain diff scans of package-lock.json v2 projects incorrectly produced non-new findings (sc-2060)
Changelog

Sourced from semgrep's changelog.

1.106.0 - 2025-01-29

No significant changes.

1.105.0 - 2025-01-29

Added

  • Semgrep can dynamically resolve dependencies for C# Solutions denoted by *.csproj (sc-2015)

Changed

  • Added extra defensive try/catch around lockfile parsing (parsing)

Fixed

  • LSP shortlinks in diagnostics should no longer drop anchors or query parameters in URIs. (gh-10687)
  • Some bug fixes to pnpm lockfile parsing. (gh-2955)
  • Fix npm aliasing bug in yarn parser. (sc-2052)
  • Fixed bug where supply chain diff scans of package-lock.json v2 projects incorrectly produced non-new findings (sc-2060)
Commits
  • b0d9436 chore: release version 1.106.0
  • 2af07d8 fix(SSC): Handle peer dependencies when parsing a package-lock.json file (s...
  • 80cbe25semgrep/semgrep-proprietary#2992
  • 142e4ad Remove the --semgrep-branch and other flags from semgrep ci --help (semgrep/s...
  • 6dc2087 Revert "Switch semgrep-core -lang from an Analyzer.t to proper Lang.t" (semgr...
  • 8e88047semgrep/semgrep-proprietary#2988
  • 85ae0b7 Switch semgrep-core -lang from an Analyzer.t to proper Lang.t (semgrep/semgre...
  • 3e79051semgrep/semgrep-proprietary#2984
  • 56a77e0semgrep/semgrep-proprietary#2968
  • 27b5082semgrep/semgrep-proprietary#2967
  • Additional commits viewable in compare view

Updates codespell from 2.4.0 to 2.4.1

Release notes

Sourced from codespell's releases.

v2.4.1

What's Changed

New Contributors

Full Changelog: codespell-project/codespell@v2.4.0...v2.4.1

Commits

Updates pytest-asyncio from 0.25.2 to 0.25.3

Release notes

Sourced from pytest-asyncio's releases.

pytest-asyncio 0.25.3

  • Avoid errors in cleanup of async generators when event loop is already closed #1040
Commits
  • 7c50192 fix: Avoid errors in cleanup of async generators when event loop is already c...
  • See full diff in compare view

Updates fastapi from 0.115.7 to 0.115.8

Release notes

Sourced from fastapi's releases.

0.115.8

Fixes

  • 🐛 Fix OAuth2PasswordRequestForm and OAuth2PasswordRequestFormStrict fixed grant_type "password" RegEx. PR #9783 by @​skarfie123.

Refactors

Docs

Translations

  • 🌐 Add Japanese translation for docs/ja/docs/environment-variables.md. PR #13226 by @​k94-ishi.
  • 🌐 Add Russian translation for docs/ru/docs/advanced/async-tests.md. PR #13227 by @​Rishat-F.
  • 🌐 Update Russian translation for docs/ru/docs/tutorial/dependencies/dependencies-in-path-operation-decorators.md. PR #13252 by @​Rishat-F.
  • 🌐 Add Russian translation for docs/ru/docs/tutorial/bigger-applications.md. PR #13154 by @​alv2017.

Internal

  • ⬆️ Add support for Python 3.13. PR #13274 by @​tiangolo.
  • ⬆️ Upgrade AnyIO max version for tests, new range: >=3.2.1,<5.0.0. PR #13273 by @​tiangolo.
  • 🔧 Update Sponsors badges. PR #13271 by @​tiangolo.
  • ♻️ Fix notify_translations.py empty env var handling for PR label events vs workflow_dispatch. PR #13272 by @​tiangolo.
  • ♻️ Refactor and move scripts/notify_translations.py, no need for a custom GitHub Action. PR #13270 by @​tiangolo.
  • 🔨 Update FastAPI People Experts script, refactor and optimize data fetching to handle rate limits. PR #13267 by @​tiangolo.
  • ⬆ Bump pypa/gh-action-pypi-publish from 1.12.3 to 1.12.4. PR #13251 by @​dependabot[bot].
Commits
  • 7128971 🔖 Release version 0.115.8
  • 55f8a44 📝 Update release notes
  • 83ab6ac 📝 Change the word "unwrap" to "unpack" in `docs/en/docs/tutorial/extra-models...
  • 3d02a92 📝 Update release notes
  • 1b00f8a ✅ Simplify tests for body_multiple_params (#13237)
  • d97647f 📝 Update release notes
  • 9667ce8 📝 Update Request Body's tutorial002 to deal with tax=0 case (#13230)
  • 0541693 📝 Update release notes
  • 041b2e1 📝 Update release notes
  • 30b270b ♻️ Move duplicated code portion to a static method in the APIKeyBase super ...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the pip group with 6 updates
3c7ad0e 
Bumps the pip group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.5.50` | `9.6.1` |
| [ruff](https://github.com/astral-sh/ruff) | `0.9.3` | `0.9.4` |
| [semgrep](https://github.com/returntocorp/semgrep) | `1.104.0` | `1.106.0` |
| [codespell](https://github.com/codespell-project/codespell) | `2.4.0` | `2.4.1` |
| [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) | `0.25.2` | `0.25.3` |
| [fastapi](https://github.com/fastapi/fastapi) | `0.115.7` | `0.115.8` |


Updates `mkdocs-material` from 9.5.50 to 9.6.1
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](squidfunk/mkdocs-material@9.5.50...9.6.1)

Updates `ruff` from 0.9.3 to 0.9.4
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.9.3...0.9.4)

Updates `semgrep` from 1.104.0 to 1.106.0
- [Release notes](https://github.com/returntocorp/semgrep/releases)
- [Changelog](https://github.com/semgrep/semgrep/blob/develop/CHANGELOG.md)
- [Commits](semgrep/semgrep@v1.104.0...v1.106.0)

Updates `codespell` from 2.4.0 to 2.4.1
- [Release notes](https://github.com/codespell-project/codespell/releases)
- [Commits](codespell-project/codespell@v2.4.0...v2.4.1)

Updates `pytest-asyncio` from 0.25.2 to 0.25.3
- [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases)
- [Commits](pytest-dev/pytest-asyncio@v0.25.2...v0.25.3)

Updates `fastapi` from 0.115.7 to 0.115.8
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.115.7...0.115.8)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip
- dependency-name: semgrep
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip
- dependency-name: codespell
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip
- dependency-name: pytest-asyncio
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 3, 2025
@davorrunje davorrunje enabled auto-merge February 3, 2025 11:25
@davorrunje davorrunje added this pull request to the merge queue Feb 3, 2025
Merged via the queue into main with commit 8c96127 Feb 3, 2025
31 checks passed
@davorrunje davorrunje deleted the dependabot/pip/pip-9ab25a0d19 branch February 3, 2025 11:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davorrunje davorrunje davorrunje approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@davorrunje