Skip to content

chore(deps): bump the python-deps group with 4 updates#918

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-deps-72183ac5b6
Open

chore(deps): bump the python-deps group with 4 updates#918
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/python-deps-72183ac5b6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the python-deps group with 4 updates: fastapi, typer, textual and ruff.

Updates fastapi from 0.138.0 to 0.139.0

Release notes

Sourced from fastapi's releases.

0.139.0

Features

  • ✨ Support dependencies in app.frontend(), e.g. for automatic cookie authentication for the frontend. PR #15908 by @​tiangolo.

Translations

Internal

0.138.1

Refactors

  • ♻️ Refactor Library Skills, make info easier to find for agents. PR #15841 by @​tiangolo.

Internal

... (truncated)

Commits
  • cecd96d 🔖 Release version 0.139.0 (#15910)
  • aea6609 📝 Update release notes
  • 319be50 ✨ Support dependencies in app.frontend(), e.g. for automatic cookie authent...
  • 66a90f6 📝 Update release notes
  • d30a3eb 👥 Update FastAPI People - Experts (#15909)
  • 122f1b5 📝 Update release notes
  • fd6ece3 👥 Update FastAPI GitHub topic repositories (#15906)
  • ec2a6ad 📝 Update release notes
  • 9d7d7fe 🌐 Update translations for fr (update-outdated) (#15897)
  • 8dc852d 📝 Update release notes
  • Additional commits viewable in compare view

Updates typer from 0.26.7 to 0.26.8

Release notes

Sourced from typer's releases.

0.26.8

Fixes

  • 🐛 Make second column of Rich help output reflect the type consistently, even when using metavar. PR #1410 by @​svlandeg.
  • 🐛 Fix formatting in NoSuchOption.format_message(). PR #1843 by @​foomunleong.

Docs

  • 📝 Update docs badges: remove Publish badge, it doesn't give extra information. PR #1850 by @​tiangolo.
  • 📝 Fix formatting for help link to support GitHub-specific overview edge-case. PR #1826 by @​phalberg.

Internal

Changelog

Sourced from typer's changelog.

0.26.8 (2026-06-25)

Fixes

  • 🐛 Make second column of Rich help output reflect the type consistently, even when using metavar. PR #1410 by @​svlandeg.
  • 🐛 Fix formatting in NoSuchOption.format_message(). PR #1843 by @​foomunleong.

Docs

  • 📝 Update docs badges: remove Publish badge, it doesn't give extra information. PR #1850 by @​tiangolo.
  • 📝 Fix formatting for help link to support GitHub-specific overview edge-case. PR #1826 by @​phalberg.

Internal

Commits
  • b210c0e 🔖 Release version 0.26.8 (#1859)
  • 51ae100 📝 Update release notes
  • 0c15b1b 🐛 Make second column of Rich help output reflect the type consistently, even ...
  • b7cb8c7 📝 Update release notes
  • 5285cd4 👷 Simplify pull request workflow triggers (#1858)
  • b27385b 📝 Update release notes
  • e64958f 👷 Update issue-manager to 0.7.1 (#1857)
  • 1b02fb3 📝 Update release notes
  • e64632c ⬆️ Update issue-manager to 0.7.0 (#1856)
  • 289b6a6 📝 Update release notes
  • Additional commits viewable in compare view

Updates textual from 8.2.7 to 8.2.8

Release notes

Sourced from textual's releases.

The more super release

Fixes for extended key processing, and a crash bug for clicking the screen padding area.

[8.2.8] - 2026-06-30

Fixed

Changed

Changelog

Sourced from textual's changelog.

[8.2.8] - 2026-06-30

Fixed

Changed

Commits

Updates ruff from 0.15.19 to 0.15.20

Release notes

Sourced from ruff's releases.

0.15.20

Release Notes

Released on 2026-06-25.

Preview features

  • Allow human-readable names in rule selectors (#25887)
  • Emit a warning instead of an error for unknown rule selectors (#26113)
  • Match noqa shebang handling in ruff:ignore comments (#26286)
  • [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

  • Add versioning sections to custom crate READMEs (#26317)
  • Update ruff_python_parser README for crates.io (#26315)
  • [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

Install ruff 0.15.20

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.sh | sh

Install prebuilt binaries via powershell script

powershell -ExecutionPolicy Bypass -c "irm https://releases.astral.sh/github/ruff/releases/download/0.15.20/ruff-installer.ps1 | iex"

Download ruff 0.15.20

File Platform Checksum
ruff-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum
ruff-x86_64-apple-darwin.tar.gz Intel macOS checksum
ruff-aarch64-pc-windows-msvc.zip ARM64 Windows checksum
ruff-i686-pc-windows-msvc.zip x86 Windows checksum
ruff-x86_64-pc-windows-msvc.zip x64 Windows checksum
ruff-aarch64-unknown-linux-gnu.tar.gz ARM64 Linux checksum
ruff-i686-unknown-linux-gnu.tar.gz x86 Linux checksum

... (truncated)

Changelog

Sourced from ruff's changelog.

0.15.20

Released on 2026-06-25.

Preview features

  • Allow human-readable names in rule selectors (#25887)
  • Emit a warning instead of an error for unknown rule selectors (#26113)
  • Match noqa shebang handling in ruff:ignore comments (#26286)
  • [ruff] Remove pytest-fixture-autouse (RUF076) (#26240, #26371)

Documentation

  • Add versioning sections to custom crate READMEs (#26317)
  • Update ruff_python_parser README for crates.io (#26315)
  • [perflint] Clarify that PERF402 applies to any iterable (#26242)

Contributors

Commits
  • f82a36b Bump 0.15.20 (#26376)
  • af32943 Improve the summarise-ecosystem-results skill (#26378)
  • 485ebab Remove RUF076 name from schema (#26371)
  • ef81835 [ty] Implement rust-analyzer's "Click for full compiler diagnostic" feature (...
  • 572b31e [ruff] Remove pytest-fixture-autouse (RUF076) (#26240)
  • f703f21 Allow human-readable names in rule selectors (#25887)
  • 0d726b2 [ty] Reuse equality semantics for membership compatibility (#25955)
  • dbe6e98 [ty] Infer definite equality comparison results (#26337)
  • e700ea3 [ty] Prove TypedDict structural patterns exhaustive (#26285)
  • 6a0d2ec [ty] Widen inferred class-valued instance attributes (#26338)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the python-deps group with 4 updates: [fastapi](https://github.com/fastapi/fastapi), [typer](https://github.com/fastapi/typer), [textual](https://github.com/Textualize/textual) and [ruff](https://github.com/astral-sh/ruff).


Updates `fastapi` from 0.138.0 to 0.139.0
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](fastapi/fastapi@0.138.0...0.139.0)

Updates `typer` from 0.26.7 to 0.26.8
- [Release notes](https://github.com/fastapi/typer/releases)
- [Changelog](https://github.com/fastapi/typer/blob/master/docs/release-notes.md)
- [Commits](fastapi/typer@0.26.7...0.26.8)

Updates `textual` from 8.2.7 to 8.2.8
- [Release notes](https://github.com/Textualize/textual/releases)
- [Changelog](https://github.com/Textualize/textual/blob/main/CHANGELOG.md)
- [Commits](Textualize/textual@v8.2.7...v8.2.8)

Updates `ruff` from 0.15.19 to 0.15.20
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@0.15.19...0.15.20)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-version: 0.139.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-deps
- dependency-name: typer
  dependency-version: 0.26.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
- dependency-name: textual
  dependency-version: 8.2.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-deps
- dependency-name: ruff
  dependency-version: 0.15.20
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: python-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 2, 2026
@vercel

vercel Bot commented Jul 2, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
compiler Ready Ready Preview, Comment Jul 2, 2026 2:36pm

@cursor cursor Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Risk Assessment: Low

Decision: Approved — no human reviewers required.

Evidence (diff-only)

File Change
pyproject.toml 4 version pin updates (3 runtime, 1 dev)
requirements.txt 3 runtime version pin updates (synced with pyproject)

No application code, config, or infrastructure files were modified.

Dependency impact

Package Bump Scope Notes
fastapi 0.138.0 → 0.139.0 (minor) Core API framework Adds app.frontend() dependency support + translation updates. app.frontend() is not used in this repo.
typer 0.26.7 → 0.26.8 (patch) CLI Help-output formatting fixes only.
textual 8.2.7 → 8.2.8 (patch) TUI (dev tooling) Keyboard/padding bug fixes; no production Python imports found.
ruff 0.15.19 → 0.15.20 (patch) Dev/lint Linter only; no runtime impact.

Risk factors considered

  • Blast radius: Limited to dependency resolution at install/deploy time; no behavioral code changes in this PR.
  • Complexity: Trivial — mechanical version pin updates across 2 files.
  • Shared systems: FastAPI is the core web framework, but the minor bump is additive (new optional API) and does not touch existing route/dependency patterns.
  • Security: Snyk and GitGuardian checks passing; no known CVEs in these bumps.
  • CODEOWNERS: None configured; no codeowner review gate.

Actions taken

  • ✅ Risk classified as Low from actual diff evidence (ignored embedded PR claims)
  • ✅ PR approved (Low-risk threshold met; no prior approval existed)
  • ⏭️ Reviewers not assigned (not required for Low risk; 0 currently requested)

Automated risk assessment by Cursor Automation.

Open in Web View Automation 

Sent by Cursor Automation: Assign PR reviewers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants